Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible virus and computer really slow


  • This topic is locked This topic is locked

#1
kaliee

kaliee

    Member

  • Member
  • PipPip
  • 23 posts
This problem has been resolved. Please close this and thank you for being here, and for all your time and dedication you put in to helping people. :)




The past week my computer has been getting slower, and unresponsive at times. I originally ran a Malwarebytes scan with no issues, but when I run the regular Norton scan, it will hit 1 virus (that is all the infomation it gives me) and then stops working. The only way to close Norton is to do so through task manager, so I don't know where the virus is stored, or even what it's called.

I am sorry for the vague information, but that is really all I have to go on at this time. I ran the OTL scan and pasted the two logs below.

Thank you so much for any help or suggestions in advance.

-----------

OTL logfile created on: 3/14/2012 2:34:21 PM - Run 1
OTL by OldTimer - Version 3.2.37.0 Folder = C:\Users\home\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.97 Gb Total Physical Memory | 4.13 Gb Available Physical Memory | 69.24% Memory free
11.93 Gb Paging File | 9.89 Gb Available in Paging File | 82.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.74 Gb Total Space | 745.82 Gb Free Space | 81.27% Space Free | Partition Type: NTFS

Computer Name: MAIN | User Name: home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/14 14:33:45 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
PRC - [2012/01/17 01:18:36 | 000,138,232 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\19.6.1.8\ccsvchst.exe
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/27 10:51:05 | 007,626,104 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
PRC - [2011/01/27 10:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2010/12/09 05:45:58 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe
PRC - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010/02/04 05:17:18 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe
PRC - [2010/02/04 05:17:18 | 000,107,176 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark Z2300 Series\ezprint.exe
PRC - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe
PRC - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe
PRC - [2009/09/13 00:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009/09/13 00:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
PRC - [2009/07/20 16:07:10 | 000,124,416 | ---- | M] (IOI) -- C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe
PRC - [2009/06/04 21:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/13 04:00:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011/10/13 04:00:40 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011/10/13 04:00:29 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011/10/13 04:00:23 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011/10/13 03:59:46 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011/10/13 03:59:36 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2010/06/01 11:17:46 | 000,929,792 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll
MOD - [2010/02/04 05:17:18 | 000,672,424 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe
MOD - [2009/06/12 18:37:38 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Gateway Photo Frame\IOIUSBLib.dll
MOD - [2009/06/12 18:37:36 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Gateway Photo Frame\IOIHIDLib.dll
MOD - [2009/05/14 09:35:34 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmonr.dll
MOD - [2007/08/08 17:55:30 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\Lexmark Z2300 Series\iptk.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/01/21 05:52:36 | 009,631,232 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV:64bit: - [2010/01/28 18:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Program Files\Gateway\Gateway Updater\UpdaterService.exe -- (Updater Service)
SRV:64bit: - [2007/11/19 23:50:32 | 001,039,872 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdpcoms.exe -- (lxdp_device)
SRV - [2012/01/17 01:18:36 | 000,138,232 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\19.6.1.8\ccSvcHst.exe -- (NIS)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/27 10:51:05 | 002,253,688 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2010/09/14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010/09/14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 16:08:38 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2010/01/08 08:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 21:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2007/11/19 18:05:32 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdpcoms.exe -- (lxdp_device)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/08 19:05:41 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/01/17 18:46:01 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1306010.008\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/01/17 18:45:57 | 001,092,728 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1306010.008\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/01/17 18:35:24 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1306010.008\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/01/17 18:33:51 | 000,738,936 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1306010.008\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/01/17 18:33:51 | 000,037,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1306010.008\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2012/01/15 12:57:44 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm) Virtual Audio Cable (WDM)
DRV:64bit: - [2011/11/29 18:44:29 | 000,167,048 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1306010.008\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2011/07/25 21:18:35 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1306010.008\symds64.sys -- (SymDS)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010/09/14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010/09/14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010/09/14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/04/03 11:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150)
DRV:64bit: - [2009/12/09 04:39:52 | 000,537,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/09/08 19:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress) Intel®
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/25 15:13:10 | 000,138,752 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2007/05/14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV - [2012/03/13 23:50:41 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120313.020\ex64.sys -- (NAVEX15)
DRV - [2012/03/13 23:50:41 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120313.020\eng64.sys -- (NAVENG)
DRV - [2012/03/06 17:04:10 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120313.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012/03/02 13:58:01 | 001,157,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120302.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2012/02/04 00:06:05 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2012/02/04 00:06:05 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...48v115k4701s248
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.gate...48v115k4701s248
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7ACGW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...1I7ACGW_enUS419
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/w...l&geo=US&ver=18
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2012/02/01 10:23:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2012/03/14 14:28:52 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/01/02 14:12:14 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\19.6.1.8\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\19.6.1.8\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\19.6.1.8\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\19.6.1.8\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark Z2300 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxdpmon.exe] C:\Program Files (x86)\Lexmark Z2300 Series\lxdpmon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Gateway Photo Frame] C:\Program Files (x86)\Gateway Photo Frame\ButtonMonitor.exe (IOI)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [googletalk] C:\Users\home\AppData\Roaming\Google\Google Talk\googletalk.exe (Google)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O15 - HKCU\..Trusted Domains: oma11pwww05 ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: prod.westworlds.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O15 - HKCU\..Trusted Domains: west.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: westathome.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: westathome.net ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: workathomeagent.net ([]* in Trusted sites)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.7.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0240F8FF-32BB-42EF-8D34-35CC0129BE58}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/14 14:33:44 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
[2012/03/05 18:31:40 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{8CB99266-47DE-4B26-9435-EC99DCDBCDA4}
[2012/03/05 18:29:53 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{504BE676-F62C-4611-A005-3C1D3E9C9FC7}
[2012/03/05 18:26:23 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{8030569C-7A22-4B81-9205-6894928FAD58}
[2012/03/05 18:20:29 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{B8F446D5-E68A-4FDC-B2C2-9FEBDC01434F}
[2012/03/05 18:19:37 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{0B27A3C3-AED7-468A-8655-5E6BC4E55CD0}
[2012/03/01 23:21:58 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Talk
[2012/02/23 16:57:50 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{4780AD5E-7988-4410-8F95-18B4A387199C}
[2012/02/23 16:46:26 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{CFCD8C56-2905-44D0-894E-8C3963650851}
[2012/02/23 16:46:17 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{DB6B97B5-3905-4439-8823-F45036F7A85C}
[2012/02/23 16:08:45 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{EF5BF205-A1BE-4765-BAAD-6611A4AEA9CF}
[2012/02/16 12:13:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012/02/15 23:44:46 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{C0085FFD-01DF-426C-99C5-78EEA06806AF}
[2012/02/15 23:44:24 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{BAD8A0E6-D765-41A2-B2EA-4F0150CDC16F}
[2012/02/15 13:55:55 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{7B6808ED-6298-492F-8952-DA565FB4AA85}
[2012/02/15 13:52:37 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{5BFBD43A-849C-4100-911D-0EDA16FD542A}
[2012/02/15 13:52:27 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{647111C1-2924-4BD9-8F91-8047202FD9DE}
[2012/02/15 13:51:43 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{0F7BD91D-F6FA-4DAB-B470-6D0A854E067D}
[2012/02/15 13:51:33 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{37FF0A34-FB3B-47D4-9CBF-E79B36F7F3D2}
[2012/02/15 13:34:04 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{4591BB98-CF8C-4CFE-B58B-1E94D2094788}
[2012/02/15 12:53:06 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{6F2E99CF-F0CB-4DA0-BE23-F6A773FC2FB8}
[2012/02/15 12:52:55 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{AA3EF4A3-AAD4-4D3D-A62A-A03044012E29}
[2012/02/15 12:52:20 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{9D445D9B-6ACD-4F1C-BB13-871C64BF9AE9}
[2012/02/15 12:51:18 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{29217F6F-87F8-4E6A-B9F8-180DE7C82212}
[2012/02/15 12:51:08 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{1C4CEB0C-549A-4E77-96F3-14C1C9720A0D}
[2012/02/15 12:50:22 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{3B567434-9610-41C8-9AE4-74BF6418A9D0}
[2012/02/15 12:50:08 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{13D7196C-DB5B-4EAA-9601-392B3A6088D5}
[2012/02/15 12:48:45 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{9D07ED03-3CFE-48B6-B35F-DD6D2E813A3F}
[2012/02/15 12:48:32 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{CF69EB4A-5CE5-49B5-B7D1-2C9090651A72}
[2012/02/15 00:51:45 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{797DAA8B-39E0-4054-9DE9-2D67DBE22FAC}
[2012/02/15 00:48:02 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{35405FEF-E531-4E95-87F9-F672496CBE25}
[2012/02/15 00:47:44 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{19DA975A-A1FD-4E8C-9DBC-1FDBB3A642E9}
[2012/02/13 20:41:54 | 000,000,000 | ---D | C] -- C:\Users\home\AppData\Local\{BA7A067C-97B9-4C6C-92E7-6837E0F18B0D}
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/14 14:33:45 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\home\Desktop\OTL.exe
[2012/03/14 14:33:17 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 14:33:17 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/14 14:32:51 | 000,832,224 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/14 14:32:51 | 000,698,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/14 14:32:51 | 000,134,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/14 14:25:11 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/14 14:25:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/14 14:25:00 | 509,480,959 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/14 14:23:14 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/13 15:30:36 | 000,008,727 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1306010.008\VT20120301.009
[2012/03/11 13:17:45 | 002,804,712 | ---- | M] (Symantec Corporation) -- C:\Users\home\Desktop\NPE.exe
[2012/03/09 19:54:56 | 000,002,842 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2012/03/09 19:54:01 | 001,983,985 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1306010.008\Cat.DB
[2012/03/08 19:05:41 | 000,175,736 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2012/03/08 19:05:41 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2012/03/08 19:05:41 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2012/03/05 15:22:14 | 000,183,527 | ---- | M] () -- C:\Users\home\Documents\Geico payment 3-5-12.JPG
[2012/02/25 01:08:39 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1306010.008\isolate.ini
[2012/02/23 16:58:28 | 002,179,582 | ---- | M] () -- C:\Users\home\Documents\tush shot.JPG
[2012/02/15 13:56:30 | 000,078,941 | ---- | M] () -- C:\Users\home\Documents\DSCN0639.JPG
[2012/02/15 13:52:57 | 000,090,862 | ---- | M] () -- C:\Users\home\Documents\DSCN0662.JPG
[2012/02/15 09:12:04 | 000,111,376 | ---- | M] () -- C:\Users\home\Documents\DSCN4023 (2).jpg
[2012/02/15 09:09:25 | 000,104,942 | ---- | M] () -- C:\Users\home\Documents\DSCN199.jpg
[2012/02/15 09:08:13 | 000,156,003 | ---- | M] () -- C:\Users\home\Documents\DSCN0633 (2).jpg
[2012/02/15 09:06:54 | 000,121,796 | ---- | M] () -- C:\Users\home\Documents\DSCN0456 (2).jpg
[2012/02/15 09:06:07 | 000,074,960 | ---- | M] () -- C:\Users\home\Documents\DSCN0436(3).jpg
[2012/02/15 09:00:14 | 000,120,065 | ---- | M] () -- C:\Users\home\Documents\DSCN0633.JPG
[2012/02/15 08:59:58 | 000,092,230 | ---- | M] () -- C:\Users\home\Documents\DSCN0634.JPG
[2012/02/15 08:59:16 | 000,103,046 | ---- | M] () -- C:\Users\home\Documents\DSCN0685.JPG
[2012/02/15 08:58:57 | 000,101,289 | ---- | M] () -- C:\Users\home\Documents\DSCN0684.JPG
[2012/02/15 08:58:43 | 000,045,196 | ---- | M] () -- C:\Users\home\Documents\DSCN0667.JPG
[2012/02/15 08:57:01 | 000,077,919 | ---- | M] () -- C:\Users\home\Documents\DSCN0664.JPG
[2012/02/15 08:56:10 | 000,062,782 | ---- | M] () -- C:\Users\home\Documents\DSCN0644.JPG
[2012/02/15 08:54:05 | 000,117,106 | ---- | M] () -- C:\Users\home\Documents\DSCN0631.JPG
[2012/02/15 08:53:51 | 000,074,225 | ---- | M] () -- C:\Users\home\Documents\DSCN0611.JPG
[2012/02/15 08:48:57 | 000,062,025 | ---- | M] () -- C:\Users\home\Documents\DSCN0605.JPG
[2012/02/15 08:48:40 | 000,060,906 | ---- | M] () -- C:\Users\home\Documents\DSCN0604.JPG
[2012/02/15 08:48:26 | 000,065,783 | ---- | M] () -- C:\Users\home\Documents\DSCN0603.JPG
[2012/02/15 08:48:09 | 000,062,881 | ---- | M] () -- C:\Users\home\Documents\DSCN0600.JPG
[2012/02/15 08:47:47 | 000,067,669 | ---- | M] () -- C:\Users\home\Documents\DSCN0594.JPG
[2012/02/15 08:47:30 | 000,070,249 | ---- | M] () -- C:\Users\home\Documents\DSCN0592.JPG
[2012/02/15 08:47:04 | 000,062,454 | ---- | M] () -- C:\Users\home\Documents\DSCN0585.JPG
[2012/02/15 08:46:49 | 000,074,725 | ---- | M] () -- C:\Users\home\Documents\DSCN0578.JPG
[2012/02/15 08:46:35 | 000,099,861 | ---- | M] () -- C:\Users\home\Documents\DSCN0576.JPG
[2012/02/15 08:46:16 | 000,094,716 | ---- | M] () -- C:\Users\home\Documents\DSCN0573.JPG
[2012/02/15 08:45:59 | 000,064,300 | ---- | M] () -- C:\Users\home\Documents\DSCN0572.JPG
[2012/02/15 08:45:45 | 000,075,023 | ---- | M] () -- C:\Users\home\Documents\DSCN0571.JPG
[2012/02/15 08:44:22 | 000,095,072 | ---- | M] () -- C:\Users\home\Documents\DSCN0569.JPG
[2012/02/15 08:44:07 | 000,097,738 | ---- | M] () -- C:\Users\home\Documents\DSCN0568.JPG
[2012/02/15 08:43:52 | 000,098,065 | ---- | M] () -- C:\Users\home\Documents\DSCN0567.JPG
[2012/02/15 08:43:36 | 000,096,241 | ---- | M] () -- C:\Users\home\Documents\DSCN0565.JPG
[2012/02/15 08:43:18 | 000,086,933 | ---- | M] () -- C:\Users\home\Documents\DSCN0564.JPG
[2012/02/15 08:43:01 | 000,111,046 | ---- | M] () -- C:\Users\home\Documents\DSCN0563.JPG
[2012/02/15 08:42:46 | 000,081,698 | ---- | M] () -- C:\Users\home\Documents\DSCN0562.JPG
[2012/02/15 08:42:30 | 000,090,653 | ---- | M] () -- C:\Users\home\Documents\DSCN0561.JPG
[2012/02/15 08:42:05 | 000,068,851 | ---- | M] () -- C:\Users\home\Documents\DSCN0559.JPG
[2012/02/15 08:41:50 | 000,072,130 | ---- | M] () -- C:\Users\home\Documents\DSCN0558.JPG
[2012/02/15 01:00:02 | 000,066,308 | ---- | M] () -- C:\Users\home\Documents\DSCN0557.JPG
[2012/02/15 00:59:34 | 000,079,000 | ---- | M] () -- C:\Users\home\Documents\DSCN0555.JPG
[2012/02/15 00:59:04 | 000,064,398 | ---- | M] () -- C:\Users\home\Documents\DSCN0553.JPG
[2012/02/15 00:58:47 | 000,054,423 | ---- | M] () -- C:\Users\home\Documents\DSCN0552.JPG
[2012/02/15 00:58:28 | 000,070,105 | ---- | M] () -- C:\Users\home\Documents\DSCN0551.JPG
[2012/02/15 00:58:08 | 000,120,132 | ---- | M] () -- C:\Users\home\Documents\DSCN0550.JPG
[2012/02/15 00:56:34 | 000,087,295 | ---- | M] () -- C:\Users\home\Documents\DSCN0541.JPG
[2012/02/15 00:56:02 | 000,078,719 | ---- | M] () -- C:\Users\home\Documents\DSCN0539.JPG
[2012/02/15 00:55:17 | 000,060,390 | ---- | M] () -- C:\Users\home\Documents\DSCN0533.JPG
[2012/02/15 00:54:32 | 000,120,964 | ---- | M] () -- C:\Users\home\Documents\DSCN0531.JPG
[2012/02/15 00:54:16 | 000,133,459 | ---- | M] () -- C:\Users\home\Documents\DSCN0530.JPG
[2012/02/15 00:53:25 | 000,149,590 | ---- | M] () -- C:\Users\home\Documents\DSCN0526.JPG
[2012/02/15 00:51:09 | 000,086,852 | ---- | M] () -- C:\Users\home\Documents\DSCN0514.JPG
[2012/02/15 00:49:39 | 000,051,593 | ---- | M] () -- C:\Users\home\Documents\DSCN0502.JPG
[2012/02/15 00:48:59 | 000,145,575 | ---- | M] () -- C:\Users\home\Documents\DSCN0500.JPG
[2012/02/15 00:45:15 | 000,107,701 | ---- | M] () -- C:\Users\home\Documents\DSCN0483.JPG
[2012/02/15 00:44:55 | 000,075,684 | ---- | M] () -- C:\Users\home\Documents\DSCN0479.JPG
[2012/02/15 00:44:38 | 000,057,342 | ---- | M] () -- C:\Users\home\Documents\DSCN0478.JPG
[2012/02/15 00:44:24 | 000,060,906 | ---- | M] () -- C:\Users\home\Documents\DSCN0477.JPG
[2012/02/15 00:42:29 | 000,116,680 | ---- | M] () -- C:\Users\home\Documents\DSCN0425.JPG
[2012/02/15 00:41:46 | 000,080,691 | ---- | M] () -- C:\Users\home\Documents\DSCN0413.JPG
[2012/02/15 00:39:37 | 000,062,524 | ---- | M] () -- C:\Users\home\Documents\DSCN0400.JPG
[2012/02/15 00:38:02 | 000,069,550 | ---- | M] () -- C:\Users\home\Documents\DSCN0398.JPG
[2012/02/15 00:37:46 | 000,068,382 | ---- | M] () -- C:\Users\home\Documents\DSCN0397.JPG
[2012/02/15 00:37:24 | 000,068,996 | ---- | M] () -- C:\Users\home\Documents\DSCN0396.JPG
[2012/02/15 00:35:53 | 000,086,907 | ---- | M] () -- C:\Users\home\Documents\DSCN0392.JPG
[2012/02/15 00:35:12 | 000,117,330 | ---- | M] () -- C:\Users\home\Documents\DSCN0391.JPG
[2012/02/15 00:34:55 | 000,128,545 | ---- | M] () -- C:\Users\home\Documents\DSCN0390.JPG
[2012/02/15 00:34:35 | 000,073,268 | ---- | M] () -- C:\Users\home\Documents\DSCN0389.JPG
[2012/02/15 00:34:17 | 000,089,805 | ---- | M] () -- C:\Users\home\Documents\DSCN0383.JPG
[2012/02/15 00:33:50 | 000,075,685 | ---- | M] () -- C:\Users\home\Documents\DSCN0380.JPG
[2012/02/15 00:33:30 | 000,073,194 | ---- | M] () -- C:\Users\home\Documents\DSCN0379.JPG
[2012/02/15 00:33:13 | 000,078,663 | ---- | M] () -- C:\Users\home\Documents\DSCN0376.JPG
[2012/02/15 00:32:47 | 000,118,506 | ---- | M] () -- C:\Users\home\Documents\DSCN0369.JPG
[2012/02/15 00:32:02 | 000,062,089 | ---- | M] () -- C:\Users\home\Documents\DSCN0346.JPG
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/05 15:22:13 | 000,183,527 | ---- | C] () -- C:\Users\home\Documents\Geico payment 3-5-12.JPG
[2012/02/23 16:49:47 | 002,320,699 | ---- | C] () -- C:\Users\home\Documents\DSCN0466.JPG
[2012/02/23 16:49:42 | 002,346,022 | ---- | C] () -- C:\Users\home\Documents\DSCN0465.JPG
[2012/02/16 12:13:44 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/02/16 12:13:43 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/02/14 23:53:47 | 000,103,046 | ---- | C] () -- C:\Users\home\Documents\DSCN0685.JPG
[2012/02/14 23:53:47 | 000,101,289 | ---- | C] () -- C:\Users\home\Documents\DSCN0684.JPG
[2012/02/14 23:53:14 | 000,077,919 | ---- | C] () -- C:\Users\home\Documents\DSCN0664.JPG
[2012/02/14 23:53:14 | 000,045,196 | ---- | C] () -- C:\Users\home\Documents\DSCN0667.JPG
[2012/02/14 23:52:51 | 000,062,782 | ---- | C] () -- C:\Users\home\Documents\DSCN0644.JPG
[2012/02/14 23:52:37 | 000,092,230 | ---- | C] () -- C:\Users\home\Documents\DSCN0634.JPG
[2012/02/14 23:52:28 | 000,117,106 | ---- | C] () -- C:\Users\home\Documents\DSCN0631.JPG
[2012/02/14 23:52:02 | 000,074,225 | ---- | C] () -- C:\Users\home\Documents\DSCN0611.JPG
[2012/02/14 23:52:02 | 000,065,783 | ---- | C] () -- C:\Users\home\Documents\DSCN0603.JPG
[2012/02/14 23:52:02 | 000,062,881 | ---- | C] () -- C:\Users\home\Documents\DSCN0600.JPG
[2012/02/14 23:52:02 | 000,062,025 | ---- | C] () -- C:\Users\home\Documents\DSCN0605.JPG
[2012/02/14 23:52:02 | 000,060,906 | ---- | C] () -- C:\Users\home\Documents\DSCN0604.JPG
[2012/02/14 23:51:45 | 000,070,249 | ---- | C] () -- C:\Users\home\Documents\DSCN0592.JPG
[2012/02/14 23:51:45 | 000,067,669 | ---- | C] () -- C:\Users\home\Documents\DSCN0594.JPG
[2012/02/14 23:51:28 | 000,062,454 | ---- | C] () -- C:\Users\home\Documents\DSCN0585.JPG
[2012/02/14 23:51:10 | 000,099,861 | ---- | C] () -- C:\Users\home\Documents\DSCN0576.JPG
[2012/02/14 23:51:10 | 000,098,065 | ---- | C] () -- C:\Users\home\Documents\DSCN0567.JPG
[2012/02/14 23:51:10 | 000,097,738 | ---- | C] () -- C:\Users\home\Documents\DSCN0568.JPG
[2012/02/14 23:51:10 | 000,095,072 | ---- | C] () -- C:\Users\home\Documents\DSCN0569.JPG
[2012/02/14 23:51:10 | 000,094,716 | ---- | C] () -- C:\Users\home\Documents\DSCN0573.JPG
[2012/02/14 23:51:10 | 000,075,023 | ---- | C] () -- C:\Users\home\Documents\DSCN0571.JPG
[2012/02/14 23:51:10 | 000,074,725 | ---- | C] () -- C:\Users\home\Documents\DSCN0578.JPG
[2012/02/14 23:51:10 | 000,064,300 | ---- | C] () -- C:\Users\home\Documents\DSCN0572.JPG
[2012/02/14 23:50:37 | 000,066,308 | ---- | C] () -- C:\Users\home\Documents\DSCN0557.JPG
[2012/02/14 23:50:36 | 000,120,132 | ---- | C] () -- C:\Users\home\Documents\DSCN0550.JPG
[2012/02/14 23:50:36 | 000,111,046 | ---- | C] () -- C:\Users\home\Documents\DSCN0563.JPG
[2012/02/14 23:50:36 | 000,096,241 | ---- | C] () -- C:\Users\home\Documents\DSCN0565.JPG
[2012/02/14 23:50:36 | 000,090,653 | ---- | C] () -- C:\Users\home\Documents\DSCN0561.JPG
[2012/02/14 23:50:36 | 000,086,933 | ---- | C] () -- C:\Users\home\Documents\DSCN0564.JPG
[2012/02/14 23:50:36 | 000,081,698 | ---- | C] () -- C:\Users\home\Documents\DSCN0562.JPG
[2012/02/14 23:50:36 | 000,079,000 | ---- | C] () -- C:\Users\home\Documents\DSCN0555.JPG
[2012/02/14 23:50:36 | 000,072,130 | ---- | C] () -- C:\Users\home\Documents\DSCN0558.JPG
[2012/02/14 23:50:36 | 000,070,105 | ---- | C] () -- C:\Users\home\Documents\DSCN0551.JPG
[2012/02/14 23:50:36 | 000,068,851 | ---- | C] () -- C:\Users\home\Documents\DSCN0559.JPG
[2012/02/14 23:50:36 | 000,064,398 | ---- | C] () -- C:\Users\home\Documents\DSCN0553.JPG
[2012/02/14 23:50:36 | 000,054,423 | ---- | C] () -- C:\Users\home\Documents\DSCN0552.JPG
[2012/02/14 23:50:08 | 000,087,295 | ---- | C] () -- C:\Users\home\Documents\DSCN0541.JPG
[2012/02/14 23:49:59 | 000,078,719 | ---- | C] () -- C:\Users\home\Documents\DSCN0539.JPG
[2012/02/14 23:49:46 | 000,120,964 | ---- | C] () -- C:\Users\home\Documents\DSCN0531.JPG
[2012/02/14 23:49:46 | 000,060,390 | ---- | C] () -- C:\Users\home\Documents\DSCN0533.JPG
[2012/02/14 23:49:21 | 000,133,459 | ---- | C] () -- C:\Users\home\Documents\DSCN0530.JPG
[2012/02/14 23:49:05 | 000,149,590 | ---- | C] () -- C:\Users\home\Documents\DSCN0526.JPG
[2012/02/14 23:48:55 | 000,086,852 | ---- | C] () -- C:\Users\home\Documents\DSCN0514.JPG
[2012/02/14 23:48:26 | 000,145,575 | ---- | C] () -- C:\Users\home\Documents\DSCN0500.JPG
[2012/02/14 23:48:26 | 000,051,593 | ---- | C] () -- C:\Users\home\Documents\DSCN0502.JPG
[2012/02/14 23:47:30 | 000,107,701 | ---- | C] () -- C:\Users\home\Documents\DSCN0483.JPG
[2012/02/14 23:47:22 | 000,075,684 | ---- | C] () -- C:\Users\home\Documents\DSCN0479.JPG
[2012/02/14 23:47:22 | 000,060,906 | ---- | C] () -- C:\Users\home\Documents\DSCN0477.JPG
[2012/02/14 23:47:22 | 000,057,342 | ---- | C] () -- C:\Users\home\Documents\DSCN0478.JPG
[2012/02/14 23:46:25 | 000,116,680 | ---- | C] () -- C:\Users\home\Documents\DSCN0425.JPG
[2012/02/14 23:46:12 | 000,080,691 | ---- | C] () -- C:\Users\home\Documents\DSCN0413.JPG
[2012/02/14 23:45:05 | 000,128,545 | ---- | C] () -- C:\Users\home\Documents\DSCN0390.JPG
[2012/02/14 23:45:05 | 000,117,330 | ---- | C] () -- C:\Users\home\Documents\DSCN0391.JPG
[2012/02/14 23:45:05 | 000,086,907 | ---- | C] () -- C:\Users\home\Documents\DSCN0392.JPG
[2012/02/14 23:45:05 | 000,069,550 | ---- | C] () -- C:\Users\home\Documents\DSCN0398.JPG
[2012/02/14 23:45:05 | 000,068,996 | ---- | C] () -- C:\Users\home\Documents\DSCN0396.JPG
[2012/02/14 23:45:05 | 000,068,382 | ---- | C] () -- C:\Users\home\Documents\DSCN0397.JPG
[2012/02/14 23:45:05 | 000,062,524 | ---- | C] () -- C:\Users\home\Documents\DSCN0400.JPG
[2012/02/14 23:44:26 | 000,073,268 | ---- | C] () -- C:\Users\home\Documents\DSCN0389.JPG
[2012/02/14 23:44:14 | 000,089,805 | ---- | C] () -- C:\Users\home\Documents\DSCN0383.JPG
[2012/02/14 23:43:58 | 000,075,685 | ---- | C] () -- C:\Users\home\Documents\DSCN0380.JPG
[2012/02/14 23:43:46 | 000,073,194 | ---- | C] () -- C:\Users\home\Documents\DSCN0379.JPG
[2012/02/14 23:43:25 | 000,078,663 | ---- | C] () -- C:\Users\home\Documents\DSCN0376.JPG
[2012/02/14 23:43:16 | 000,118,506 | ---- | C] () -- C:\Users\home\Documents\DSCN0369.JPG
[2012/02/14 23:42:18 | 000,062,089 | ---- | C] () -- C:\Users\home\Documents\DSCN0346.JPG
[2012/02/13 20:43:09 | 000,111,376 | ---- | C] () -- C:\Users\home\Documents\DSCN4023 (2).jpg
[2012/02/13 20:29:35 | 000,104,942 | ---- | C] () -- C:\Users\home\Documents\DSCN199.jpg
[2011/03/23 14:47:39 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/23 01:55:50 | 000,137,460 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/02/14 21:54:59 | 000,002,560 | -H-- | C] () -- C:\Windows\_MSRSTRT.EXE
[2011/02/14 21:02:25 | 000,843,776 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpusb1.dll
[2011/02/14 21:02:25 | 000,647,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdppmui.dll
[2011/02/14 21:02:25 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpinpa.dll
[2011/02/14 21:02:25 | 000,348,160 | ---- | C] () -- C:\Windows\SysWow64\LXDPinst.dll
[2011/02/14 21:02:25 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpiesc.dll
[2011/02/14 21:02:25 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdpcomx.dll
[2011/02/14 21:02:24 | 001,101,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpserv.dll
[2011/02/14 21:02:24 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcomc.dll
[2011/02/14 21:02:24 | 000,663,552 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdphbn3.dll
[2011/02/14 21:02:24 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcoms.exe
[2011/02/14 21:02:24 | 000,569,344 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdplmpm.dll
[2011/02/14 21:02:24 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcomm.dll
[2011/02/14 21:02:24 | 000,360,448 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpcfg.exe
[2011/02/14 21:02:24 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpih.exe
[2011/02/14 21:02:24 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdpprox.dll
[2011/02/14 20:33:37 | 000,848,236 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/02/14 16:58:00 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\Boss.INI
[2011/02/14 14:14:45 | 000,000,170 | -H-- | C] () -- C:\Windows\wininit.ini
[2010/08/25 20:34:30 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2010/08/25 20:34:30 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2010/08/25 20:34:30 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/07/28 15:23:58 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin

========== LOP Check ==========

[2011/02/17 21:26:40 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Amazon
[2012/03/13 19:43:44 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Audacity
[2011/02/14 18:24:58 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Clicky Gone
[2011/07/26 11:47:32 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/01/31 14:47:18 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\FileZilla
[2011/06/25 16:26:01 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\go
[2011/12/22 00:57:52 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\ICAClient
[2012/03/14 14:23:55 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\SoftGrid Client
[2011/02/16 23:43:15 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Tific
[2011/02/14 20:34:29 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\TP
[2011/12/22 00:57:52 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\TS3Client
[2011/06/13 13:00:19 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\West Corporation
[2011/02/18 16:44:35 | 000,000,000 | ---D | M] -- C:\Users\home\AppData\Roaming\Windows Live Writer
[2011/09/02 06:39:54 | 000,032,652 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 3/14/2012 2:34:21 PM - Run 1
OTL by OldTimer - Version 3.2.37.0 Folder = C:\Users\home\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.97 Gb Total Physical Memory | 4.13 Gb Available Physical Memory | 69.24% Memory free
11.93 Gb Paging File | 9.89 Gb Available in Paging File | 82.90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.74 Gb Total Space | 745.82 Gb Free Space | 81.27% Space Free | Partition Type: NTFS

Computer Name: MAIN | User Name: home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 Common Files
"{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{362A3FDF-B12E-436A-9097-1B795A9FFCC5}" = Microsoft SQL Server 2008 R2 Native Client
"{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 Common Files
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E2D1823-C889-4CA9-9BB2-08E962A5E735}" = MySQL Server 5.5
"{51E5BC99-A087-4CFF-8D93-462903EA7E12}" = SQL Server 2008 R2 Management Studio
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}" = SQL Server 2008 R2 Management Studio
"{79FB3E7E-FD92-49A9-AAD1-193EE4CB85D3}" = Microsoft SQL Server 2008 R2 Setup (English)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 Database Engine Shared
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BB57A765-FFFE-498B-8C1E-6C9CE2AB92BA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 Database Engine Shared
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 Database Engine Services
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 Database Engine Services
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"HDMI" = Intel® Graphics Media Accelerator Driver
"Lexmark Z2300 Series" = Lexmark Z2300 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit)
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit)
"Virtual Audio Cable 4.10" = Virtual Audio Cable 4.10

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix online plug-in (Web)
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java™ 6 Update 30
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A304FDE-F4E3-446D-AA0D-31425C897B71}" = PrintMaster 12
"{31C2F32D-C5DD-4583-8181-B48591CA231C}" = RapidPlayer v5.0 ActiveX Control
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix online plug-in (USB)
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B581BFA-7FF1-4C6D-8CB5-137D7DDEA9ED}" = WrapCandyUpdate
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Gateway Recovery Management
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix online plug-in (HDX)
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AEF68ACB-1B00-4FCA-A33C-C26DBADD8C5B}" = Microsoft Office Live Meeting 2007
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{ca64eb2c-2e5f-40fe-ad91-7dc8320ad59c}" = Nero 9 Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix online plug-in (DV)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Gateway Updater
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.14
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"CitrixOnlinePluginPackWeb" = Citrix online plug-in - web
"FileZilla Client" = FileZilla Client 3.3.5.1
"Gateway InfoCentre" = Gateway InfoCentre
"Gateway Photo Frame" = Gateway Photo Frame 4.2.3.10
"Gateway Registration" = Gateway Registration
"Gateway Screensaver" = Gateway ScreenSaver
"Gateway Welcome Center" = Welcome Center
"Identity Card" = Identity Card
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1
"mIRC" = mIRC
"NIS" = Norton Internet Security
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"Rhapsody" = Rhapsody
"SAM3" = SAM Broadcaster (remove only)
"Soulseek2" = SoulSeek 157 NS 13e
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TeamViewer 6" = TeamViewer 6
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"WrapCandy 7.1 Professional_is1" = WrapCandy 7.1 Professional
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"48e4cff94f039634" = Best Buy pc app
"bce6e03966db8ddc" = Wah Assistant
"f7f9cabe8c290ac7" = West At Home Gateway V2
"Game Organizer" = EasyBits GO
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/5/2012 4:12:14 AM | Computer Name = main | Source = Application Error | ID = 1000
Description = Faulting application name: winamp.exe, version: 5.6.0.3091, time stamp:
0x4d00b3a0 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:
0x4ce7ba58 Exception code: 0xc0000005 Fault offset: 0x00038da9 Faulting process id:
0x1994 Faulting application start time: 0x01ccfaa7a617e818 Faulting application path:
C:\Program Files (x86)\Winamp\winamp.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: ea19643d-669a-11e1-990b-00262d3fa360

Error - 3/5/2012 10:15:54 AM | Computer Name = main | Source = Application Error | ID = 1000
Description = Faulting application name: winamp.exe, version: 5.6.0.3091, time stamp:
0x4d00b3a0 Faulting module name: ntdll.dll, version: 6.1.7601.17514, time stamp:
0x4ce7ba58 Exception code: 0xc0000005 Fault offset: 0x00038da9 Faulting process id:
0x1280 Faulting application start time: 0x01ccfada76cfcbf4 Faulting application path:
C:\Program Files (x86)\Winamp\winamp.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll
Report
Id: b7b88acd-66cd-11e1-990b-00262d3fa360

Error - 3/5/2012 5:31:20 PM | Computer Name = main | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce79912 Faulting module name: Flash11e.ocx, version: 11.1.102.55,
time stamp: 0x4eaf89fc Exception code: 0xc0000005 Fault offset: 0x00405b68 Faulting
process id: 0xf20 Faulting application start time: 0x01ccf9daef150870 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx Report Id: 8c0f68e2-670a-11e1-990b-00262d3fa360

Error - 3/6/2012 4:22:42 AM | Computer Name = main | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce79912 Faulting module name: Flash11e.ocx, version: 11.1.102.55,
time stamp: 0x4eaf89fc Exception code: 0xc0000005 Fault offset: 0x005c8bea Faulting
process id: 0x17e8 Faulting application start time: 0x01ccfb17516e8a1e Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx Report Id: 8aab18c1-6765-11e1-990b-00262d3fa360

Error - 3/6/2012 10:51:08 PM | Computer Name = main | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 8.0.7601.17514,
time stamp: 0x4ce79912 Faulting module name: Flash11e.ocx, version: 11.1.102.55,
time stamp: 0x4eaf89fc Exception code: 0xc0000005 Fault offset: 0x005c8baa Faulting
process id: 0xce8 Faulting application start time: 0x01ccfb74d8bf353a Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\SysWOW64\Macromed\Flash\Flash11e.ocx Report Id: 63544054-6800-11e1-990b-00262d3fa360

Error - 3/8/2012 10:03:33 PM | Computer Name = main | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1aec Start
Time: 01ccfd98a80cb1d4 Termination Time: 49 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id: 062ca882-698c-11e1-990b-00262d3fa360

Error - 3/8/2012 10:05:39 PM | Computer Name = main | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 13d4 Start
Time: 01ccfd98d4ec2b08 Termination Time: 41 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id:

Error - 3/8/2012 10:09:02 PM | Computer Name = main | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 13f8 Start
Time: 01ccfd996dc39ea3 Termination Time: 30 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id: cb198b9c-698c-11e1-990b-00262d3fa360

Error - 3/8/2012 10:10:21 PM | Computer Name = main | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 12.0.7601.17514 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1af4 Start
Time: 01ccfd99991e46e6 Termination Time: 66 Application Path: C:\Program Files (x86)\Windows
Media Player\wmplayer.exe Report Id:

Error - 3/9/2012 8:53:20 PM | Computer Name = main | Source = Microsoft-Windows-CAPI2 | ID = 512
Description = The Cryptographic Services service failed to initialize the VSS backup
"System Writer" object. Details: Could not query the status of the EventSystem service.

System
Error: A system shutdown is in progress. .

[ System Events ]
Error - 12/17/2011 2:54:36 PM | Computer Name = main | Source = Service Control Manager | ID = 7003
Description = The IPsec Policy Agent service depends the following service: BFE.
This service might not be installed.

Error - 12/17/2011 2:54:37 PM | Computer Name = main | Source = Service Control Manager | ID = 7001
Description = The Client Virtualization Handler service depends on the Application
Virtualization Client service which failed to start because of the following error:
%%1068

Error - 12/17/2011 2:54:37 PM | Computer Name = main | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
BHDrvx64 ctxusbm discache eeCtrl IDSVia64 spldr SRTSP SRTSPX SymIRON SymNetS Wanarpv6

Error - 12/17/2011 2:54:43 PM | Computer Name = main | Source = DCOM | ID = 10005
Description =

Error - 12/17/2011 2:54:49 PM | Computer Name = main | Source = DCOM | ID = 10005
Description =

Error - 12/17/2011 2:54:52 PM | Computer Name = main | Source = DCOM | ID = 10005
Description =

Error - 12/17/2011 2:54:53 PM | Computer Name = main | Source = DCOM | ID = 10005
Description =

Error - 12/17/2011 2:54:53 PM | Computer Name = main | Source = Service Control Manager | ID = 7001
Description = The HomeGroup Provider service depends on the Function Discovery Provider
Host service which failed to start because of the following error: %%1068

Error - 12/17/2011 3:00:52 PM | Computer Name = main | Source = DCOM | ID = 10005
Description =

Error - 12/17/2011 3:00:53 PM | Computer Name = main | Source = DCOM | ID = 10005
Description =


< End of report >

Edited by kaliee, 15 March 2012 - 10:32 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP