OTL logfile created on: 10/15/2011 4:35:03 AM - Run 1 OTL by OldTimer - Version 3.2.30.0 Folder = C:\Users\Dell 64\Downloads 64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 40.36% Memory free 7.61 Gb Paging File | 5.02 Gb Available in Paging File | 65.97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 920.59 Gb Total Space | 852.65 Gb Free Space | 92.62% Space Free | Partition Type: NTFS Drive D: | 4.38 Gb Total Space | 4.20 Gb Free Space | 95.80% Space Free | Partition Type: UDF Computer Name: BUTCH | User Name: bdulaney | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2011/10/15 04:28:12 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\Dell 64\Downloads\OTL.exe PRC - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe PRC - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe PRC - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\ccSvcHst.exe PRC - [2011/08/01 12:56:48 | 000,460,096 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE PRC - [2010/11/23 21:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe PRC - [2010/11/17 11:35:40 | 001,440,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe PRC - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe PRC - [2010/07/16 17:23:30 | 006,638,080 | ---- | M] () -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe PRC - [2010/06/09 15:15:34 | 000,417,906 | ---- | M] () -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\http_ss_win_pro.exe PRC - [2010/04/12 03:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE PRC - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe PRC - [2010/01/27 17:01:56 | 000,237,568 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe PRC - [2009/06/17 15:17:05 | 000,434,864 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe PRC - [2009/01/26 15:31:12 | 005,365,592 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] MOD - [2011/10/13 03:32:34 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll MOD - [2011/10/13 03:32:31 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll MOD - [2011/10/13 03:32:20 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll MOD - [2011/10/13 03:32:17 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll MOD - [2011/08/18 10:05:54 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/03/15 07:13:46 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF MOD - [2010/11/24 23:44:02 | 000,375,280 | ---- | M] () -- c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll MOD - [2010/11/17 11:35:40 | 001,440,240 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\Roxio Burn.exe MOD - [2010/11/17 11:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe MOD - [2010/11/17 11:35:28 | 000,657,904 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\BBEngineAS.dll MOD - [2010/03/24 21:17:36 | 008,794,464 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll MOD - [2008/06/19 17:35:36 | 000,333,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\sqlite3.dll MOD - [2008/03/05 09:34:32 | 000,795,520 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Fennel.dll MOD - [2008/03/04 14:52:00 | 000,790,392 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Chai.dll MOD - [2008/02/26 11:04:40 | 000,717,176 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\Mate.dll MOD - [2007/12/24 01:05:00 | 000,121,344 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2010/10/21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen) SRV:[b]64bit:[/b] - [2010/10/21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen) SRV:[b]64bit:[/b] - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV:[b]64bit:[/b] - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService) SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/08/18 10:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2011/08/10 15:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\ccSvcHst.exe -- (NAV) SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc) SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort) SRV - [2010/11/25 06:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12) SRV - [2010/11/25 06:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM) SRV - [2010/11/23 21:21:18 | 000,130,000 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe -- (NSL) SRV - [2010/07/16 17:23:30 | 006,638,080 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe -- (AllShare) SRV - [2010/03/23 13:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009/06/17 15:17:05 | 000,434,864 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2011/10/11 16:24:30 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent) DRV:[b]64bit:[/b] - [2011/08/08 18:38:05 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\ccSetx64.sys -- (ccSet_NAV) DRV:[b]64bit:[/b] - [2011/08/02 21:22:10 | 000,729,720 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtsp64.sys -- (SRTSP) DRV:[b]64bit:[/b] - [2011/08/02 21:22:10 | 000,037,496 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV:[b]64bit:[/b] - [2011/07/28 22:20:02 | 001,084,536 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymEFA64.sys -- (SymEFA) DRV:[b]64bit:[/b] - [2011/07/25 21:18:39 | 000,401,016 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\symnets.sys -- (SymNetS) DRV:[b]64bit:[/b] - [2011/07/25 21:18:35 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymDS64.sys -- (SymDS) DRV:[b]64bit:[/b] - [2011/07/25 21:15:52 | 000,189,560 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\Ironx64.sys -- (SymIRON) DRV:[b]64bit:[/b] - [2011/05/12 14:03:12 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\3FED.tmp -- (MEMSWEEP2) DRV:[b]64bit:[/b] - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/10/05 13:26:10 | 000,018,288 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor) DRV:[b]64bit:[/b] - [2010/10/05 13:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter) DRV:[b]64bit:[/b] - [2010/10/05 13:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid) DRV:[b]64bit:[/b] - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:[b]64bit:[/b] - [2010/04/12 03:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu) DRV:[b]64bit:[/b] - [2010/04/03 10:30:40 | 000,313,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0150.sys -- (RsFx0150) DRV:[b]64bit:[/b] - [2010/03/23 13:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA) DRV:[b]64bit:[/b] - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:[b]64bit:[/b] - [2010/02/27 10:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd) DRV:[b]64bit:[/b] - [2010/02/08 08:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA) DRV:[b]64bit:[/b] - [2010/02/04 00:38:32 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:[b]64bit:[/b] - [2009/10/16 06:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM) DRV:[b]64bit:[/b] - [2009/09/17 15:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R) DRV:[b]64bit:[/b] - [2009/08/13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:[b]64bit:[/b] - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/13 19:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2009/06/17 15:02:03 | 000,024,248 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva) DRV:[b]64bit:[/b] - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:[b]64bit:[/b] - [2008/11/16 18:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE) DRV:[b]64bit:[/b] - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2011/10/14 23:51:36 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20111014.018\ex64.sys -- (NAVEX15) DRV - [2011/10/14 23:51:36 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\VirusDefs\20111014.018\eng64.sys -- (NAVENG) DRV - [2011/10/14 22:02:43 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Stopped] -- C:\Windows\system32\drivers\Partizan.sys -- (Partizan) DRV - [2011/10/14 01:16:40 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) DRV - [2011/10/12 21:13:45 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/10/11 00:23:24 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\IPSDefs\20111014.031\IDSviA64.sys -- (IDSVia64) DRV - [2011/09/29 16:35:09 | 001,152,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\Definitions\BASHDefs\20110929.001\BHDrvx64.sys -- (BHDrvx64) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.1.3\IPSFFPlgn\ [2011/10/13 03:28:40 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_1.2.0.6\coFFNST\ [2011/10/14 08:55:40 | 000,000,000 | ---D | M] [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\gcswf32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL CHR - plugin: Chrome NaCl (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\12.0.742.100\pdf.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin O1 HOSTS File: ([2011/10/15 02:21:13 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:[b]64bit:[/b] - BHO: (no name) - AutorunsDisabled - No CLSID value found. O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\19.1.1.3\IPS\IPSBHO.dll (Symantec Corporation) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation) O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found. O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (Norton Safe Web Lite) - {30CEEEA2-3742-40E4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\1.2.0.6\CoIEPlg.dll (Symantec Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions) O4 - HKLM..\Run: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe (Alcor Micro Corp.) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell) O4 - HKLM..\RunOnce: [GrpConv] C:\Windows\SysWow64\grpconv.exe (Microsoft Corporation) O4 - Startup: C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found O4 - Startup: C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE () O4 - Startup: C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk = C:\Users\Dell 64\AppData\Local\Temp\_uninst_.bat () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O15 - HKCU\..Trusted Domains: dayspring.com ([]https in Trusted sites) O15 - HKCU\..Trusted Domains: dayspring.com ([vpn] https in Trusted sites) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} https://vpn.dayspring.com/CACHE/stc/1/binaries/vpnweb.cab (Cisco AnyConnect VPN Client Web Control) O16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} https://transfers.ds.microsoft.com/FTM/TransferSource/grTransferCtrl.cab (DLC Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDDB231A-3574-42E9-A278-C5D3707ACB05}: DhcpNameServer = 192.168.1.254 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\mso-offdap11 - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (Partizan) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2011/10/15 02:54:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2011/10/15 02:44:54 | 000,000,000 | ---D | C] -- C:\Windows\temp [2011/10/15 02:21:25 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2011/10/15 01:30:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2011/10/15 01:30:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2011/10/15 01:30:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2011/10/15 01:28:50 | 000,000,000 | ---D | C] -- C:\ComboFix [2011/10/15 01:17:47 | 000,000,000 | ---D | C] -- C:\Qoobox [2011/10/15 00:59:37 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Roaming\Malwarebytes [2011/10/15 00:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2011/10/15 00:59:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2011/10/15 00:59:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2011/10/15 00:47:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2011/10/15 00:46:51 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\Google [2011/10/15 00:46:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google [2011/10/15 00:46:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed [2011/10/15 00:23:21 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\Desktop\New folder [2011/10/15 00:01:42 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegZooka [2011/10/15 00:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegZooka [2011/10/14 23:15:06 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2011/10/14 23:14:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2011/10/14 23:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2011/10/14 23:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2011/10/14 23:03:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2011/10/14 22:06:12 | 000,039,192 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe [2011/10/14 22:02:43 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys [2011/10/14 22:02:32 | 000,011,040 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys [2011/10/14 22:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe [2011/10/14 22:02:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo [2011/10/14 22:02:32 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\Documents\RegRun2 [2011/10/14 22:02:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe [2011/10/14 18:39:58 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{D2FE8C92-748A-467F-9B5B-EB7FAA52CBF0} [2011/10/14 18:39:47 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{6C502608-3651-4E94-8FD5-CADDFD464431} [2011/10/14 12:10:16 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{B29BAA76-1946-480E-A1B6-5A2BFC846E43} [2011/10/14 12:09:47 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{AC45B304-4408-4827-BAB4-676C69058155} [2011/10/14 11:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos [2011/10/14 11:56:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos [2011/10/14 11:01:31 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{85B75D89-A434-4D51-9005-4F62F1DECBE3} [2011/10/14 11:01:20 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{19A4E80E-DFBD-4A46-B302-8BAB15557BCF} [2011/10/14 10:52:44 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{898F49FA-60C1-43FF-99E2-46CE915B08E7} [2011/10/14 10:52:30 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{E6CAB0F0-553A-4277-8EFE-2E1EBA7DC3DD} [2011/10/14 09:19:55 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{9BCEFC95-9AF2-46D5-A3F7-7D78171F2318} [2011/10/14 09:19:34 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{CBABD08B-D286-4688-A7B2-21DA2C66D527} [2011/10/14 09:07:31 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\Pavark [2011/10/14 09:02:14 | 048,324,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2011/10/14 08:55:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64 [2011/10/14 08:55:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Safe Web Lite [2011/10/14 08:55:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\0102000.006 [2011/10/14 08:47:34 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{9B5909FC-4D3C-4F64-997A-C7491A911860} [2011/10/14 08:47:23 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{1A70B608-E829-48D3-B1CD-78668DE51109} [2011/10/14 07:50:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro [2011/10/14 07:50:19 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis [2011/10/14 02:09:48 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2011/10/13 03:00:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2011/10/13 03:00:57 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2011/10/13 03:00:57 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2011/10/13 03:00:56 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2011/10/13 03:00:55 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2011/10/13 03:00:55 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2011/10/13 03:00:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2011/10/13 03:00:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2011/10/13 03:00:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2011/10/12 16:33:08 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll [2011/10/12 16:33:08 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax [2011/10/12 16:33:07 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll [2011/10/12 16:33:07 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax [2011/10/12 16:32:58 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll [2011/10/12 16:32:58 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll [2011/10/11 18:11:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy [2011/10/11 18:11:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2011/10/11 18:11:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy [2011/10/11 16:43:44 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\Documents\Symantec [2011/10/11 16:24:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared [2011/10/11 16:24:30 | 000,174,200 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2011/10/11 16:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared [2011/10/11 16:24:29 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec [2011/10/11 16:24:12 | 001,084,536 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymEFA64.sys [2011/10/11 16:24:12 | 000,729,720 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtsp64.sys [2011/10/11 16:24:12 | 000,451,192 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymDS64.sys [2011/10/11 16:24:12 | 000,401,016 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\symnets.sys [2011/10/11 16:24:12 | 000,189,560 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\Ironx64.sys [2011/10/11 16:24:12 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\ccSetx64.sys [2011/10/11 16:24:12 | 000,037,496 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtspx64.sys [2011/10/11 16:24:08 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus [2011/10/11 16:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus [2011/10/11 16:24:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64 [2011/10/11 16:24:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1301010.003 [2011/10/11 16:24:01 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller [2011/10/11 16:24:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2011/10/11 16:22:18 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton [2011/10/11 16:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton [2011/10/11 15:58:33 | 000,000,000 | ---D | C] -- C:\New folder [2011/10/11 15:43:47 | 000,748,336 | ---- | C] (Microsoft Corporation) -- C:\Users\Dell 64\Desktop\iexplore.exe [2011/10/11 14:32:49 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Restore [2011/10/10 08:54:07 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{12618434-4ECE-42FA-AD24-2EF500BF9A90} [2011/10/10 08:53:55 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{69560C0A-4AC0-475B-A13B-592AF3BAFE17} [2011/10/10 08:21:52 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{9FA5B8E2-DFEC-4CEC-BBF4-36DB28E0D09D} [2011/10/10 08:21:40 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{D30D1D09-D913-4A94-B0C5-86183C45D43F} [2011/10/08 17:36:38 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\VSWebCache [2011/10/05 10:23:22 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{827FC44F-1775-43DA-953D-8103E028BA81} [2011/10/05 10:23:11 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{C4D21E1C-192F-4218-A39B-46B38EB78661} [2011/10/03 01:50:35 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{862F8E29-71C4-45A4-B56D-A79DC743D645} [2011/09/27 17:29:10 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{D5F611EF-AC9C-42F1-B267-6ED5B3DBBC21} [2011/09/27 17:29:00 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{FE6A02A1-A634-48B7-B335-63900B319E9A} [2011/09/25 07:30:32 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{6CC29457-835F-45D3-8EA0-024B70AAC883} [2011/09/25 07:30:21 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{30B71C46-72B1-4449-8A3B-D90ACC6E469A} [2011/09/16 17:18:55 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{B58A016D-F1FF-4C5B-8A4A-A55658217CE0} [2011/09/16 17:18:44 | 000,000,000 | ---D | C] -- C:\Users\Dell 64\AppData\Local\{5B101725-4D26-4A6A-BE45-7B86B6B4B272} [4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2011/10/15 04:26:39 | 000,000,246 | ---- | M] () -- C:\Users\Dell 64\Desktop\Try This.url [2011/10/15 03:56:01 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/10/15 03:34:34 | 000,019,392 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2011/10/15 03:34:34 | 000,019,392 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2011/10/15 03:27:31 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/10/15 03:27:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2011/10/15 03:27:09 | 3063,242,752 | -HS- | M] () -- C:\hiberfil.sys [2011/10/15 03:16:33 | 000,000,932 | ---- | M] () -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk [2011/10/15 02:21:13 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2011/10/15 00:59:30 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/10/15 00:47:07 | 000,002,257 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/10/15 00:47:07 | 000,002,241 | ---- | M] () -- C:\Users\Dell 64\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/10/15 00:46:45 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2011/10/15 00:31:34 | 000,000,211 | ---- | M] () -- C:\Users\Dell 64\Desktop\Clean mbam.url [2011/10/15 00:21:54 | 000,000,131 | ---- | M] () -- C:\Users\Dell 64\Desktop\mbam-clean.exe.url [2011/10/15 00:01:43 | 000,000,995 | ---- | M] () -- C:\Users\Dell 64\Desktop\RegZooka.lnk [2011/10/14 23:14:46 | 000,001,106 | ---- | M] () -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011/10/14 23:14:34 | 000,000,926 | ---- | M] () -- C:\Users\Dell 64\Desktop\NTREGOPT.lnk [2011/10/14 23:14:34 | 000,000,907 | ---- | M] () -- C:\Users\Dell 64\Desktop\ERUNT.lnk [2011/10/14 23:03:43 | 000,000,869 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/10/14 22:06:12 | 000,039,192 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe [2011/10/14 22:02:43 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys [2011/10/14 22:02:33 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat [2011/10/14 22:02:33 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT [2011/10/14 22:02:33 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT [2011/10/14 22:02:32 | 000,000,945 | ---- | M] () -- C:\Users\Dell 64\Desktop\UnHackMe.lnk [2011/10/14 22:02:32 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\UnHackMe Task Scheduler.job [2011/10/14 13:27:49 | 000,002,070 | ---- | M] () -- C:\Users\Dell 64\Documents\Default.rdp [2011/10/14 10:00:41 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job [2011/10/14 07:50:19 | 000,002,987 | ---- | M] () -- C:\Users\Dell 64\Desktop\HiJackThis.lnk [2011/10/13 03:28:09 | 000,481,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2011/10/13 03:03:00 | 000,904,788 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2011/10/13 03:03:00 | 000,738,742 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2011/10/13 03:03:00 | 000,150,850 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2011/10/13 03:01:07 | 001,858,619 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\Cat.DB [2011/10/11 20:28:23 | 000,004,349 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\VT20110921.019 [2011/10/11 18:11:07 | 000,001,260 | ---- | M] () -- C:\Users\Dell 64\Desktop\Spybot - Search & Destroy.lnk [2011/10/11 16:27:45 | 000,001,285 | ---- | M] () -- C:\Users\Dell 64\Desktop\Norton Installation Files.lnk [2011/10/11 16:24:30 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2011/10/11 16:24:30 | 000,007,530 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2011/10/11 16:24:30 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2011/10/11 16:24:25 | 000,002,462 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk [2011/10/11 14:34:31 | 000,000,448 | ---- | M] () -- C:\ProgramData\6DSS92c31Apgjk [2011/10/11 14:33:12 | 000,000,296 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjk [2011/10/11 14:33:12 | 000,000,216 | ---- | M] () -- C:\ProgramData\~6DSS92c31Apgjkr [2011/10/11 14:32:49 | 000,000,679 | ---- | M] () -- C:\Users\Dell 64\Application Data\Microsoft\Internet Explorer\Quick Launch\Data Restore.lnk [2011/10/09 03:00:12 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job [2011/10/05 10:09:48 | 048,324,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe [2011/09/27 18:28:29 | 000,000,145 | ---- | M] () -- C:\Users\Dell 64\Desktop\Uverse.url [2011/09/18 03:10:32 | 000,884,634 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/09/16 17:18:49 | 000,512,849 | ---- | M] () -- C:\Users\Dell 64\Desktop\CoxBill.pdf [4 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ] [color=#E56717]========== Files Created - No Company Name ==========[/color] [2011/10/15 03:16:33 | 000,000,932 | ---- | C] () -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk [2011/10/15 01:30:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2011/10/15 01:30:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2011/10/15 01:30:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2011/10/15 01:30:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2011/10/15 01:30:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011/10/15 00:59:30 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2011/10/15 00:50:41 | 000,000,246 | ---- | C] () -- C:\Users\Dell 64\Desktop\Try This.url [2011/10/15 00:47:07 | 000,002,241 | ---- | C] () -- C:\Users\Dell 64\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2011/10/15 00:47:06 | 000,002,257 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2011/10/15 00:46:56 | 000,000,902 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2011/10/15 00:46:56 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2011/10/15 00:23:28 | 000,000,211 | ---- | C] () -- C:\Users\Dell 64\Desktop\Clean mbam.url [2011/10/15 00:21:18 | 000,000,131 | ---- | C] () -- C:\Users\Dell 64\Desktop\mbam-clean.exe.url [2011/10/15 00:01:43 | 000,000,995 | ---- | C] () -- C:\Users\Dell 64\Desktop\RegZooka.lnk [2011/10/14 23:14:46 | 000,001,106 | ---- | C] () -- C:\Users\Dell 64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk [2011/10/14 23:14:34 | 000,000,926 | ---- | C] () -- C:\Users\Dell 64\Desktop\NTREGOPT.lnk [2011/10/14 23:14:34 | 000,000,907 | ---- | C] () -- C:\Users\Dell 64\Desktop\ERUNT.lnk [2011/10/14 23:03:42 | 000,000,869 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2011/10/14 22:02:33 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat [2011/10/14 22:02:33 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT [2011/10/14 22:02:33 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT [2011/10/14 22:02:32 | 000,000,945 | ---- | C] () -- C:\Users\Dell 64\Desktop\UnHackMe.lnk [2011/10/14 22:02:32 | 000,000,418 | ---- | C] () -- C:\Windows\tasks\UnHackMe Task Scheduler.job [2011/10/14 08:55:20 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0102000.006\isolate.ini [2011/10/14 07:50:19 | 000,002,987 | ---- | C] () -- C:\Users\Dell 64\Desktop\HiJackThis.lnk [2011/10/11 20:28:30 | 000,004,349 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\VT20110921.019 [2011/10/11 19:30:44 | 000,001,228 | ---- | C] () -- C:\Users\Dell 64\Desktop\Windows Explorer.lnk [2011/10/11 18:59:12 | 000,002,491 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk [2011/10/11 18:59:12 | 000,001,847 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2011/10/11 18:59:11 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2011/10/11 18:59:04 | 000,002,653 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2011/10/11 18:58:35 | 000,002,488 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [2011/10/11 18:58:35 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2011/10/11 18:58:35 | 000,001,376 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk [2011/10/11 18:58:35 | 000,001,307 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk [2011/10/11 18:58:35 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk [2011/10/11 18:58:34 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk [2011/10/11 18:58:34 | 000,002,129 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk [2011/10/11 18:58:34 | 000,001,460 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [2011/10/11 18:58:34 | 000,001,352 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk [2011/10/11 18:58:34 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [2011/10/11 18:58:34 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2011/10/11 18:58:34 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk [2011/10/11 18:58:33 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2011/10/11 18:58:33 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk [2011/10/11 18:58:33 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [2011/10/11 18:58:33 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk [2011/10/11 18:58:33 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2011/10/11 18:58:33 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity 1.3 Beta (Unicode).lnk [2011/10/11 18:11:07 | 000,001,260 | ---- | C] () -- C:\Users\Dell 64\Desktop\Spybot - Search & Destroy.lnk [2011/10/11 16:26:03 | 001,858,619 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\Cat.DB [2011/10/11 16:24:30 | 000,007,530 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2011/10/11 16:24:30 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2011/10/11 16:24:25 | 000,002,462 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk [2011/10/11 16:24:08 | 000,007,510 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\ccSetx64.cat [2011/10/11 16:24:08 | 000,007,504 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtspx64.cat [2011/10/11 16:24:08 | 000,007,502 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymEFA64.cat [2011/10/11 16:24:08 | 000,007,500 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtsp64.cat [2011/10/11 16:24:08 | 000,007,496 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymDS64.cat [2011/10/11 16:24:08 | 000,007,492 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\iron.cat [2011/10/11 16:24:08 | 000,007,458 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\symnet64.cat [2011/10/11 16:24:08 | 000,003,433 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymEFA.inf [2011/10/11 16:24:08 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymDS.inf [2011/10/11 16:24:08 | 000,002,801 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymVTcer.dat [2011/10/11 16:24:08 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\SymNet.inf [2011/10/11 16:24:08 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtsp64.inf [2011/10/11 16:24:08 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\srtspx64.inf [2011/10/11 16:24:08 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\ccSetx64.inf [2011/10/11 16:24:08 | 000,000,772 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\Iron.inf [2011/10/11 16:24:08 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1301010.003\isolate.ini [2011/10/11 16:22:18 | 000,001,285 | ---- | C] () -- C:\Users\Dell 64\Desktop\Norton Installation Files.lnk [2011/10/11 14:33:12 | 000,000,216 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjkr [2011/10/11 14:33:11 | 000,000,296 | ---- | C] () -- C:\ProgramData\~6DSS92c31Apgjk [2011/10/11 14:32:49 | 000,000,679 | ---- | C] () -- C:\Users\Dell 64\Application Data\Microsoft\Internet Explorer\Quick Launch\Data Restore.lnk [2011/10/11 14:32:46 | 000,000,448 | ---- | C] () -- C:\ProgramData\6DSS92c31Apgjk [2011/09/27 18:28:20 | 000,000,145 | ---- | C] () -- C:\Users\Dell 64\Desktop\Uverse.url [2011/09/16 17:18:48 | 000,512,849 | ---- | C] () -- C:\Users\Dell 64\Desktop\CoxBill.pdf [2011/09/14 11:35:41 | 000,000,537 | ---- | C] () -- C:\Windows\ETNTInst.ini [2011/07/17 15:52:14 | 000,234,132 | ---- | C] () -- C:\Users\Dell 64\AppData\Local\debuggee.mdmp [2011/04/28 14:00:13 | 000,007,605 | ---- | C] () -- C:\Users\Dell 64\AppData\Local\Resmon.ResmonCfg [2011/04/15 14:50:46 | 000,884,634 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/04/09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat [2011/03/03 18:27:08 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin [2011/03/03 18:27:08 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll [2011/03/03 18:27:08 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll [2010/08/25 19:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin [2010/08/25 19:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin [2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat [2008/01/15 04:31:00 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx14_ic.ini [color=#E56717]========== LOP Check ==========[/color] [2011/10/09 03:00:12 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job [2009/07/14 00:08:49 | 000,018,648 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2011/10/14 10:00:41 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job [2011/10/14 22:02:32 | 000,000,418 | ---- | M] () -- C:\Windows\Tasks\UnHackMe Task Scheduler.job [color=#E56717]========== Purity Check ==========[/color] < End of report > FOLLOWING IS THE EXTRAS.TXT that was created, too: OTL Extras logfile created on: 10/15/2011 4:35:03 AM - Run 1 OTL by OldTimer - Version 3.2.30.0 Folder = C:\Users\Dell 64\Downloads 64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.80 Gb Total Physical Memory | 1.54 Gb Available Physical Memory | 40.36% Memory free 7.61 Gb Paging File | 5.02 Gb Available in Paging File | 65.97% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 920.59 Gb Total Space | 852.65 Gb Free Space | 92.62% Space Free | Partition Type: NTFS Drive D: | 4.38 Gb Total Space | 4.20 Gb Free Space | 95.80% Space Free | Partition Type: UDF Computer Name: BUTCH | User Name: bdulaney | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center "{034106B5-54B7-467F-B477-5B7DBB492624}" = Microsoft Sync Framework Services v1.0 SP1 (x64) "{0C270C59-8706-42B8-A2AD-6E5EE18BC90B}" = SQL Server 2008 R2 Reporting Services "{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool "{11538652-E5E4-37F1-86D7-418871E45292}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series" = Canon MX850 series "{1AB7EDC5-D891-34C5-9FF1-BE6A85ACC44B}" = Microsoft Team Foundation Server 2010 Object Model - ENU "{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant "{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) "{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) "{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}" = SQL Server 2008 R2 Common Files "{2453DBC8-ACC4-4711-BD03-0C15353AA3D8}" = SQL Server 2008 R2 Reporting Services "{26A24AE4-039D-4CA4-87B4-2F86416023FF}" = Java(TM) 6 Update 23 (64-bit) "{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}" = Microsoft SQL Server VSS Writer "{2D2601B6-157F-4F88-B66B-B52DB21EAB2D}" = SQL Server 2008 R2 Client Tools "{362A3FDF-B12E-436A-9097-1B795A9FFCC5}" = Microsoft SQL Server 2008 R2 Native Client "{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}" = SQL Server 2008 R2 Common Files "{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel "{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support "{45EF12B0-F531-4A2C-A1C0-6B1495698E30}" = TortoiseSVN 1.6.15.21042 (64 bit) "{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290 "{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64) "{51E5BC99-A087-4CFF-8D93-462903EA7E12}" = SQL Server 2008 R2 Management Studio "{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector "{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup "{662014D2-0450-37ED-ABAE-157C88127BEB}" = Visual Studio 2010 Prerequisites - English "{72AB7E6F-BC24-481E-8C45-1AB5B3DD795D}" = SQL Server 2008 R2 Management Studio "{7709926E-A1EA-43F1-ADD8-C066BDB97B54}" = SQL Server 2008 R2 Integration Services "{79FB3E7E-FD92-49A9-AAD1-193EE4CB85D3}" = Microsoft SQL Server 2008 R2 Setup (English) "{8438EC02-B8A9-462D-AC72-1B521349C001}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) "{88BAE373-00F4-3E33-828F-96E89E5E0CB9}" = Microsoft Visual Studio 2010 IntelliTrace Collection (x64) "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer "{8FF0ACBD-17A5-3637-95F4-D7C69723E2BF}" = Microsoft Visual Studio 2010 Performance Collection Tools - ENU "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010 "{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 "{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes "{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst "{9DFA5914-C275-42E0-810E-C88E46A7F9EA}" = SQL Server 2008 R2 Full text search "{A2122A9C-A699-4365-ADF8-68FEAC125D61}" = SQL Server 2008 R2 Database Engine Shared "{A4E14A4D-EA7B-4914-9BBF-504401F3D4F7}" = SQL Server 2008 R2 Integration Services "{B40EE88B-400A-4266-A17B-E3DE64E94431}" = Microsoft SQL Server 2008 Setup Support Files "{B5FE23CC-0151-4595-84C3-F1DE6F44FE9B}" = SQL Server 2008 R2 Client Tools "{BB57A765-FFFE-498B-8C1E-6C9CE2AB92BA}" = Microsoft SQL Server 2008 R2 RsFx Driver "{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock "{C942A025-A840-4BF2-8987-849C0DD44574}" = SQL Server 2008 R2 Database Engine Shared "{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}" = Sql Server Customer Experience Improvement Program "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FA7394B8-CE65-4F9E-AC99-F372AD365424}" = SQL Server 2008 R2 Database Engine Services "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app "{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = SQL Server 2008 R2 Database Engine Services "{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0 "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "CCleaner" = CCleaner "Dell Support Center" = Dell Support Center "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0 "Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2 (64-bit) "Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2 (64-bit) "Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU "Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) "Pen Tablet Driver" = Bamboo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01C79EF3-DE84-4B56-B638-8BEA0D507506}" = Microsoft XNA Game Studio 4.0 (XnaLiveProxy) "{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable "{0666E46E-A860-4353-BE6D-13AA72FABB57}" = Microsoft XNA Game Studio Platform Tools "{08C84CC6-E7FD-4B2D-BBF9-B02CC90EE031}" = Microsoft XNA Game Studio 4.0 (Shared Components) "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}" = Microsoft Sync Framework SDK v1.0 SP1 "{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup "{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU "{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools "{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK "{23B4636C-A780-4FEB-B4C9-A2564E9B9F7C}" = Multimedia Card Reader "{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23 "{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager "{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0 "{2D9FEBEE-F1B7-344F-BFDF-760E18332D96}" = Microsoft Visual Studio 2010 SharePoint Developer Tools "{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{3F4EB5FE-B5BE-4069-A5A8-6D9262E1B379}" = Microsoft XNA Game Studio 4.0 Documentation "{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform "{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU "{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack "{5F64E152-51C1-47B4-BEA8-007D73C7460F}" = Cisco AnyConnect VPN Client "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3 "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{68BD57D3-D606-411E-A7E0-3EB6EA5660F6}" = Microsoft XNA Game Studio 4.0 (Redists) "{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support "{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 "{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools "{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari "{73BE04D9-BA0E-4BAF-9C9D-677278BDB3DC}" = Microsoft XNA Game Studio 4.0 (ARP entry) "{74F7B314-0507-4F91-9A4E-B6C9B027E410}" = Microsoft SQL Server 2008 R2 Books Online "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn "{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide "{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger "{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{82419258-BAA2-4214-824C-836FDFCE8FA8}" = AnkhSVN 2.1.10129.17 "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C496FBF-DB4A-468D-A3A1-15E127382218}" = Microsoft XNA Game Studio 4.0 (Visual Studio) "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8E436940-A944-4D67-A45B-1876E23BB9C0}" = e-Sword "{90120000-00A4-0409-0000-0000000FF1CE}" = Microsoft Office 2003 Web Components "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010 "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010 "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010 "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010 "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010 "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010 "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010 "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010 "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010 "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010 "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010 "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010 "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010 "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{92B68570-AE13-4B2E-A8CC-98DC98F3A899}" = CSLA .NET "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-0052-0409-0000-0000000FF1CE}" = Microsoft Office Visio Viewer 2007 "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175 "{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A8B88634-7F90-402F-B66A-86429755F6A5}" = eBay "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor "{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{AC76BA86-7AD7-5670-0000-900000000003}" = Korean Fonts Support For Adobe Reader 9 "{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 "{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU "{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}" = Microsoft SQL Server 2008 R2 Policies "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}" = Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E5DD3FCF-ADD2-435B-83C6-A97F93891661}" = CodeSmith Generator Professional 5.3.4.12823 "{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger "{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter "{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable "{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode) "Dell Dock" = Dell Dock "DevExpress 2010.1 Components" = DevExpress 2010.1 Components "DevExpress 2010.2 Components" = DevExpress 2010.2 Components "Emotiv Developer Edition SDK" = Emotiv Developer Edition SDK 1.0.0.4 "Emotiv EPOC Control Panel" = Emotiv EPOC Control Panel 1.0.0.4 "Encountering the New Testament" = Encountering the New Testament "ERUNT_is1" = ERUNT 1.1j "Google Chrome" = Google Chrome "IconWorkshop " = Axialis IconWorkshop 6.53 "InstallShield_{23B4636C-A780-4FEB-B4C9-A2564E9B9F7C}" = Multimedia Card Reader "InstallShield_{2A2E822B-3B0E-46C1-9E3B-ACD7D1E95139}" = SAMSUNG PC Share Manager "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300 "Microsoft Report Viewer Redistributable 2008 (KB971119)" = Microsoft Report Viewer Redistributable 2008 SP1 "Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU "Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools "NAV" = Norton AntiVirus "Notepad++" = Notepad++ "NST" = Norton Safe Web Lite "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "PowerISO" = PowerISO "RegZooka" = RegZooka "Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.20 "UnHackMe_is1" = UnHackMe 5.99 release "UP286_is1" = Ultimate Paint 2.88 Freeware Edition "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin "WinLiveSuite" = Windows Live Essentials "XNA Game Studio 4.0" = Microsoft XNA Game Studio 4.0 [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 10/12/2011 2:32:06 AM | Computer Name = Butch | Source = Microsoft-Windows-Backup | ID = 517 Description = The backup operation that started at '2011-10-12T00:33:54.939152700Z' has failed with following error code '2155348315' (%%2155348315). Please review the event details for a solution, and then rerun the backup operation once the issue is resolved. Error - 10/12/2011 2:32:08 AM | Computer Name = Butch | Source = Windows Backup | ID = 4104 Description = Error - 10/12/2011 7:13:01 AM | Computer Name = Butch | Source = Windows Backup | ID = 4104 Description = Error - 10/13/2011 1:32:47 AM | Computer Name = Butch | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\Remote Debugger\ia64\msvsmon.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/13/2011 6:56:49 PM | Computer Name = Butch | Source = TOASTER.EXE | ID = 0 Description = An Unhandled Exception occured. Width and Height must be non-negative. at System.Windows.Rect..ctor(Double x, Double y, Double width, Double height) at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow) at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error - 10/13/2011 7:11:50 PM | Computer Name = Butch | Source = TOASTER.EXE | ID = 0 Description = An Unhandled Exception occured. Width and Height must be non-negative. at System.Windows.Rect..ctor(Double x, Double y, Double width, Double height) at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow) at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error - 10/14/2011 1:32:28 AM | Computer Name = Butch | Source = SideBySide | ID = 16842785 Description = Activation context generation failed for "C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\Remote Debugger\ia64\msvsmon.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="ia64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error - 10/14/2011 8:28:07 AM | Computer Name = Butch | Source = TOASTER.EXE | ID = 0 Description = An Unhandled Exception occured. Width and Height must be non-negative. at System.Windows.Rect..ctor(Double x, Double y, Double width, Double height) at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow) at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error - 10/14/2011 2:42:40 PM | Computer Name = Butch | Source = TOASTER.EXE | ID = 0 Description = An Unhandled Exception occured. Width and Height must be non-negative. at System.Windows.Rect..ctor(Double x, Double y, Double width, Double height) at Toaster.Core.AppBarFunctions.ABSetPos(ABEdge edge, Window appbarWindow) at Toaster.Core.AppBarFunctions.RegisterInfo.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndWrapper.WndProc(IntPtr hwnd, Int32 msg, IntPtr wParam, IntPtr lParam, Boolean& handled) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(Object o) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler) Error - 10/14/2011 11:05:14 PM | Computer Name = Butch | Source = System Restore | ID = 8193 Description = [ Cisco AnyConnect VPN Client Events ] Error - 10/14/2011 2:29:14 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: CTlsTunnelMgr::initiateTunnel Return code: 0xFE1F000C File: .\VpnMgr.cpp Line: 3216 Description: SOCKETTRANSPORT_ERROR_CONNECT Error - 10/14/2011 2:29:14 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: CSocketTransport::postConnectProcessing Return code: 0xFE1F000C File: .\IPC\SocketTransport.cpp Line: 1212 Description: SOCKETTRANSPORT_ERROR_CONNECT Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: ::WSAConnect Return code: 10060 File: .\IPC\SocketTransport.cpp Line: 1306 Description: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: CTcpTransport::initiateTransport Return code: 0xFE1F000C File: .\SslTunnelTransport.cpp Line: 371 Description: SOCKETTRANSPORT_ERROR_CONNECT Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: CSocketTransport::initiateTransport Return code: 0xFE1F000C File: .\TlsProtocol.cpp Line: 495 Description: SOCKETTRANSPORT_ERROR_CONNECT Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: initiateTunnel Return code: 0xFE1F000C File: .\CstpProtocol.cpp Line: 1071 Description: SOCKETTRANSPORT_ERROR_CONNECT Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: ITunnelProtocol::initiateTunnel Return code: 0xFE1F000C File: .\TunnelStateMgr.cpp Line: 1040 Description: SOCKETTRANSPORT_ERROR_CONNECT callback Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: CTunnelStateMgr::initiateTunnel Return code: 0xFE1F000C File: .\TunnelMgr.cpp Line: 600 Description: SOCKETTRANSPORT_ERROR_CONNECT callback Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: CTlsTunnelMgr::initiateTunnel Return code: 0xFE1F000C File: .\VpnMgr.cpp Line: 3216 Description: SOCKETTRANSPORT_ERROR_CONNECT Error - 10/14/2011 2:30:05 PM | Computer Name = Butch | Source = vpnagent | ID = 50331649 Description = Function: CSocketTransport::postConnectProcessing Return code: 0xFE1F000C File: .\IPC\SocketTransport.cpp Line: 1212 Description: SOCKETTRANSPORT_ERROR_CONNECT [ Dell Events ] Error - 4/15/2011 12:40:10 PM | Computer Name = Dell64-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 4/15/2011 12:40:10 PM | Computer Name = Dell64-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 4/15/2011 4:11:47 PM | Computer Name = Dell64-PC | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 4/28/2011 2:40:33 PM | Computer Name = Butch | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 4/28/2011 2:40:33 PM | Computer Name = Butch | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 4/28/2011 2:45:01 PM | Computer Name = Butch | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 4/28/2011 2:45:01 PM | Computer Name = Butch | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. Error - 4/29/2011 4:11:43 PM | Computer Name = Butch | Source = DataSafe | ID = 17 Description = The process was interrupted before completion. [ System Events ] Error - 8/10/2011 8:33:21 PM | Computer Name = Butch | Source = VDS Basic Provider | ID = 33554433 Description = Error - 8/10/2011 8:33:21 PM | Computer Name = Butch | Source = VDS Basic Provider | ID = 33554433 Description = Error - 8/13/2011 10:20:21 PM | Computer Name = Butch | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk6\DR6. Error - 8/20/2011 1:36:06 PM | Computer Name = Butch | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk6\DR7. Error - 8/20/2011 1:36:09 PM | Computer Name = Butch | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk6\DR7. Error - 8/20/2011 1:36:10 PM | Computer Name = Butch | Source = Disk | ID = 262155 Description = The driver detected a controller error on \Device\Harddisk6\DR7. Error - 9/8/2011 7:41:35 AM | Computer Name = Butch | Source = Schannel | ID = 36888 Description = The following fatal alert was generated: 48. The internal error state is 552. Error - 9/8/2011 7:41:35 AM | Computer Name = Butch | Source = Schannel | ID = 36882 Description = The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate. Error - 9/8/2011 7:43:52 AM | Computer Name = Butch | Source = DCOM | ID = 10009 Description = Error - 9/8/2011 7:44:50 AM | Computer Name = Butch | Source = DCOM | ID = 10009 Description = < End of report >