Tom - Thanks again for your time; as directed, OTL.txt and Extra.txt are pasted below. I have not experienced a sustained CPU usage spike to 100% (with unresponsive applications) since running ComboFix, although again I still hear those application start-up bleeps at regular 5-second intervals. Regards, Dave
OTL logfile created on: 5/6/2010 10:56:46 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\dave\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format:
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.44 Gb Total Space | 30.55 Gb Free Space | 43.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D6HB8S81
Current User Name: dave
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/05/06 10:44:20 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dave\Desktop\OTL.exe
PRC - [2010/02/25 16:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccsvchst.exe
PRC - [2010/01/26 18:02:52 | 000,389,120 | R--- | M] (Teleca) -- C:\Program Files\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
PRC - [2009/12/11 14:50:34 | 000,557,056 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
PRC - [2009/11/19 16:19:48 | 000,598,016 | R--- | M] (Teleca Sweden AB) -- C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe
PRC - [2009/09/29 12:29:00 | 000,356,352 | R--- | M] (Teleca Sweden AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\dbgout.exe
PRC - [2009/09/29 12:28:26 | 001,011,712 | R--- | M] (Teleca Sweden AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
PRC - [2009/09/29 12:03:26 | 000,253,952 | R--- | M] (TODO: <Company name>) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
PRC - [2009/09/29 12:03:02 | 000,462,848 | R--- | M] (Teleca AB) -- C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
PRC - [2009/06/03 09:25:16 | 000,106,496 | R--- | M] (Popwire AB) -- C:\Program Files\Common Files\Teleca Shared\logger.exe
PRC - [2009/05/21 10:55:32 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2009/04/14 12:14:26 | 000,139,264 | ---- | M] (Teleca Sweden AB) -- C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
PRC - [2009/01/20 21:06:58 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2008/12/18 11:47:08 | 009,158,656 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
PRC - [2008/10/02 09:23:16 | 000,546,288 | ---- | M] (Google) -- C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 17:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/11/09 16:10:02 | 000,562,496 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\pnamain.exe
PRC - [2006/11/13 14:39:52 | 001,289,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\wcescomm.exe
PRC - [2006/11/13 14:39:34 | 000,199,464 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft ActiveSync\rapimgr.exe
PRC - [2006/10/05 22:11:54 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/10/05 22:11:34 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe
PRC - [2006/04/07 10:00:00 | 000,122,880 | ---- | M] (WinZip Computing LP) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2006/03/27 15:04:00 | 000,712,704 | ---- | M] (Maxtor Corporation) -- C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe
PRC - [2006/02/15 10:56:40 | 000,184,320 | ---- | M] () -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
PRC - [2006/02/07 15:10:14 | 000,106,496 | ---- | M] ( ) -- C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe
PRC - [2006/02/07 00:44:30 | 000,163,840 | ---- | M] () -- C:\Program Files\PdaNet for Windows Mobile\PdaNetPC.exe
PRC - [2005/11/04 19:31:06 | 000,026,112 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\realplay.exe
PRC - [2005/10/17 16:24:32 | 000,081,920 | ---- | M] (Maxtor Corp.) -- C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
PRC - [2005/06/10 09:44:02 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2005/06/10 02:21:01 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft IntelliPoint\point32.exe
PRC - [2005/05/03 23:07:32 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
PRC - [2005/03/04 10:26:08 | 000,606,208 | ---- | M] () -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2004/10/30 13:59:54 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004/09/13 15:33:20 | 000,155,648 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe
PRC - [2004/09/07 15:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2004/09/07 15:08:02 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/09/07 15:05:10 | 000,360,521 | ---- | M] (Intel Corporation ) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
PRC - [2004/09/07 15:02:40 | 000,086,016 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2004/09/07 15:02:04 | 000,139,264 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2004/08/26 21:48:38 | 000,106,496 | ---- | M] (SHARP CORPORATION) -- C:\Program Files\SHARP\Button Manager B\btnman.exe
PRC - [2004/08/19 13:40:08 | 000,045,056 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApntEx.exe
PRC - [2004/03/05 20:09:06 | 000,028,672 | ---- | M] () -- C:\Program Files\SHARP\Sharpdesk\SharpTray.exe
PRC - [2003/10/29 02:06:00 | 000,024,576 | ---- | M] (BVRP Software) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2003/07/30 01:52:00 | 000,217,195 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
========== Modules (SafeList) ========== MOD - [2010/05/06 10:44:20 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dave\Desktop\OTL.exe
MOD - [2010/03/26 16:52:36 | 000,415,088 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\17.6.0.32\asoehook.dll
MOD - [2009/07/12 01:02:02 | 000,653,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
MOD - [2009/07/12 01:02:00 | 000,569,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
MOD - [2008/04/13 17:10:20 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2005/07/06 23:52:00 | 001,466,368 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nview.dll
MOD - [2005/07/06 23:52:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
========== Win32 Services (SafeList) ========== SRV - [2010/04/29 13:49:39 | 001,285,864 | ---- | M] (Lavasoft) [On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2010/02/25 16:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe -- (NIS)
SRV - [2008/12/18 11:47:08 | 009,158,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe -- (MSSQL$MICROSOFTSMLBIZ)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/10/25 16:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2006/10/05 22:11:34 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2006/02/15 10:56:40 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe -- (MaxBackServiceInt)
SRV - [2006/02/07 15:10:14 | 000,106,496 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Maxtor\OneTouch\Utils\SyncServices.exe -- (NTService1)
SRV - [2005/05/03 22:42:56 | 000,323,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlagent.EXE -- (SQLAgent$MICROSOFTSMLBIZ)
SRV - [2004/09/07 15:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2004/09/07 15:05:10 | 000,360,521 | ---- | M] (Intel Corporation ) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004/09/07 15:02:40 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2004/09/07 15:02:04 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
========== Driver Services (SafeList) ========== DRV - [2010/04/29 10:44:04 | 000,537,136 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\BASHDefs\20100429.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2010/02/26 19:23:54 | 000,116,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1106000.020\Ironx86.SYS -- (SymIRON)
DRV - [2010/02/26 19:23:21 | 000,325,680 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\Drivers\NIS\1106000.020\SRTSP.SYS -- (SRTSP)
DRV - [2010/02/26 19:23:21 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1106000.020\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2010/02/25 16:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\NIS\1106000.020\ccHPx86.sys -- (ccHP)
DRV - [2010/02/04 09:19:49 | 001,324,720 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100505.048\NAVEX15.SYS -- (NAVEX15)
DRV - [2010/02/04 09:19:49 | 000,084,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\VirusDefs\20100505.048\NAVENG.SYS -- (NAVENG)
DRV - [2010/02/04 08:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2010/02/03 18:40:52 | 000,362,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\NIS\1106000.020\SYMTDI.SYS -- (SYMTDI)
DRV - [2010/02/03 18:40:50 | 000,172,592 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1106000.020\SYMEFA.SYS -- (SymEFA)
DRV - [2009/12/16 17:37:47 | 000,371,248 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2009/12/16 17:37:47 | 000,102,448 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/12/16 17:27:36 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/12/02 23:09:48 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2009/12/02 23:09:48 | 000,047,408 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2009/11/05 15:06:13 | 000,328,752 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\NIS\1106000.020\SYMDS.SYS -- (SymDS)
DRV - [2009/10/28 15:37:22 | 000,329,592 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\Definitions\IPSDefs\20100429.001\IDSXpx86.sys -- (IDSxpx86)
DRV - [2009/06/10 16:49:32 | 000,024,576 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuidfltr.sys -- (NuidFltr)
DRV - [2008/04/13 11:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008/04/13 11:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/04/13 11:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 11:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2006/01/12 14:04:28 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pnetmdm.sys -- (pnetmdm)
DRV - [2005/11/04 19:31:08 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2005/07/06 23:52:00 | 003,208,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2005/05/03 15:09:28 | 001,033,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.SYS -- (HSF_DPV)
DRV - [2005/05/03 15:08:50 | 000,208,384 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005/05/03 15:08:44 | 000,705,408 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/04/06 14:05:24 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2005/03/10 21:56:06 | 000,273,168 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97)
DRV - [2004/12/06 00:05:00 | 000,100,603 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2004/12/06 00:05:00 | 000,098,714 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2004/12/06 00:05:00 | 000,086,586 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2004/12/06 00:05:00 | 000,034,843 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2004/12/06 00:05:00 | 000,025,883 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2004/12/06 00:05:00 | 000,015,227 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2004/12/06 00:05:00 | 000,006,363 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2004/12/06 00:05:00 | 000,004,123 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2004/12/06 00:05:00 | 000,002,239 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2004/12/01 02:22:00 | 000,087,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2004/11/23 01:56:00 | 000,040,480 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/11/16 15:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/10/21 19:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/08/31 07:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/18 13:53:54 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/08/12 07:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/04 04:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004/08/04 04:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2004/07/14 10:29:04 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2004/07/14 10:28:50 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2004/06/17 19:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/05/26 19:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2004/02/13 15:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2002/04/11 20:21:38 | 000,013,335 | R--- | M] (Microsystems Corp) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbcm.sys -- (usbcm)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ie IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL =
http://www.google.com/search?q={searchTerm...tf8&oe=utf8IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL =
http://www.google.com/ieIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.google.com/ieIE - HKCU\..\URLSearchHook: {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local.,;*.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\IPSFFPlgn\ [2010/04/26 17:41:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.1.0.19\coFFPlgn\ [2010/01/12 09:33:31 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/03/15 09:55:57 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/04/15 08:43:44 | 000,000,000 | ---D | M]
[2009/01/23 12:37:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Mozilla\Extensions
[2010/04/30 15:54:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Mozilla\Firefox\Profiles\8k6qwtwx.default\extensions
[2009/09/13 17:00:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\dave\Application Data\Mozilla\Firefox\Profiles\8k6qwtwx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/04/30 15:54:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/15 08:43:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2007/08/24 20:52:00 | 000,300,400 | ---- | M] (Symantec Corporation) -- C:\Program Files\Mozilla Firefox\components\coFFPlgn.dll
[2007/11/09 16:10:22 | 000,079,440 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\CgpCore.dll
[2007/11/09 16:10:24 | 000,075,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\confmgr.dll
[2007/11/09 16:10:50 | 000,034,384 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\logging.dll
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2007/11/09 16:11:08 | 000,333,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npicaN.dll
[2007/11/09 16:11:38 | 000,030,288 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\TcpPServ.dll
O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,709 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: () - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (MyWay.com)
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\ShellBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.6.0.32\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\point32.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe (Maxtor Corporation)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corp.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [H/PC Connection Agent] C:\Program Files\Microsoft ActiveSync\Wcescomm.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SharpTray] C:\Program Files\Sharp\Sharpdesk\SharpTray.exe ()
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe (Adobe Systems Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Button Manager B.lnk = C:\Program Files\SHARP\Button Manager B\btnman.exe (SHARP CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Calendar Sync.lnk = C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Program Neighborhood Agent.lnk = C:\WINDOWS\Installer\{42ACCB45-3363-47E0-94E9-F0074CC8BC56}\Icon80951CEC.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk = C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE (WinZip Computing LP)
O4 - Startup: C:\Documents and Settings\dave\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files\PdaNet for Windows Mobile\PdaNetPC.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ChicagoTitle.Com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: mlsalliance.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: SitexData.Com ([]* in Trusted sites)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B}
http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8}
http://download.microsoft.com/download/d/c.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77}
http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE}
http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E}
http://www.linkedin.com/cab/LinkedInContactFinderControl.cab (LinkedIn ContactFinderControl)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862}
https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
http://update.microsoft.com/microsoftupdat...b?1134006045961 (MUWebControl Class)
O16 - DPF: {8569D715-FF88-44BA-8D1D-AD3E59543DDE}
http://ml.sitexdata.com/MortgageLeads/arview2.cab (ActiveReports Viewer2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277}
http://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-443553540000}
https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload.macromedia.com/pub/shock...ash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\x-excid {9D6CC632-1337-4a33-9214-2DA092E776F4} - c:\WINDOWS\Downloaded Program Files\mimectl.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\dave\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\dave\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 16:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2004/08/11 16:02:12 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: WmdmPmSp - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16902053519425536)
========== Files/Folders - Created Within 90 Days ========== [2010/05/06 10:44:12 | 000,570,880 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\dave\Desktop\OTL.exe
[2010/05/04 14:38:42 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/05/04 14:37:01 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/05/04 14:37:01 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/05/04 14:37:01 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/05/04 14:37:01 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/05/04 14:36:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/05/04 14:34:16 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/04/30 18:38:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Local Settings\Application Data\HTC
[2010/04/30 18:38:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Application Data\Teleca
[2010/04/30 18:36:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\HTC
[2010/04/30 18:36:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared
[2010/04/30 18:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2010/04/30 18:33:39 | 000,024,576 | ---- | C] (HTC, Corporation) -- C:\WINDOWS\System32\drivers\ANDROIDUSB.sys
[2010/04/30 18:33:32 | 000,000,000 | ---D | C] -- C:\Program Files\Spirent Communications
[2010/04/30 18:33:22 | 000,000,000 | ---D | C] -- C:\Program Files\HTC
[2010/04/29 17:57:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Desktop\HTC Incredible
[2010/04/29 17:38:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\My Documents\CONTACTS CSV
[2010/04/07 14:12:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Desktop\bleeping computer
[2010/04/03 15:54:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/03/30 16:25:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Application Data\skypePM
[2010/03/30 13:32:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Application Data\Skype
[2010/03/30 13:29:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010/03/30 13:29:42 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010/03/30 13:29:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Skype
[2010/03/13 16:07:09 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2010/03/02 09:42:24 | 000,047,408 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SymIM.sys
[2010/02/15 16:22:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Application Data\Tific
[2010/02/15 16:22:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\dave\Local Settings\Application Data\Symantec
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 90 Days ========== [2010/05/06 10:44:20 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\dave\Desktop\OTL.exe
[2010/05/06 10:08:00 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2010/05/06 08:11:30 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{9A95D6F4-4315-4ABD-8BE2-568B806C7CD4}.job
[2010/05/06 08:11:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2010/05/06 08:09:17 | 000,002,403 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Program Neighborhood Agent.lnk
[2010/05/06 08:08:55 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/05/06 08:08:50 | 000,023,402 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2010/05/06 08:08:23 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2010/05/06 08:08:17 | 000,030,098 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2010/05/06 08:07:49 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/05/06 08:07:43 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/05/06 08:07:41 | 2146,922,496 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/05 18:48:10 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\dave\ntuser.ini
[2010/05/05 18:48:09 | 006,029,312 | ---- | M] () -- C:\Documents and Settings\dave\ntuser.dat
[2010/05/04 14:51:13 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/05/04 14:38:52 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/05/04 14:32:16 | 003,945,968 | R--- | M] () -- C:\Documents and Settings\dave\Desktop\schrauber.exe
[2010/05/04 14:27:29 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/05/03 11:15:41 | 000,029,696 | ---- | M] () -- C:\Documents and Settings\dave\My Documents\connections.xls
[2010/04/30 18:50:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010/04/30 18:50:46 | 000,697,276 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\Cat.DB
[2010/04/30 18:50:46 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/04/29 17:35:53 | 000,038,479 | ---- | M] () -- C:\Documents and Settings\dave\Application Data\Comma Separated Values (Windows).ADR
[2010/04/28 22:07:38 | 000,015,880 | ---- | M] () -- C:\WINDOWS\System32\lsdelete.exe
[2010/04/28 20:10:38 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe
[2010/04/20 11:51:03 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\dave\My Documents\CURRENT.doc
[2010/04/19 20:01:18 | 000,000,738 | ---- | M] () -- C:\WINDOWS\tasks\Norton Internet Security - Run Full System Scan - dave.job
[2010/04/18 16:22:54 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/04/14 19:10:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/04/13 21:24:18 | 000,002,743 | ---- | M] () -- C:\Documents and Settings\dave\Desktop\Microsoft Office Document Scanning (2).lnk
[2010/04/11 13:16:46 | 000,023,402 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2010/04/07 14:17:07 | 000,000,000 | ---- | M] () -- C:\Documents and Settings\dave\defogger_reenable
[2010/04/06 23:49:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/04/06 22:00:46 | 000,001,973 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Norton Internet Security.LNK
[2010/04/02 11:24:22 | 000,481,598 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/04/02 11:24:22 | 000,088,380 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/04/02 11:24:21 | 000,580,402 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/30 16:25:46 | 000,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/30 13:29:50 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/26 17:57:35 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\isolate.ini
[2010/03/21 21:05:54 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 8.lnk
[2010/03/13 16:10:59 | 000,095,024 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2010/03/13 16:07:06 | 000,000,867 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/03/10 23:55:34 | 000,000,968 | ---- | M] () -- C:\WINDOWS\win.ini
[2010/03/01 20:32:06 | 000,007,442 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\srtspx.cat
[2010/03/01 20:32:06 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\srtsp.cat
[2010/02/26 19:23:54 | 000,116,784 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1106000.020\ironx86.sys
[2010/02/26 19:23:54 | 000,007,438 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\iron.cat
[2010/02/26 19:23:54 | 000,000,741 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\iron.inf
[2010/02/26 19:23:21 | 000,325,680 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1106000.020\srtsp.sys
[2010/02/26 19:23:21 | 000,043,696 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1106000.020\srtspx.sys
[2010/02/26 19:23:21 | 000,001,388 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\srtspx.inf
[2010/02/26 19:23:21 | 000,001,382 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\srtsp.inf
[2010/02/25 16:22:57 | 000,501,888 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NIS\1106000.020\cchpx86.sys
[2010/02/25 10:54:56 | 000,007,396 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\cchpx86.cat
[2010/02/11 09:54:47 | 002,000,070 | ---- | M] () -- C:\WINDOWS\iis6.BAK
[2010/02/05 13:52:57 | 000,001,754 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1106000.020\cchpx86.inf
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/05/04 14:38:52 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/05/04 14:38:47 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/05/04 14:37:01 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/05/04 14:37:01 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/05/04 14:37:01 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/05/04 14:37:01 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/05/04 14:37:01 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/05/04 14:32:14 | 003,945,968 | R--- | C] () -- C:\Documents and Settings\dave\Desktop\schrauber.exe
[2010/04/30 18:50:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ANDROIDUSB_01007.Wdf
[2010/04/30 18:50:46 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01007_Coinstaller_Critical.Wdf
[2010/04/29 17:35:53 | 000,038,479 | ---- | C] () -- C:\Documents and Settings\dave\Application Data\Comma Separated Values (Windows).ADR
[2010/04/18 16:22:54 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2010/04/07 14:17:07 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\dave\defogger_reenable
[2010/03/30 16:25:46 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/03/30 13:29:50 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2010/03/14 20:04:57 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/03/13 16:07:06 | 000,000,867 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware.lnk
[2010/02/08 12:02:05 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\dave\My Documents\CURRENT.doc
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2007/03/19 11:26:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PNTINFO.INI
[2007/03/16 18:49:54 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\dsp_trc.dll
[2007/02/09 17:34:26 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2007/02/09 17:34:25 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2006/11/20 10:01:46 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/04/23 17:12:44 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\ZLIB.DLL
[2006/04/23 17:09:01 | 000,049,152 | ---- | C] () -- C:\WINDOWS\SDConfig.dll
[2006/04/23 17:07:59 | 000,159,744 | ---- | C] () -- C:\WINDOWS\_isusr32.dll
[2006/04/23 17:07:55 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\usc1.dll
[2006/04/23 17:07:55 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\_isusr2k.dll
[2006/03/13 12:13:20 | 000,000,058 | ---- | C] () -- C:\WINDOWS\mchguid.ini
[2006/03/13 11:59:11 | 000,010,875 | ---- | C] () -- C:\WINDOWS\ESOA.INI
[2006/03/13 11:59:11 | 000,003,679 | ---- | C] () -- C:\WINDOWS\GrAddrBk.ini
[2006/03/13 11:59:11 | 000,000,995 | ---- | C] () -- C:\WINDOWS\GRACE.INI
[2006/03/13 11:59:11 | 000,000,053 | ---- | C] () -- C:\WINDOWS\PRSRVDLL.INI
[2006/03/13 11:50:25 | 000,001,064 | ---- | C] () -- C:\WINDOWS\winpoint.ini
[2005/12/16 16:17:37 | 000,003,766 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005/12/16 16:17:37 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\856DEF51EE.sys
[2005/11/04 19:45:35 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/11/04 19:33:35 | 000,000,138 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/11/04 19:20:58 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/11/04 18:55:42 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
[2005/11/04 18:54:48 | 000,000,391 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/04/09 16:04:54 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/12 07:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/08/11 16:24:19 | 000,000,881 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 16:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\MSRTEDIT.DLL
========== LOP Check ========== [2010/04/30 18:36:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HTC
[2006/10/10 12:30:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Maxtor
[2006/10/25 16:25:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
[2009/12/16 12:56:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2007/10/02 14:11:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2007/11/30 21:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2010/04/30 18:36:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Teleca
[2005/11/04 19:31:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/03/13 16:07:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{74D08EB8-01D1-4BAE-91E3-F30C1B031AC6}
[2008/10/03 16:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Citrix
[2009/09/23 12:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\HorizonWimba
[2008/05/29 17:15:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\ICAClient
[2006/01/05 09:46:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Leadertech
[2007/03/23 09:58:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\LinkedIn
[2009/04/13 09:28:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\OfficeUpdate12
[2006/04/23 17:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Sharp
[2010/04/30 18:43:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Teleca
[2010/02/15 16:22:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Tific
[2009/03/14 20:27:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\dave\Application Data\Viewpoint
[2010/05/04 14:27:29 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2010/05/06 08:11:00 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job
[2010/05/06 08:11:30 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{9A95D6F4-4315-4ABD-8BE2-568B806C7CD4}.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/09/03 22:26:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/09/03 22:26:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ERDNT\cache\agp440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 11:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004/08/03 22:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
< MD5 for: ATAPI.SYS >[2004/08/04 04:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/09/03 22:26:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/09/03 22:26:23 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 11:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys
< MD5 for: EVENTLOG.DLL >[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 17:11:53 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/04 04:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: NETLOGON.DLL >[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 17:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2004/08/04 04:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >[2004/08/04 04:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 17:12:05 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll
[2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll
[9 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav >[2004/08/11 16:06:14 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/11 16:06:14 | 000,659,456 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/11 16:06:14 | 000,876,544 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %systemdrive%\*.sys /90 /md5 >[2010/05/06 08:07:41 | 2146,922,496 | -HS- | M] ()
Unable to obtain MD5 -- C:\hiberfil.sys
[2010/05/06 08:07:40 | 1610,612,736 | -HS- | M] ()
Unable to obtain MD5 -- C:\pagefile.sys
< End of report >
------------------------------
OTL Extras logfile created on: 5/6/2010 10:56:46 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\dave\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format:
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.44 Gb Total Space | 30.55 Gb Free Space | 43.36% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: D6HB8S81
Current User Name: dave
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"26675:TCP" = 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL -- File not found
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL -- File not found
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\PdaNet for Windows Mobile\PdaNetPC.exe" = C:\Program Files\PdaNet for Windows Mobile\PdaNetPC.exe:*:Enabled:PdaNetPC -- ()
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe" = C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe" = C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe" = C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00180408-78E1-11D2-B60F-006097C998E7}" = Microsoft Access 2000 Runtime
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{10CE1EA2-12E9-11D3-825E-00C04F6843FE}" = Microsoft Office Sounds
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{192A3445-56FC-47B3-B706-17D599E3B630}" = CalyxLoanBridge11
"{1F528948-0E80-4C96-B455-DE4167CB1DF7}" = Internal Network Card Power Management
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD LE
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Dell Media Experience
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java 6 Update 20
"{338F08AB-C262-42C7-B000-34DE1A475273}" = Ad-Aware Email Scanner for Outlook
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{357F75A5-CADA-42E3-8B16-3F3EDD431141}" = Point
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3DE0053C-FD9A-483E-B7C9-B06E4392206E}" = iTunes
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42ACCB45-3363-47E0-94E9-F0074CC8BC56}" = Citrix Presentation Server Client
"{470E9A78-A276-46EB-85F1-05625C766889}" = HTC Sync
"{49C88E44-1B38-4FC6-824E-2BDA3063B0E3}" = Apple Mobile Device Support
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF13168-7139-4FF1-AF80-CA99CD604C9A}" = Palm® Treo™ 700w Updater
"{578145B3-3831-4D85-BB53-4A9D90F821DE}" = WebEx Recorder and Player
"{599FFF35-0B03-45A1-AA57-D81B1AF93FD9}" = MortgageCoach
"{5CD4F991-BA3E-4EC4-A7A1-EFB61F4D7291}" = Setup
"{60EEB642-E9E0-45A2-A676-B9D8FE17C4A9}" = Maxtor OneTouch III
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6CF08AD2-00C5-4A63-B74B-2EFFFAFEBE1A}" = Microsoft Outlook Web Access S/MIME
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{71009363-B52E-4E12-8CB1-B53D05F710BD}" = MyFax SendFax Outlook Plug-In
"{728278A1-0BB7-45E4-AC5E-91D7C0FD1EDE}" = EarthLink setup files
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{91CA0409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Small Business Edition 2003
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-0038-0409-0000-0000000FF1CE}" = Time Zone Data Update Tool for Microsoft Office Outlook
"{9743AF47-B746-4324-B4C4-512E67D04370}" = Symantec Technical Support Web Controls
"{99052DB7-9592-4522-A558-5417BBAD48EE}" = Microsoft ActiveSync
"{9C3F9580-F5CF-4288-894E-9FF0EB24A21C}" = Maxtor Backup
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2C82F57-F312-4525-A19C-40E228E09939}" = Setup
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB46C238-3554-4D79-AB06-C393F87FF202}" = Windows Mobile Daylight Saving Time 2007 Updates
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-0000-0000-0000-6028747ADE01}" = Adobe Acrobat - Reader 6.0.2 Update
"{AC76BA86-0000-7EC8-7489-000000000603}" = Adobe Acrobat and Reader 6.0.3 Update
"{AC76BA86-0000-7EC8-7489-000000000604}" = Adobe Acrobat and Reader 6.0.4 Update
"{AC76BA86-0000-7EC8-7489-000000000605}" = Adobe Acrobat and Reader 6.0.5 Update
"{AC76BA86-0000-7EC8-7489-000000000606}" = Adobe Acrobat and Reader 6.0.6 Update
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.1
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.7
"{AC76BA86-7AD7-1033-7B44-A82000000003}" = Adobe Reader 8.2.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B702CCCE-3176-4DBF-B932-D1B8F402F330}" = Digital Content Portal
"{BA68600E-96D9-4E92-80F2-26B9681B5A63}" = Microsoft Office Outlook 2003 with Business Contact Manager Update
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook Personal Folders Backup
"{C9D96682-5A4D-45FA-BA3E-DDCB2B0CB868}" = Safari
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CAA73495-D542-4BD2-B2F2-886C316868C7}" = Calyx LoanBridge 5.3
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D6C35F0E-D09D-4177-BAEE-4D412D749A96}" = Point
"{DD2B6B86-778C-4967-8816-3B8786ED1EBE}" = Business Contacts for Pocket PC
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E031338C-839D-4EDD-9537-99B653C39D81}" = Autodesk MapGuide® Viewer ActiveX Control Release 6.5
"{E09B48B5-E141-427A-AB0C-D3605127224A}" = Microsoft SQL Server Desktop Engine (MICROSOFTSMLBIZ)
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E5E6E687-1033-BA7E-6000-000000000001}" = Adobe Acrobat Elements 6.0
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7559288-223B-453C-9F06-340E3BE21E39}" = MyWay Search Assistant
"{E78DAA24-38F8-4D35-B732-B18ABA0424DF}" = Office Live Image Uploader
"{E962D5C3-6356-450D-AD38-471B3EA3923D}" = Treo 700w User Guide
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{EECDDEA0-DB76-4488-8E52-0EF1DF63700A}" = Microsoft IntelliPoint 5.4
"{F05E2B98-DA04-4FFA-8D08-DA218E6A2B47}" = Point
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind
"CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1" = Conexant D110 MDC V.92 Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Google Calendar Sync" = Google Calendar Sync
"Google Chrome" = Google Chrome
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{60EEB642-E9E0-45A2-A676-B9D8FE17C4A9}" = Maxtor OneTouch III
"InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}" = Broadcom Management Programs 2
"InstallShield_{9C3F9580-F5CF-4288-894E-9FF0EB24A21C}" = Maxtor Backup
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.0.18)" = Mozilla Firefox (3.0.18)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NIS" = Norton Internet Security
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"PdaNet_is1" = PdaNet for Windows Mobile 1.14
"Picasa 3" = Picasa 3
"Picsel Technologies Ltd - Picsel File Viewer" = Picsel File Viewer
"ProInst" = Intel® PROSet/Wireless Software
"RealPlayer 6.0" = RealPlayer Basic
"SHARP AL-1500/1600CS Series MFP Driver" = SHARP AL-1500/1600CS Series MFP Driver
"Sharp Button Manager B" = Sharp Button Manager B
"Sharpdesk" = Sharpdesk
"Sony Player Plug-in for Windows Media Player" = Sony Player Plug-in for Windows Media Player
"StreetPlugin" = Learn2 Player (Uninstall Only)
"USAPhotoMaps" = USAPhotoMaps (remove only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinZip" = WinZip
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xvid_is1" = Xvid 1.1.2 final uninstall
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 5/2/2010 6:38:27 PM | Computer Name = D6HB8S81 | Source = nview_info | ID = 11141121
Description =
Error - 5/2/2010 6:38:32 PM | Computer Name = D6HB8S81 | Source = nview_info | ID = 11141121
Description =
Error - 5/2/2010 8:08:05 PM | Computer Name = D6HB8S81 | Source = Google Update | ID = 20
Description =
Error - 5/3/2010 2:08:17 AM | Computer Name = D6HB8S81 | Source = Google Update | ID = 20
Description =
Error - 5/3/2010 11:41:29 AM | Computer Name = D6HB8S81 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8312.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2010 11:43:16 AM | Computer Name = D6HB8S81 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8312.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2010 11:46:59 AM | Computer Name = D6HB8S81 | Source = Microsoft Office 11 | ID = 2000
Description = Accepted Safe Mode action : Microsoft Office Outlook.
Error - 5/3/2010 3:38:04 PM | Computer Name = D6HB8S81 | Source = Application Hang | ID = 1002
Description = Hanging application OUTLOOK.EXE, version 11.0.8312.0, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 5/3/2010 3:38:14 PM | Computer Name = D6HB8S81 | Source = Application Hang | ID = 1001
Description = Fault bucket 1365819674.
Error - 5/3/2010 5:16:02 PM | Computer Name = D6HB8S81 | Source = nview_info | ID = 11141121
Description =
[ System Events ]
Error - 4/28/2010 10:57:17 PM | Computer Name = D6HB8S81 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.102 for the Network Card with network
address 0013CE80D80E has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 4/29/2010 11:20:23 AM | Computer Name = D6HB8S81 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.101 for the Network Card with network
address 0013CE80D80E has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).
Error - 4/30/2010 11:28:22 AM | Computer Name = D6HB8S81 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 4/30/2010 11:28:22 AM | Computer Name = D6HB8S81 | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
Error - 4/30/2010 6:33:15 PM | Computer Name = D6HB8S81 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.102 for the Network Card with network
address 0013CE80D80E has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 5/3/2010 11:23:37 AM | Computer Name = D6HB8S81 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the Application Layer Gateway
Service service to connect.
Error - 5/3/2010 11:23:37 AM | Computer Name = D6HB8S81 | Source = Service Control Manager | ID = 7000
Description = The Application Layer Gateway Service service failed to start due
to the following error: %%1053
Error - 5/4/2010 5:08:32 PM | Computer Name = D6HB8S81 | Source = Service Control Manager | ID = 7031
Description = The Lavasoft Ad-Aware Service service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 5000
milliseconds: Restart the service.
Error - 5/5/2010 1:19:27 AM | Computer Name = D6HB8S81 | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.102 for the Network Card with network
address 0013CE80D80E has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 5/5/2010 1:22:59 AM | Computer Name = D6HB8S81 | Source = Service Control Manager | ID = 7011
Description = Timeout (30000 milliseconds) waiting for a transaction response from
the stisvc service.
< End of report >