Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Blue Screen1


  • This topic is locked This topic is locked
7 replies to this topic

#1 madden

madden

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 07 June 2011 - 12:00 AM

http://www.bleepingcomputer.com/forums/topic400478.html


I'm not sure how helpful these logs will be the the drive infected is M:\ It has a none functioning Windows XP Pro install
Please read the attached link. The attached log are actually of my system with the problem drive attached as a non system drive.
I can install the drive in a available laptop but will not boot past the message posted in the linked discussion
Thanks for your Help

This post has been edited by hamluis: Today, 08:09 AM
Reason for edit: No logs, moved from MRL to Aii.

I have attached the logs SORRY

Attached Files



BC AdBot (Login to Remove)

 


#2 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:11:19 PM

Posted 13 June 2011 - 02:07 PM

Hello and welcome to the forums!

My secret agent name on the forums is SweetTech (you can call me ST for short), it's a pleasure to meet you. :)

I am very sorry for the delay in responding, but as you can see we are at the moment being flooded with logs which, when paired with the never-ending shortage of helpers, resulted in the delayed responding to your thread.

I would be glad to take a look at your log and help you with solving any malware problems.

If you have since resolved the issues you were originally experiencing, or have received help elsewhere, please inform me so that this topic can be closed.

If you have not, please adhere to the guidelines below and then follow instructions as outlined further below:

  • Logs from malware removal programs (OTL is one of them) can take some time to analyze. I need you to be patient while I analyze any logs you post. Please remember, I am a volunteer, and I do have a life outside of these forums.
  • Please make sure to carefully read any instruction that I give you. Attention to detail is important! Since I cannot see or directly interact with your computer I am dependent on you to "be my eyes" and provide as much information as you can regarding the current state of your computer.
  • If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask!
  • In Windows Vista and Windows 7, all tools need to be started by right clicking and selecting Run as Administrator!
  • If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
  • Do not do things I do not ask for, such as running a spyware scan on your computer. The one thing that you should always do, is to make sure sure that your anti-virus definitions are up-to-date!
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post.
  • I am going to stick with you until ALL malware is gone from your system. I would appreciate it if you would do the same. From this point, we're in this together ;)
    Because of this, you must reply within three days
    failure to reply will result in the topic being closed!
  • Lastly, I am no magician. I will try very hard to fix your issues, but no promises can be made. Also be aware that some infections are so severe that you might need to resort to reformatting and reinstalling your operating system.
    Don't worry, this only happens in severe cases, but it sadly does happen. Be prepared to back up your data. Have means of backing up your data available.

____________________________________________________

Rootkit UnHooker (RkU)
Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth Code, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".



NEXT:


Running OTL

We need to create a FULL OTL Report
  • Please download OTL from here:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Change the "Extra Registry" option to "SafeList"
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized

NEXT:


Please provide an update on how things are running in your next reply.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#3 madden

madden
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 14 June 2011 - 05:01 PM

Exception code : 0xC0000005
Instruction address : 0x00402EAA
Attempt to read at address : 0xFFFFFFFF

Could not run RKUnhooker

#4 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:11:19 PM

Posted 14 June 2011 - 05:06 PM

Hi!

I've just had a chance to look at your thread in the Am I Infected forum.

I see this was detected:

Generic.dx Quarantined
W32/Virut!hosts repaired
W32/Virut.n.gen repaired
New Win32 Quarantined
W32/Virut.n.gen repaired
Generic.dx Quarantined
New Malware.ew Quarantined
W32/Virut.n.gen repaired
generic!bg.hlx Quarantined
Artemis!09EC8F7362C4 Quarantined
Artemis!DD4A034D27CA Quarantined
Generic.dx!hcw Quarantined
Artemis!B2DEA20E6915 Quarantined
Generic PWS.y!hv.s Quarantined
Downloader-UA Quarantined
W32/Virut.n.gen repaired
W32/Virut.n.gen repaired
New Autorun!inf.a Quarantined


----------------

Your system is infected with a nasty variant of Virut, a polymorphic file infector with IRCBot functionality which infects .exe, .scr files, downloads more malicious files to your system, and opens a back door that compromises your computer.

With this particular infection, the safest solution and only sure way to remove it effectively is to reformat and reinstall the OS.

According to this Norman White Paper Assessment of W32/Virut, some variants can infect the HOSTS file and block access to security related web sites. Other variants of virut can even penetrate and infect .exe files within compressed files (.zip, .cab, rar). The Virux and Win32/Virut.17408 variants are an even more complex file infectors which can embed an iframe into the body of web-related files and infect script files (.php, .asp, .htm, .html, .xml). When Virut creates infected files, it also creates non-functional files that are corrupted beyond repair and in some instances can disable Windows File Protection. In many cases the infected files cannot be disinfected properly by your anti-virus. When disinfection is attempted, the files become corrupted and the system may become irreparable. The longer virut remains on a computer, the more critical system files will become infected and corrupt so the degree of infection can vary.

The virus disables Windows File Protection by injecting code into the "winlogon.exe" process that patches system code in memory.

CA Virus detail of W32/Virut

The virus has a number of bugs in its code, and as a result it may misinfect a proportion of executable files....some W32/Virut.h infections are corrupted beyond repair.

McAfee Risk Assessment and Overview of W32/Virut

There are bugs in the viral code. When the virus produces infected files, it also creates non-functional files that also contain the virus...Due to the damaged caused to files by virut it's possible to find repaired but corrupted files. They became corrupted by the incorrect writing of the viral code during the process of infection. undetected, corrupted files (possibly still containing part of the viral code) can also be found. this is caused by incorrectly written and non-function viral code present in these files.

AVG Overview of W32/VirutVirut is commonly spread via a flash drive (usb, pen, thumb, jump) infection using RUNDLL32.EXE and other malicious files. It is often contracted and spread by visiting remote, crack and keygen sites. These type of sites are infested with a smörgåsbord of malware and a major source of system infection.

...warez and crack web pages are being used by cybercriminals as download sites for malware related to VIRUT and VIRUX. Searches for serial numbers, cracks, and even antivirus products like Trend Micro yield malcodes that come in the form of executables or self-extracting files...quick links in these sites also lead to malicious files. Ads and banners are also infection vectors...

Keygen and Crack Sites Distribute VIRUX and FakeAV

However, the CA Security Advisor Research Blog have found MySpace user pages carrying the malicious Virut URL. Either way you can end up with a computer system so badly damaged that recovery is not possible and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums. You should consider them to be compromised. You should change each password using a clean computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connect again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read:Since virut is not effectively disinfectable, your best option is to perform a full reformat as there is no guarantee this infection can be completely removed. In most instances it may have caused so much damage to your system files that it cannot be completely cleaned or repaired. In many cases the infected files cannot be deleted and anti-malware scanners cannot disinfect them properly. Many experts in the security community believe that once infected with this type of malware, the best course of action is to reformat and reinstall the OS. Reinstalling Windows without first wiping the entire hard drive with a repartition and/or format will not remove the infection. The reinstall will only overwrite the Windows files. Any malware on the system will still be there afterwards. Please read:

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#5 madden

madden
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 14 June 2011 - 05:12 PM

OTL logfile created on: 6/14/2011 5:04:00 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Barry Madden\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.48 Gb Available Physical Memory | 68.60% Memory free
16.03 Gb Paging File | 12.59 Gb Available in Paging File | 78.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 456.26 Gb Free Space | 66.75% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.13 Gb Free Space | 47.56% Space Free | Partition Type: NTFS
Drive K: | 232.88 Gb Total Space | 7.11 Gb Free Space | 3.05% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 202.26 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive M: | 74.46 Gb Total Space | 8.49 Gb Free Space | 11.40% Space Free | Partition Type: NTFS

Computer Name: BARRYMADDEN-PC | User Name: Barry Madden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
PRC - [2011/04/16 07:34:08 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2011/01/13 06:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 06:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\shellmon.exe
PRC - [2010/10/29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\aol\1236914895\ee\aolsoftware.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/07 17:11:28 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/19 16:13:30 | 000,249,856 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files (x86)\WinTV\TVServer\CaptureHVR1800.exe
PRC - [2009/01/19 16:12:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/08/15 16:03:50 | 004,812,664 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/07/15 17:02:26 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2007/12/03 10:18:34 | 000,077,824 | ---- | M] () -- C:\Program Files\SetPoint\x86\SetPoint32.exe
PRC - [2007/05/09 01:00:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM05Mon.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe


========== Modules (SafeList) ==========

MOD - [2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/01/26 22:55:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/12/22 02:37:34 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/01/20 21:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/01/20 21:46:39 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/03 10:23:20 | 000,146,432 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE -- (LBTServ)
SRV - [2010/05/28 03:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/19 16:12:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2008/05/14 10:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 10:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 10:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/26 22:13:34 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/07/14 20:46:48 | 001,708,800 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2008/12/22 02:37:14 | 000,185,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008/09/28 07:46:48 | 000,316,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys -- (e1yexpress) Intel®
DRV:64bit: - [2008/09/28 03:22:14 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/05/23 16:54:38 | 000,033,888 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iqvw64e.sys -- (NAL)
DRV:64bit: - [2008/04/08 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/01/20 21:46:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:46:02 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/10/09 08:09:46 | 000,037,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LUsbFilt.Sys -- (LUsbFilt)
DRV:64bit: - [2007/10/09 08:09:44 | 000,047,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007/10/09 08:09:42 | 000,047,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007/07/20 01:00:00 | 000,266,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OEM05Vid.sys -- (OEM05Vid)
DRV:64bit: - [2007/06/08 01:00:02 | 000,212,864 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\OEM05Afx.sys -- (OEM05Afx)
DRV:64bit: - [2007/04/01 23:42:48 | 000,020,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2007/04/01 23:42:44 | 000,096,048 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007/04/01 23:42:42 | 000,087,856 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2007/03/05 18:55:48 | 000,012,288 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OEM05Vfx.sys -- (OEM05Vfx)
DRV:64bit: - [2006/11/29 17:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wanatw64.sys -- (wanatw) WAN Miniport (ATW)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/01/07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/25 20:55:00] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/|http://www.google.com/ig/dell"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/22 20:17:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/24 13:57:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/10 07:54:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/18 21:21:52 | 000,000,000 | ---D | M]

[2009/07/17 20:10:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Extensions
[2010/02/08 21:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\extensions
[2009/07/23 21:25:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/05 14:48:23 | 000,002,184 | ---- | M] () -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\searchplugins\bing.xml
[2011/04/22 19:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/04/19 17:13:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/04/22 19:31:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION
[2010/02/05 14:48:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\BARRY MADDEN\APPDATA\ROAMING\MOVE NETWORKS
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110510075443.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110510075443.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [Bluetooth HCI Monitor] C:\Windows\SysNative\HCIMNTR.DLL (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Logitech BT Wizard] File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1236914895\ee\AOLSoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: bakerelectric.com ([meeting] https in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/RACtrl.cab (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.66.0.20 69.66.1.20
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Barry Madden\Documents\ZP5A6404 (2).jpg
O24 - Desktop BackupWallPaper: C:\Users\Barry Madden\Documents\ZP5A6404 (2).jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - M:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/03/09 20:48:35 | 000,002,420 | ---- | M] () - M:\AutoRun.PNF -- [ NTFS ]
O33 - MountPoints2\{6e2ec17f-343e-11de-952e-001e4ce6dbf4}\Shell - "" = AutoRun
O33 - MountPoints2\{6e2ec17f-343e-11de-952e-001e4ce6dbf4}\Shell\AutoRun\command - "" = N:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/14 17:02:22 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
[2011/06/14 17:00:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\Desktop\RKUnhookerLE
[2011/06/09 20:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/06 16:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2011/06/04 22:46:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\licenses
[2011/06/04 22:46:03 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\PCMM2009
[2011/06/04 22:46:01 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\PCMM2011
[2011/06/04 22:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC MightyMax 2011
[2011/06/02 21:28:49 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\McAfee
[2011/06/02 10:02:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/05/30 14:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/05/30 14:41:57 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Local\Citrix
[2011/05/18 21:24:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
[2011/06/14 17:00:20 | 000,035,712 | ---- | M] () -- C:\Windows\SysWow64\drivers\BlackBox.sys
[2011/06/14 16:52:49 | 000,130,604 | ---- | M] () -- C:\Users\Barry Madden\Desktop\RKUnhookerLE.zip
[2011/06/14 16:39:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 16:39:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 16:27:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/14 16:14:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 13:49:10 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/14 12:14:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/09 20:44:42 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/09 20:44:42 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/09 20:44:42 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/09 20:39:19 | 000,000,680 | ---- | M] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps.dat
[2011/06/09 20:39:04 | 4285,718,527 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/05 12:00:42 | 002,182,688 | ---- | M] () -- C:\Users\Barry Madden\Documents\ExteriorApplicationGuide20110303.pdf
[2011/06/04 20:37:45 | 000,002,662 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/02 21:28:49 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2011/06/02 10:02:21 | 975,634,579 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/02 09:45:54 | 000,184,992 | ---- | M] () -- C:\Users\Barry Madden\Desktop\Chegg - Shipping Return Label.mht
[2011/05/30 14:41:57 | 000,103,784 | ---- | M] () -- C:\Users\Barry Madden\GoToAssistDownloadHelper.exe
[2011/05/30 13:18:55 | 000,168,772 | ---- | M] () -- C:\Users\Barry Madden\Documents\m drive .xps
[2011/05/29 22:58:32 | 000,008,704 | ---- | M] () -- C:\Users\Barry Madden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/23 23:36:17 | 000,445,899 | ---- | M] () -- C:\Users\Barry Madden\Documents\sata adapter.xps
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/14 16:52:49 | 000,130,604 | ---- | C] () -- C:\Users\Barry Madden\Desktop\RKUnhookerLE.zip
[2011/06/14 16:45:21 | 000,035,712 | ---- | C] () -- C:\Windows\SysWow64\drivers\BlackBox.sys
[2011/06/05 12:00:26 | 002,182,688 | ---- | C] () -- C:\Users\Barry Madden\Documents\ExteriorApplicationGuide20110303.pdf
[2011/06/02 21:28:49 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2011/06/02 21:28:30 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2011/06/02 10:02:21 | 975,634,579 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/02 09:45:47 | 000,184,992 | ---- | C] () -- C:\Users\Barry Madden\Desktop\Chegg - Shipping Return Label.mht
[2011/05/30 14:41:56 | 000,103,784 | ---- | C] () -- C:\Users\Barry Madden\GoToAssistDownloadHelper.exe
[2011/05/30 13:18:54 | 000,168,772 | ---- | C] () -- C:\Users\Barry Madden\Documents\m drive .xps
[2011/05/23 23:36:17 | 000,445,899 | ---- | C] () -- C:\Users\Barry Madden\Documents\sata adapter.xps
[2011/04/22 20:16:36 | 000,023,158 | ---- | C] () -- C:\Windows\hpqins15.dat
[2011/04/19 17:00:45 | 000,188,903 | ---- | C] () -- C:\Windows\hpwins22.dat.temp
[2011/04/19 17:00:45 | 000,002,979 | ---- | C] () -- C:\Windows\hpwmdl22.dat.temp
[2011/03/20 20:58:00 | 000,188,619 | ---- | C] () -- C:\Windows\hpwins22.dat
[2011/01/11 18:05:18 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2010/12/21 02:27:22 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/11/28 11:36:27 | 000,000,732 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps64.dat
[2009/08/25 22:07:40 | 000,002,520 | ---- | C] () -- C:\Windows\checkip.dat
[2009/08/23 10:16:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/16 15:06:22 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/16 15:05:53 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/06/16 15:05:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/23 19:36:58 | 000,116,866 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009/03/26 21:31:51 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/03/26 21:31:50 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/03/26 21:31:24 | 000,270,848 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2009/03/26 21:13:49 | 000,003,810 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009/03/16 17:45:41 | 000,000,680 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps.dat
[2009/03/13 19:41:28 | 000,016,050 | ---- | C] () -- C:\Windows\hpwscr05.dat
[2009/03/13 19:37:01 | 000,008,704 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/12 21:41:37 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/03/07 03:10:21 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/07 02:42:12 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2009/03/07 00:30:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/03/06 19:23:24 | 000,002,662 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/10/25 04:40:22 | 000,002,979 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2008/01/20 21:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2006/11/02 10:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Barry Madden\Documents\CineMagic0.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Barry Madden\Documents\CineMagic.dmsm:Roxio EMC Stream

< End of report >


OTL Extras logfile created on: 6/14/2011 5:04:00 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Barry Madden\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.48 Gb Available Physical Memory | 68.60% Memory free
16.03 Gb Paging File | 12.59 Gb Available in Paging File | 78.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 456.26 Gb Free Space | 66.75% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.13 Gb Free Space | 47.56% Space Free | Partition Type: NTFS
Drive K: | 232.88 Gb Total Space | 7.11 Gb Free Space | 3.05% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 202.26 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive M: | 74.46 Gb Total Space | 8.49 Gb Free Space | 11.40% Space Free | Partition Type: NTFS

Computer Name: BARRYMADDEN-PC | User Name: Barry Madden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = FD DA 04 AA E2 EE C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD5772B-4CC5-4A78-ABA1-CAAE85A35058}" = lport=139 | protocol=6 | dir=in | app=system |
"{1BDE1E39-36FD-46DC-A224-C68F15BC4F47}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{1D63341E-7D9B-4717-A5B5-9B77146AB738}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5B980C47-2DDE-4218-BF53-53A2DC02BF94}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5F3EA250-6C94-44DB-928F-9E8DDC5EAB62}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{6416CD2B-0B2B-4A0E-95AA-E4FDF7FFC181}" = rport=137 | protocol=17 | dir=out | app=system |
"{652827EB-41C5-4586-B6C5-D91601762BCD}" = lport=138 | protocol=17 | dir=in | app=system |
"{6B695722-78C3-4B53-AC54-F8404C243EF8}" = rport=138 | protocol=17 | dir=out | app=system |
"{6CC25E16-7413-4EB7-9D12-C97CF9D58B6B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7A0B1DDB-C2B0-4E8D-9DB3-28B346EF216F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{923505FE-A40C-4588-A366-4BA061C0BCD7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9FD81199-1EE5-4152-BAE6-D781B438F145}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{A456FCA9-580C-4919-B7E3-1E932570E564}" = lport=445 | protocol=6 | dir=in | app=system |
"{A4B6A5F6-3402-48DC-9CFD-1E6D8F92C318}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{A69EE7CF-A566-4865-AE7D-EA4A5446CE3E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B10D43A4-9E70-4309-92ED-B8BB4FA91F10}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{B2315196-5F52-475A-A808-2384DA375643}" = lport=137 | protocol=17 | dir=in | app=system |
"{B30B4049-0052-4606-85EA-288CB5737834}" = lport=3390 | protocol=6 | dir=in | app=system |
"{C7221252-EE1F-4384-84A0-5170C4FEB442}" = lport=10244 | protocol=6 | dir=in | app=system |
"{CF2760A4-0D85-4A79-9379-7D67C2EE7CBC}" = rport=445 | protocol=6 | dir=out | app=system |
"{EC9F437C-FBEE-4518-9CA6-F38283840D8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{F06ABBD0-D67A-4DC0-BAD6-695BC5E29B2B}" = rport=10244 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D0055A-95B8-4D1B-859D-B15496B12546}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{04343984-CDF2-4839-B984-6B02A4856181}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{065168F5-B066-4005-B95A-758AC2AC67F7}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5a\waol.exe |
"{0DC95914-BB03-471F-A403-9FE0041621F1}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{120F3824-EA14-4C45-864E-42ACC9452315}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5a\waol.exe |
"{134FCF3D-77FA-4653-9361-ECC36654841D}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{1B1A93B6-C067-45C3-8412-BAF6FEF309A6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1236914895\ee\aolsoftware.exe |
"{200E132E-3565-4BA1-A216-F1351860E879}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{28573CB1-5353-4036-A5E6-46F4A93C6C2B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{2B48DC81-B918-4A45-BDE0-B7BAB603E42F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{2E39D3CE-F8E2-485B-97F7-85C87F80E4A6}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{33C448E2-08C6-44A2-AFB7-06B23004680D}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{3425274D-A9D7-4500-997C-8B62F7D7E0FE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{346DAA91-2A18-49D0-B9F7-F60C1338F608}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{3EF9528C-2C1C-4C60-AD05-4F04B498CB46}" = protocol=17 | dir=in | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{3F75F49B-E509-4A1A-A788-5275CB94F90E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{44394D20-CF02-4CBC-832F-B48ACD402632}" = protocol=6 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{4644A76D-DE70-4338-8B26-F88D8D16ECF6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{4ACB70D3-D25B-45D2-BFF7-F6EE5D071D84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{539B4FC9-F9BA-41B7-B56F-192913EAE306}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{54DBF675-C35C-4443-AD2C-A3B2E37F5F11}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{57EDFE2D-C184-4E47-B9AF-61FEB3E5DBB8}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{58274A73-8795-42C0-8EEA-31DA7AB0C490}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{5B331DEE-881A-47E2-A379-A0D17BC6E1EE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5CF286F3-B4AD-4EB5-A9AA-B2D89E66341B}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{642050C1-E357-416F-9D03-20D175C5EEBA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{648ABECD-9119-40BC-8052-D6B4A8BC39E6}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{658C647A-2ED2-4E7A-9756-3462C95F8296}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{68E26B45-B4D2-41DD-8AC9-430ED37B9B2C}" = dir=in | app=c:\users\public\downloads\ojp8500va909_full_14\setup\hpznui40.exe |
"{6A9BA909-FDBC-4581-9207-095D7EC71EB5}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{6BC55B19-3D82-41DE-9653-0066A0FA6183}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{74072EB1-A5E2-4DEB-A222-273973F622D6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{74B65A65-2155-468E-90D6-3BC5C80A8A0A}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{7CB71A80-A18C-4699-B8C4-6FBCB45B02B2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{845D0E4F-2049-4A9D-B71F-A5CD2658869A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{8C8C4280-903A-41E5-9A52-FE585383F12F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A2ED532F-3843-4CDE-90FF-F3940803C300}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A5357030-5D83-40F6-9416-40437D603328}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{A9E541AE-CCE6-466B-B4D2-879FB349CBAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{AE204379-5BD9-40A2-B656-4B49F442DEBA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{AF05F1CE-F018-4710-95CD-132C936F1E65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{B14E02C9-59C6-48D2-AA80-71D31BA9CDDE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B22C37EE-5355-4828-B689-0F8337819C04}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{BC8151E7-7E00-4706-B5BB-7A433CDDDC2D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{BCC195DC-D78A-42EC-85E9-4D59215CEDA2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{C32AB0A9-E610-42E3-93EE-AEE140031B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{CE648C0C-3CAB-4BEA-AD5D-F7C82EE24C97}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{CE838C96-DCD0-4F1E-B426-E9DD02CBFE59}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D152872C-AA2F-4CB2-991A-6CA6888F4008}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{D3E65454-CEE6-4986-92EF-702E8E404FC4}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{DA9BE3AD-1D76-4508-A11D-287F91279A97}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E0826683-BACE-4BA9-B27C-EE82EFBE0E3C}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{E0D370F4-E45C-4AF6-88D6-02D9C0DD1FF5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{E455E52A-54D6-49A3-8D5D-D491FAC4A023}" = protocol=17 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{E6AB472E-B4A7-4ECE-BC75-8DBEEA4547C1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{E747ACF7-96C2-484D-AD72-58DAE94F7FB2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{EDDD1687-2822-453B-A9CE-8E8ED80C71E5}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{EF7AC1D6-DBAD-4B6C-B41E-908021E71C0F}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F69CDC81-2E5A-4A2D-8B0A-8C1FFDD2860A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F717159B-30EE-4410-A899-07919B594D93}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{FA292A66-961E-4EB2-AA25-B8AB63C8CBF0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{FD76F9EB-6275-425D-88FE-06A9A3A50A8E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FF61706D-4D32-49A2-9028-9A0324D2AB63}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1236914895\ee\aolsoftware.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4303
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8AB5E15C-BDCB-7A93-9DBF-19C2DF39D0C7}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA6D957-5A90-B994-CFCC-13ED851E1FFA}" = ccc-utility64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel® Network Connections 13.1.33.0
"{EA0F68A4-CC52-D061-C239-CC54377E9B79}" = ccc-utility64
"{F1D81DBC-B656-9640-EADC-619A860F16BD}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Creative OEM005" = Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSetDX" = Intel® Network Connections 13.1.33.0
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{0527E89C-E8B9-745F-8B7A-96530A214E54}" = Catalyst Control Center Localization Japanese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06A82E70-97F4-3BA9-65DB-692632659387}" = Catalyst Control Center InstallProxy
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0DF30031-F15F-FD36-D9F8-EBC23B901894}" = Catalyst Control Center Graphics Light
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{124FA421-0F8C-0636-F85C-E2EE1D3C6573}" = Catalyst Control Center HydraVision Full
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs
"{19CD69C4-CF39-FCFC-3C36-02A6AEC62C42}" = CCC Help Spanish
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22D643F2-0DAA-4DB4-0B3F-C5B0B6F5AEC8}" = Catalyst Control Center Localization Polish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241FFFDE-06A1-BA33-1980-FC06F2F43ACD}" = CCC Help Turkish
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 24
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2E35857A-0A45-D90C-7F9F-2C6EED18DF11}" = CCC Help French
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = SetPoint
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F179735-F134-7E5F-9494-E2C5C39F0FBE}" = CCC Help Portuguese
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{306CD8FB-C567-F39C-8A3C-752AFE392023}" = CCC Help Korean
"{35CC381D-D375-5FBD-A730-1A156E8957D6}" = CCC Help Thai
"{3921564E-11A7-27AC-8D6F-D5FCA33DD083}" = Skins
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3E9016D4-5AD8-3A77-5A75-8C89C68992CD}" = Catalyst Control Center Graphics Previews Vista
"{3FE799B6-6493-AD47-A5FA-F3FE144C7EF0}" = Catalyst Control Center HydraVision Full
"{4011B00E-26BE-7867-3D2C-BA85CF737C8B}" = Catalyst Control Center Localization Korean
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{43DF6A05-B79C-0AA4-EF59-843EFE398E3D}" = Catalyst Control Center Localization French
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{463E450F-401B-37D8-CD6C-8782D755AB86}" = Catalyst Control Center Localization Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51114DCF-C263-88F0-937D-A80930617A8B}" = CCC Help Chinese Standard
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5C883FB3-9F17-C9F6-3D74-D2C2DAC3FA0D}" = Catalyst Control Center Localization Chinese Traditional
"{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3}" = HP_Network_UserGuide
"{60B3718D-B81B-FBFE-C6F8-88BAF5934C17}" = Catalyst Control Center Localization German
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69724AEA-DC5F-BF91-A2B3-9B97422173BC}" = ccc-core-static
"{6A08D9B3-5E90-CDEA-3796-1E5C7AAD7F7D}" = Catalyst Control Center Localization Italian
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7D21905A-5DB7-2F4C-4E97-80F352D2C3A9}" = Catalyst Control Center Graphics Previews Vista
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8123165F-1AED-4B2A-9C70-BB42A777C97C}" = CCC Help Hungarian
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{8214D5AF-8BA8-3551-A859-5EBDBD30D2FA}" = Catalyst Control Center Core Implementation
"{846730BD-A6E2-FA38-8192-0D67BBA919BD}" = CCC Help English
"{85693740-CB33-8E46-D05A-22EEAC2C14C3}" = Catalyst Control Center Graphics Full New
"{8841C16B-EACC-82C0-18BC-7767CC9E740D}" = Catalyst Control Center Localization Spanish
"{892B4819-7E37-9C59-3A8C-7AE8A8261A7D}" = Catalyst Control Center Localization Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0D9C6B-ACB8-738E-2D1A-B437E2CF36B6}" = Catalyst Control Center Graphics Full Existing
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F7294C1-FC75-D55D-CFEF-915B0349EA6E}" = CCC Help Japanese
"{8F968232-15C6-4872-84C2-9FCDAA1AEAB6}" = MPM
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualXServ Service Agreement
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9131B5A5-DCA5-8F8A-5799-14F7B0C0E97D}" = Catalyst Control Center Localization Hungarian
"{925E788B-7624-F7BD-E331-2039774A2688}" = CCC Help Thai
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92ACB266-B316-F37F-D34F-8C9F20040E78}" = Catalyst Control Center Graphics Light
"{9427D7E3-DDE4-688A-44B6-2FEADB6F956F}" = Catalyst Control Center Localization All
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{960DD947-B41A-2503-4079-E1EA314A4962}" = CCC Help Japanese
"{96F0FEBF-ECF7-6193-FF53-3713941BA1E1}" = Catalyst Control Center Core Implementation
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2BDAD24-875E-FDCA-1512-52F76435F5EE}" = CCC Help Italian
"{A3E66D20-B986-0D55-7000-9A9427F51C54}" = Catalyst Control Center Localization Thai
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A996DFDD-E52F-0D4A-75A5-E3B0B083BA6D}" = Catalyst Control Center Graphics Full Existing
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD7A2DD6-8B66-4BD2-9840-CCE6C1F7A2A2}" = MyNetflix
"{AF094932-91E6-4EF8-8AB8-1C7226DFEECB}" = Hauppauge TV Tuner Driver
"{B471481F-8743-85EF-B551-45ED91BEEE76}" = Catalyst Control Center Graphics Previews Common
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B88A3C98-CB4D-E3C2-DE49-EDAF1DC55CC1}" = CCC Help English
"{B9C73F69-63B7-552D-72D8-3C22B6B1A3E7}" = Catalyst Control Center Graphics Full New
"{BB2CB14A-F3A3-4BBF-9111-EBC82049ABA6}" = Roxio Creator Premier
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C328337D-33F5-5E15-164E-17998C8CF0F7}" = CCC Help Chinese Traditional
"{C874DC88-F5E2-D566-2880-22A2FDA0C69C}" = CCC Help English
"{CAB62FBE-E3A4-6F3A-88F6-7B8BD1B8FD1F}" = Catalyst Control Center InstallProxy
"{CCA71011-5ED0-2037-40E9-63C0005AF370}" = CCC Help Korean
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{CE44ABFE-FAF9-3C62-1D27-C8B64C3DD321}" = CCC Help Polish
"{CE75BD79-EC4B-9D7E-DD55-C29C65C3A9EC}" = Catalyst Control Center Graphics Previews Common
"{CF5C7154-98F4-4D44-A58C-8BC19751CCCC}" = Roxio Creator Premier 10
"{CFC1C90B-E9A4-F656-BCA2-2A71ECCBD8F5}" = Catalyst Control Center Graphics Full Existing
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D145021C-91D3-5563-7EC1-D58FBE1A0618}" = Catalyst Control Center Graphics Previews Vista
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D5DEF057-D3BC-499f-99EE-884ED429B6D1}" = 8500A909g
"{D62C1FAE-4092-A40C-CB31-4372494808CC}" = CCC Help German
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{DEB7A862-71A2-C615-F620-5944F7FE8172}" = Catalyst Control Center Localization Turkish
"{E01A8BFE-96AB-FEA3-4A3B-EEF9849D1E24}" = Catalyst Control Center Graphics Previews Common
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E96A2C11-1139-7A34-C529-4D21832A34F6}" = Catalyst Control Center Graphics Light
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F569596C-049F-BF15-E0A9-B7605D9B181E}" = Catalyst Control Center Core Implementation
"{F5E21D29-D1E6-AFEB-1A6C-7B3FA723BA70}" = Catalyst Control Center Graphics Full New
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{F7D39F49-4D13-FEAB-CAB5-E508336F074B}" = CCC Help Chinese Traditional
"{FDA83F07-D205-D676-EFFF-615D0B660B94}" = CCC Help Chinese Standard
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Video Chat" = Dell Video Chat (remove only)
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Hauppauge TV Tuner Diagnostics" = Hauppauge TV Tuner Diagnostics (1.1.7057)
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"McAfee Virtual Technician" = McAfee Virtual Technician
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSC" = McAfee SecurityCenter
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinTV-HVR-950Q Windows Media Center Kit" = WinTV-HVR-950Q Windows Media Center Kit

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"GoToMeeting" = GoToMeeting 4.0.0.320
"Juniper_Citrix_Services" = Juniper Citrix Services Client
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Move Media Player" = Move Media Player
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#6 madden

madden
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:10:19 PM

Posted 14 June 2011 - 05:12 PM

OTL logfile created on: 6/14/2011 5:04:00 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Barry Madden\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.48 Gb Available Physical Memory | 68.60% Memory free
16.03 Gb Paging File | 12.59 Gb Available in Paging File | 78.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 456.26 Gb Free Space | 66.75% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.13 Gb Free Space | 47.56% Space Free | Partition Type: NTFS
Drive K: | 232.88 Gb Total Space | 7.11 Gb Free Space | 3.05% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 202.26 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive M: | 74.46 Gb Total Space | 8.49 Gb Free Space | 11.40% Space Free | Partition Type: NTFS

Computer Name: BARRYMADDEN-PC | User Name: Barry Madden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
PRC - [2011/04/16 07:34:08 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2011/01/13 06:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 06:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\shellmon.exe
PRC - [2010/10/29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\aol\1236914895\ee\aolsoftware.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/07 17:11:28 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/19 16:13:30 | 000,249,856 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files (x86)\WinTV\TVServer\CaptureHVR1800.exe
PRC - [2009/01/19 16:12:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/08/15 16:03:50 | 004,812,664 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/07/15 17:02:26 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2007/12/03 10:18:34 | 000,077,824 | ---- | M] () -- C:\Program Files\SetPoint\x86\SetPoint32.exe
PRC - [2007/05/09 01:00:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM05Mon.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe


========== Modules (SafeList) ==========

MOD - [2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/01/26 22:55:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/12/22 02:37:34 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/01/20 21:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/01/20 21:46:39 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/03 10:23:20 | 000,146,432 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE -- (LBTServ)
SRV - [2010/05/28 03:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/19 16:12:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2008/05/14 10:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 10:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 10:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/26 22:13:34 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/07/14 20:46:48 | 001,708,800 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2008/12/22 02:37:14 | 000,185,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008/09/28 07:46:48 | 000,316,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys -- (e1yexpress) Intel®
DRV:64bit: - [2008/09/28 03:22:14 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/05/23 16:54:38 | 000,033,888 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iqvw64e.sys -- (NAL)
DRV:64bit: - [2008/04/08 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/01/20 21:46:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:46:02 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/10/09 08:09:46 | 000,037,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LUsbFilt.Sys -- (LUsbFilt)
DRV:64bit: - [2007/10/09 08:09:44 | 000,047,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007/10/09 08:09:42 | 000,047,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007/07/20 01:00:00 | 000,266,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OEM05Vid.sys -- (OEM05Vid)
DRV:64bit: - [2007/06/08 01:00:02 | 000,212,864 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\OEM05Afx.sys -- (OEM05Afx)
DRV:64bit: - [2007/04/01 23:42:48 | 000,020,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2007/04/01 23:42:44 | 000,096,048 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007/04/01 23:42:42 | 000,087,856 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2007/03/05 18:55:48 | 000,012,288 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OEM05Vfx.sys -- (OEM05Vfx)
DRV:64bit: - [2006/11/29 17:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wanatw64.sys -- (wanatw) WAN Miniport (ATW)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/01/07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/25 20:55:00] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/|http://www.google.com/ig/dell"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/22 20:17:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/24 13:57:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/10 07:54:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/18 21:21:52 | 000,000,000 | ---D | M]

[2009/07/17 20:10:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Extensions
[2010/02/08 21:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\extensions
[2009/07/23 21:25:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/05 14:48:23 | 000,002,184 | ---- | M] () -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\searchplugins\bing.xml
[2011/04/22 19:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/04/19 17:13:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/04/22 19:31:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION
[2010/02/05 14:48:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\BARRY MADDEN\APPDATA\ROAMING\MOVE NETWORKS
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110510075443.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110510075443.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [Bluetooth HCI Monitor] C:\Windows\SysNative\HCIMNTR.DLL (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Logitech BT Wizard] File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1236914895\ee\AOLSoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: bakerelectric.com ([meeting] https in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/RACtrl.cab (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.66.0.20 69.66.1.20
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Barry Madden\Documents\ZP5A6404 (2).jpg
O24 - Desktop BackupWallPaper: C:\Users\Barry Madden\Documents\ZP5A6404 (2).jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - M:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/03/09 20:48:35 | 000,002,420 | ---- | M] () - M:\AutoRun.PNF -- [ NTFS ]
O33 - MountPoints2\{6e2ec17f-343e-11de-952e-001e4ce6dbf4}\Shell - "" = AutoRun
O33 - MountPoints2\{6e2ec17f-343e-11de-952e-001e4ce6dbf4}\Shell\AutoRun\command - "" = N:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/14 17:02:22 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
[2011/06/14 17:00:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\Desktop\RKUnhookerLE
[2011/06/09 20:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/06 16:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2011/06/04 22:46:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\licenses
[2011/06/04 22:46:03 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\PCMM2009
[2011/06/04 22:46:01 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\PCMM2011
[2011/06/04 22:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC MightyMax 2011
[2011/06/02 21:28:49 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\McAfee
[2011/06/02 10:02:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/05/30 14:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/05/30 14:41:57 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Local\Citrix
[2011/05/18 21:24:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
[2011/06/14 17:00:20 | 000,035,712 | ---- | M] () -- C:\Windows\SysWow64\drivers\BlackBox.sys
[2011/06/14 16:52:49 | 000,130,604 | ---- | M] () -- C:\Users\Barry Madden\Desktop\RKUnhookerLE.zip
[2011/06/14 16:39:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 16:39:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 16:27:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/14 16:14:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 13:49:10 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/14 12:14:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/09 20:44:42 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/09 20:44:42 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/09 20:44:42 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/09 20:39:19 | 000,000,680 | ---- | M] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps.dat
[2011/06/09 20:39:04 | 4285,718,527 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/05 12:00:42 | 002,182,688 | ---- | M] () -- C:\Users\Barry Madden\Documents\ExteriorApplicationGuide20110303.pdf
[2011/06/04 20:37:45 | 000,002,662 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/02 21:28:49 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2011/06/02 10:02:21 | 975,634,579 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/02 09:45:54 | 000,184,992 | ---- | M] () -- C:\Users\Barry Madden\Desktop\Chegg - Shipping Return Label.mht
[2011/05/30 14:41:57 | 000,103,784 | ---- | M] () -- C:\Users\Barry Madden\GoToAssistDownloadHelper.exe
[2011/05/30 13:18:55 | 000,168,772 | ---- | M] () -- C:\Users\Barry Madden\Documents\m drive .xps
[2011/05/29 22:58:32 | 000,008,704 | ---- | M] () -- C:\Users\Barry Madden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/23 23:36:17 | 000,445,899 | ---- | M] () -- C:\Users\Barry Madden\Documents\sata adapter.xps
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/14 16:52:49 | 000,130,604 | ---- | C] () -- C:\Users\Barry Madden\Desktop\RKUnhookerLE.zip
[2011/06/14 16:45:21 | 000,035,712 | ---- | C] () -- C:\Windows\SysWow64\drivers\BlackBox.sys
[2011/06/05 12:00:26 | 002,182,688 | ---- | C] () -- C:\Users\Barry Madden\Documents\ExteriorApplicationGuide20110303.pdf
[2011/06/02 21:28:49 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2011/06/02 21:28:30 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2011/06/02 10:02:21 | 975,634,579 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/02 09:45:47 | 000,184,992 | ---- | C] () -- C:\Users\Barry Madden\Desktop\Chegg - Shipping Return Label.mht
[2011/05/30 14:41:56 | 000,103,784 | ---- | C] () -- C:\Users\Barry Madden\GoToAssistDownloadHelper.exe
[2011/05/30 13:18:54 | 000,168,772 | ---- | C] () -- C:\Users\Barry Madden\Documents\m drive .xps
[2011/05/23 23:36:17 | 000,445,899 | ---- | C] () -- C:\Users\Barry Madden\Documents\sata adapter.xps
[2011/04/22 20:16:36 | 000,023,158 | ---- | C] () -- C:\Windows\hpqins15.dat
[2011/04/19 17:00:45 | 000,188,903 | ---- | C] () -- C:\Windows\hpwins22.dat.temp
[2011/04/19 17:00:45 | 000,002,979 | ---- | C] () -- C:\Windows\hpwmdl22.dat.temp
[2011/03/20 20:58:00 | 000,188,619 | ---- | C] () -- C:\Windows\hpwins22.dat
[2011/01/11 18:05:18 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2010/12/21 02:27:22 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/11/28 11:36:27 | 000,000,732 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps64.dat
[2009/08/25 22:07:40 | 000,002,520 | ---- | C] () -- C:\Windows\checkip.dat
[2009/08/23 10:16:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/16 15:06:22 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/16 15:05:53 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/06/16 15:05:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/23 19:36:58 | 000,116,866 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009/03/26 21:31:51 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/03/26 21:31:50 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/03/26 21:31:24 | 000,270,848 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2009/03/26 21:13:49 | 000,003,810 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009/03/16 17:45:41 | 000,000,680 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps.dat
[2009/03/13 19:41:28 | 000,016,050 | ---- | C] () -- C:\Windows\hpwscr05.dat
[2009/03/13 19:37:01 | 000,008,704 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/12 21:41:37 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/03/07 03:10:21 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/07 02:42:12 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2009/03/07 00:30:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/03/06 19:23:24 | 000,002,662 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/10/25 04:40:22 | 000,002,979 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2008/01/20 21:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2006/11/02 10:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Barry Madden\Documents\CineMagic0.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Barry Madden\Documents\CineMagic.dmsm:Roxio EMC Stream

< End of report >


OTL Extras logfile created on: 6/14/2011 5:04:00 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Barry Madden\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.48 Gb Available Physical Memory | 68.60% Memory free
16.03 Gb Paging File | 12.59 Gb Available in Paging File | 78.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 456.26 Gb Free Space | 66.75% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.13 Gb Free Space | 47.56% Space Free | Partition Type: NTFS
Drive K: | 232.88 Gb Total Space | 7.11 Gb Free Space | 3.05% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 202.26 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive M: | 74.46 Gb Total Space | 8.49 Gb Free Space | 11.40% Space Free | Partition Type: NTFS

Computer Name: BARRYMADDEN-PC | User Name: Barry Madden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = FD DA 04 AA E2 EE C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD5772B-4CC5-4A78-ABA1-CAAE85A35058}" = lport=139 | protocol=6 | dir=in | app=system |
"{1BDE1E39-36FD-46DC-A224-C68F15BC4F47}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{1D63341E-7D9B-4717-A5B5-9B77146AB738}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5B980C47-2DDE-4218-BF53-53A2DC02BF94}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5F3EA250-6C94-44DB-928F-9E8DDC5EAB62}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{6416CD2B-0B2B-4A0E-95AA-E4FDF7FFC181}" = rport=137 | protocol=17 | dir=out | app=system |
"{652827EB-41C5-4586-B6C5-D91601762BCD}" = lport=138 | protocol=17 | dir=in | app=system |
"{6B695722-78C3-4B53-AC54-F8404C243EF8}" = rport=138 | protocol=17 | dir=out | app=system |
"{6CC25E16-7413-4EB7-9D12-C97CF9D58B6B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7A0B1DDB-C2B0-4E8D-9DB3-28B346EF216F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{923505FE-A40C-4588-A366-4BA061C0BCD7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9FD81199-1EE5-4152-BAE6-D781B438F145}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{A456FCA9-580C-4919-B7E3-1E932570E564}" = lport=445 | protocol=6 | dir=in | app=system |
"{A4B6A5F6-3402-48DC-9CFD-1E6D8F92C318}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{A69EE7CF-A566-4865-AE7D-EA4A5446CE3E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B10D43A4-9E70-4309-92ED-B8BB4FA91F10}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{B2315196-5F52-475A-A808-2384DA375643}" = lport=137 | protocol=17 | dir=in | app=system |
"{B30B4049-0052-4606-85EA-288CB5737834}" = lport=3390 | protocol=6 | dir=in | app=system |
"{C7221252-EE1F-4384-84A0-5170C4FEB442}" = lport=10244 | protocol=6 | dir=in | app=system |
"{CF2760A4-0D85-4A79-9379-7D67C2EE7CBC}" = rport=445 | protocol=6 | dir=out | app=system |
"{EC9F437C-FBEE-4518-9CA6-F38283840D8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{F06ABBD0-D67A-4DC0-BAD6-695BC5E29B2B}" = rport=10244 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D0055A-95B8-4D1B-859D-B15496B12546}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{04343984-CDF2-4839-B984-6B02A4856181}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{065168F5-B066-4005-B95A-758AC2AC67F7}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5a\waol.exe |
"{0DC95914-BB03-471F-A403-9FE0041621F1}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{120F3824-EA14-4C45-864E-42ACC9452315}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5a\waol.exe |
"{134FCF3D-77FA-4653-9361-ECC36654841D}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{1B1A93B6-C067-45C3-8412-BAF6FEF309A6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1236914895\ee\aolsoftware.exe |
"{200E132E-3565-4BA1-A216-F1351860E879}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{28573CB1-5353-4036-A5E6-46F4A93C6C2B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{2B48DC81-B918-4A45-BDE0-B7BAB603E42F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{2E39D3CE-F8E2-485B-97F7-85C87F80E4A6}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{33C448E2-08C6-44A2-AFB7-06B23004680D}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{3425274D-A9D7-4500-997C-8B62F7D7E0FE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{346DAA91-2A18-49D0-B9F7-F60C1338F608}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{3EF9528C-2C1C-4C60-AD05-4F04B498CB46}" = protocol=17 | dir=in | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{3F75F49B-E509-4A1A-A788-5275CB94F90E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{44394D20-CF02-4CBC-832F-B48ACD402632}" = protocol=6 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{4644A76D-DE70-4338-8B26-F88D8D16ECF6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{4ACB70D3-D25B-45D2-BFF7-F6EE5D071D84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{539B4FC9-F9BA-41B7-B56F-192913EAE306}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{54DBF675-C35C-4443-AD2C-A3B2E37F5F11}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{57EDFE2D-C184-4E47-B9AF-61FEB3E5DBB8}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{58274A73-8795-42C0-8EEA-31DA7AB0C490}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{5B331DEE-881A-47E2-A379-A0D17BC6E1EE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5CF286F3-B4AD-4EB5-A9AA-B2D89E66341B}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{642050C1-E357-416F-9D03-20D175C5EEBA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{648ABECD-9119-40BC-8052-D6B4A8BC39E6}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{658C647A-2ED2-4E7A-9756-3462C95F8296}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{68E26B45-B4D2-41DD-8AC9-430ED37B9B2C}" = dir=in | app=c:\users\public\downloads\ojp8500va909_full_14\setup\hpznui40.exe |
"{6A9BA909-FDBC-4581-9207-095D7EC71EB5}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{6BC55B19-3D82-41DE-9653-0066A0FA6183}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{74072EB1-A5E2-4DEB-A222-273973F622D6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{74B65A65-2155-468E-90D6-3BC5C80A8A0A}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{7CB71A80-A18C-4699-B8C4-6FBCB45B02B2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{845D0E4F-2049-4A9D-B71F-A5CD2658869A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{8C8C4280-903A-41E5-9A52-FE585383F12F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A2ED532F-3843-4CDE-90FF-F3940803C300}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A5357030-5D83-40F6-9416-40437D603328}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{A9E541AE-CCE6-466B-B4D2-879FB349CBAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{AE204379-5BD9-40A2-B656-4B49F442DEBA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{AF05F1CE-F018-4710-95CD-132C936F1E65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{B14E02C9-59C6-48D2-AA80-71D31BA9CDDE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B22C37EE-5355-4828-B689-0F8337819C04}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{BC8151E7-7E00-4706-B5BB-7A433CDDDC2D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{BCC195DC-D78A-42EC-85E9-4D59215CEDA2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{C32AB0A9-E610-42E3-93EE-AEE140031B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{CE648C0C-3CAB-4BEA-AD5D-F7C82EE24C97}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{CE838C96-DCD0-4F1E-B426-E9DD02CBFE59}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D152872C-AA2F-4CB2-991A-6CA6888F4008}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{D3E65454-CEE6-4986-92EF-702E8E404FC4}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{DA9BE3AD-1D76-4508-A11D-287F91279A97}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E0826683-BACE-4BA9-B27C-EE82EFBE0E3C}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{E0D370F4-E45C-4AF6-88D6-02D9C0DD1FF5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{E455E52A-54D6-49A3-8D5D-D491FAC4A023}" = protocol=17 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{E6AB472E-B4A7-4ECE-BC75-8DBEEA4547C1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{E747ACF7-96C2-484D-AD72-58DAE94F7FB2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{EDDD1687-2822-453B-A9CE-8E8ED80C71E5}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{EF7AC1D6-DBAD-4B6C-B41E-908021E71C0F}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F69CDC81-2E5A-4A2D-8B0A-8C1FFDD2860A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F717159B-30EE-4410-A899-07919B594D93}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{FA292A66-961E-4EB2-AA25-B8AB63C8CBF0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{FD76F9EB-6275-425D-88FE-06A9A3A50A8E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FF61706D-4D32-49A2-9028-9A0324D2AB63}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1236914895\ee\aolsoftware.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4303
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8AB5E15C-BDCB-7A93-9DBF-19C2DF39D0C7}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA6D957-5A90-B994-CFCC-13ED851E1FFA}" = ccc-utility64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel® Network Connections 13.1.33.0
"{EA0F68A4-CC52-D061-C239-CC54377E9B79}" = ccc-utility64
"{F1D81DBC-B656-9640-EADC-619A860F16BD}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Creative OEM005" = Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSetDX" = Intel® Network Connections 13.1.33.0
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{0527E89C-E8B9-745F-8B7A-96530A214E54}" = Catalyst Control Center Localization Japanese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06A82E70-97F4-3BA9-65DB-692632659387}" = Catalyst Control Center InstallProxy
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0DF30031-F15F-FD36-D9F8-EBC23B901894}" = Catalyst Control Center Graphics Light
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{124FA421-0F8C-0636-F85C-E2EE1D3C6573}" = Catalyst Control Center HydraVision Full
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs
"{19CD69C4-CF39-FCFC-3C36-02A6AEC62C42}" = CCC Help Spanish
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22D643F2-0DAA-4DB4-0B3F-C5B0B6F5AEC8}" = Catalyst Control Center Localization Polish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241FFFDE-06A1-BA33-1980-FC06F2F43ACD}" = CCC Help Turkish
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 24
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2E35857A-0A45-D90C-7F9F-2C6EED18DF11}" = CCC Help French
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = SetPoint
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F179735-F134-7E5F-9494-E2C5C39F0FBE}" = CCC Help Portuguese
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{306CD8FB-C567-F39C-8A3C-752AFE392023}" = CCC Help Korean
"{35CC381D-D375-5FBD-A730-1A156E8957D6}" = CCC Help Thai
"{3921564E-11A7-27AC-8D6F-D5FCA33DD083}" = Skins
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3E9016D4-5AD8-3A77-5A75-8C89C68992CD}" = Catalyst Control Center Graphics Previews Vista
"{3FE799B6-6493-AD47-A5FA-F3FE144C7EF0}" = Catalyst Control Center HydraVision Full
"{4011B00E-26BE-7867-3D2C-BA85CF737C8B}" = Catalyst Control Center Localization Korean
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{43DF6A05-B79C-0AA4-EF59-843EFE398E3D}" = Catalyst Control Center Localization French
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{463E450F-401B-37D8-CD6C-8782D755AB86}" = Catalyst Control Center Localization Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51114DCF-C263-88F0-937D-A80930617A8B}" = CCC Help Chinese Standard
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5C883FB3-9F17-C9F6-3D74-D2C2DAC3FA0D}" = Catalyst Control Center Localization Chinese Traditional
"{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3}" = HP_Network_UserGuide
"{60B3718D-B81B-FBFE-C6F8-88BAF5934C17}" = Catalyst Control Center Localization German
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69724AEA-DC5F-BF91-A2B3-9B97422173BC}" = ccc-core-static
"{6A08D9B3-5E90-CDEA-3796-1E5C7AAD7F7D}" = Catalyst Control Center Localization Italian
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7D21905A-5DB7-2F4C-4E97-80F352D2C3A9}" = Catalyst Control Center Graphics Previews Vista
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8123165F-1AED-4B2A-9C70-BB42A777C97C}" = CCC Help Hungarian
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{8214D5AF-8BA8-3551-A859-5EBDBD30D2FA}" = Catalyst Control Center Core Implementation
"{846730BD-A6E2-FA38-8192-0D67BBA919BD}" = CCC Help English
"{85693740-CB33-8E46-D05A-22EEAC2C14C3}" = Catalyst Control Center Graphics Full New
"{8841C16B-EACC-82C0-18BC-7767CC9E740D}" = Catalyst Control Center Localization Spanish
"{892B4819-7E37-9C59-3A8C-7AE8A8261A7D}" = Catalyst Control Center Localization Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0D9C6B-ACB8-738E-2D1A-B437E2CF36B6}" = Catalyst Control Center Graphics Full Existing
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F7294C1-FC75-D55D-CFEF-915B0349EA6E}" = CCC Help Japanese
"{8F968232-15C6-4872-84C2-9FCDAA1AEAB6}" = MPM
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualXServ Service Agreement
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9131B5A5-DCA5-8F8A-5799-14F7B0C0E97D}" = Catalyst Control Center Localization Hungarian
"{925E788B-7624-F7BD-E331-2039774A2688}" = CCC Help Thai
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92ACB266-B316-F37F-D34F-8C9F20040E78}" = Catalyst Control Center Graphics Light
"{9427D7E3-DDE4-688A-44B6-2FEADB6F956F}" = Catalyst Control Center Localization All
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{960DD947-B41A-2503-4079-E1EA314A4962}" = CCC Help Japanese
"{96F0FEBF-ECF7-6193-FF53-3713941BA1E1}" = Catalyst Control Center Core Implementation
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2BDAD24-875E-FDCA-1512-52F76435F5EE}" = CCC Help Italian
"{A3E66D20-B986-0D55-7000-9A9427F51C54}" = Catalyst Control Center Localization Thai
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A996DFDD-E52F-0D4A-75A5-E3B0B083BA6D}" = Catalyst Control Center Graphics Full Existing
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD7A2DD6-8B66-4BD2-9840-CCE6C1F7A2A2}" = MyNetflix
"{AF094932-91E6-4EF8-8AB8-1C7226DFEECB}" = Hauppauge TV Tuner Driver
"{B471481F-8743-85EF-B551-45ED91BEEE76}" = Catalyst Control Center Graphics Previews Common
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B88A3C98-CB4D-E3C2-DE49-EDAF1DC55CC1}" = CCC Help English
"{B9C73F69-63B7-552D-72D8-3C22B6B1A3E7}" = Catalyst Control Center Graphics Full New
"{BB2CB14A-F3A3-4BBF-9111-EBC82049ABA6}" = Roxio Creator Premier
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C328337D-33F5-5E15-164E-17998C8CF0F7}" = CCC Help Chinese Traditional
"{C874DC88-F5E2-D566-2880-22A2FDA0C69C}" = CCC Help English
"{CAB62FBE-E3A4-6F3A-88F6-7B8BD1B8FD1F}" = Catalyst Control Center InstallProxy
"{CCA71011-5ED0-2037-40E9-63C0005AF370}" = CCC Help Korean
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{CE44ABFE-FAF9-3C62-1D27-C8B64C3DD321}" = CCC Help Polish
"{CE75BD79-EC4B-9D7E-DD55-C29C65C3A9EC}" = Catalyst Control Center Graphics Previews Common
"{CF5C7154-98F4-4D44-A58C-8BC19751CCCC}" = Roxio Creator Premier 10
"{CFC1C90B-E9A4-F656-BCA2-2A71ECCBD8F5}" = Catalyst Control Center Graphics Full Existing
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D145021C-91D3-5563-7EC1-D58FBE1A0618}" = Catalyst Control Center Graphics Previews Vista
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D5DEF057-D3BC-499f-99EE-884ED429B6D1}" = 8500A909g
"{D62C1FAE-4092-A40C-CB31-4372494808CC}" = CCC Help German
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{DEB7A862-71A2-C615-F620-5944F7FE8172}" = Catalyst Control Center Localization Turkish
"{E01A8BFE-96AB-FEA3-4A3B-EEF9849D1E24}" = Catalyst Control Center Graphics Previews Common
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E96A2C11-1139-7A34-C529-4D21832A34F6}" = Catalyst Control Center Graphics Light
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F569596C-049F-BF15-E0A9-B7605D9B181E}" = Catalyst Control Center Core Implementation
"{F5E21D29-D1E6-AFEB-1A6C-7B3FA723BA70}" = Catalyst Control Center Graphics Full New
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{F7D39F49-4D13-FEAB-CAB5-E508336F074B}" = CCC Help Chinese Traditional
"{FDA83F07-D205-D676-EFFF-615D0B660B94}" = CCC Help Chinese Standard
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Video Chat" = Dell Video Chat (remove only)
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Hauppauge TV Tuner Diagnostics" = Hauppauge TV Tuner Diagnostics (1.1.7057)
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"McAfee Virtual Technician" = McAfee Virtual Technician
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSC" = McAfee SecurityCenter
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinTV-HVR-950Q Windows Media Center Kit" = WinTV-HVR-950Q Windows Media Center Kit

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"GoToMeeting" = GoToMeeting 4.0.0.320
"Juniper_Citrix_Services" = Juniper Citrix Services Client
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Move Media Player" = Move Media Player
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

OTL logfile created on: 6/14/2011 5:04:00 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Barry Madden\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.48 Gb Available Physical Memory | 68.60% Memory free
16.03 Gb Paging File | 12.59 Gb Available in Paging File | 78.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 456.26 Gb Free Space | 66.75% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.13 Gb Free Space | 47.56% Space Free | Partition Type: NTFS
Drive K: | 232.88 Gb Total Space | 7.11 Gb Free Space | 3.05% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 202.26 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive M: | 74.46 Gb Total Space | 8.49 Gb Free Space | 11.40% Space Free | Partition Type: NTFS

Computer Name: BARRYMADDEN-PC | User Name: Barry Madden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
PRC - [2011/04/16 07:34:08 | 000,235,168 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe
PRC - [2011/01/13 06:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 06:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.6\shellmon.exe
PRC - [2010/10/29 14:49:28 | 000,505,064 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010/03/08 02:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\aol\1236914895\ee\aolsoftware.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/07 17:11:28 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009/01/19 16:13:30 | 000,249,856 | ---- | M] (Hauppauge Computer Works, Inc.) -- C:\Program Files (x86)\WinTV\TVServer\CaptureHVR1800.exe
PRC - [2009/01/19 16:12:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
PRC - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe
PRC - [2008/08/15 16:03:50 | 004,812,664 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008/07/15 17:02:26 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2007/12/03 10:18:34 | 000,077,824 | ---- | M] () -- C:\Program Files\SetPoint\x86\SetPoint32.exe
PRC - [2007/05/09 01:00:00 | 000,036,864 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\OEM05Mon.exe
PRC - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\aol\acs\AOLacsd.exe


========== Modules (SafeList) ==========

MOD - [2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
MOD - [2011/04/08 16:56:28 | 000,018,176 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/04/14 14:01:38 | 000,245,352 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/04/14 14:01:38 | 000,200,056 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/04/14 14:01:38 | 000,149,032 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/01/26 22:55:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010/10/07 20:34:28 | 000,509,416 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/03/10 10:14:44 | 000,355,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2008/12/22 02:37:34 | 000,088,576 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/09/23 22:09:52 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2008/01/20 21:50:23 | 000,195,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008/01/20 21:46:39 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/03 10:23:20 | 000,146,432 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE -- (LBTServ)
SRV - [2010/05/28 03:14:56 | 001,044,840 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/19 16:12:46 | 000,434,176 | ---- | M] (Hauppauge Computer Works) [Auto | Running] -- C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2008/05/14 10:32:18 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe -- (RoxLiveShare10)
SRV - [2008/05/14 10:32:10 | 000,166,384 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe -- (RoxWatch10)
SRV - [2008/05/14 10:31:38 | 001,120,752 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe -- (RoxMediaDB10)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/04/14 14:01:38 | 000,530,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,441,840 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/04/14 14:01:38 | 000,283,744 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,190,520 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,121,376 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,094,992 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/04/14 14:01:38 | 000,075,160 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/04/14 14:01:38 | 000,063,056 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011/01/26 23:37:22 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/01/26 22:13:34 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/07/14 20:46:48 | 001,708,800 | ---- | M] (Hauppauge Computer Works) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HCW85BDA.sys -- (HCW85BDA)
DRV:64bit: - [2008/12/22 02:37:14 | 000,185,248 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2008/09/28 07:46:48 | 000,316,544 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys -- (e1yexpress) Intel®
DRV:64bit: - [2008/09/28 03:22:14 | 000,402,456 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/05/23 16:54:38 | 000,033,888 | ---- | M] (Intel Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\iqvw64e.sys -- (NAL)
DRV:64bit: - [2008/04/08 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2008/01/20 21:46:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 21:46:02 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/10/09 08:09:46 | 000,037,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LUsbFilt.Sys -- (LUsbFilt)
DRV:64bit: - [2007/10/09 08:09:44 | 000,047,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2007/10/09 08:09:42 | 000,047,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007/07/20 01:00:00 | 000,266,720 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OEM05Vid.sys -- (OEM05Vid)
DRV:64bit: - [2007/06/08 01:00:02 | 000,212,864 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\OEM05Afx.sys -- (OEM05Afx)
DRV:64bit: - [2007/04/01 23:42:48 | 000,020,016 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2007/04/01 23:42:44 | 000,096,048 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2007/04/01 23:42:42 | 000,087,856 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2007/03/05 18:55:48 | 000,012,288 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OEM05Vfx.sys -- (OEM05Vfx)
DRV:64bit: - [2006/11/29 17:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\wanatw64.sys -- (wanatw) WAN Miniport (ATW)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\Wbem\ntfs.mof -- (Ntfs)
DRV - [2010/01/07 17:11:30 | 000,146,928 | ---- | M] (CyberLink Corp.) [2011/03/25 20:55:00] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
IE - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/|http://www.google.com/ig/dell"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.%(version)s
FF - prefs.js..extensions.enabledItems: {27182e60-b5f3-411c-b545-b44205977502}:1.0
FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SOLTDF&PC=SUN1&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/04/22 20:17:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2011/05/24 13:57:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/10 07:54:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/18 21:21:52 | 000,000,000 | ---D | M]

[2009/07/17 20:10:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Extensions
[2010/02/08 21:53:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\extensions
[2009/07/23 21:25:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/05 14:48:23 | 000,002,184 | ---- | M] () -- C:\Users\Barry Madden\AppData\Roaming\Mozilla\Firefox\Profiles\6vrhiv2u.default\searchplugins\bing.xml
[2011/04/22 19:31:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011/04/19 17:13:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/04/22 19:31:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MICROSOFT\SEARCH ENHANCEMENT PACK\SEARCH HELPER\FIREFOXEXTENSION\SEARCHHELPEREXTENSION
[2010/02/05 14:48:18 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\BARRY MADDEN\APPDATA\ROAMING\MOVE NETWORKS
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho64.dll ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110510075443.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files\McAfee\MSK\mskapbho.dll ()
O2 - BHO: (AOL Toolbar Loader) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110510075443.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O3 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll (AOL LLC)
O4:64bit: - HKLM..\Run: [Bluetooth HCI Monitor] C:\Windows\SysNative\HCIMNTR.DLL (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Logitech BT Wizard] File not found
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Skytel] File not found
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1236914895\ee\AOLSoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [OEM05Mon.exe] C:\Windows\OEM05Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe (Sonic Solutions)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [WinampAgent] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10p_ActiveX.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: bakerelectric.com ([meeting] https in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-3230457466-36631048-1315814223-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/RACtrl.cab (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 69.66.0.20 69.66.1.20
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Barry Madden\Documents\ZP5A6404 (2).jpg
O24 - Desktop BackupWallPaper: C:\Users\Barry Madden\Documents\ZP5A6404 (2).jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - M:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/03/09 20:48:35 | 000,002,420 | ---- | M] () - M:\AutoRun.PNF -- [ NTFS ]
O33 - MountPoints2\{6e2ec17f-343e-11de-952e-001e4ce6dbf4}\Shell - "" = AutoRun
O33 - MountPoints2\{6e2ec17f-343e-11de-952e-001e4ce6dbf4}\Shell\AutoRun\command - "" = N:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/14 17:02:22 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
[2011/06/14 17:00:15 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\Desktop\RKUnhookerLE
[2011/06/09 20:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2011/06/06 16:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\iolo
[2011/06/04 22:46:04 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\licenses
[2011/06/04 22:46:03 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\PCMM2009
[2011/06/04 22:46:01 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\PCMM2011
[2011/06/04 22:45:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC MightyMax 2011
[2011/06/02 21:28:49 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Roaming\McAfee
[2011/06/02 10:02:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/05/30 14:46:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Citrix
[2011/05/30 14:41:57 | 000,000,000 | ---D | C] -- C:\Users\Barry Madden\AppData\Local\Citrix
[2011/05/18 21:24:58 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/14 17:02:22 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Barry Madden\Desktop\OTL.exe
[2011/06/14 17:00:20 | 000,035,712 | ---- | M] () -- C:\Windows\SysWow64\drivers\BlackBox.sys
[2011/06/14 16:52:49 | 000,130,604 | ---- | M] () -- C:\Users\Barry Madden\Desktop\RKUnhookerLE.zip
[2011/06/14 16:39:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 16:39:06 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/14 16:27:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/14 16:14:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/14 13:49:10 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/14 12:14:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/09 20:44:42 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/09 20:44:42 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/09 20:44:42 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/09 20:39:19 | 000,000,680 | ---- | M] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps.dat
[2011/06/09 20:39:04 | 4285,718,527 | -HS- | M] () -- C:\hiberfil.sys
[2011/06/05 12:00:42 | 002,182,688 | ---- | M] () -- C:\Users\Barry Madden\Documents\ExteriorApplicationGuide20110303.pdf
[2011/06/04 20:37:45 | 000,002,662 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/02 21:28:49 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2011/06/02 10:02:21 | 975,634,579 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/02 09:45:54 | 000,184,992 | ---- | M] () -- C:\Users\Barry Madden\Desktop\Chegg - Shipping Return Label.mht
[2011/05/30 14:41:57 | 000,103,784 | ---- | M] () -- C:\Users\Barry Madden\GoToAssistDownloadHelper.exe
[2011/05/30 13:18:55 | 000,168,772 | ---- | M] () -- C:\Users\Barry Madden\Documents\m drive .xps
[2011/05/29 22:58:32 | 000,008,704 | ---- | M] () -- C:\Users\Barry Madden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/23 23:36:17 | 000,445,899 | ---- | M] () -- C:\Users\Barry Madden\Documents\sata adapter.xps
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/14 16:52:49 | 000,130,604 | ---- | C] () -- C:\Users\Barry Madden\Desktop\RKUnhookerLE.zip
[2011/06/14 16:45:21 | 000,035,712 | ---- | C] () -- C:\Windows\SysWow64\drivers\BlackBox.sys
[2011/06/05 12:00:26 | 002,182,688 | ---- | C] () -- C:\Users\Barry Madden\Documents\ExteriorApplicationGuide20110303.pdf
[2011/06/02 21:28:49 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Virtual Technician.lnk
[2011/06/02 21:28:30 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Virtual Technician.lnk
[2011/06/02 10:02:21 | 975,634,579 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/02 09:45:47 | 000,184,992 | ---- | C] () -- C:\Users\Barry Madden\Desktop\Chegg - Shipping Return Label.mht
[2011/05/30 14:41:56 | 000,103,784 | ---- | C] () -- C:\Users\Barry Madden\GoToAssistDownloadHelper.exe
[2011/05/30 13:18:54 | 000,168,772 | ---- | C] () -- C:\Users\Barry Madden\Documents\m drive .xps
[2011/05/23 23:36:17 | 000,445,899 | ---- | C] () -- C:\Users\Barry Madden\Documents\sata adapter.xps
[2011/04/22 20:16:36 | 000,023,158 | ---- | C] () -- C:\Windows\hpqins15.dat
[2011/04/19 17:00:45 | 000,188,903 | ---- | C] () -- C:\Windows\hpwins22.dat.temp
[2011/04/19 17:00:45 | 000,002,979 | ---- | C] () -- C:\Windows\hpwmdl22.dat.temp
[2011/03/20 20:58:00 | 000,188,619 | ---- | C] () -- C:\Windows\hpwins22.dat
[2011/01/11 18:05:18 | 000,008,592 | ---- | C] () -- C:\Windows\SysWow64\ractrlkeyhook.dll
[2010/12/21 02:27:22 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/11/28 11:36:27 | 000,000,732 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps64.dat
[2009/08/25 22:07:40 | 000,002,520 | ---- | C] () -- C:\Windows\checkip.dat
[2009/08/23 10:16:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/06/16 15:06:22 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/16 15:05:53 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/06/16 15:05:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/23 19:36:58 | 000,116,866 | ---- | C] () -- C:\Windows\hpqins00.dat
[2009/03/26 21:31:51 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/03/26 21:31:50 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/03/26 21:31:24 | 000,270,848 | ---- | C] () -- C:\Windows\UNWISE.EXE
[2009/03/26 21:13:49 | 000,003,810 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2009/03/16 17:45:41 | 000,000,680 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\d3d9caps.dat
[2009/03/13 19:41:28 | 000,016,050 | ---- | C] () -- C:\Windows\hpwscr05.dat
[2009/03/13 19:37:01 | 000,008,704 | ---- | C] () -- C:\Users\Barry Madden\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/12 21:41:37 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/03/07 03:10:21 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2009/03/07 02:42:12 | 003,107,788 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.dat
[2009/03/07 00:30:49 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/03/06 19:23:24 | 000,002,662 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/10/25 04:40:22 | 000,002,979 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2008/01/20 21:49:10 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2006/11/02 10:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe

========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Barry Madden\Documents\CineMagic0.dmsm:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Barry Madden\Documents\CineMagic.dmsm:Roxio EMC Stream

< End of report >


OTL Extras logfile created on: 6/14/2011 5:04:00 PM - Run 1
OTL by OldTimer - Version 3.2.24.0 Folder = C:\Users\Barry Madden\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.99 Gb Total Physical Memory | 5.48 Gb Available Physical Memory | 68.60% Memory free
16.03 Gb Paging File | 12.59 Gb Available in Paging File | 78.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 456.26 Gb Free Space | 66.75% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 7.13 Gb Free Space | 47.56% Space Free | Partition Type: NTFS
Drive K: | 232.88 Gb Total Space | 7.11 Gb Free Space | 3.05% Space Free | Partition Type: NTFS
Drive L: | 465.76 Gb Total Space | 202.26 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive M: | 74.46 Gb Total Space | 8.49 Gb Free Space | 11.40% Space Free | Partition Type: NTFS

Computer Name: BARRYMADDEN-PC | User Name: Barry Madden | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = C2 FE 8D 6A DC 5B C8 01 [binary data]
"VistaSp2" = FD DA 04 AA E2 EE C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD5772B-4CC5-4A78-ABA1-CAAE85A35058}" = lport=139 | protocol=6 | dir=in | app=system |
"{1BDE1E39-36FD-46DC-A224-C68F15BC4F47}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{1D63341E-7D9B-4717-A5B5-9B77146AB738}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{5B980C47-2DDE-4218-BF53-53A2DC02BF94}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5F3EA250-6C94-44DB-928F-9E8DDC5EAB62}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{6416CD2B-0B2B-4A0E-95AA-E4FDF7FFC181}" = rport=137 | protocol=17 | dir=out | app=system |
"{652827EB-41C5-4586-B6C5-D91601762BCD}" = lport=138 | protocol=17 | dir=in | app=system |
"{6B695722-78C3-4B53-AC54-F8404C243EF8}" = rport=138 | protocol=17 | dir=out | app=system |
"{6CC25E16-7413-4EB7-9D12-C97CF9D58B6B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7A0B1DDB-C2B0-4E8D-9DB3-28B346EF216F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{923505FE-A40C-4588-A366-4BA061C0BCD7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{9FD81199-1EE5-4152-BAE6-D781B438F145}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{A456FCA9-580C-4919-B7E3-1E932570E564}" = lport=445 | protocol=6 | dir=in | app=system |
"{A4B6A5F6-3402-48DC-9CFD-1E6D8F92C318}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{A69EE7CF-A566-4865-AE7D-EA4A5446CE3E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{B10D43A4-9E70-4309-92ED-B8BB4FA91F10}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{B2315196-5F52-475A-A808-2384DA375643}" = lport=137 | protocol=17 | dir=in | app=system |
"{B30B4049-0052-4606-85EA-288CB5737834}" = lport=3390 | protocol=6 | dir=in | app=system |
"{C7221252-EE1F-4384-84A0-5170C4FEB442}" = lport=10244 | protocol=6 | dir=in | app=system |
"{CF2760A4-0D85-4A79-9379-7D67C2EE7CBC}" = rport=445 | protocol=6 | dir=out | app=system |
"{EC9F437C-FBEE-4518-9CA6-F38283840D8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{F06ABBD0-D67A-4DC0-BAD6-695BC5E29B2B}" = rport=10244 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03D0055A-95B8-4D1B-859D-B15496B12546}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{04343984-CDF2-4839-B984-6B02A4856181}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{065168F5-B066-4005-B95A-758AC2AC67F7}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5a\waol.exe |
"{0DC95914-BB03-471F-A403-9FE0041621F1}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{120F3824-EA14-4C45-864E-42ACC9452315}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5a\waol.exe |
"{134FCF3D-77FA-4653-9361-ECC36654841D}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{1B1A93B6-C067-45C3-8412-BAF6FEF309A6}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1236914895\ee\aolsoftware.exe |
"{200E132E-3565-4BA1-A216-F1351860E879}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{28573CB1-5353-4036-A5E6-46F4A93C6C2B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{2B48DC81-B918-4A45-BDE0-B7BAB603E42F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{2E39D3CE-F8E2-485B-97F7-85C87F80E4A6}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{33C448E2-08C6-44A2-AFB7-06B23004680D}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{3425274D-A9D7-4500-997C-8B62F7D7E0FE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{346DAA91-2A18-49D0-B9F7-F60C1338F608}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{3EF9528C-2C1C-4C60-AD05-4F04B498CB46}" = protocol=17 | dir=in | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{3F75F49B-E509-4A1A-A788-5275CB94F90E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{44394D20-CF02-4CBC-832F-B48ACD402632}" = protocol=6 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{4644A76D-DE70-4338-8B26-F88D8D16ECF6}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{4ACB70D3-D25B-45D2-BFF7-F6EE5D071D84}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{539B4FC9-F9BA-41B7-B56F-192913EAE306}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{54DBF675-C35C-4443-AD2C-A3B2E37F5F11}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{57EDFE2D-C184-4E47-B9AF-61FEB3E5DBB8}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{58274A73-8795-42C0-8EEA-31DA7AB0C490}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{5B331DEE-881A-47E2-A379-A0D17BC6E1EE}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5CF286F3-B4AD-4EB5-A9AA-B2D89E66341B}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{642050C1-E357-416F-9D03-20D175C5EEBA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{648ABECD-9119-40BC-8052-D6B4A8BC39E6}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{658C647A-2ED2-4E7A-9756-3462C95F8296}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{68E26B45-B4D2-41DD-8AC9-430ED37B9B2C}" = dir=in | app=c:\users\public\downloads\ojp8500va909_full_14\setup\hpznui40.exe |
"{6A9BA909-FDBC-4581-9207-095D7EC71EB5}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{6BC55B19-3D82-41DE-9653-0066A0FA6183}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{74072EB1-A5E2-4DEB-A222-273973F622D6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{74B65A65-2155-468E-90D6-3BC5C80A8A0A}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{7CB71A80-A18C-4699-B8C4-6FBCB45B02B2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{845D0E4F-2049-4A9D-B71F-A5CD2658869A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{8C8C4280-903A-41E5-9A52-FE585383F12F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{A2ED532F-3843-4CDE-90FF-F3940803C300}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A5357030-5D83-40F6-9416-40437D603328}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{A9E541AE-CCE6-466B-B4D2-879FB349CBAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{AE204379-5BD9-40A2-B656-4B49F442DEBA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{AF05F1CE-F018-4710-95CD-132C936F1E65}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{B14E02C9-59C6-48D2-AA80-71D31BA9CDDE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B22C37EE-5355-4828-B689-0F8337819C04}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{BC8151E7-7E00-4706-B5BB-7A433CDDDC2D}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{BCC195DC-D78A-42EC-85E9-4D59215CEDA2}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{C32AB0A9-E610-42E3-93EE-AEE140031B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{CE648C0C-3CAB-4BEA-AD5D-F7C82EE24C97}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{CE838C96-DCD0-4F1E-B426-E9DD02CBFE59}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{D152872C-AA2F-4CB2-991A-6CA6888F4008}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{D3E65454-CEE6-4986-92EF-702E8E404FC4}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{DA9BE3AD-1D76-4508-A11D-287F91279A97}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E0826683-BACE-4BA9-B27C-EE82EFBE0E3C}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{E0D370F4-E45C-4AF6-88D6-02D9C0DD1FF5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{E455E52A-54D6-49A3-8D5D-D491FAC4A023}" = protocol=17 | dir=out | app=c:\program files (x86)\windows media player\wmplayer.exe |
"{E6AB472E-B4A7-4ECE-BC75-8DBEEA4547C1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{E747ACF7-96C2-484D-AD72-58DAE94F7FB2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{EDDD1687-2822-453B-A9CE-8E8ED80C71E5}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{EF7AC1D6-DBAD-4B6C-B41E-908021E71C0F}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F69CDC81-2E5A-4A2D-8B0A-8C1FFDD2860A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{F717159B-30EE-4410-A899-07919B594D93}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{FA292A66-961E-4EB2-AA25-B8AB63C8CBF0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{FD76F9EB-6275-425D-88FE-06A9A3A50A8E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{FF61706D-4D32-49A2-9028-9A0324D2AB63}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1236914895\ee\aolsoftware.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02AD9D20-03D2-4DE0-8793-E8253026AD86}" = EMCGadgets64
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.0.1.4303
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{624E7452-BA43-4f55-B9D5-FC75EEA0808B}" = Officejet Pro 8500 A909 Series
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8AB5E15C-BDCB-7A93-9DBF-19C2DF39D0C7}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA6D957-5A90-B994-CFCC-13ED851E1FFA}" = ccc-utility64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel® Network Connections 13.1.33.0
"{EA0F68A4-CC52-D061-C239-CC54377E9B79}" = ccc-utility64
"{F1D81DBC-B656-9640-EADC-619A860F16BD}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Creative OEM005" = Monitor Webcam (SP2208WFP) Driver (1.00.08.0720)
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"PROSetDX" = Intel® Network Connections 13.1.33.0
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{0527E89C-E8B9-745F-8B7A-96530A214E54}" = Catalyst Control Center Localization Japanese
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06A82E70-97F4-3BA9-65DB-692632659387}" = Catalyst Control Center InstallProxy
"{07A8ED9E-B98E-437F-B750-241B412BE924}" = Garmin USB Drivers
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService
"{0DF30031-F15F-FD36-D9F8-EBC23B901894}" = Catalyst Control Center Graphics Light
"{102CBC47-7FDE-4E6C-8A3A-67B79833FAC8}" = BPDSoftware_Ini
"{11B2F891-91C8-47ce-945A-A91003EA27FB}" = BPDSoftware
"{124FA421-0F8C-0636-F85C-E2EE1D3C6573}" = Catalyst Control Center HydraVision Full
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18AB082B-6584-4F74-8ABC-D5935CF46E4C}" = 8500A909_eDocs
"{19CD69C4-CF39-FCFC-3C36-02A6AEC62C42}" = CCC Help Spanish
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2227E1FA-01F5-483C-AB0E-2A308E900B3D}" = InterVideo FilterSDK for Hauppauge
"{22D643F2-0DAA-4DB4-0B3F-C5B0B6F5AEC8}" = Catalyst Control Center Localization Polish
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{241FFFDE-06A1-BA33-1980-FC06F2F43ACD}" = CCC Help Turkish
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 24
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2E35857A-0A45-D90C-7F9F-2C6EED18DF11}" = CCC Help French
"{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}" = SetPoint
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F179735-F134-7E5F-9494-E2C5C39F0FBE}" = CCC Help Portuguese
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{306CD8FB-C567-F39C-8A3C-752AFE392023}" = CCC Help Korean
"{35CC381D-D375-5FBD-A730-1A156E8957D6}" = CCC Help Thai
"{3921564E-11A7-27AC-8D6F-D5FCA33DD083}" = Skins
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3E9016D4-5AD8-3A77-5A75-8C89C68992CD}" = Catalyst Control Center Graphics Previews Vista
"{3FE799B6-6493-AD47-A5FA-F3FE144C7EF0}" = Catalyst Control Center HydraVision Full
"{4011B00E-26BE-7867-3D2C-BA85CF737C8B}" = Catalyst Control Center Localization Korean
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{432A850B-3558-4BFF-B1F9-30626835B523}" = BPD_DSWizards
"{43DF6A05-B79C-0AA4-EF59-843EFE398E3D}" = Catalyst Control Center Localization French
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{463E450F-401B-37D8-CD6C-8782D755AB86}" = Catalyst Control Center Localization Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51114DCF-C263-88F0-937D-A80930617A8B}" = CCC Help Chinese Standard
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{5C883FB3-9F17-C9F6-3D74-D2C2DAC3FA0D}" = Catalyst Control Center Localization Chinese Traditional
"{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3}" = HP_Network_UserGuide
"{60B3718D-B81B-FBFE-C6F8-88BAF5934C17}" = Catalyst Control Center Localization German
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{628C2C7D-8AD1-E614-E8E2-6EEAD8D5F2D0}" = Acrobat.com
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69724AEA-DC5F-BF91-A2B3-9B97422173BC}" = ccc-core-static
"{6A08D9B3-5E90-CDEA-3796-1E5C7AAD7F7D}" = Catalyst Control Center Localization Italian
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7D21905A-5DB7-2F4C-4E97-80F352D2C3A9}" = Catalyst Control Center Graphics Previews Vista
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8123165F-1AED-4B2A-9C70-BB42A777C97C}" = CCC Help Hungarian
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{8214D5AF-8BA8-3551-A859-5EBDBD30D2FA}" = Catalyst Control Center Core Implementation
"{846730BD-A6E2-FA38-8192-0D67BBA919BD}" = CCC Help English
"{85693740-CB33-8E46-D05A-22EEAC2C14C3}" = Catalyst Control Center Graphics Full New
"{8841C16B-EACC-82C0-18BC-7767CC9E740D}" = Catalyst Control Center Localization Spanish
"{892B4819-7E37-9C59-3A8C-7AE8A8261A7D}" = Catalyst Control Center Localization Portuguese
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A0D9C6B-ACB8-738E-2D1A-B437E2CF36B6}" = Catalyst Control Center Graphics Full Existing
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}" = Roxio CinePlayer Decoder Pack
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F7294C1-FC75-D55D-CFEF-915B0349EA6E}" = CCC Help Japanese
"{8F968232-15C6-4872-84C2-9FCDAA1AEAB6}" = MPM
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualXServ Service Agreement
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9131B5A5-DCA5-8F8A-5799-14F7B0C0E97D}" = Catalyst Control Center Localization Hungarian
"{925E788B-7624-F7BD-E331-2039774A2688}" = CCC Help Thai
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92ACB266-B316-F37F-D34F-8C9F20040E78}" = Catalyst Control Center Graphics Light
"{9427D7E3-DDE4-688A-44B6-2FEADB6F956F}" = Catalyst Control Center Localization All
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{960DD947-B41A-2503-4079-E1EA314A4962}" = CCC Help Japanese
"{96F0FEBF-ECF7-6193-FF53-3713941BA1E1}" = Catalyst Control Center Core Implementation
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2BDAD24-875E-FDCA-1512-52F76435F5EE}" = CCC Help Italian
"{A3E66D20-B986-0D55-7000-9A9427F51C54}" = Catalyst Control Center Localization Thai
"{A7DEBAA4-B211-4D1A-A6B3-E52BFAAA1D0C}" = Garmin Communicator Plugin
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A996DFDD-E52F-0D4A-75A5-E3B0B083BA6D}" = Catalyst Control Center Graphics Full Existing
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AD7A2DD6-8B66-4BD2-9840-CCE6C1F7A2A2}" = MyNetflix
"{AF094932-91E6-4EF8-8AB8-1C7226DFEECB}" = Hauppauge TV Tuner Driver
"{B471481F-8743-85EF-B551-45ED91BEEE76}" = Catalyst Control Center Graphics Previews Common
"{B495547C-01F8-4836-A2E6-749B5F3EA691}" = 8500A909_Help
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B88A3C98-CB4D-E3C2-DE49-EDAF1DC55CC1}" = CCC Help English
"{B9C73F69-63B7-552D-72D8-3C22B6B1A3E7}" = Catalyst Control Center Graphics Full New
"{BB2CB14A-F3A3-4BBF-9111-EBC82049ABA6}" = Roxio Creator Premier
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C328337D-33F5-5E15-164E-17998C8CF0F7}" = CCC Help Chinese Traditional
"{C874DC88-F5E2-D566-2880-22A2FDA0C69C}" = CCC Help English
"{CAB62FBE-E3A4-6F3A-88F6-7B8BD1B8FD1F}" = Catalyst Control Center InstallProxy
"{CCA71011-5ED0-2037-40E9-63C0005AF370}" = CCC Help Korean
"{CD8C5C7F-7C58-4F85-8977-A6C08C087912}" = MPM
"{CE44ABFE-FAF9-3C62-1D27-C8B64C3DD321}" = CCC Help Polish
"{CE75BD79-EC4B-9D7E-DD55-C29C65C3A9EC}" = Catalyst Control Center Graphics Previews Common
"{CF5C7154-98F4-4D44-A58C-8BC19751CCCC}" = Roxio Creator Premier 10
"{CFC1C90B-E9A4-F656-BCA2-2A71ECCBD8F5}" = Catalyst Control Center Graphics Full Existing
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D145021C-91D3-5563-7EC1-D58FBE1A0618}" = Catalyst Control Center Graphics Previews Vista
"{D3B1C799-CB73-42DE-BA0F-2344793A095C}" = Catalyst Control Center - Branding
"{D5DEF057-D3BC-499f-99EE-884ED429B6D1}" = 8500A909g
"{D62C1FAE-4092-A40C-CB31-4372494808CC}" = CCC Help German
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA8BF070-1358-4a30-A68F-21E0E9421AEF}" = ProductContext
"{DEB7A862-71A2-C615-F620-5944F7FE8172}" = Catalyst Control Center Localization Turkish
"{E01A8BFE-96AB-FEA3-4A3B-EEF9849D1E24}" = Catalyst Control Center Graphics Previews Common
"{E0783143-EAE2-4047-A8D6-E155523C594C}" = Garmin WebUpdater
"{E96A2C11-1139-7A34-C529-4D21832A34F6}" = Catalyst Control Center Graphics Light
"{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator Premier
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F569596C-049F-BF15-E0A9-B7605D9B181E}" = Catalyst Control Center Core Implementation
"{F5E21D29-D1E6-AFEB-1A6C-7B3FA723BA70}" = Catalyst Control Center Graphics Full New
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{F7D39F49-4D13-FEAB-CAB5-E508336F074B}" = CCC Help Chinese Traditional
"{FDA83F07-D205-D676-EFFF-615D0B660B94}" = CCC Help Chinese Standard
"{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Toolbar" = AOL Toolbar
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Dell Video Chat" = Dell Video Chat (remove only)
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.26057)
"Hauppauge TV Tuner Diagnostics" = Hauppauge TV Tuner Diagnostics (1.1.7057)
"Hauppauge WinTV 7" = Hauppauge WinTV 7
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"McAfee Virtual Technician" = McAfee Virtual Technician
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MSC" = McAfee SecurityCenter
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinTV-HVR-950Q Windows Media Center Kit" = WinTV-HVR-950Q Windows Media Center Kit

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3230457466-36631048-1315814223-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"GoToMeeting" = GoToMeeting 4.0.0.320
"Juniper_Citrix_Services" = Juniper Citrix Services Client
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"Move Media Player" = Move Media Player
"Neoteris_Host_Checker" = Juniper Networks Host Checker

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

#7 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:11:19 PM

Posted 14 June 2011 - 05:33 PM

Please see this post: http://www.bleepingcomputer.com/forums/topic402270.html/page__view__findpost__p__2292684

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.


#8 SweetTech

SweetTech

    Agent ST


  • Members
  • 13,421 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Antarctica
  • Local time:11:19 PM

Posted 17 June 2011 - 09:51 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Have I helped you? If you'd like to assist in the fight against malware, click here Posted Image


The instructions seen in this post have been specifically tailored to this user and the issues they are experiencing with their computer. If you think you have a similar problem, please first read this topic, and then begin your own, new thread. I do not offer private support via Private Message.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users