OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\catbar\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 47.25% Memory free
8.22 Gb Paging File | 5.99 Gb Available in Paging File | 72.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.11 Gb Total Space | 471.63 Gb Free Space | 81.16% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 0.01 Gb Free Space | 0.04% Space Free | Partition Type: NTFS
Drive E: | 113.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
I have been trying to fix what i think is a virus... iexplore.exe... When I was trying to clean it up yesterday, I think I inadvertantly deleted a file that I need... but I am still not even sure if I did that or not. I ran the OTL report.. and have no idea how to read it.. but I'm hoping that someone can look at it, and see the problem...
thx
Computer Name: CATBAR-PC | User Name: catbar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/26 10:27:50 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\catbar\Downloads\OTL.exe
PRC - [2012/02/25 23:19:34 | 000,332,216 | ---- | M] () -- C:\ProgramData\IBUpdaterService\ibsvc.exe
PRC - [2012/02/16 09:40:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/11/07 03:26:14 | 000,025,472 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files (x86)\Uniblue\RegistryBooster\rbmonitor.exe
PRC - [2011/06/22 07:13:46 | 000,984,936 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
PRC - [2011/06/22 05:57:14 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/06/15 00:32:46 | 001,532,760 | ---- | M] (Intuit Inc. All rights reserved.) -- C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/07 11:21:00 | 000,107,008 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe
PRC - [2009/10/11 04:17:45 | 000,386,872 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jucheck.exe
PRC - [2009/04/09 16:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2008/12/17 23:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/09/23 21:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/06/24 01:27:40 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtmsdmon.exe
PRC - [2008/06/24 01:26:16 | 000,668,912 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtmon.exe
PRC - [2008/05/23 13:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/11/28 05:33:28 | 000,046,432 | ---- | M] (Microsoft® Corporation) -- C:\Program Files (x86)\Microsoft Works\WkCalRem.exe
PRC - [2007/02/20 20:18:32 | 000,366,400 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe
PRC - [2007/01/02 21:40:10 | 000,210,520 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2006/12/10 21:52:38 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuSchd2.exe
PRC - [2006/12/10 21:51:08 | 000,271,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2003/08/20 16:15:48 | 000,483,328 | R--- | M] (Hewlett-Packard) -- C:\Windows\SysWOW64\hphmon05.exe
PRC - [1998/07/25 00:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Money Plus\MNYCoreFiles\System\REMINDER.EXE
========== Modules (No Company Name) ==========
MOD - [2012/02/17 03:37:51 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll
MOD - [2012/02/17 03:36:06 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\1a5853155c4e5ab3f91cd37da331e89b\System.Web.Services.ni.dll
MOD - [2012/02/17 03:36:06 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll
MOD - [2012/02/17 03:35:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll
MOD - [2012/02/17 03:34:22 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll
MOD - [2012/02/17 03:34:10 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll
MOD - [2012/02/17 03:34:03 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll
MOD - [2012/02/17 03:33:15 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll
MOD - [2012/02/17 03:33:08 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/04/09 16:29:00 | 001,762,032 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009/04/09 16:29:00 | 000,263,920 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009/04/09 16:29:00 | 000,132,336 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009/04/09 16:29:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009/04/09 16:29:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2008/12/17 23:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll
MOD - [2008/12/17 23:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll
MOD - [2008/12/17 23:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll
MOD - [2008/12/17 23:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll
MOD - [2008/12/17 23:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll
MOD - [2008/11/03 08:54:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2008/06/24 01:27:40 | 000,025,840 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtmsdmon.exe
MOD - [2008/06/24 01:26:16 | 000,668,912 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtmon.exe
MOD - [2008/05/26 02:05:20 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Dell V305\app4r.monitor.core.dll
MOD - [2008/05/26 02:05:20 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Dell V305\app4r.monitor.common.dll
MOD - [2008/05/26 02:04:06 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Dell V305\app4r.devmons.mcmdevmon.dll
MOD - [2008/03/18 17:05:05 | 000,782,336 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtdrs.dll
MOD - [2008/03/18 17:04:20 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtscw.dll
MOD - [2008/02/19 17:25:56 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtcaps.dll
MOD - [2008/02/19 17:18:58 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtmonr.dll
MOD - [2008/01/21 21:05:12 | 000,077,906 | ---- | M] () -- C:\Program Files (x86)\Dell V305\DLDTcfg.dll
MOD - [2007/11/22 03:55:48 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\Dell V305\app4r.devmons.mcmdevmon.autoplayutil.dll
MOD - [2007/11/13 14:13:09 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtcnv4.dll
MOD - [2007/05/29 02:39:08 | 000,589,824 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtdatr.dll
MOD - [2007/03/26 02:39:35 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\Dell V305\dldtcats.dll
MOD - [2006/12/10 21:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\crm\xmltok.dll
MOD - [2006/12/10 21:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\crm\xmlparse.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/04/27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2011/04/27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2008/10/29 01:06:44 | 000,901,120 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/09/23 21:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/07/18 07:42:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/02/25 11:38:28 | 000,034,032 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dldtserv.exe -- (dldtCATSCustConnectService)
SRV:64bit: - [2008/02/25 11:38:24 | 001,045,232 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dldtcoms.exe -- (dldt_device)
SRV:64bit: - [2008/01/20 21:51:30 | 000,012,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\wmsvc.exe -- (WMSvc)
SRV:64bit: - [2008/01/20 21:51:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/02/25 23:19:34 | 000,332,216 | ---- | M] () [Auto | Running] -- C:\ProgramData\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2011/06/22 05:57:14 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/02/20 18:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/02/20 18:05:18 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/10/01 03:22:42 | 000,131,072 | ---- | M] (Intuit, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Intuit\QuickBooks 2009\QBDBMgrN.exe -- (QuickBooksDB19)
SRV - [2009/04/11 01:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/18 15:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2008/02/25 11:38:12 | 000,595,184 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\dldtcoms.exe -- (dldt_device)
SRV - [2007/03/13 02:23:18 | 000,225,280 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/03/13 02:23:18 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/08/02 16:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011/02/11 18:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/28 07:57:50 | 000,061,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009/09/30 19:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/10/29 01:06:48 | 004,598,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2008/10/29 01:06:48 | 004,598,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/07/21 06:18:30 | 000,026,624 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2008/07/17 07:41:18 | 000,126,976 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/07/15 07:14:10 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/07/10 06:28:50 | 000,170,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/01/20 21:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2008/01/20 21:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 02:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2010/10/10 07:34:30 | 000,077,004 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\AFS.SYS -- (AFS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://www.ask.com/?...l=dis&o=102167"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@photoproduct.rocketlife.com/RocketLife App Viewer;version=0.8: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/02/25 16:23:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2010/01/11 20:13:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catbar\AppData\Roaming\Mozilla\Extensions
[2012/02/25 16:24:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\catbar\AppData\Roaming\Mozilla\Firefox\Profiles\sxub7k00.default\extensions
[2012/02/25 16:24:06 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\catbar\AppData\Roaming\Mozilla\Firefox\Profiles\sxub7k00.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/02/25 16:23:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/02/16 09:40:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/16 05:42:53 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/16 05:42:53 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
Hosts file not found
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F92A9FE4-2850-4198-B9D5-279880E49B16} - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4:64bit: - HKLM..\Run: [dldtamon] C:\Program Files (x86)\Dell V305\dldtamon.exe ()
O4:64bit: - HKLM..\Run: [dldtmon.exe] C:\Program Files (x86)\Dell V305\dldtmon.exe ()
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hewlett-Packard\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPHmon05] C:\Windows\SysWOW64\hphmon05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPHUPD05] C:\Program Files (x86)\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files (x86)\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [RegistryBooster] C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [Reminder] C:\Program Files (x86)\Microsoft Money Plus\MNYCoreFiles\System\REMINDER.EXE (Microsoft Corporation)
O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - Startup: C:\Users\catbar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK = C:\Program Files (x86)\Microsoft Works\WkCalRem.exe (Microsoft® Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\Windows\SysNative\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: //@surf.mar@/ ([]money in Local intranet)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin..../p3dactivex.cab (P3DActiveX Control)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://images3.pnime...veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB133F53-8D73-4E1C-A57C-EDDADBE10D69}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18:64bit: - Protocol\Handler\intu-help-qb2 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files (x86)\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\catbar\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\catbar\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/08/02 22:25:53 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{17160b1b-0fe3-11e0-ba5a-0021706b0c27}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\ActionSportDrives.html
O33 - MountPoints2\{48ab8cee-acf0-11de-8397-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{48ab8cee-acf0-11de-8397-00038a000015}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{4ccf5d62-2b47-11de-ab5b-00038a000015}\Shell\AutoRun\command - "" = F:\WDSetup.exe
O33 - MountPoints2\{4ccf5d64-2b47-11de-ab5b-00038a000015}\Shell\AutoRun\command - "" = G:\setupSNK.exe
O33 - MountPoints2\{5d4ce7f9-4acf-11e1-aae0-0021706b0c27}\Shell - "" = AutoRun
O33 - MountPoints2\{5d4ce7f9-4acf-11e1-aae0-0021706b0c27}\Shell\AutoRun\command - "" = F:\TL_Bootstrap.exe
O33 - MountPoints2\{d3e8d790-28d2-11de-8236-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d3e8d790-28d2-11de-8236-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2009/07/10 06:00:24 | 000,172,328 | R--- | M] (InstallShield Software Corporation)
O33 - MountPoints2\{f18a06af-b39a-11e0-9cb2-0021706b0c27}\Shell - "" = AutoRun
O33 - MountPoints2\{f18a06af-b39a-11e0-9cb2-0021706b0c27}\Shell\AutoRun\command - "" = F:\KODAK_Camera_Setup_App.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/25 23:20:36 | 000,000,000 | ---D | C] -- C:\Users\catbar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoConverter
[2012/02/25 23:20:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoConverter
[2012/02/25 23:20:10 | 000,000,000 | ---D | C] -- C:\Users\catbar\AppData\Roaming\PerformerSoft
[2012/02/25 23:20:09 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012/02/25 23:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2012/02/25 23:20:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2012/02/25 23:20:07 | 000,000,000 | ---D | C] -- C:\ProgramData\IBUpdaterService
[2012/02/25 22:37:06 | 000,000,000 | ---D | C] -- C:\inetpub
[2012/02/25 22:33:51 | 000,000,000 | ---D | C] -- C:\Users\catbar\AppData\Roaming\Uniblue
[2012/02/25 22:33:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2012/02/25 22:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
[2012/02/25 22:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Uniblue
[2012/02/25 22:33:31 | 000,000,000 | ---D | C] -- C:\Users\catbar\AppData\Local\PackageAware
[2012/02/25 22:08:01 | 000,000,000 | ---D | C] -- C:\new
[2012/02/25 22:02:34 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012/02/25 16:14:39 | 000,000,000 | ---D | C] -- C:\Users\catbar\AppData\Local\Dell Edoc Viewer
[2012/02/25 14:38:44 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2012/02/25 14:38:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2012/02/25 14:36:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/02/25 14:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/02/25 13:03:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vmm32
[2012/02/12 19:42:05 | 000,000,000 | ---D | C] -- C:\Users\catbar\AppData\Roaming\.minecraft
[2012/02/10 21:18:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2012/02/10 21:18:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2012/02/10 21:18:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2012/02/10 21:18:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2012/02/10 21:18:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2012/02/10 21:18:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2012/02/06 15:31:36 | 106,075,079 | ---- | C] (GnuCash Development Team ) -- C:\Users\catbar\Desktop\gnucash-2.4.10-setup.exe
[2012/02/06 15:09:51 | 000,000,000 | ---D | C] -- C:\Users\catbar\AppData\Roaming\MechCAD
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/26 10:32:00 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2012/02/26 10:22:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/26 10:01:04 | 000,873,558 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/26 10:01:04 | 000,197,298 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/26 10:01:04 | 000,006,398 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/26 09:59:31 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/26 09:59:31 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job
[2012/02/26 09:59:30 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2012/02/26 09:54:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/26 09:54:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/26 09:54:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/26 09:54:49 | 4294,107,136 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/25 23:40:31 | 000,000,732 | ---- | M] () -- C:\Users\catbar\AppData\Local\d3d9caps64.dat
[2012/02/25 23:20:12 | 000,000,284 | ---- | M] () -- C:\Windows\tasks\PC Performer.job
[2012/02/25 23:20:09 | 000,000,851 | ---- | M] () -- C:\Users\Public\Desktop\PC Performer.lnk
[2012/02/25 23:06:45 | 000,287,104 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/25 22:37:59 | 000,006,008 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/25 22:33:50 | 000,001,635 | ---- | M] () -- C:\Users\catbar\Desktop\Uniblue RegistryBooster.lnk
[2012/02/25 22:33:50 | 000,001,625 | ---- | M] () -- C:\Users\catbar\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/02/25 22:02:35 | 000,001,608 | ---- | M] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012/02/25 19:27:16 | 000,002,198 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/02/25 19:24:04 | 000,000,134 | ---- | M] () -- C:\Users\catbar\Desktop\Internet Explorer Troubleshooting.url
[2012/02/25 19:21:46 | 001,056,768 | ---- | M] () -- C:\Windows\SysNative\defltbase.sdb
[2012/02/25 17:55:21 | 000,000,739 | ---- | M] () -- C:\bgCloseProgram[1].png
[2012/02/25 17:55:16 | 000,007,718 | ---- | M] () -- C:\download[2].js
[2012/02/25 17:55:16 | 000,006,370 | ---- | M] () -- C:\downloadmanager[1].js
[2012/02/25 17:55:16 | 000,001,174 | ---- | M] () -- C:\downloader[2].js
[2012/02/25 17:55:16 | 000,000,557 | ---- | M] () -- C:\downloadstate[1].js
[2012/02/25 17:30:28 | 000,000,935 | ---- | M] () -- C:\Users\catbar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/25 16:23:43 | 000,000,874 | ---- | M] () -- C:\Users\catbar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/25 16:23:43 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/25 14:38:14 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012/02/25 14:37:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/02/25 12:17:37 | 000,026,514 | ---- | M] () -- C:\Users\catbar\AppData\Roaming\wklnhst.dat
[2012/02/24 15:29:28 | 561,862,160 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/02/24 08:45:37 | 000,007,728 | ---- | M] () -- C:\Users\catbar\AppData\Local\d3d9caps.dat
[2012/02/24 03:04:24 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2012/02/24 03:04:24 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2012/02/24 03:04:24 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2012/02/24 03:04:24 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2012/02/24 03:04:13 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/02/24 03:04:11 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012/02/22 16:54:11 | 034,443,264 | R--- | M] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBW
[2012/02/22 16:54:11 | 000,000,382 | ---- | M] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBW.nd
[2012/02/22 16:54:10 | 001,114,112 | R--- | M] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBW.TLG
[2012/02/20 21:52:48 | 000,019,957 | ---- | M] () -- C:\Users\catbar\woodalpha.zip
[2012/02/20 20:28:30 | 000,000,374 | ---- | M] () -- C:\Users\catbar\bwf212-31-08.QBW.nd
[2012/02/20 20:28:29 | 034,373,632 | R--- | M] () -- C:\Users\catbar\bwf212-31-08.QBW
[2012/02/20 20:28:29 | 014,614,528 | R--- | M] () -- C:\Users\catbar\bwf212-31-08.QBW.TLG
[2012/02/20 20:16:34 | 010,208,256 | ---- | M] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBX
[2012/02/15 11:17:02 | 010,207,744 | ---- | M] () -- C:\Users\catbar\Desktop\bwf212-31-08 (Acct Transfer Feb 15,2012 11 16 AM).QBX
[2012/02/13 10:30:58 | 002,908,433 | ---- | M] () -- C:\Users\catbar\layouts.zip
[2012/02/13 09:49:59 | 000,023,552 | ---- | M] () -- C:\Users\catbar\Desktop\The Gathering Place Inc.wps
[2012/02/13 09:44:40 | 000,018,944 | ---- | M] () -- C:\Users\catbar\Documents\GP Price List.wps
[2012/02/13 09:44:19 | 000,001,720 | ---- | M] () -- C:\Users\catbar\Desktop\The Gathering Place Inc - Shortcut.lnk
[2012/02/13 09:44:15 | 000,001,655 | ---- | M] () -- C:\Users\catbar\Desktop\Startup $$ - Shortcut.lnk
[2012/02/09 11:42:22 | 000,024,576 | ---- | M] () -- C:\Users\catbar\The Gathering Place Inc.wps
[2012/02/08 11:31:41 | 000,022,016 | ---- | M] () -- C:\Users\catbar\Desktop\resume.wps
[2012/02/07 16:27:57 | 000,011,776 | ---- | M] () -- C:\Users\catbar\Gatherine Place.xlr
[2012/02/07 11:10:23 | 003,440,640 | ---- | M] () -- C:\Users\catbar\Documents\2012 CJB.mny
[2012/02/06 16:18:41 | 000,000,218 | ---- | M] () -- C:\Users\catbar\AppData\Local\recently-used.xbel
[2012/02/06 15:31:39 | 106,075,079 | ---- | M] (GnuCash Development Team ) -- C:\Users\catbar\Desktop\gnucash-2.4.10-setup.exe
[2012/02/05 16:48:56 | 000,023,552 | ---- | M] () -- C:\Users\catbar\Documents\job letter to friends.wps
[2012/02/02 11:48:40 | 000,133,271 | ---- | M] () -- C:\Users\catbar\Desktop\UNUM_Portability_Life_Insurance_Application_03042009.pdf
[2012/02/02 11:47:37 | 000,031,831 | ---- | M] () -- C:\Users\catbar\Desktop\State_Unemployment_Agencies.pdf
[2012/02/01 13:47:08 | 000,019,000 | ---- | M] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012/01/30 21:22:34 | 010,213,376 | ---- | M] () -- C:\Users\catbar\Desktop\bwf212-31-08 (Acct Transfer Jan 30,2012 09 22 PM).QBX
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/26 09:54:48 | 4294,107,136 | -HS- | C] () -- C:\hiberfil.sys
[2012/02/25 23:20:12 | 000,000,284 | ---- | C] () -- C:\Windows\tasks\PC Performer.job
[2012/02/25 23:20:09 | 000,000,851 | ---- | C] () -- C:\Users\Public\Desktop\PC Performer.lnk
[2012/02/25 22:33:53 | 000,000,346 | ---- | C] () -- C:\Windows\tasks\RegistryBooster.job
[2012/02/25 22:33:50 | 000,001,635 | ---- | C] () -- C:\Users\catbar\Desktop\Uniblue RegistryBooster.lnk
[2012/02/25 22:33:50 | 000,001,625 | ---- | C] () -- C:\Users\catbar\Application Data\Microsoft\Internet Explorer\Quick Launch\Uniblue RegistryBooster.lnk
[2012/02/25 22:02:35 | 000,001,608 | ---- | C] () -- C:\Users\Public\Desktop\Recuva.lnk
[2012/02/25 20:44:18 | 000,002,295 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
[2012/02/25 20:44:18 | 000,002,035 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2012/02/25 20:44:18 | 000,000,881 | ---- | C] () -- C:\Users\catbar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\wkcalrem.LNK
[2012/02/25 19:21:46 | 001,056,768 | ---- | C] () -- C:\Windows\SysNative\defltbase.sdb
[2012/02/25 19:06:09 | 000,000,134 | ---- | C] () -- C:\Users\catbar\Desktop\Internet Explorer Troubleshooting.url
[2012/02/25 17:55:21 | 000,000,739 | ---- | C] () -- C:\bgCloseProgram[1].png
[2012/02/25 17:55:16 | 000,007,718 | ---- | C] () -- C:\download[2].js
[2012/02/25 17:55:16 | 000,006,370 | ---- | C] () -- C:\downloadmanager[1].js
[2012/02/25 17:55:16 | 000,001,174 | ---- | C] () -- C:\downloader[2].js
[2012/02/25 17:55:16 | 000,000,557 | ---- | C] () -- C:\downloadstate[1].js
[2012/02/25 16:23:43 | 000,000,874 | ---- | C] () -- C:\Users\catbar\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/02/25 16:23:43 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/02/25 16:23:43 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/02/25 14:38:14 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2012/02/25 14:37:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2012/02/25 14:36:11 | 000,002,198 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012/02/25 14:36:06 | 000,006,008 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/02/25 14:35:56 | 000,001,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/02/24 08:45:35 | 000,000,935 | ---- | C] () -- C:\Users\catbar\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/02/24 03:04:13 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012/02/24 03:04:11 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012/02/20 21:52:44 | 000,019,957 | ---- | C] () -- C:\Users\catbar\woodalpha.zip
[2012/02/20 20:29:54 | 000,000,382 | ---- | C] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBW.nd
[2012/02/20 20:28:32 | 001,114,112 | R--- | C] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBW.TLG
[2012/02/20 20:28:30 | 034,443,264 | R--- | C] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBW
[2012/02/20 20:16:18 | 010,208,256 | ---- | C] () -- C:\Users\catbar\Desktop\BWF INC 2011.QBX
[2012/02/15 11:16:58 | 010,207,744 | ---- | C] () -- C:\Users\catbar\Desktop\bwf212-31-08 (Acct Transfer Feb 15,2012 11 16 AM).QBX
[2012/02/13 10:30:42 | 002,908,433 | ---- | C] () -- C:\Users\catbar\layouts.zip
[2012/02/13 09:44:40 | 000,018,944 | ---- | C] () -- C:\Users\catbar\Documents\GP Price List.wps
[2012/02/13 09:44:19 | 000,001,720 | ---- | C] () -- C:\Users\catbar\Desktop\The Gathering Place Inc - Shortcut.lnk
[2012/02/13 09:44:15 | 000,001,655 | ---- | C] () -- C:\Users\catbar\Desktop\Startup $$ - Shortcut.lnk
[2012/02/13 09:42:29 | 000,023,552 | ---- | C] () -- C:\Users\catbar\Desktop\The Gathering Place Inc.wps
[2012/02/10 21:51:04 | 000,000,917 | ---- | C] () -- C:\Users\catbar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/02/07 16:35:31 | 000,024,576 | ---- | C] () -- C:\Users\catbar\The Gathering Place Inc.wps
[2012/02/07 16:27:57 | 000,011,776 | ---- | C] () -- C:\Users\catbar\Gatherine Place.xlr
[2012/02/06 16:18:41 | 000,000,218 | ---- | C] () -- C:\Users\catbar\AppData\Local\recently-used.xbel
[2012/02/06 14:52:36 | 003,440,640 | ---- | C] () -- C:\Users\catbar\Documents\2012 CJB.mny
[2012/02/05 09:39:55 | 000,023,552 | ---- | C] () -- C:\Users\catbar\Documents\job letter to friends.wps
[2012/02/02 11:47:31 | 000,031,831 | ---- | C] () -- C:\Users\catbar\Desktop\State_Unemployment_Agencies.pdf
[2012/02/02 11:46:56 | 000,133,271 | ---- | C] () -- C:\Users\catbar\Desktop\UNUM_Portability_Life_Insurance_Application_03042009.pdf
[2012/01/30 21:22:19 | 010,213,376 | ---- | C] () -- C:\Users\catbar\Desktop\bwf212-31-08 (Acct Transfer Jan 30,2012 09 22 PM).QBX
[2011/12/11 22:15:25 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/10/27 11:01:20 | 000,000,088 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011/10/27 09:30:47 | 000,000,224 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011/10/27 09:30:37 | 000,000,408 | ---- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011/04/30 17:30:08 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2011/02/11 18:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011/02/11 18:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011/02/11 18:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/11/20 20:48:02 | 000,148,985 | ---- | C] () -- C:\Windows\hpoins19.dat
[2010/11/20 20:46:55 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010/10/10 07:36:27 | 000,000,235 | ---- | C] () -- C:\Users\catbar\AppData\Roaming\devices.xml
[2010/10/10 07:36:27 | 000,000,012 | ---- | C] () -- C:\Users\catbar\AppData\Roaming\settings.xml
[2010/10/10 07:32:14 | 000,006,371 | R--- | C] () -- C:\Windows\SysWow64\hphmon05.dat
[2010/10/10 07:31:35 | 000,004,284 | ---- | C] () -- C:\Windows\hphmdl01.dat
[2010/08/24 20:51:41 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/08/24 20:51:19 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/08/24 20:50:56 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/03/12 07:10:54 | 000,007,728 | ---- | C] () -- C:\Users\catbar\AppData\Local\d3d9caps.dat
========== LOP Check ==========
[2012/02/12 20:03:15 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\.minecraft
[2010/03/11 16:59:24 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/22 15:41:29 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\Image Zone Express
[2012/02/06 16:13:38 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\MechCAD
[2012/02/25 23:20:10 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\PerformerSoft
[2010/11/20 21:05:58 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\Printer Info Cache
[2009/05/14 15:04:43 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\Quicken WillMaker
[2009/04/20 09:15:35 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\Template
[2012/02/25 22:33:51 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\Uniblue
[2011/12/11 15:32:00 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\Visan
[2010/01/09 22:04:19 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\VTExtra
[2009/04/16 21:19:11 | 000,000,000 | ---D | M] -- C:\Users\catbar\AppData\Roaming\WildTangent
[2012/02/25 23:20:12 | 000,000,284 | ---- | M] () -- C:\Windows\Tasks\PC Performer.job
[2012/02/26 09:59:31 | 000,000,346 | ---- | M] () -- C:\Windows\Tasks\RegistryBooster.job
[2012/02/26 09:59:30 | 000,000,288 | ---- | M] () -- C:\Windows\Tasks\RtlNICDiagVistaStart.job
[2012/02/25 23:02:16 | 000,032,576 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D432CE3
< End of report >
OTL Extras logfile created on: 2/26/2012 10:58:43 AM - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\catbar\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 47.25% Memory free
8.22 Gb Paging File | 5.99 Gb Available in Paging File | 72.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581.11 Gb Total Space | 471.63 Gb Free Space | 81.16% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 0.01 Gb Free Space | 0.04% Space Free | Partition Type: NTFS
Drive E: | 113.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: CATBAR-PC | User Name: catbar | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1
http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 52 E8 66 C0 64 E8 CC 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D1364A-1095-42C6-94B3-59E3B5AB5D78}" = lport=2869 | protocol=6 | dir=in | app=system |
"{04D2D266-64BB-4F76-8C91-516730D38484}" = lport=10243 | protocol=6 | dir=in | app=system |
"{154E33D2-FF47-4C93-8728-1E8A99E67D3E}" = lport=445 | protocol=6 | dir=in | app=system |
"{2BE8723F-907C-4F57-902A-DD10227D3623}" = rport=138 | protocol=17 | dir=out | app=system |
"{309B4A98-38FB-4439-A245-CB0052188FE4}" = lport=139 | protocol=6 | dir=in | app=system |
"{379B3EAC-5F59-429F-AB16-ED1AA3DE044A}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4095989E-E01F-4060-A3CA-FB4C7A6B4707}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4448CF73-517D-4089-A2F0-DC9155C5119A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{6FBF3D03-F1EE-4282-BA4C-353A43A2C82C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7E0FB955-27FA-46A9-8C31-09F9C499EED5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9B0ED50E-0536-49C8-B21D-C8C39D409D85}" = lport=137 | protocol=17 | dir=in | app=system |
"{9F0B8A08-97A4-4F2E-9F35-98ADB1F7A88F}" = rport=137 | protocol=17 | dir=out | app=system |
"{AF767926-4319-4A97-AE09-D7B73C838FE6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B143953C-2E1A-4F27-8009-99BDA356E18A}" = rport=445 | protocol=6 | dir=out | app=system |
"{B7E8E916-32D2-4562-81C4-E9F2AB50FDDE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C7929B38-ED40-4806-89DD-855349C25AF3}" = rport=139 | protocol=6 | dir=out | app=system |
"{C9FB93AC-F306-4EAD-B2CD-4019B8C6F6AC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DE3F70CC-E16B-4099-BC48-43506C1283D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E99DD84A-2583-49B2-AEB8-23C0F6BA0CFD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EBE2270E-7E4C-44DD-8386-F0041F2FAE82}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{FC0201B5-62B9-4294-93EE-8F920ED5EE22}" = lport=138 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0087B43C-5056-4D6F-8CD3-821479145B3A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{01FF7682-412A-4BEA-A19E-906DF0AE95FB}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtjswx.exe |
"{05A84CB5-D4D2-4D88-A55E-E675AAD8F8FA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0B92EE6C-E9E9-489D-9906-A04BEF8647D6}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"{12A37DA3-C83B-47B4-8658-7E8B330D9C46}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{14C4813F-550C-4D91-8B92-8C8BAEE13344}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{157365C1-56E1-4FDC-817A-46B330FAC57A}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtpswx.exe |
"{1679C1B6-D9C2-441F-BD2C-08D75FD8ABAC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{183BEFDD-CF40-487F-85E9-8CAE0382D0E4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{18903D8C-9BC0-430E-9091-1B51FF44A2E0}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{18E66F22-6E7B-4717-ACC6-9977032A6818}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{273E821D-AA2E-412A-A799-1A568BF0E6D7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2D3F2726-72FD-4CCF-9C9B-1083904BCD33}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{31C6E3B1-75B4-480A-B257-E8985D8B41E2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{321AE272-704D-49B3-869B-155F81C0761B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{32209A78-D621-4905-AD42-22B4742D2742}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{32431C0C-BA6B-47C8-A835-43E487169120}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcfg.exe |
"{3752A76D-B9EC-4B1C-BAEE-A6BF8CA9861E}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{3AB9C07E-0307-4D97-AC4F-016BF3717572}" = protocol=6 | dir=out | app=system |
"{3AC7297E-BBE8-4A97-8929-C9A9E8EABC67}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{45FA9F5A-CED6-4819-9FD9-1D70D3B59DCD}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtamon.exe |
"{46A8E70D-2143-46E0-B570-8361C3566D8F}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtamon.exe |
"{489692BE-3FF1-4F91-B12B-0E41B9787F4B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4E092F4F-7E83-434D-9EA8-8FF1E5CF9FCE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
"{508A0771-FF8B-423A-AEC5-D37DDC2751F2}" = protocol=1 | dir=in | [email protected],-28543 |
"{5184DD9E-D6FA-4E0D-9533-6BE0511BF2C6}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{54940516-AE32-4D03-9E73-F5565329F567}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{550B2F45-9F05-418E-AE96-BB7C3A6F8E5E}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{57F17A9C-A4D4-4A7A-95F2-904965B9CDB0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{59968D87-19E5-4942-8675-9317B46E1C56}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldttime.exe |
"{5B25E40E-F01C-49E7-A44F-59B39488012A}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1239932748\ee\aolsoftware.exe |
"{5DB4FE24-2ED2-4584-A823-93ADFFAD3924}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{604FDC79-6BE0-4484-9A7D-65B1C7B3ED39}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\wireless\dldtwpss.exe |
"{628104D7-6CA5-4F17-BACC-129B6538AF12}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{62AEBC7E-C7B5-4041-85D7-C1BFBF8D6485}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{70992D93-58D8-4ABB-91B7-64754C13B3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\wireless\dldtwpss.exe |
"{70AE7355-B83C-4734-BB37-FCB5FACC015E}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{7311807D-4181-49A3-B3DC-B51B93013C47}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtjswx.exe |
"{76BDC0DC-FE5B-49EE-AC01-153D21719A19}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"{7DF30192-CC20-407E-8F41-FD439FF923F1}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{8B9BFF90-B6AF-4549-892D-6F94BB929AD5}" = protocol=6 | dir=in | app=c:\windows\syswow64\dldtcoms.exe |
"{8E0C88DA-EA01-4337-8C4E-02E126E64998}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{920A79F1-E1CA-4366-BABA-FA577B4E5F7D}" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\frun.exe |
"{9387E74A-E582-4676-987B-20E1079E8624}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A902F9F-FF15-4904-A5FD-E3AD9614FA57}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldttime.exe |
"{9D2CF93C-F275-4A81-A342-7F016D774785}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9F7951C6-D2E1-4E9E-BC7B-26968CA008CD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1A85F86-E967-4EA5-8D69-B455F6631A94}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A4D531D3-BDEA-4554-A27E-2BE9111599CB}" = protocol=17 | dir=in | app=c:\windows\system32\dldtcoms.exe |
"{A9ED634E-51D8-4300-968B-C64945963517}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{AC377588-930D-49B6-9675-A1A19DFDB3AF}" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\frun.exe |
"{B444786A-AA7A-49CB-AA5D-DCE8892F832A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B740D05F-938A-47DA-A820-14DD5CC14C0F}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{BA0391A5-A13D-4337-974C-8768239FB543}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{BA330540-2E9F-4157-9DE9-6A0A6438D1B3}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{BF9381FF-DE94-43B9-BCAA-70A6A5921877}" = protocol=6 | dir=in | app=c:\windows\system32\dldtcfg.exe |
"{CA99EEC4-AC7B-470D-A5BD-B731BC585295}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{CB6B164A-472F-42CC-922E-59B6B67C5FAC}" = protocol=1 | dir=out | [email protected],-28544 |
"{CB84C87D-AC8D-4BC3-A885-0E51D0C07D2A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{CE081ED9-3C86-44C2-B702-6198A9E2E61E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1239932748\ee\aolsoftware.exe |
"{CF8529C2-C728-4E5D-8F31-C2E382602216}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{D1AA9E79-7E0F-4FFF-8FE1-76DDF546951B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D4EA681F-1E92-4A5D-B44A-38842B197059}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
"{D511AD7C-4B7F-4745-8621-34688B72A13C}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{D7D90065-41CD-4359-BC40-211C9D4ECEB3}" = protocol=58 | dir=out | [email protected],-28546 |
"{DD07D7F4-BF5A-402D-877E-2B841C965899}" = protocol=58 | dir=in | [email protected],-28545 |
"{E2579659-B79C-4A23-A4CB-81617F334F39}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{E4A3EFB9-1F4C-4120-88FA-D7F10C196E97}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E4D4A2AC-669F-4DC4-9655-E33CCF9A6DD3}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E8B5AF37-93A9-459D-B486-5E30C4D2AC9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EA66B84B-3403-4172-B66D-781B651C5DA3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EAE71EE0-B5E7-4F78-9EF3-DFCE3BF74D81}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{F758E6BD-0333-4BCF-9BD9-1B6338AF6FBB}" = protocol=17 | dir=in | app=c:\windows\syswow64\dldtcoms.exe |
"{F7F92D83-5521-4F0C-8AE5-83E6E6B152ED}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dldtpswx.exe |
"{FD91342D-DBF9-44DD-8693-65CC407AE9AD}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"TCP Query User{3FCFB54F-C10B-484E-9789-2CCC0D062F04}C:\program files (x86)\dell v305\dldtmon.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"TCP Query User{7819F497-10D0-414A-A482-7779A233490C}C:\program files (x86)\dell video chat\dellvideochat.exe" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"TCP Query User{AB599AC8-C43A-420F-8E6F-5E9A4369A4EB}C:\program files (x86)\wildtangent\dell games\polar pool\polarpool.exe" = protocol=6 | dir=in | app=c:\program files (x86)\wildtangent\dell games\polar pool\polarpool.exe |
"TCP Query User{D2F59195-A9BB-462B-B0EF-177542D0CBEB}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{3B5CF9CB-82A4-47C1-9329-3F89F8558E93}C:\program files (x86)\wildtangent\dell games\polar pool\polarpool.exe" = protocol=17 | dir=in | app=c:\program files (x86)\wildtangent\dell games\polar pool\polarpool.exe |
"UDP Query User{7C192E84-351C-4D7F-9E4F-282D5E3F529C}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{7DF346ED-8E5D-401D-8EEB-0FA2E68DB3A1}C:\program files (x86)\dell v305\dldtmon.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell v305\dldtmon.exe |
"UDP Query User{F2A28E25-C31C-4E04-B471-544662E4D9BD}C:\program files (x86)\dell video chat\dellvideochat.exe" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{17E02F38-FF2D-4c3d-83DF-ECE2A1D20A5E}" = AIO_CDB_ToolboxIni64
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{5AC309D7-93D6-418F-8DCA-DD710724A5B4}" = Windows Live Family Safety
"{838F7AB2-5DFE-60B3-1030-43ACC3454CD2}" = ccc-utility64
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{9F560BEB-021F-43AC-825F-AA60442D8DE4}" = 64 Bit HP CIO Components Installer
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"3D970B9F930E7AAE23C06D39A1AC98548C90B442" = Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0)
"Dell V305" = Dell V305
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Client" = Microsoft Security Essentials
"Recuva" = Recuva
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0DB1C665-97DD-F405-1D03-60ED1DA95510}" = Catalyst Control Center Graphics Previews Vista
"{0E4EDFCB-DC4D-4339-AB85-A8444E85D37B}" = 2600
"{105CA5BB-9F30-149D-1AD4-144040CB3C1B}" = Catalyst Control Center Localization Spanish
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 17
"{2BEF1AF7-845D-78AE-D826-A87E8CDB0E7F}" = CCC Help Chinese Standard
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C36015E-F0F6-43D7-58ED-F4210D355CF9}" = Catalyst Control Center Localization Turkish
"{3D8F9830-D6A3-413A-9A54-993827A73E47}" = DELL0604
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{44033AD6-17D0-3611-1D73-2791646B0892}" = CCC Help Portuguese
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{45B6180B-DCAB-4093-8EE8-6164457517F0}" = Photosmart 140,240,7200,7600,7700,7900 Series
"{47244975-454F-770B-79C1-0A705F17AA68}" = Catalyst Control Center Localization Chinese Standard
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4C4759BE-2BA4-2DA7-58F6-E5188062E6EB}" = CCC Help French
"{4D125AFC-0817-C6AC-B225-3C4E6EDB696D}" = CCC Help Japanese
"{517B8FB2-26EE-43B0-AE1B-07408860AA69}" = DigitImg
"{57D57F9A-0CED-61D0-B3C6-75A874CB9F4D}" = Skins
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5E0322C6-8CA9-A4BD-E9DC-CC8D8E7CB99E}" = Catalyst Control Center Graphics Previews Common
"{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
"{5F06BE49-28E6-771F-A57A-7AC8C97F38E1}" = Catalyst Control Center Core Implementation
"{60758250-C8CF-47EB-8CB6-E0C3B84D8207}" = PSShortcuts
"{60E5FF66-3F28-148C-8EE0-CE623C26233D}" = Catalyst Control Center Localization Portuguese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{672BEEF8-6C95-8F97-74D4-BDF37412437B}" = CCC Help Spanish
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6F215D53-6560-4E65-B268-3358508C6D6D}" = 2600Trb
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{746F3251-0E32-08E4-D18F-43794D57588D}" = Catalyst Control Center Localization Italian
"{75C89AB1-F888-6B0B-6BB4-A06ED4BDDFC0}" = Catalyst Control Center Graphics Full Existing
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7C7088C6-6347-150C-AEF4-A3190FF2F5AA}" = Catalyst Control Center Localization Hungarian
"{7CF7894B-D52C-F9E5-2ABF-DB6756CE21AC}" = CCC Help Turkish
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EDFEE8E-F4F2-CB4E-618B-846D4A95CAC8}" = CCC Help Chinese Traditional
"{7F1B3341-A94E-4F5C-B587-CA0EB964221E}" = Microsoft Money Shared Libraries
"{8380D40E-291B-144A-554F-4877F4B439DB}" = Catalyst Control Center InstallProxy
"{8587A68A-BF5F-9492-228C-FACFDBA1A4F4}" = CCC Help Hungarian
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4B0C5D-035C-4643-B80F-AFF81534D117}" = 2600_Help
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91155C7C-3404-C96D-78DA-E1D6AF73F6DA}" = Catalyst Control Center Graphics Full New
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A2F0810-3622-4E86-9072-973FBE1679C5}" = QuickBooks Pro 2009
"{9A2F0810-369F-4E86-9072-973FBE1679C5}" = QuickBooks
"{9A5909B3-8CF3-4E06-92A8-F3CB7C97EF20}" = KODAK Share Button App
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BD9026D-C3C6-0C40-9FD2-DD95A24CDEB2}" = Catalyst Control Center Localization French
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A0422738-2E4A-B01F-D19E-ED0379A3C3CC}" = CCC Help English
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{ACE0BCCF-27A6-C275-0318-651F6388882F}" = CCC Help German
"{B376402D-58EA-45EA-BD50-DD924EB67A70}" = HP Memories Disc
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C4B556FF-ABE6-8FBE-EF7A-909F72492DA8}" = CCC Help Korean
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA06B6B3-A775-50D6-3031-53C40A5202A6}" = Catalyst Control Center Localization Chinese Traditional
"{D0338BF1-DD06-8565-48A1-C8F3F991B959}" = Catalyst Control Center Localization Japanese
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D259350E-936C-C6C0-5FDF-B6B4B95731ED}" = Catalyst Control Center Graphics Light
"{D43BB532-3537-4CE9-9CBB-92533BD29F0C}" = HP Software Update
"{D81230AD-71DF-CFCB-CD05-52CFF26F8634}" = Catalyst Control Center Localization Korean
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DE4997B5-55AD-4878-97A7-C9FA84FE23C7}" = PSUsage
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E4A185BB-8E95-6FA7-2637-C9E4768DE2C3}" = ccc-core-static
"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
"{E5F1AAA6-C0C8-326C-CAD2-B413CE1F5512}" = Catalyst Control Center Localization German
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E62FFFA6-DCBC-189B-443E-D10A44901385}" = CCC Help Italian
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}" = Acrobat.com
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"Dell Video Chat" = Dell Video Chat
"HP Photo Creations" = HP Photo Creations
"InstallBrain Updater Service" = InstallBrain Updater Service
"Lexia Reading 7.0.1" = Lexia Reading
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Money2008b" = Microsoft Money Plus
"Mozilla Firefox 10.0.2 (x86 en-US)" = Mozilla Firefox 10.0.2 (x86 en-US)
"MSMONEYV70" = Microsoft Money 99
"PC Performer_is1" = PC Performer
"Picasa2" = Picasa 2
"Quicken WillMaker Plus 2009" = Quicken WillMaker Plus 2009
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"UnityWebPlayer" = Unity Web Player
"VideoConverter" = VideoConverter
"WildTangent dell Master Uninstall" = WildTangent Games
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.0.0.320
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 2/26/2012 12:08:01 AM | Computer Name = catbar-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 2/26/2012 12:10:54 AM | Computer Name = catbar-PC | Source = LoadPerf | ID = 3012
Description =
Error - 2/26/2012 12:10:54 AM | Computer Name = catbar-PC | Source = LoadPerf | ID = 3011
Description =
Error - 2/26/2012 12:23:58 AM | Computer Name = catbar-PC | Source = System Restore | ID = 8193
Description =
Error - 2/26/2012 10:56:01 AM | Computer Name = catbar-PC | Source = WinMgmt | ID = 10
Description =
Error - 2/26/2012 11:01:01 AM | Computer Name = catbar-PC | Source = LoadPerf | ID = 3012
Description =
Error - 2/26/2012 11:01:01 AM | Computer Name = catbar-PC | Source = LoadPerf | ID = 3011
Description =
Error - 2/26/2012 11:01:01 AM | Computer Name = catbar-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 2/26/2012 11:01:01 AM | Computer Name = catbar-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.
Error - 2/26/2012 11:34:42 AM | Computer Name = catbar-PC | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.33.2 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: 15fc Start Time: 01ccf49b3723dd7b Termination Time: 60000
[ System Events ]
Error - 2/26/2012 12:24:53 AM | Computer Name = catbar-PC | Source = DCOM | ID = 10005
Description =
Error - 2/26/2012 12:24:53 AM | Computer Name = catbar-PC | Source = DCOM | ID = 10005
Description =
Error - 2/26/2012 12:43:09 AM | Computer Name = catbar-PC | Source = DCOM | ID = 10005
Description =
Error - 2/26/2012 12:47:46 AM | Computer Name = catbar-PC | Source = DCOM | ID = 10005
Description =
Error - 2/26/2012 10:56:01 AM | Computer Name = catbar-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 2/26/2012 10:56:01 AM | Computer Name = catbar-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/26/2012 10:56:02 AM | Computer Name = catbar-PC | Source = Service Control Manager | ID = 7003
Description =
Error - 2/26/2012 10:56:02 AM | Computer Name = catbar-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 2/26/2012 10:56:24 AM | Computer Name = catbar-PC | Source = Service Control Manager | ID = 7041
Description =
Error - 2/26/2012 10:56:24 AM | Computer Name = catbar-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Sign In
Create Account
