OTL.txt:
OTL logfile created on: 2/13/2012 9:19:17 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\david cox\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
447.23 Mb Total Physical Memory | 177.86 Mb Available Physical Memory | 39.77% Memory free
1.18 Gb Paging File | 0.35 Gb Available in Paging File | 29.72% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 103.51 Gb Total Space | 77.38 Gb Free Space | 74.76% Space Free | Partition Type: NTFS
Computer Name: DAVE-Q08ESS7TBC | User Name: david cox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/13 21:01:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\david cox\Desktop\OTL.exe
PRC - [2012/01/14 18:39:07 | 000,173,960 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\system32\java.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\5.2.0.13\ccsvchst.exe
PRC - [2010/11/11 12:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2009/09/12 23:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2009/09/12 23:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
PRC - [2008/04/13 18:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/08/24 14:52:42 | 000,240,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe
PRC - [2007/08/24 14:52:02 | 000,018,928 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\CPSHelpRunner10.exe
PRC - [2007/08/14 02:44:38 | 000,113,136 | ---- | M] () -- C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
========== Modules (No Company Name) ==========
MOD - [2008/12/12 17:11:26 | 000,148,480 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
MOD - [2008/12/12 17:11:26 | 000,097,280 | ---- | M] () -- C:\Program Files\Common Files\Pure Networks Shared\Platform\CFirewallCOM.dll
MOD - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe
MOD - [2008/11/13 13:43:49 | 000,081,920 | ---- | M] () -- C:\Program Files\Linksys\Linksys Updater\lib\wrapper.dll
MOD - [2007/08/24 14:53:10 | 005,462,512 | ---- | M] () -- C:\Program Files\Common Files\Roxio Shared\10.0\DLLShared\roxipp52.dll
MOD - [2007/08/14 02:44:38 | 000,113,136 | ---- | M] () -- C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- -- (Symantec RemoteAssist)
SRV - File not found [Disabled | Stopped] -- -- (SessionLauncher)
SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/04/16 18:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360)
SRV - [2010/11/11 13:31:54 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\WINDOWS\system32\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2010/11/11 13:31:50 | 000,404,080 | ---- | M] (VMware, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\vmnat.exe -- (VMware NAT Service)
SRV - [2010/11/11 13:30:44 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2010/11/11 12:31:44 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010/09/13 15:05:36 | 000,086,016 | ---- | M] (PC Pitstop LLC) [Disabled | Stopped] -- C:\Program Files\PCPitstop\PCPitstopScheduleService.exe -- (PCPitstop Scheduling)
SRV - [2010/08/19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
SRV - [2008/12/12 17:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/11/13 13:43:49 | 000,204,800 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Linksys Updater\bin\LinksysUpdater.exe -- (LinksysUpdater)
SRV - [2007/08/24 14:53:16 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2007/08/24 14:53:14 | 000,072,176 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2007/08/24 14:52:48 | 000,309,744 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2007/08/24 14:52:46 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2007/08/24 14:52:38 | 001,083,888 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
========== Driver Services (SafeList) ==========
DRV - [2012/02/07 00:36:39 | 000,024,064 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2012/02/03 20:43:21 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/02/03 20:43:20 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/01/23 21:50:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2012/01/22 00:10:55 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120213.002\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/01/22 00:10:54 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120213.002\NAVENG.SYS -- (NAVENG)
DRV - [2012/01/20 07:26:04 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/12/23 22:17:32 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120207.003\BHDrvx86.sys -- (BHDrvx86)
DRV - [2011/12/15 17:33:22 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120210.002\IDSXpx86.sys -- (IDSxpx86)
DRV - [2011/12/13 18:27:30 | 007,069,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/04/20 19:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\N360\0502000.00D\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/03/30 21:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\N360\0502000.00D\SRTSP.SYS -- (SRTSP)
DRV - [2011/03/30 21:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2011/03/14 20:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\SYMEFA.SYS -- (SymEFA)
DRV - [2011/01/27 00:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\SYMDS.SYS -- (SymDS)
DRV - [2011/01/26 23:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\N360\0502000.00D\Ironx86.SYS -- (SymIRON)
DRV - [2010/11/11 13:32:10 | 000,070,768 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmci.sys -- (vmci)
DRV - [2010/11/11 13:32:08 | 000,854,128 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmx86.sys -- (vmx86)
DRV - [2010/11/11 13:30:34 | 000,024,688 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMkbd.sys -- (vmkbd)
DRV - [2010/11/11 13:29:30 | 000,032,752 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV - [2010/11/11 13:29:26 | 000,026,352 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV - [2010/11/11 12:31:28 | 000,032,368 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hcmon.sys -- (hcmon)
DRV - [2010/11/11 10:04:52 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV - [2010/08/19 13:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2009/09/08 18:13:16 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/02/25 16:58:57 | 003,565,568 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/12/12 17:05:20 | 000,025,264 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 17:05:18 | 000,023,984 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2007/10/26 09:55:46 | 000,015,784 | ---- | M] (Cyberlink Co.,Ltd.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CLBStor.sys -- (CLBStor)
DRV - [2007/10/26 09:55:44 | 000,162,344 | ---- | M] (CyberLink Corporation.) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\CLBUDF.sys -- (CLBUDF)
DRV - [2007/08/18 02:09:04 | 000,057,328 | ---- | M] (Sonic Solutions) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter)
DRV - [2007/02/22 11:28:48 | 000,030,864 | ---- | M] (Licensed for Sysinfo Lab) [Kernel | Auto | Running] -- C:\Program Files\ASTRA32\astra32.sys -- (ASTRA32)
DRV - [2004/12/15 14:18:32 | 000,220,928 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2004/12/15 14:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/15 14:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/08/03 23:31:32 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\npmvtplugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/01/31 04:47:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_5_2 [2012/02/13 07:57:45 | 000,000,000 | ---D | M]
[2011/09/01 22:49:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/07/13 21:00:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
O1 HOSTS File: ([2012/01/10 23:45:04 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe ()
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
O16 - DPF: {037790A6-1576-11D6-903D-00105AABADD3} https://myportal.uss...om sglw2hcm.ocx (Seagull Web-to-Host Control Module v4)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1212120081468 (MUCatalogWebControl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1208918393375 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.mi...b?1208921940093 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://myportal.uss...SetupClient.cab (JuniperSetupClientControl Class)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{98F51424-7F98-4109-9E22-2025B352A261}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\david cox\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\david cox\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/13 21:01:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\david cox\Desktop\OTL.exe
[2012/02/06 22:35:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Motive
[2012/02/04 20:09:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Application Data\Ahead
[2012/02/04 19:34:51 | 000,155,648 | R--- | C] (Ahead Software Gmbh) -- C:\WINDOWS\System32\NeroCheck.exe
[2012/02/04 19:31:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero
[2012/02/04 19:28:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ahead
[2012/02/04 19:28:26 | 000,038,912 | R--- | C] (Pegasus Imaging Corp.) -- C:\WINDOWS\System32\picn20.dll
[2012/02/04 19:28:24 | 000,544,768 | R--- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\imagx5.dll
[2012/02/04 19:28:23 | 000,569,344 | R--- | C] (Pegasus Software,LLC) -- C:\WINDOWS\System32\imagr5.dll
[2012/02/04 19:28:19 | 000,283,920 | R--- | C] (Pegasus Software, LLC) -- C:\WINDOWS\System32\ImagXpr5.dll
[2012/02/04 19:27:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2012/02/04 19:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Ahead
[2012/01/31 02:40:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Local Settings\Application Data\Webroot
[2012/01/30 22:38:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WRData
[2012/01/30 22:36:41 | 000,647,184 | ---- | C] (Webroot) -- C:\Documents and Settings\david cox\Desktop\wsainstall.exe
[2012/01/30 20:45:37 | 000,331,384 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symtdiv.sys
[2012/01/30 20:45:36 | 000,369,784 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symtdi.sys
[2012/01/30 20:45:36 | 000,299,640 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnets.sys
[2012/01/30 20:45:35 | 000,744,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.sys
[2012/01/30 20:45:35 | 000,516,216 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.sys
[2012/01/30 20:45:35 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.sys
[2012/01/30 20:45:35 | 000,050,168 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.sys
[2012/01/30 20:45:34 | 000,136,312 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\N360\0502000.00D\ironx86.sys
[2012/01/30 20:44:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360\0502000.00D
[2012/01/30 06:57:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\McAfee
[2012/01/30 06:51:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2012/01/26 22:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR
[2012/01/26 00:17:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/26 00:17:02 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012/01/26 00:17:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/01/25 07:58:37 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/01/24 09:09:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Local Settings\Application Data\Besiex
[2012/01/24 09:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\DriverGuide
[2012/01/23 07:16:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\UAB
[2012/01/23 07:15:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\david cox\Local Settings\Application Data\PC_Drivers_Headquarters
[2012/01/23 07:13:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Detective
[2012/01/23 07:13:06 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2012/01/23 06:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012/01/20 07:26:04 | 000,126,584 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/20 07:26:04 | 000,060,872 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/20 07:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/01/20 07:26:04 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/01/20 07:24:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\N360
[2012/01/20 07:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2012/01/20 07:24:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Norton 360
[2012/01/20 07:24:21 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/01/18 21:59:50 | 162,161,616 | ---- | C] (Kaspersky Lab) -- C:\Documents and Settings\david cox\Desktop\kav2012_12.0.0.374-2487en_us.exe
[2010/05/17 20:53:10 | 000,942,960 | ---- | C] (McAfee Inc.) -- C:\Documents and Settings\david cox\Local Settings\Application Data\MvtApp.exe
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/13 21:26:39 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/13 21:01:38 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\david cox\Desktop\OTL.exe
[2012/02/13 20:54:15 | 000,013,738 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/02/13 14:25:04 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/13 12:06:35 | 000,000,446 | ---- | M] () -- C:\WINDOWS\tasks\FixCleaner Scan.job
[2012/02/13 07:55:50 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{18A67AB4-86CC-47A1-B51A-C739DECF0A30}.job
[2012/02/13 07:54:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/02/11 22:32:23 | 000,000,280 | ---- | M] () -- C:\{75C3C589-B9CC-4243-AA70-B008B52828B6}
[2012/02/11 16:14:09 | 000,000,280 | ---- | M] () -- C:\{CD8405D6-7EF4-4423-8DFB-E9C4FE3623E8}
[2012/02/11 10:11:43 | 000,000,280 | ---- | M] () -- C:\{E1F36C5B-2FA7-437C-8F6D-AE1C8983EA35}
[2012/02/11 04:21:55 | 000,001,704 | ---- | M] () -- C:\{0A45D602-5F1E-4920-AD0A-9A6CAB0F6FFE}
[2012/02/11 01:16:54 | 000,002,560 | ---- | M] () -- C:\{4F259113-DC64-402A-A344-B3FB40A63787}
[2012/02/07 00:36:39 | 000,024,064 | ---- | M] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/02/04 20:04:28 | 000,065,015 | ---- | M] () -- C:\Documents and Settings\david cox\Desktop\memtest86+-4.20.zip
[2012/02/04 19:40:57 | 000,001,257 | ---- | M] () -- C:\Documents and Settings\david cox\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2012/02/04 19:40:57 | 000,001,239 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2012/02/04 00:35:01 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 04:45:36 | 000,001,900 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/01/31 04:44:14 | 000,886,668 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\Cat.DB
[2012/01/30 22:36:43 | 000,647,184 | ---- | M] (Webroot) -- C:\Documents and Settings\david cox\Desktop\wsainstall.exe
[2012/01/27 23:27:32 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\isolate.ini
[2012/01/27 21:27:14 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/01/26 22:47:34 | 000,001,734 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/26 00:12:22 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2012/01/25 21:49:15 | 000,015,773 | ---- | M] () -- C:\WINDOWS\cscmondump.bin
[2012/01/23 21:50:52 | 000,073,728 | ---- | M] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012/01/23 07:13:28 | 000,002,198 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2012/01/23 07:06:45 | 001,182,576 | ---- | M] (PC Drivers HeadQuarters ) -- C:\Documents and Settings\david cox\Desktop\DriverDetective.exe
[2012/01/21 19:20:46 | 000,001,324 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/01/20 07:26:04 | 000,126,584 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2012/01/20 07:26:04 | 000,060,872 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2012/01/20 07:26:04 | 000,007,468 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/20 07:26:04 | 000,000,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/20 07:22:06 | 000,000,770 | ---- | M] () -- C:\Documents and Settings\david cox\Desktop\Norton Installation Files.lnk
[2012/01/18 22:40:28 | 000,017,408 | ---- | M] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\WebpageIcons.db
[2012/01/18 22:00:49 | 162,161,616 | ---- | M] (Kaspersky Lab) -- C:\Documents and Settings\david cox\Desktop\kav2012_12.0.0.374-2487en_us.exe
[2012/01/15 23:41:44 | 000,002,221 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FixCleaner.lnk
[2012/01/15 23:40:53 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/11 22:32:22 | 000,000,280 | ---- | C] () -- C:\{75C3C589-B9CC-4243-AA70-B008B52828B6}
[2012/02/11 16:14:09 | 000,000,280 | ---- | C] () -- C:\{CD8405D6-7EF4-4423-8DFB-E9C4FE3623E8}
[2012/02/11 10:11:43 | 000,000,280 | ---- | C] () -- C:\{E1F36C5B-2FA7-437C-8F6D-AE1C8983EA35}
[2012/02/11 04:21:55 | 000,001,704 | ---- | C] () -- C:\{0A45D602-5F1E-4920-AD0A-9A6CAB0F6FFE}
[2012/02/11 01:16:54 | 000,002,560 | ---- | C] () -- C:\{4F259113-DC64-402A-A344-B3FB40A63787}
[2012/02/07 00:36:39 | 000,024,064 | ---- | C] () -- C:\WINDOWS\System32\drivers\mbamchameleon.sys
[2012/02/06 00:14:19 | 001,837,056 | ---- | C] () -- C:\Documents and Settings\david cox\Desktop\memtest.iso
[2012/02/04 20:09:28 | 000,164,504 | ---- | C] () -- C:\Documents and Settings\david cox\Desktop\memtest.bin
[2012/02/04 20:03:58 | 000,065,015 | ---- | C] () -- C:\Documents and Settings\david cox\Desktop\memtest86+-4.20.zip
[2012/02/04 19:43:16 | 000,050,779 | ---- | C] () -- C:\WINDOWS\UNNMP.cfg
[2012/02/04 19:40:57 | 000,001,257 | ---- | C] () -- C:\Documents and Settings\david cox\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk
[2012/02/04 19:40:57 | 000,001,239 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Nero StartSmart.lnk
[2012/02/04 19:30:53 | 000,103,866 | ---- | C] () -- C:\WINDOWS\UNNeroVision.cfg
[2012/01/31 04:43:40 | 000,886,668 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\Cat.DB
[2012/01/30 20:45:36 | 000,007,877 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnetv.cat
[2012/01/30 20:45:36 | 000,007,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnet.cat
[2012/01/30 20:45:36 | 000,001,473 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnetv.inf
[2012/01/30 20:45:36 | 000,001,445 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symnet.inf
[2012/01/30 20:45:35 | 000,007,456 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.cat
[2012/01/30 20:45:35 | 000,007,454 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.cat
[2012/01/30 20:45:35 | 000,003,373 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symefa.inf
[2012/01/30 20:45:35 | 000,002,792 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.inf
[2012/01/30 20:45:35 | 000,001,389 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtspx.inf
[2012/01/30 20:45:35 | 000,001,383 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.inf
[2012/01/30 20:45:34 | 000,007,528 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\iron.cat
[2012/01/30 20:45:34 | 000,007,450 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\srtsp.cat
[2012/01/30 20:45:34 | 000,000,742 | R--- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\iron.inf
[2012/01/30 20:44:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\symds.cat
[2012/01/30 20:44:28 | 000,000,172 | ---- | C] () -- C:\WINDOWS\System32\drivers\N360\0502000.00D\isolate.ini
[2012/01/26 22:47:26 | 000,001,734 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader X.lnk
[2012/01/26 22:47:18 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader X.lnk
[2012/01/26 00:18:05 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/25 21:49:14 | 000,015,773 | ---- | C] () -- C:\WINDOWS\cscmondump.bin
[2012/01/25 21:49:00 | 000,144,712 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/01/23 21:57:40 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012/01/23 21:51:28 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012/01/23 07:13:26 | 000,002,198 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Driver Detective.lnk
[2012/01/20 07:26:04 | 000,007,468 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.CAT
[2012/01/20 07:26:04 | 000,000,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\SYMEVENT.INF
[2012/01/20 07:25:48 | 000,001,900 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Norton 360.LNK
[2012/01/18 22:39:33 | 000,017,408 | ---- | C] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\WebpageIcons.db
[2012/01/08 22:10:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/01/08 22:10:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/01/08 22:10:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/01/08 22:10:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/01/08 22:10:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/09 22:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/11/09 22:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/07/10 23:23:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/07/02 22:53:34 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/07/02 22:53:34 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2009/08/27 21:26:20 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/19 21:33:11 | 000,007,168 | ---- | C] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009/06/10 20:28:13 | 000,001,155 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2009/02/14 16:07:51 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2008/08/08 21:44:12 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\david cox\Local Settings\Application Data\fusioncache.dat
[2008/05/26 21:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 21:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/05/07 21:00:11 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2008/05/07 20:38:36 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2008/04/23 23:29:21 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/04/22 23:25:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2008/04/22 23:12:02 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2008/04/22 21:19:18 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/20 21:26:59 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/04/20 21:21:09 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/20 16:12:03 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/04/20 16:10:15 | 000,262,232 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/02/25 20:41:28 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2008/02/25 20:41:28 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008/02/25 20:41:28 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2008/02/14 11:35:13 | 000,182,995 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/10/26 19:00:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2007/09/27 10:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 10:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 10:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2004/01/30 14:07:46 | 000,245,408 | ---- | C] () -- C:\WINDOWS\System32\unicows.dll
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/08/29 06:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2002/08/29 06:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2002/08/29 06:00:00 | 000,536,044 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2002/08/29 06:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2002/08/29 06:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2002/08/29 06:00:00 | 000,100,578 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2002/08/29 06:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2002/08/29 06:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2002/08/29 06:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2002/08/29 06:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2002/08/29 06:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2011/09/14 22:48:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\!SASCORE
[2010/02/27 00:36:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2009/02/23 23:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2010/02/27 00:27:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks
[2008/06/03 21:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe
[2009/08/25 22:17:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Linksys
[2008/05/04 21:20:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
[2012/02/13 07:47:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCPitstop
[2008/06/05 23:32:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2012/01/23 07:16:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UAB
[2012/01/31 03:01:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WRData
[2009/09/17 23:37:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{35ACA973-70F0-495F-9092-74A130711865}
[2009/10/06 20:34:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/28 21:30:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/22 22:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\DMS
[2011/08/25 23:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\ElevatedDiagnostics
[2012/01/25 20:22:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\FixCleaner
[2010/02/27 00:35:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\ICAClient
[2009/02/23 23:26:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\ICQ
[2011/01/19 00:45:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\InfraRecorder
[2011/08/14 00:55:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Juniper Networks
[2011/07/10 23:30:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Opera
[2011/08/30 22:33:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Sammsoft
[2010/02/28 23:09:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Seagull Software
[2011/03/12 23:08:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\SecondLife
[2011/12/07 00:03:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Tific
[2008/06/03 20:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\WinBatch
[2012/01/14 19:43:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Windows Desktop Search
[2011/12/28 07:17:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\david cox\Application Data\Windows Search
[2012/02/13 12:06:35 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\FixCleaner Scan.job
[2012/02/13 07:55:50 | 000,000,430 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{18A67AB4-86CC-47A1-B51A-C739DECF0A30}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\david cox\Desktop\LsDiagnosticUtility_1.14.16.1.exe:SummaryInformation
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\david cox\My Documents\Amazing Grace on Pipes.wav:Roxio EMC Stream
< End of report >
Extras.txt:
OTL Extras logfile created on: 2/13/2012 9:19:17 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\david cox\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
447.23 Mb Total Physical Memory | 177.86 Mb Available Physical Memory | 39.77% Memory free
1.18 Gb Paging File | 0.35 Gb Available in Paging File | 29.72% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 103.51 Gb Total Space | 77.38 Gb Free Space | 74.76% Space Free | Partition Type: NTFS
Computer Name: DAVE-Q08ESS7TBC | User Name: david cox | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"67:UDP" = 67:UDP:*:Enabled:DHCP Discovery Service
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger
"C:\Program Files\Windows Live\Messenger\livecall.exe" = C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)
"C:\Program Files\VMware\VMware Player\vmware-authd.exe" = C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe" = C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe:*:Enabled:CyberLink PowerDVD -- (CyberLink Corp.)
"C:\Program Files\VMware\VMware Player\vmware-authd.exe" = C:\Program Files\VMware\VMware Player\vmware-authd.exe:*:Enabled:VMware Authd -- (VMware, Inc.)
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser
"C:\Documents and Settings\david cox\Application Data\Spotify\spotify.exe" = C:\Documents and Settings\david cox\Application Data\Spotify\spotify.exe:*:Enabled:Spotify
"C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe" = C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet:Enabled:Pure Networks Platform Service -- (Cisco Systems, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{1506CE23-3FB8-E0DA-3B07-D68669C33CD7}" = ccc-core-preinstall
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{190601AF-7BE4-046E-CEBF-14EE74434250}" = AMD Catalyst Install Manager
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}" = CyberLink InstantBurn
"{1B683082-8791-4D00-8ADE-6C8986FCCC68}" = Roxio CinePlayer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink PowerStarter
"{1FD7A431-CFA5-EDB0-830B-9FADA4847E94}" = Catalyst Control Center Graphics Full Existing
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java 7 Update 1
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB Video Driver
"{2D85CB00-4FF0-26A5-D07F-3548AE418506}" = Skins
"{302EF6FB-3EE7-407D-2DDE-2C021A1A0918}" = ccc-utility
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31DABA20-10A1-4746-9D9F-57955B8DFF66}" = Free Games Offer, Desktop Shortcut
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder
"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E67A8DA-FE7B-4160-8465-F5571EA18753}" = Roxio Disc Gallery
"{404FDA15-6384-4B83-9E1A-A6047447660F}" = LightScribe System Software 1.14.16.1
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4ED118EE-785C-CC18-5D2E-D5CA4BAA03F0}" = Catalyst Control Center Graphics Full New
"{539475B7-44B7-8B0A-134C-F01B9C8B7569}" = ccc-core-preinstall
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack
"{5AC7AE54-55DF-1126-076C-623F008D40B6}" = Catalyst Control Center Graphics Full Existing
"{5D8A40E9-8E59-3761-98DE-2C9F7303FA17}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514)
"{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup
"{6351D217-3EE3-1967-29BE-6A77635FE485}" = Skins
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6AB9CD3A-F91F-233B-923B-6C59BA63524D}" = Catalyst Control Center HydraVision Full
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7A239A2D-92B3-3AC3-484D-2E487F87F0E0}" = Catalyst Control Center Graphics Light
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{8183EF47-6E87-E9F8-47ED-2FE07F85F656}" = Catalyst Control Center Graphics Previews Common
"{83FF62E8-EAE3-B5DA-7A63-A2ADD3499671}" = Catalyst Control Center Graphics Full New
"{85A91C22-C369-FCFB-5F1F-D59EB21AD0E1}" = CCC Help English
"{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{92682D65-E96D-83B0-AB2B-547F32FDCB8C}" = CCC Help English
"{928D2FB1-291A-362B-89A4-7075A9D904A4}" = Microsoft Windows SDK for Windows 7 (7.1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9A1828-31D1-4590-A99F-022B7237AFAE}" = Roxio MediaShare
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A53A11EA-0095-493F-86FA-A15E8A86A405}" = VMware Player
"{A6D0140F-E62F-9D1E-2408-9CFF91FF6FC8}" = ccc-utility
"{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" = Internet Explorer (Enable DEP)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.6
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}" = REALTEK GbE & FE Ethernet PCI NIC Driver
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BF2A74BF-8D12-47F1-8B19-22B30AF6B0D1}" = Linksys EasyLink Advisor
"{BF83EFE2-C9F0-40D4-841C-2066668C1D7A}" = Roxio Easy Media Creator 10 Suite
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C44A7422-E380-44BE-79FE-1C032D8A03A7}" = Catalyst Control Center Core Implementation
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C941F1F1-25B3-4DF5-83E6-888C51A1AAB6}" = AVIVO Codecs
"{CAB14F80-C2F5-9A26-4B65-81EDBB7D8F7F}" = Catalyst Control Center Core Implementation
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2A7D92-D766-30A9-B195-C4772EE2695F}" = Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D09605BE-5587-4B0C-86C8-69B5092CB80F}" = Debugging Tools for Windows (x86)
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{D6EB268F-E74C-4C75-B021-A980551F5730}" = LightScribe Diagnostic Utility
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy
"{E5D24929-91A4-B0A1-DE00-AFC453921EF7}" = Catalyst Control Center Graphics Light
"{E6C09BFB-BA75-15C7-5B18-A2CE31C4F42B}" = Catalyst Control Center Graphics Previews Common
"{E7F9E526-2324-437B-A609-E8C5309465CB}" = Microsoft Windows Performance Toolkit
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F5B4D736-CE2B-4A7E-ADEC-236C546D2183}" = FixCleaner
"{F6E8A267-465A-59EC-7720-84EA1DB2D579}" = ccc-core-static
"{FBDBC490-089D-4476-BF72-1F7A6368200A}" = Pure Networks Platform
"{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"00545FB71C8C0CA8EB58826AB184228A91CFC091" = Windows Driver Package - Advanced Micro Devices, Inc. (USB28xxBGA) Media (04/27/2007 5.7.0427.0)
"4DFDCEFC24545A9DE98551DA0E63416199352710" = Windows Driver Package - eMPIA Technology Inc, (emAudio) MEDIA (04/27/2007 5.7.0427.0)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"All ATI Software" = ATI - Software Uninstall Utility
"ASTRA32_is1" = ASTRA32 - Advanced System Information Tool 2.12
"ATI Display Driver" = ATI Display Driver
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"ie8" = Windows Internet Explorer 8
"InfraRecorder" = InfraRecorder
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink PowerStarter
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}" = Suite
"InstallShield_{7FE3214C-283E-40C6-A8D5-CB773110090C}" = Linksys EasyLink Advisor
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"N360" = Norton 360
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NeroVision!UninstallKey" = NeroVision Express 2
"NMPUninstallKey" = Nero Media Player
"PC Pitstop Optimize3_is1" = PC Pitstop Optimize3 3.0
"SDKSetup_7.1.7600.0.30514" = Microsoft Windows SDK for Windows 7 (7.1)
"VMware_Player" = VMware Player
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Juniper_Citrix_Services" = Juniper Citrix Services Client
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\CYBERLINK POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\POWERDVD HELP FILE.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\ONLINE REGISTRATION.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\READ ME.LNK> in the hash map cannot be updated. Context: Application,
SystemIndex Catalog Details: A device attached to the system is not functioning.
(0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
Error - 1/24/2012 3:03:06 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Windows Search Service | ID = 3013
Description = The entry <C:\DOCUMENTS AND SETTINGS\DAVID COX\START MENU\PROGRAMS\CYBERLINK
DVD SUITE\POWERDVD\UNINSTALL POWERDVD.LNK> in the hash map cannot be updated. Context:
Application, SystemIndex Catalog Details: A device attached to the system is not
functioning. (0x8007001f)
[ System Events ]
Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 2/13/2012 9:55:17 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.
Error - 2/13/2012 9:57:29 AM | Computer Name = DAVE-Q08ESS7TBC | Source = VMnetDHCP | ID = 2
Description = Can't open C:\Documents and Settings\All Users\Application Data\VMware\vmnetdhcp.conf:
The system cannot find the file specified. / The system cannot find the file specified
Error - 2/13/2012 9:59:15 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the VMware Authorization
Service service to connect.
Error - 2/13/2012 9:59:15 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7000
Description = The VMware Authorization Service service failed to start due to the
following error: %%1053
Error - 2/13/2012 10:00:41 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM
Service service to connect.
Error - 2/13/2012 10:00:41 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7000
Description = The IMAPI CD-Burning COM Service service failed to start due to the
following error: %%1053
Error - 2/13/2012 10:01:16 AM | Computer Name = DAVE-Q08ESS7TBC | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the N360 service.
< End of report >
Thanks for any help in getting to the root of these freezes