Highlighted
2 Bronze

Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

hello, i have an inspiron 1520.  i have vista on my computer.  I use firefox for browser.  about once a week or so i get the blue screen.  Yesterday, as i was on the internet, i had a screen pop up which said my files were infected.  I didn't get a chance to see with what because i immediately shut down the computer.  I ran a panda scan and it said i had some files infected.  So i ran hijack this and posted here for help.

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:12:43 PM, on 1/23/2011
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.17037)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\Robin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Robin\Downloads\HijackThis(2).exe
C:\Windows\System32\wscript.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Windows Live OneCare Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
O4 - HKLM\..\Run: [EarthLink Installer] " /C
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fssui.exe" -autorun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
O4 - HKLM\..\RunOnce: [DSUpdateLauncher] "C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
O4 - HKLM\..\RunOnce: [STToasterLauncher] C:\Program Files\Dell DataSafe Local Backup\toasterLauncher.exe
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Simple Star PhotoShow Media Manager] C:\PROGRA~1\SIMPLE~1\PHOTOS~1\data\Xtras\mssysmgr.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [SansaDispatch] C:\Users\Robin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10k_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} (MSN Games – Buddy Invite) - http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} (ZonePAChat Object) - http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - http://mediaplayer.walmart.com/installer/install.cab
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} (ZPA_DMNO Object) - http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (MSN Games – Game Communicator) - http://zone.msn.com/binframework/v10/StProxy.cab55579.cab
O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - AppInit_DLLs: AVGRSSTX.DLL C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Stuffit Archive Name Service - Smith Micro Software, Inc. - C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 17660 bytes

0 Kudos
31 Replies
Highlighted
4 Beryllium

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hiya catfish401,

I'm kevinf80 and I will be helping with any malware issues you may have with your system.
  • Please be aware that some of the logs I may ask for can be very complex and can take a long time to decipher. I am a volunteer here with a job and family so I ask that you be patient when waiting for replies.
  • Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.
  • Either print or Save to Notepad all instructions and please follow them carefully, if there's something you don't understand or that will not work please let me know and we will go through it together.
  • Malware is often buggy and can be very unstable, with that in mind it is advisable to backup any important data before we begin.
  • If you do not reply within 72 hours the thread will be closed, if you need more time let me know. Likewise if I do not respond within 48 hours feel free to PM me.
  • If you have any P2P applications installed such as BitTorrent, uTorrent, Limewire etc etc, please uninstall them before we begin.
  • If you are using Cracked or Illegal software your thread will be locked and all help will cease.


Quick question before we progress. You appear to have two security systems running, Trendmicro and AVG, both of these programs have an Antivirus component. Two AV programs running together is not good and they will clash, they may cause system freezes and/or system crashes. Are you aware of this?

Kevin

[img]http://en.community.dell.com/cfs-file.ashx/__key/communityserver-components-userfiles/00-00-87-63-64-Attached+Files/0172.dellrsnew.jpg[/img]
 

 

0 Kudos
Highlighted
2 Bronze

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hi Kevin

Thank you for your response.  To answer your question, No i was not aware of that.  I was having some problems with Trend and I thought I had uninstalled it, that's when i installed AVG.  If you could help me straighten it out, i would appreciate it.

0 Kudos
Highlighted
4 Beryllium

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hiya catfish401,

Trend have a utility for removing their security programs, available Here Have a read through the instructions before running the correct version of the utility.

If you are keeping AVG you will need to update it as you are using version 8, The new free version of AVG 2011 is available Here The free version is on the left side of the main page from the link.

Continue as follows regardless of above :-

Download user posted image OTL from any of the following links and save to your Desktop:

Link 1
Link 2
Link 3
Link 4
  • Double click on the icon to run it, Vista or Windows 7 users right click and select Run as Administartor. Make sure all other windows are closed and to let it run uninterrupted.
  • In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
  • Under the Custom Scan box paste this in
CODE

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them in your reply

    Step 2

    Please download this program Blue Screen Viewer and unzip "Bluescreen View.exe" to your desktop.
    Next, Right click on "Computer" and select "Properties" select "Advanced Tab." From the "Start up and Recovery" section select "settings" make sure the default folder is "%SystemRoot%\Minidump".
    Go back to your desktop and double click on Bluescreen Viewer to run it, if there is any info available the program will grab the most recent. Choose save from the Toolbar and copy paste to your next reply. If there is no information available try and re-create the BSOD and try again with the tool to collect the information.

    What i`d like in your reply :-

    • OTL Txt
    • Extras Txt
    • Log from Blue screen viewer


    Kevin

[img]http://en.community.dell.com/cfs-file.ashx/__key/communityserver-components-userfiles/00-00-87-63-64-Attached+Files/0172.dellrsnew.jpg[/img]
 

 

0 Kudos
Highlighted
2 Bronze

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hi Kevin,

I think i got everything.  Wasn't sure about the blue screen log. Didn't know if you wanted all of them or just the first one, so i sent the entire log. Hope it's ok.

Thanks

 

 

OTL logfile created on: 1/25/2011 8:16:05 PM - Run 1
OTL by OldTimer - Version 3.2.20.5     Folder = C:\Users\Robin\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 73.51 Gb Free Space | 53.87% Space Free | Partition Type: NTFS
Drive 😧 | 10.00 Gb Total Space | 5.41 Gb Free Space | 54.10% Space Free | Partition Type: NTFS
 
Computer Name: ROBIN-PC | User Name: Robin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/01/25 19:54:49 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.com
PRC - [2010/11/24 11:07:58 | 000,088,176 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2010/09/02 17:17:40 | 001,853,248 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Toaster.exe
PRC - [2010/08/28 09:52:45 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010/08/24 04:38:18 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010/08/24 04:38:16 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2010/08/20 15:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files\Dell DataSafe Local Backup\SftService.exe
PRC - [2010/07/21 10:35:16 | 000,161,088 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2010/07/20 22:36:02 | 000,783,680 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2010/07/09 18:27:16 | 002,048,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010/03/02 15:15:44 | 001,134,488 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2010/03/02 15:15:44 | 000,536,472 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010/03/02 15:15:42 | 006,946,712 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2010/01/06 18:03:14 | 000,761,600 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgscanx.exe
PRC - [2009/09/04 18:50:36 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/09/04 18:50:33 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/09/04 18:50:25 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/09/04 18:50:08 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/09/04 18:49:25 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/22 21:29:25 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Users\Robin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/08/26 14:58:12 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/08/26 14:58:10 | 000,206,064 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtcmd.exe
PRC - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe
PRC - [2007/12/17 10:13:18 | 000,523,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe
PRC - [2007/12/17 10:12:58 | 000,243,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Family Safety\fssui.exe
PRC - [2007/12/08 14:38:41 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/09/27 23:54:54 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/12 12:00:00 | 000,531,272 | ---- | M] (Corel, Inc.) -- C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
PRC - [2007/07/20 19:13:26 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2007/05/01 10:15:04 | 000,157,264 | ---- | M] (Smith Micro Software, Inc.) -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
PRC - [2007/04/16 17:10:26 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/03/15 13:09:36 | 000,460,784 | ---- | M] (Gteko Ltd.) -- C:\Program Files\DellSupport\DSAgnt.exe
PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2006/11/21 13:02:24 | 001,807,960 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
PRC - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe
PRC - [2006/11/03 19:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe
PRC - [2006/09/28 04:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/01/25 19:54:49 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.com
MOD - [2010/04/01 08:57:36 | 000,015,056 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/09/04 18:50:37 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2006/11/02 04:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010/11/24 11:07:58 | 000,088,176 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/10/06 10:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/08/28 09:52:45 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010/08/24 04:38:18 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010/08/20 15:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/03/02 15:15:44 | 000,536,472 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/09/04 18:50:08 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/09/04 18:49:25 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2008/10/15 17:18:11 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/08/26 14:58:12 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter)
SRV - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe -- (PcCtlCom)
SRV - [2007/12/17 10:13:18 | 000,523,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2007/12/08 14:38:41 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/25 15:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
SRV - [2007/09/27 23:54:48 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/09/27 23:54:44 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/05/31 10:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 10:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/01 10:15:04 | 000,157,264 | ---- | M] (Smith Micro Software, Inc.) [Auto | Running] -- C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe -- (Stuffit Archive Name Service)
SRV - [2007/03/19 13:44:44 | 000,070,656 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2006/11/09 15:04:02 | 000,566,872 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe -- (tmproxy)
SRV - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe -- (TmPfw)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006/09/28 04:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/09/18 16:50:54 | 000,345,696 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe -- (Tmntsrv)
SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2009/09/04 18:50:35 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/09/04 18:50:35 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/06/30 10:37:16 | 000,028,552 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\system32\drivers\pavboot.sys -- (pavboot)
DRV - [2009/05/20 17:28:15 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2008/07/18 18:08:38 | 000,205,328 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2008/07/18 18:08:32 | 000,036,368 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2008/07/18 17:51:32 | 001,195,448 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint)
DRV - [2007/12/08 14:48:30 | 000,020,152 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2007/12/08 14:48:30 | 000,019,128 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2007/12/08 14:48:30 | 000,017,592 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/10/17 12:53:16 | 000,043,816 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2007/09/27 23:54:56 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/26 05:47:24 | 001,899,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2007/06/08 06:05:42 | 000,230,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmdcap.sys -- (U6000ALL) HDTV110 TV Box(ALL)
DRV - [2007/04/27 19:35:56 | 000,182,456 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007/03/21 14:33:46 | 000,534,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2007/02/25 13:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/02/12 16:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2007/02/09 12:34:16 | 000,051,768 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DRVNDDM.SYS -- (DRVNDDM)
DRV - [2007/02/08 20:05:30 | 000,028,120 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2007/02/08 20:05:30 | 000,012,856 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\System32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/11/27 02:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 02:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 02:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/21 07:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/09 15:04:20 | 000,280,392 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TM_CFW.sys -- (tmcfw)
DRV - [2006/11/09 15:04:20 | 000,073,288 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2006/11/02 21:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 21:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 21:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 04:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 04:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 04:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 04:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 04:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 04:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 04:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 04:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 04:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 04:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 04:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 04:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 04:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 03:55:05 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 02:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2006/11/02 02:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2006/11/01 18:50:00 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2006/11/01 15:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/10/26 16:22:02 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/10/26 16:21:34 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/10/26 16:21:34 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/10/26 16:21:32 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/10/26 16:21:30 | 000,026,296 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/10/26 16:21:28 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/10/26 16:21:26 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/10/26 16:21:24 | 000,104,536 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\System32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/10/05 18:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Running] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2006/07/21 11:21:26 | 000,099,176 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\DRVMCDB.SYS -- (DRVMCDB)
DRV - [2005/06/24 17:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/05/23 09:30:36 | 000,043,737 | ---- | M] (OMNIKEY) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmeu0wdm.sys -- (cmeu0wdm)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071208
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071208
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p="
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "chrome://speeddial/content/speeddial.xul"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 44
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: avg@igeared:6.010.006.004
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {8051A235-3BDB-4450-9C02-8CD8C6F9E2CB}:0.3.4
FF - prefs.js..extensions.enabledItems: CLIP@chris.synan:1.1.7
FF - prefs.js..extensions.enabledItems: craigzilla@studioshorts.com:1.1.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: support@lastpass.com:1.70.0
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1
FF - prefs.js..extensions.enabledItems: {4fa0d965-cd01-4d08-9bdb-0d8c47cfd5d8}:3.16
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8
FF - prefs.js..extensions.enabledItems: {75623d5d-4683-402a-b610-ac4bab767c86}:3.1.2
FF - prefs.js..extensions.enabledItems: {f701c26a-479a-4724-b4f1-870db12f063c}:1.4.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: sidecar@amazon.com:0.7.2.5
FF - prefs.js..extensions.enabledItems: canitbecheaper@trafficbroker.co.uk:2.9.1
FF - prefs.js..extensions.enabledItems: superfish@superfish.com:1.2.0.5
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..keyword.URL: "http://search.avg.com/route/?d=4cc6d4ae&v=6.010.006.004&i=29&tp=ab&iy=b&ychte=us&lng=en-US&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009/12/24 09:11:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\avg@igeared: C:\Program Files\AVG\AVG8\Toolbar\Firefox\avg@igeared [2010/10/26 08:16:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2010/11/26 21:12:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2011/01/14 17:57:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/16 17:05:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/16 17:05:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.5\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2008/05/04 14:53:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.5\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/08/29 16:29:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2010/08/18 17:31:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions
[2010/08/18 17:31:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/01/25 19:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions
[2010/12/17 18:53:21 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2008/12/12 19:16:26 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(110)
[2010/12/25 18:42:30 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/04/30 19:08:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/19 19:31:13 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/02/16 18:18:37 | 000,000,000 | ---D | M] (SmartSearch) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{4fa0d965-cd01-4d08-9bdb-0d8c47cfd5d8}
[2010/12/17 18:53:23 | 000,000,000 | ---D | M] (Speed Dial) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2008/12/12 19:16:27 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(111)
[2010/12/17 18:53:22 | 000,000,000 | ---D | M] (Surf Canyon - Search Engine Assistant) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2008/12/12 19:16:26 | 000,000,000 | ---D | M] (Surf Canyon - Search Engine Assistant) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}(112)
[2008/12/14 17:41:23 | 000,000,000 | ---D | M] (Smiley Xtra) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{759F3C3E-A3FC-474b-A6F0-66B14404AA07}
[2011/01/18 19:19:49 | 000,000,000 | ---D | M] (Context Highlight) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{8051A235-3BDB-4450-9C02-8CD8C6F9E2CB}
[2008/12/12 19:16:22 | 000,000,000 | ---D | M] (Firefox Showcase) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}(113)
[2010/09/20 19:46:42 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011/01/18 19:19:49 | 000,000,000 | ---D | M] ("CoolPreviews") -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}
[2011/01/18 19:19:50 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/15 18:27:27 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010/12/17 18:53:25 | 000,000,000 | ---D | M] (FoxTab) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010/01/27 18:08:02 | 000,000,000 | ---D | M] (Text-to-Image) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\{f701c26a-479a-4724-b4f1-870db12f063c}
[2011/01/18 19:19:48 | 000,000,000 | ---D | M] (InvisibleHand) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\canitbecheaper@trafficbroker.co.uk
[2010/02/16 18:18:36 | 000,000,000 | ---D | M] ("Craigslist Image Prefetcher") -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\CLIP@chris.synan
[2010/08/13 16:33:58 | 000,000,000 | ---D | M] (CraigZilla) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\craigzilla@studioshorts.com
[2011/01/11 21:09:50 | 000,000,000 | ---D | M] ("AmazonAssist") -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\sidecar@amazon.com
[2011/01/19 19:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\staged-xpis
[2011/01/25 19:48:55 | 000,000,000 | ---D | M] (Window Shopper - Powered by Superfish) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\superfish@superfish.com
[2010/10/19 16:43:15 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\extensions\support@lastpass.com
[2007/12/16 19:53:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Robin\AppData\Roaming\Mozilla\Sunbird\Profiles\mt3knwha.default\extensions
[2008/10/06 15:46:20 | 000,001,769 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\searchplugins\aim-search.xml
[2008/02/27 20:35:10 | 000,002,386 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\searchplugins\siteadvisor.xml
[2009/04/03 20:41:12 | 000,001,898 | ---- | M] () -- C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\tmhxc6w8.default\searchplugins\surf-canyon.xml
[2008/08/20 17:01:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/12/24 09:11:18 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG8\FIREFOX
[2010/10/26 08:16:30 | 000,000,000 | ---D | M] ("urn:mozilla:install-manifest" em:id="avg@igeared" em:name="AVG Security Toolbar" em:version="6.010.006.004" em:displayname="AVG Security Toolbar" em:iconURL="chrome://tavgp/skin/logo.ico" em:creator="AVG Technologies" em:description="AVG Security Toolbar" em:homepageURL="http://www.avg.com" >) -- C:\PROGRAM FILES\AVG\AVG8\TOOLBAR\FIREFOX\AVG@IGEARED
[2011/01/14 17:57:06 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
 
O1 HOSTS File: ([2008/02/07 17:12:16 | 000,224,803 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 127.0.0.1    www.007guard.com
O1 - Hosts: 127.0.0.1    007guard.com
O1 - Hosts: 127.0.0.1    008i.com
O1 - Hosts: 127.0.0.1    www.008k.com
O1 - Hosts: 127.0.0.1    008k.com
O1 - Hosts: 127.0.0.1    www.00hq.com
O1 - Hosts: 127.0.0.1    00hq.com
O1 - Hosts: 127.0.0.1    010402.com
O1 - Hosts: 127.0.0.1    www.032439.com
O1 - Hosts: 127.0.0.1    032439.com
O1 - Hosts: 127.0.0.1    www.1001-search.info
O1 - Hosts: 127.0.0.1    1001-search.info
O1 - Hosts: 127.0.0.1    www.100888290cs.com
O1 - Hosts: 127.0.0.1    100888290cs.com
O1 - Hosts: 127.0.0.1    www.100sexlinks.com
O1 - Hosts: 127.0.0.1    100sexlinks.com
O1 - Hosts: 127.0.0.1    www.10sek.com
O1 - Hosts: 127.0.0.1    10sek.com
O1 - Hosts: 127.0.0.1    www.123topsearch.com
O1 - Hosts: 127.0.0.1    123topsearch.com
O1 - Hosts: 127.0.0.1    www.132.com
O1 - Hosts: 127.0.0.1    132.com
O1 - Hosts: 127.0.0.1    www.136136.net
O1 - Hosts: 7889 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Windows Live OneCare Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Corel Photo Downloader] C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe (Corel, Inc.)
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [EarthLink Installer]  File not found
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [fssui] C:\Program Files\Windows Live\Family Safety\fssui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [pccguide.exe] C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [UVS10 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [UVS11 Preload] C:\Program Files\Ulead Systems\Ulead VideoStudio 11\uvPL.exe (InterVideo Digital Technology Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\Robin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [Search Protection]  File not found
O4 - HKCU..\Run: [Simple Star PhotoShow Media Manager]  File not found
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKLM..\RunOnce: [DSUpdateLauncher] C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe (Dell)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O4 - HKLM..\RunOnce: [STToasterLauncher] C:\Program Files\Dell DataSafe Local Backup\ToasterLauncher.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} http://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab (StagingUI Object)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab (CKAVWebScan Object)
O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} http://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab (CPlayFirstTriJinxControl Object)
O16 - DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} http://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab (MSN Games – Buddy Invite)
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} http://www.nanoscan.com/as/cabs/ascstubie.cab (TotalScan Installer Class)
O16 - DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} http://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab (ZonePAChat Object)
O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.walmart.com/installer/install.cab (Reg Error: Key error.)
O16 - DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} http://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab (ZPA_DMNO Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} http://zone.msn.com/binframework/v10/StProxy.cab55579.cab (MSN Games – Game Communicator)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (AVGRSSTX.DLL) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - AppInit_DLLs: (C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll -  File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll -  File not found
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 17:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O33 - MountPoints2\{37addde4-e0df-11dc-be30-001d09a80e66}\Shell\AutoRun\command - "" = F:\Autorun.exe /run
O33 - MountPoints2\{37addde4-e0df-11dc-be30-001d09a80e66}\Shell\Shell00\Command - "" = F:\Autorun.exe /run
O33 - MountPoints2\{37addde4-e0df-11dc-be30-001d09a80e66}\Shell\Shell01\Command - "" = F:\Autorun.exe /action
O33 - MountPoints2\{37addde4-e0df-11dc-be30-001d09a80e66}\Shell\Shell02\Command - "" = F:\Autorun.exe /uninstall
O33 - MountPoints2\{cea510a4-13e9-11de-941b-001d09a80e66}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
Drivers32: msacm.dvacm - C:\Program Files\Common Files\Ulead Systems\VIO\DVACM.acm (InterVideo Digital Technology Corporation)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.MPEGacm - C:\Program Files\Common Files\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.ulmp3acm - C:\Program Files\Common Files\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/01/25 19:54:04 | 000,603,136 | ---- | C] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.com
[2011/01/23 17:52:46 | 000,028,552 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2011/01/04 21:14:38 | 000,000,000 | R-SD | C] -- C:\Users\Robin\Documents\My Stationery
[2010/12/30 08:06:41 | 000,000,000 | ---D | C] -- C:\Users\Robin\My Backup Files
[2010/12/29 19:26:09 | 000,000,000 | -HSD | C] -- C:\System Recovery
[2010/12/29 19:20:51 | 000,128,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WimFltr.sys
[2010/12/29 19:20:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe
[2010/12/29 19:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Dell DataSafe Local Backup
[2010/12/29 18:13:35 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
[2010/12/29 18:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2010/12/29 18:03:07 | 000,000,000 | ---D | C] -- C:\Users\Robin\AppData\Roaming\PCDr
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/01/25 20:15:25 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D695535C-EDAD-45FD-9B3E-EB71A0DC1897}.job
[2011/01/25 19:54:49 | 000,603,136 | ---- | M] (OldTimer Tools) -- C:\Users\Robin\Desktop\OTL.com
[2011/01/25 19:45:05 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/01/25 19:41:15 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/25 19:41:15 | 000,003,472 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/25 19:41:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/25 19:40:53 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/24 21:37:17 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/01/21 20:08:51 | 000,011,217 | ---- | M] () -- C:\Users\Robin\Desktop\my billsl.xlsx
[2011/01/21 18:05:54 | 000,002,585 | ---- | M] () -- C:\Users\Robin\Desktop\Microsoft Office Excel 2007.lnk
[2011/01/21 17:27:07 | 000,000,000 | ---- | M] () -- C:\Windows\System32\null
[2011/01/19 20:29:02 | 259,895,327 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/01/19 19:42:32 | 000,667,752 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/19 19:42:32 | 000,122,760 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/19 17:20:24 | 070,330,965 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2011/01/10 18:17:01 | 000,012,126 | ---- | M] () -- C:\Users\Robin\Documents\Acct-1065136-X6755-US Knobs Order Confirmation.pdf
[2011/01/03 22:42:23 | 000,047,915 | ---- | M] () -- C:\Users\Robin\Desktop\Decorative Cabinet Hardware, Kitchen Knobs, Cabinet Pulls, Bathroom _ USKnobs.pdf
[2011/01/01 20:06:40 | 000,094,470 | ---- | M] () -- C:\Users\Robin\Desktop\Woodworkers Hardware & Supply Cart.pdf
[2011/01/01 11:01:04 | 000,041,767 | ---- | M] () -- C:\Users\Robin\Desktop\Shopping Cart _ Amerock For Less.pdf
[2010/12/29 18:10:19 | 000,040,219 | ---- | M] () -- C:\Users\Robin\Desktop\Nice NJ Car Insurance.pdf
[2010/12/29 17:53:46 | 000,016,226 | ---- | M] () -- C:\Users\Robin\Desktop\Pay Taxes, Utility Bills, Tuition & More Online.pdf
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/01/21 20:08:50 | 000,011,217 | ---- | C] () -- C:\Users\Robin\Desktop\my billsl.xlsx
[2011/01/16 13:12:30 | 000,431,706 | ---- | C] () -- C:\Users\Robin\Documents\30day_meal_plan.pdf
[2011/01/10 18:17:01 | 000,012,126 | ---- | C] () -- C:\Users\Robin\Documents\Acct-1065136-X6755-US Knobs Order Confirmation.pdf
[2011/01/03 22:42:22 | 000,047,915 | ---- | C] () -- C:\Users\Robin\Desktop\Decorative Cabinet Hardware, Kitchen Knobs, Cabinet Pulls, Bathroom _ USKnobs.pdf
[2011/01/01 20:06:39 | 000,094,470 | ---- | C] () -- C:\Users\Robin\Desktop\Woodworkers Hardware & Supply Cart.pdf
[2011/01/01 11:01:04 | 000,041,767 | ---- | C] () -- C:\Users\Robin\Desktop\Shopping Cart _ Amerock For Less.pdf
[2010/12/29 18:10:19 | 000,040,219 | ---- | C] () -- C:\Users\Robin\Desktop\Nice NJ Car Insurance.pdf
[2010/12/29 17:53:45 | 000,016,226 | ---- | C] () -- C:\Users\Robin\Desktop\Pay Taxes, Utility Bills, Tuition & More Online.pdf
[2010/11/26 19:23:59 | 000,011,226 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/09/11 13:09:26 | 000,262,144 | ---- | C] () -- C:\Windows\System32\GTTunerCard.dll
[2009/09/11 13:09:26 | 000,237,646 | ---- | C] () -- C:\Windows\System32\Snap_device.dll
[2009/09/11 13:09:26 | 000,069,707 | ---- | C] () -- C:\Windows\System32\DISP_OPT1.dll
[2009/08/28 17:04:34 | 000,175,104 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2008/02/29 21:15:20 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/02/17 17:39:28 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll
[2007/12/16 21:24:44 | 000,210,456 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007/12/16 21:24:43 | 000,206,360 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007/12/16 21:24:43 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007/12/16 21:24:43 | 000,198,168 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007/12/16 21:24:43 | 000,194,072 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007/12/16 21:24:43 | 000,026,136 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007/12/16 21:20:01 | 000,001,004 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2007/12/16 21:09:31 | 000,056,056 | ---- | C] () -- C:\Windows\System32\DLAAPI_W.DLL
[2007/12/16 21:09:30 | 000,000,621 | ---- | C] () -- C:\Windows\wininit.ini
[2007/12/16 20:43:04 | 000,000,002 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\7zip_progress_FA494D15-B76A-48F3-870A-7FAF8C09BE99.txt
[2007/12/16 20:23:24 | 000,000,387 | ---- | C] () -- C:\Windows\COOK'N5.INI
[2007/12/16 20:00:23 | 000,001,103 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2007/12/16 20:00:23 | 000,000,139 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/12/16 12:22:38 | 000,024,064 | ---- | C] () -- C:\Users\Robin\AppData\Roaming\UserTile.png
[2007/12/08 14:49:11 | 001,238,832 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/12/08 14:49:11 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/12/08 14:49:11 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/12/08 14:49:11 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/12/08 14:49:03 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/12/08 14:48:53 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/08 07:12:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2007/06/08 06:05:42 | 000,230,784 | ---- | C] () -- C:\Windows\System32\drivers\dmdcap.sys
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2005/04/25 09:08:44 | 000,009,823 | ---- | C] () -- C:\Windows\System32\cmdiag.ini
[2005/03/15 11:40:56 | 000,000,143 | ---- | C] () -- C:\Windows\System32\cmabout.ini
[2004/09/20 10:19:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\chksvrn.dll
[2003/09/16 18:11:42 | 000,163,840 | ---- | C] () -- C:\Windows\System32\cmabout.dll
[2002/03/16 19:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000079.DLL
 
========== LOP Check ==========
 
[2008/10/04 10:11:35 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\acccore
[2007/12/16 20:06:05 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\BudgetExpress 3
[2008/12/25 12:08:51 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\FUJIFILM
[2008/10/15 18:49:38 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\GrassGames
[2007/12/18 00:15:48 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Individual Software
[2010/12/29 18:03:07 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\PCDr
[2007/12/16 12:22:38 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\PeerNetworking
[2009/12/09 18:53:26 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\PlayFirst
[2008/10/19 17:23:25 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Printer Info Cache
[2009/07/22 21:29:15 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\SanDisk
[2008/12/25 11:59:33 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Simple Star
[2007/12/17 18:48:38 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Spearit
[2007/12/16 19:50:01 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Thunderbird
[2010/08/18 17:31:12 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\TomTom
[2008/02/17 19:15:26 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\TrojanHunter
[2009/08/31 16:20:14 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Ulead Systems
[2008/10/19 18:07:27 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Wal-Mart
[2008/10/19 17:40:06 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Wal-Mart Digital Photo Viewer
[2008/01/01 07:29:36 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\Windows Live Writer
[2008/02/27 20:21:07 | 000,000,000 | ---D | M] -- C:\Users\Robin\AppData\Roaming\WinPatrol
[2007/12/18 17:41:18 | 000,000,254 | ---- | M] () -- C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
[2011/01/24 21:37:21 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/01/25 20:15:25 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D695535C-EDAD-45FD-9B3E-EB71A0DC1897}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2006/11/02 04:53:57 | 000,438,840 | RHS- | M] () -- C:\bootmgr
[2006/11/10 08:22:24 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007/12/08 14:49:19 | 000,004,956 | RH-- | M] () -- C:\dell.sdr
[2011/01/25 19:40:53 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2008/03/09 14:47:55 | 000,017,141 | ---- | M] () -- C:\HijackPatrol.log
[2007/12/16 20:38:12 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/10/04 10:01:30 | 000,003,526 | -H-- | M] () -- C:\IPH.PH
[2006/11/02 04:44:59 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\kmd.exe
[2007/12/16 20:38:12 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2009/05/04 19:13:31 | 000,262,144 | ---- | M] () -- C:\ntuser.dat
[2009/05/04 19:13:31 | 000,005,120 | -H-- | M] () -- C:\ntuser.dat.LOG1
[2009/05/04 19:13:31 | 000,000,000 | -H-- | M] () -- C:\ntuser.dat.LOG2
[2009/05/04 19:13:31 | 000,065,536 | -HS- | M] () -- C:\ntuser.dat{cbd75d8a-38f4-11de-95cd-001d09a80e66}.TM.blf
[2009/05/04 19:13:31 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{cbd75d8a-38f4-11de-95cd-001d09a80e66}.TMContainer00000000000000000001.regtrans-ms
[2009/05/04 19:13:31 | 000,524,288 | -HS- | M] () -- C:\ntuser.dat{cbd75d8a-38f4-11de-95cd-001d09a80e66}.TMContainer00000000000000000002.regtrans-ms
[2011/01/25 19:40:52 | 3524,710,400 | -HS- | M] () -- C:\pagefile.sys
[2007/12/08 07:13:02 | 000,001,812 | ---- | M] () -- C:\SetWiFiBT.txt
[2007/12/08 07:30:38 | 000,000,071 | ---- | M] () -- C:\SystemInfo.ini
[2008/10/04 09:32:55 | 000,000,371 | -H-- | M] () -- C:\T4Metrics.log
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\System32\config\*.sav >
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 05:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 05:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-01-26 00:47:33
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2C15EF07
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:B85416EB

< End of report >

 

OTL Extras logfile created on: 1/25/2011 8:16:05 PM - Run 1
OTL by OldTimer - Version 3.2.20.5     Folder = C:\Users\Robin\Desktop
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 49.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 73.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 73.51 Gb Free Space | 53.87% Space Free | Partition Type: NTFS
Drive 😧 | 10.00 Gb Total Space | 5.41 Gb Free Space | 54.10% Space Free | Partition Type: NTFS
 
Computer Name: ROBIN-PC | User Name: Robin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07C5F420-4741-4138-A1D1-630F4C673992}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{1BC44A06-4010-4FD1-A867-F870A3CB52A3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{1F242F27-8CF6-4028-A256-80F485C66FEE}" = rport=138 | protocol=17 | dir=out | app=system |
"{3239C7E9-C5AB-43B3-940E-010A715D02E1}" = lport=138 | protocol=17 | dir=in | app=system |
"{51CA4C61-35B1-4CF9-9170-FD1A646BCF51}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{646F7234-C4CB-4011-9A9D-7F4398477D47}" = lport=445 | protocol=6 | dir=in | app=system |
"{93579056-24BB-4CF3-9943-B1996FAC2E96}" = rport=137 | protocol=17 | dir=out | app=system |
"{9E957C0D-7410-4CB7-9AFB-ADE9A23ADC85}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A121F174-0BC6-42D2-92D3-1E35AF35D6AC}" = lport=137 | protocol=17 | dir=in | app=system |
"{B039F9A7-6EAB-4818-8B6D-4BAF23A4D8FA}" = lport=139 | protocol=6 | dir=in | app=system |
"{CD0200F9-ABB4-408D-8F5E-6260953613F3}" = rport=445 | protocol=6 | dir=out | app=system |
"{D933EF1E-0B32-497F-A396-A60F070E4672}" = rport=139 | protocol=6 | dir=out | app=system |
"{FE2D2D10-3257-4933-907E-9B362D1F309F}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0589F8B1-33D5-4BDC-8754-BC70EA2E6DD1}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{07673981-E2E1-4963-894C-AA6CD4EA0F2A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{0D601716-D38F-4311-A0B4-3E5697FC0A31}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{1206A8DD-8076-4553-8729-CB2E52B9B6D0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{123B8659-9623-4C93-ADF9-DABB2D68A120}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{15AC471B-88D5-4FD1-86F4-1F22303BB69F}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1BC349A9-97C0-4384-885B-3FED5F49FD66}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1D1EA1DE-9AAB-42B3-BD26-77468BAE9A70}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{1EEB7304-412F-4E7E-A68D-C4864E78A5B2}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2305E863-77BA-42AF-916B-A760E3C4AD55}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{2E98B57C-7D59-4D88-8E5B-FA12D5AA07FE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{2FE42DE7-EAA2-499D-BA58-8FCB15A91083}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{3525BA2F-B6BA-4F4E-A164-80379C6146BA}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{36FD34F4-954B-48FF-B779-23873FB00BF4}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{3CB2155E-A3AE-428D-811C-0D3CE27527AB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1199224386\ee\aolsoftware.exe |
"{4C44CAFF-8F9C-4E11-AE7E-F38335808627}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{5152CCA6-4286-4C4F-86D8-1A2ACC6C4221}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{5354832F-80E1-439E-9607-ADAFF663F2A3}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{584E45EE-9218-4D5B-9F35-C5828D813FC6}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5B821EEE-8431-4A5C-920E-17F954FBD824}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{5E0AA82F-7FDB-4A0B-8B98-67E2CD972A1C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{622702C8-4515-484F-B817-2BE29FC5C7E6}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6659FF5D-3BDA-4F95-9766-676CE5C7E68E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{679B533D-EBB0-4635-8A91-6FEF33CD8390}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6808A533-A68E-456A-8A01-0DCF624EF962}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{694E91FE-01B3-47E7-A213-8599198BC9A8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{6C96F557-724F-4380-9FD0-2DF7B495E2A5}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{79C07DBA-0DF1-4236-ACD3-89C1F935048C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7ECC88B4-5724-480E-B87E-187574C0567B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7FAF5397-352C-4D79-AA8E-136F7F8E6D92}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{88E5892B-7BB5-4AFB-BCB8-DE56BC5BB87C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8FFCAC41-942F-4294-BF15-58FA5240E774}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9B3073E8-0F33-4079-8E39-A80F7C482A6F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9E2A2EA6-A77E-4454-A2FA-10C07A7FC5D9}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1199224386\ee\aolsoftware.exe |
"{9F2D7C70-136D-4BCC-907D-55106FF586A8}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{A44F1DD6-F803-4B36-BEAD-791C226C5E56}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{ACE50430-D7B0-4A4D-8520-09362C3C7F5F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B1FA3F43-85DF-459B-A211-8719FEAD4C8D}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B39C32DB-F7CF-4821-B915-61D92E86780C}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{B6E86AB1-3662-4982-A9F9-F441B3B3938F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{B9ACAEFE-146B-4498-B2E1-CF7E0EE55104}" = dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{B9E05229-9D43-49EC-9FA4-662F615DD536}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BCF3C866-D03D-411A-9519-129AA7F28714}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BDCB5E8B-A24D-4940-852B-09C7C5C987A7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{BF2F1FA8-4F2C-4565-B589-CC4EA8EBD50A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C2B3C431-FD8E-48EF-AD9A-28279F737D23}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{C2E859C4-BC42-4917-A38A-830FA28CD32D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C34D1E70-1BE4-40D2-9CC9-1946F55B9E4C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{C62A86F6-4DDD-4A48-BB40-43A3AAC66A28}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{C9C60EED-37C1-43A6-8B49-5F41B62B6654}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{CADC1B4C-C787-4E2C-B788-46938F6C4AE6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D41D9AC2-ED5B-4DFB-9878-4256052D35BB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D5AAEF3B-A3A3-4305-82F3-4368C95C85D5}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{DA6597E5-76CC-4DB9-A940-09268A02A23E}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{DDAE6C9F-3F31-4099-AB8E-032192429272}" = dir=in | app=e:\setup\hpznui01.exe |
"{E74C5BA3-BF88-4894-99E1-FD736D8F74E5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E88B8FDC-AA0D-4A18-916C-67CEF26500D3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EA4B4081-F3A3-41EB-A77C-5913AAB05BAC}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{ECE38FBC-EC25-4695-AE96-8A150805B58A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{EDF2EA86-FB28-47D2-A2E1-6A7C1D8E7B76}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F4B11F9B-EF65-445A-BCF3-97FB00954001}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F9AB8AEB-FD03-48EA-B78C-5228B5E7F306}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{FDF6A754-99F3-485D-9CBB-07DE47A03445}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"TCP Query User{4FCF6107-969D-4043-B612-DBCACF1A66F2}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{772C9042-7873-4948-9766-DA93AB48AF68}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{889E13FA-DE5D-4052-B646-DE36DBC3337D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0D5D2CF3-A733-4BE6-86CC-37E7122432F2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4ABCD59F-7975-4EFB-AD12-1CE6329279B4}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{611CDBEC-70D6-4F0C-8299-03D9AD063DDD}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{059689BF-89A3-4FE5-B459-6EAB2903124F}" = Hoyle Puzzle Games 2007
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA}" = Uniblue RegistryBooster
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = QualxServ Service Agreement
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{1D601240-1E3C-11DE-8C30-0800200C9A66}" = Walmart Photo Manager
"{21984000-3586-4292-87B5-7DCC7A0F04CF}" = Ashley Jones: The Heart Of Egypt
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.1
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3403CB31-D7C1-43F4-9D2F-579758C0CF09}" = Windows Live OneCare Family Safety
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{50BD0B15-5197-4EAF-8BCD-81117D1324B1}" = Family Tree Heritage Collaboration Support
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{64E72FB1-2343-4977-B4A8-262CD53D0BD3}" = Corel Paint Shop Pro Photo X2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6EF85993-3DBB-437F-A2B7-DB3EEC0FF49E}" = Jewel Quest
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{77E912CE-6396-45B8-90C0-DF402B3D7566}" = BudgetExpress 3
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{800E784D-53E3-4948-B491-9E7FA5EACBDC}" = SmartWebPrinting
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{83C57C58-FDD7-4d86-BFCC-9D31CC4EFA71}" = 6500_E709n
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8424EF22-44CF-4DD4-B702-FADA3998F4BA}" = StuffIt Deluxe 11 for Windows
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{9363DCD7-8323-4BB9-9EAC-21FC394CBC2E}" = Luxor 2
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9603DE6D-4567-4b78-B941-849322373DE2}" = SolutionCenter
"{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}" = Google Earth
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C3A6202F-8F3E-424C-83B8-189F92A1AB43}" = One Touch Video Capture
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D361C406-ED11-4A88-AD42-4A749BBAE6F9}" = Hoyle Card Games 2007
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DA71A94B-3617-4935-8BBE-1566B2174C95}" = VC500 Driver
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E4CD1482-3F7E-42C0-863A-BA0D7B3C4219}" = Sudoku Crunch
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{EA2BD6CF-2EB7-4BE4-9CAC-471F351BF24D}" = Hoyle Board Games 2007
"{EA8C73AA-3D75-44C9-87A2-8E945FC5FEE6}" = Trend Micro PC-cillin Internet Security 14
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFD1BF9E-3EFB-4986-9CAD-A75CEF8AF4E1}" = MostFun - TriJinx
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F4003705-B2A9-426E-881F-6B7DCCBB4553}" = Edges
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG8Uninstall" = AVG Free 8.5
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"Blaze Video Magic_is1" = Blaze Video Magic 2.0
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Desktop Encyclopedia" = Desktop Encyclopedia
"Family Tree Heritage" = Family Tree Heritage
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"GoToAssist" = GoToAssist 8.0.0.514
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"InstallShield_{50BD0B15-5197-4EAF-8BCD-81117D1324B1}" = Family Tree Heritage Collaboration Support
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"Kaspersky Online Scanner" = Kaspersky Online Scanner
"LHTTSSPE" = L&H TTS3000 Español
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MostFun.com Games - Ashley Jones: The Heart Of Egypt" = MostFun.com Games - Ashley Jones: The Heart Of Egypt (remove only)
"MostFun.com Games - Edges" = MostFun.com Games - Edges (remove only)
"MostFun.com Games - Jewel Quest" = MostFun.com Games - Jewel Quest (remove only)
"MostFun.com Games - Luxor 2" = MostFun.com Games - Luxor 2 (remove only)
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Mozilla Sunbird (0.5)" = Mozilla Sunbird (0.5)
"Mozilla Thunderbird (2.0.0.0)" = Mozilla Thunderbird (2.0.0.0)
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"PDF-XChange 3_is1" = PDF-XChange 3
"Quicken WillMaker Plus 2008" = Quicken WillMaker Plus 2008
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Dell Touchpad
"TmPcc" = Trend Micro PC-cillin Internet Security 14
"TomTom HOME" = TomTom HOME 2.7.6.2056
"Total 3D Home and Landscape Deluxe Suite" = Total 3D Home and Landscape Deluxe Suite
"TotalScan" = Panda TotalScan
"tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine
"Uniblue RegistryBooster" = Uniblue RegistryBooster
"Walmart MP3 Music Downloads" = Walmart MP3 Music Downloads
"Windows Live Toolbar" = Windows Live Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 1/24/2011 6:13:53 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
Error - 1/25/2011 8:41:41 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
Error - 1/25/2011 8:41:52 PM | Computer Name = Robin-PC | Source = Trend Realtime Service | ID = 3
Description =
 
Error - 1/25/2011 8:42:33 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
Error - 1/25/2011 8:43:30 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
Error - 1/25/2011 8:44:08 PM | Computer Name = Robin-PC | Source = Trend Realtime Service | ID = 3
Description =
 
Error - 1/25/2011 9:05:31 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
Error - 1/25/2011 9:05:31 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
Error - 1/25/2011 9:08:30 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
Error - 1/25/2011 9:08:31 PM | Computer Name = Robin-PC | Source = profsvc | ID = 1542
Description = Windows cannot load classes registry file.   DETAIL - The system cannot
 find the file specified.
 
[ Broadcom Wireless LAN Events ]
Error - 11/26/2010 9:52:23 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 20:52:23, Fri, Nov 26, 10 Error - Unable to gain access to user store

 
Error - 11/29/2010 2:13:24 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 13:13:24, Mon, Nov 29, 10 Error - Unable to gain access to user store

 
Error - 12/6/2010 6:51:38 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 17:51:38, Mon, Dec 06, 10 Error - Unable to gain access to user store

 
Error - 12/10/2010 6:30:14 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 17:30:13, Fri, Dec 10, 10 Error - Unable to gain access to user store

 
Error - 12/16/2010 6:01:04 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 17:01:04, Thu, Dec 16, 10 Error - Unable to gain access to user store

 
Error - 12/17/2010 7:49:23 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 18:49:23, Fri, Dec 17, 10 Error - Unable to gain access to user store

 
Error - 12/27/2010 6:23:55 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 17:23:55, Mon, Dec 27, 10 Error - Unable to gain access to user store

 
Error - 12/27/2010 8:57:53 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 19:57:53, Mon, Dec 27, 10 Error - Unable to gain access to user store

 
Error - 1/18/2011 6:25:26 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 17:25:26, Tue, Jan 18, 11 Error - Unable to gain access to user store

 
Error - 1/19/2011 9:29:31 PM | Computer Name = Robin-PC | Source = WLAN-Tray | ID = 0
Description = 20:29:31, Wed, Jan 19, 11 Error - Unable to gain access to user store

 
[ Dell Events ]
Error - 12/30/2010 9:06:26 AM | Computer Name = Robin-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 12/30/2010 9:06:26 AM | Computer Name = Robin-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
Error - 12/30/2010 9:18:48 AM | Computer Name = Robin-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
 
[ Media Center Events ]
Error - 12/20/2007 1:40:15 AM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 12/21/2007 1:42:05 AM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 12/21/2007 11:45:29 AM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 5/31/2008 2:00:43 PM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
 
Error - 6/1/2009 7:54:23 PM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 6/9/2009 5:15:05 PM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 11/5/2009 6:50:23 PM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
Error - 2/3/2010 6:39:09 PM | Computer Name = Robin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
 
[ OSession Events ]
Error - 9/6/2008 2:21:38 PM | Computer Name = Robin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 9
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 9/6/2008 2:22:04 PM | Computer Name = Robin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8
 seconds with 0 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 1/12/2011 12:26:44 PM | Computer Name = Robin-PC | Source = VDS Dynamic Provider 2.0 | ID = 16908298
Description =
 
Error - 1/12/2011 4:13:40 PM | Computer Name = Robin-PC | Source = Application Popup | ID = 1801
Description = The hardware has reported an uncorrectable memory error.
 
Error - 1/13/2011 8:32:27 PM | Computer Name = Robin-PC | Source = VDS Dynamic Provider 2.0 | ID = 16908298
Description =
 
Error - 1/14/2011 8:38:06 PM | Computer Name = Robin-PC | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable.  Please
 run the chkdsk utility on the volume OS.
 
Error - 1/14/2011 10:43:09 PM | Computer Name = Robin-PC | Source = DCOM | ID = 10010
Description =
 
Error - 1/14/2011 10:44:47 PM | Computer Name = Robin-PC | Source = DCOM | ID = 10010
Description =
 
Error - 1/15/2011 9:09:43 PM | Computer Name = Robin-PC | Source = DCOM | ID = 10010
Description =
 
Error - 1/16/2011 7:15:55 PM | Computer Name = Robin-PC | Source = DCOM | ID = 10010
Description =
 
Error - 1/18/2011 6:25:14 PM | Computer Name = Robin-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:23:07 PM on 1/18/2011 was unexpected.
 
Error - 1/19/2011 9:29:18 PM | Computer Name = Robin-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:17:54 PM on 1/19/2011 was unexpected.
 
 
< End of report >

 


Mini011911-01.dmp    1/19/2011 8:29:10 PM    DRIVER_POWER_STATE_FAILURE    0x0000009f    0x00000003    0x84544290    0x86c33030    0x84dfb488    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini011911-01.dmp    2    15    6000    139,176   
Mini011811-01.dmp    1/18/2011 5:25:08 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x820e88d9    0xb0ed189c    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+e88d9    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini011811-01.dmp    2    15    6000    139,176   
Mini122710-03.dmp    12/27/2010 7:26:12 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xc59c5008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini122710-03.dmp    2    15    6000    139,176   
Mini122710-02.dmp    12/27/2010 5:23:36 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xcb043008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini122710-02.dmp    2    15    6000    139,176   
Mini122710-01.dmp    12/27/2010 5:08:58 PM    SYSTEM_THREAD_EXCEPTION_NOT_HANDLED    0x1000007e    0xc0000005    0x820e892e    0x8ae37b78    0x8ae37874    ntkrnlpa.exe    ntkrnlpa.exe+e892e    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini122710-01.dmp    2    15    6000    139,176   
Mini112110-01.dmp    11/21/2010 12:56:15 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xc7589008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini112110-01.dmp    2    15    6000    139,176   
Mini111810-01.dmp    11/18/2010 9:09:44 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xcd813008    hal.dll    hal.dll+6104    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini111810-01.dmp    2    15    6000    139,176   
Mini110310-02.dmp    11/3/2010 10:48:26 AM    PAGE_FAULT_IN_NONPAGED_AREA    0x00000050    0xfd8001d8    0x00000000    0x97ce70b3    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+a9ff2    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini110310-02.dmp    2    15    6000    139,176   
Mini110310-01.dmp    11/2/2010 11:22:59 PM    PAGE_FAULT_IN_NONPAGED_AREA    0x00000050    0xbb600000    0x00000000    0x82136a35    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+a9ff2    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini110310-01.dmp    2    15    6000    139,176   
Mini102710-01.dmp    10/27/2010 9:50:16 AM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xbcfe3008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini102710-01.dmp    2    15    6000    131,072   
Mini102010-01.dmp    10/20/2010 8:19:41 PM    PAGE_FAULT_IN_NONPAGED_AREA    0x00000050    0xfe4b0a70    0x00000000    0x820e7527    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+a9ff2    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini102010-01.dmp    2    15    6000    139,176   
Mini092810-01.dmp    9/28/2010 5:31:38 PM    MEMORY_MANAGEMENT    0x0000001a    0x00061940    0xc4c18000    0x00000400    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini092810-01.dmp    2    15    6000    139,176   
Mini092210-01.dmp    9/22/2010 4:29:29 PM    IRQL_NOT_LESS_OR_EQUAL    0x0000000a    0x972b5008    0x00000000    0x00000000    0x82040498    ntkrnlpa.exe    ntkrnlpa.exe+8fe14    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini092210-01.dmp    2    15    6000    139,176   
Mini091810-01.dmp    9/18/2010 6:47:01 PM    NTFS_FILE_SYSTEM    0x00000024    0x000c08ac    0x00000000    0x00000000    0x00000000    Ntfs.sys    Ntfs.sys+10866    NT File System Driver    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16386 (vista_rtm.061101-2205)    32-bit        C:\Windows\Minidump\Mini091810-01.dmp    2    15    6000    139,176   
Mini091510-01.dmp    9/15/2010 6:30:16 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xcf2cb008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini091510-01.dmp    2    15    6000    139,176   
Mini071710-01.dmp    7/17/2010 6:30:16 AM    PAGE_FAULT_IN_NONPAGED_AREA    0x00000050    0xbaadf0f5    0x00000000    0x8a5112ba    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+a9ff2    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini071710-01.dmp    2    15    6000    139,176   
Mini070310-01.dmp    7/3/2010 4:59:34 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x821d3b23    0x8fc66bc4    0x00000000    hal.dll    hal.dll+6104    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini070310-01.dmp    2    15    6000    139,176   
Mini062810-01.dmp    6/28/2010 3:49:58 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x97a71327    0xb4ac9afc    0x00000000    win32k.sys    win32k.sys+71327    Multi-User Win32 Driver    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16386 (vista_rtm.061101-2205)    32-bit        C:\Windows\Minidump\Mini062810-01.dmp    2    15    6000    139,176   
Mini062410-01.dmp    6/24/2010 5:47:28 PM    IRQL_NOT_LESS_OR_EQUAL    0x0000000a    0xc06f4000    0x00000000    0x00000000    0x820b6a06    ntkrnlpa.exe    ntkrnlpa.exe+8fe14    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini062410-01.dmp    2    15    6000    139,176   
Mini052810-01.dmp    5/28/2010 7:11:54 PM    DRIVER_POWER_STATE_FAILURE    0x0000009f    0x00000003    0x84544790    0x86d59030    0x85251a50    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini052810-01.dmp    2    15    6000    139,176   
Mini051310-01.dmp    5/13/2010 10:07:01 PM    DRIVER_POWER_STATE_FAILURE    0x0000009f    0x00000003    0x84544790    0x86cdf030    0x84e8c4a8    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini051310-01.dmp    2    15    6000    139,176   
Mini051110-01.dmp    5/11/2010 4:25:42 PM    APC_INDEX_MISMATCH    0x00000001    0x82138169    0x00000000    0xffff0000    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+8ce87    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini051110-01.dmp    2    15    6000    139,176   
Mini041710-02.dmp    4/17/2010 5:24:55 PM    IRQL_NOT_LESS_OR_EQUAL    0x0000000a    0x971f8008    0x00000000    0x00000000    0x82040498    hal.dll    hal.dll+65a4    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini041710-02.dmp    2    15    6000    139,176   
Mini041710-01.dmp    4/17/2010 3:40:40 PM    MEMORY_MANAGEMENT    0x0000001a    0x00003452    0x08000000    0xc08260e0    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+19a38    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini041710-01.dmp    2    15    6000    139,176   
Mini031010-01.dmp    3/10/2010 8:09:30 PM    MEMORY_MANAGEMENT    0x0000001a    0x00003452    0x07c00000    0xc082a430    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+19a38    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini031010-01.dmp    2    15    6000    139,176   
Mini022310-01.dmp    2/23/2010 8:04:09 PM    MEMORY_MANAGEMENT    0x0000001a    0x00003452    0x02e00000    0xc08036ac    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+19a38    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini022310-01.dmp    2    15    6000    139,176   
Mini022110-01.dmp    2/21/2010 3:58:43 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xc5d92008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini022110-01.dmp    2    15    6000    139,176   
Mini020610-01.dmp    2/6/2010 2:57:41 PM    MEMORY_MANAGEMENT    0x0000001a    0x00041284    0x04ac7001    0x00000cbe    0xc0801000    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini020610-01.dmp    2    15    6000    131,072   
Mini121409-01.dmp    12/14/2009 5:37:24 PM    APC_INDEX_MISMATCH    0x00000001    0x821e9267    0x00000000    0xffff0000    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+8ce57    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini121409-01.dmp    2    15    6000    139,176   
Mini111609-01.dmp    11/16/2009 6:17:42 PM    PAGE_FAULT_IN_NONPAGED_AREA    0x00000050    0xf8f5cb68    0x00000000    0x820e7527    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+a9ff2    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini111609-01.dmp    2    15    6000    139,176   
Mini102709-02.dmp    10/27/2009 6:22:42 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x820e892e    0xbe3b3b2c    0x00000000    Ntfs.sys    Ntfs.sys+185ac    NT File System Driver    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16386 (vista_rtm.061101-2205)    32-bit        C:\Windows\Minidump\Mini102709-02.dmp    2    15    6000    139,176   
Mini102709-01.dmp    10/27/2009 6:16:01 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xcfae7008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini102709-01.dmp    2    15    6000    139,176   
Mini092209-01.dmp    9/22/2009 9:18:12 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x820e892e    0xb50d9f8c    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+e892e    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini092209-01.dmp    2    15    6000    139,176   
Mini091309-01.dmp    9/13/2009 4:46:12 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00100009    0xff224c90    win32k.sys    win32k.sys+eacd6    Multi-User Win32 Driver    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16386 (vista_rtm.061101-2205)    32-bit        C:\Windows\Minidump\Mini091309-01.dmp    2    15    6000    139,176   
Mini091209-01.dmp    9/12/2009 12:41:58 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xbe43d008    hal.dll    hal.dll+6104    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini091209-01.dmp    2    15    6000    139,176   
Mini090909-01.dmp    9/9/2009 12:10:10 PM    UNEXPECTED_KERNEL_MODE_TRAP    0x1000007f    0x00000008    0x8aeb10c0    0x00000000    0x00000000                            32-bit        C:\Windows\Minidump\Mini090909-01.dmp    2    15    6000    131,072   
Mini082809-02.dmp    8/28/2009 8:15:17 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xff2d3008    hal.dll    hal.dll+65a4    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini082809-02.dmp    2    15    6000    139,176   
Mini082809-01.dmp    8/28/2009 6:19:50 PM    NO_MORE_IRP_STACK_LOCATIONS    0x00000035    0x88433e28    0x00000000    0x00000000    0x00000000    dmdcap.sys    dmdcap.sys+fc0b    Video USB Driver    U6000 USB TV        3, 10, 607, 0    32-bit        C:\Windows\Minidump\Mini082809-01.dmp    2    15    6000    139,176   
Mini082109-01.dmp    8/21/2009 6:22:16 PM    MEMORY_MANAGEMENT    0x0000001a    0x00003452    0x07200000    0xc0816828    0x00000040    ntkrnlpa.exe    ntkrnlpa.exe+19a34    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini082109-01.dmp    2    15    6000    139,176   
Mini071709-01.dmp    7/17/2009 7:42:55 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xcacb3008    hal.dll    hal.dll+6104    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini071709-01.dmp    2    15    6000    139,176   
Mini071409-01.dmp    7/14/2009 6:14:58 PM    IRQL_NOT_LESS_OR_EQUAL    0x0000000a    0xc0088000    0x00000000    0x00000000    0x82006beb    ntkrnlpa.exe    ntkrnlpa.exe+8fdc4    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini071409-01.dmp    2    15    6000    139,176   
Mini070109-01.dmp    7/1/2009 6:42:26 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xb9172008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini070109-01.dmp    2    15    6000    139,176   
Mini062909-01.dmp    6/29/2009 7:10:54 AM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xcb9fc008    hal.dll    hal.dll+6104    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini062909-01.dmp    2    15    6000    139,176   
Mini060809-01.dmp    6/8/2009 12:55:02 PM    DRIVER_POWER_STATE_FAILURE    0x0000009f    0x00000003    0x8413f158    0x8687e030    0x862dd8c0    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini060809-01.dmp    2    15    6000    139,176   
Mini050509-01.dmp    5/5/2009 6:22:33 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x81ce89b7    0xb6573914    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+e89b7    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini050509-01.dmp    2    15    6000    139,176   
Mini032309-01.dmp    3/23/2009 4:42:10 PM    MEMORY_MANAGEMENT    0x0000001a    0x00003452    0x0d000000    0xc0802114    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+19a34    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini032309-01.dmp    2    15    6000    139,176   
Mini031209-01.dmp    3/12/2009 7:01:42 PM    NTFS_FILE_SYSTEM    0x00000024    0x000c08ac    0x00000000    0x00000000    0x00000000    Ntfs.sys    Ntfs.sys+10866    NT File System Driver    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16386 (vista_rtm.061101-2205)    32-bit        C:\Windows\Minidump\Mini031209-01.dmp    2    15    6000    131,072   
Mini010909-01.dmp    1/9/2009 3:23:25 PM    MEMORY_MANAGEMENT    0x0000001a    0x00041287    0x00000000    0x00000000    0x00000000    hal.dll    hal.dll+66d0    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini010909-01.dmp    2    15    6000    139,176   
Mini122908-01.dmp    12/29/2008 3:34:47 PM    DRIVER_POWER_STATE_FAILURE    0x0000009f    0x00000003    0x84143f10    0x8666b030    0x865a3768    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini122908-01.dmp    2    15    6000    139,176   
Mini122808-01.dmp    12/28/2008 7:31:56 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x81cd8fc0    0xac6c1844    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+d8fc0    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini122808-01.dmp    2    15    6000    139,176   
Mini121908-01.dmp    12/19/2008 5:04:03 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xcb0b3008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini121908-01.dmp    2    15    6000    139,176   
Mini112908-01.dmp    11/29/2008 4:09:18 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xc699b008    hal.dll    hal.dll+6104    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini112908-01.dmp    2    15    6000    139,176   
Mini111208-02.dmp    11/12/2008 9:06:35 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xc78f6008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini111208-02.dmp    2    15    6000    139,176   
Mini111208-01.dmp    11/12/2008 8:56:31 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xfe0c5008    hal.dll    hal.dll+65a4    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini111208-01.dmp    2    15    6000    139,176   
Mini111108-01.dmp    11/11/2008 6:39:49 AM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xfe253008    hal.dll    hal.dll+65a4    Hardware Abstraction Layer DLL    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16407 (vista_gdr.061223-1640)    32-bit        C:\Windows\Minidump\Mini111108-01.dmp    2    15    6000    139,176   
Mini110508-01.dmp    11/5/2008 4:16:12 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x81ce8874    0xac74fb34    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+e8874    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini110508-01.dmp    2    15    6000    139,176   
Mini110408-01.dmp    11/4/2008 6:01:13 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xb8ebd008    ntkrnlpa.exe    ntkrnlpa.exe+d8781    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini110408-01.dmp    2    15    6000    139,176   
Mini100908-01.dmp    10/9/2008 5:43:31 PM    MEMORY_MANAGEMENT    0x0000001a    0x00003452    0x08200000    0xc080cecc    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+19a1c    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini100908-01.dmp    2    15    6000    139,176   
Mini083108-01.dmp    8/31/2008 2:53:28 PM    MEMORY_MANAGEMENT    0x0000001a    0x00061940    0xd2a00000    0x00000000    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+d8681    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini083108-01.dmp    2    15    6000    139,176   
Mini082008-01.dmp    8/20/2008 4:48:52 PM    MEMORY_MANAGEMENT    0x0000001a    0x00004000    0x867abd90    0x80000000    0x0023e047    ntkrnlpa.exe    ntkrnlpa.exe+d8681    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini082008-01.dmp    2    15    6000    139,176   
Mini071308-01.dmp    7/13/2008 8:46:58 AM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xc75ff008    ntkrnlpa.exe    ntkrnlpa.exe+d8681    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini071308-01.dmp    2    15    6000    139,176   
Mini052308-01.dmp    5/23/2008 9:05:13 PM    MEMORY_MANAGEMENT    0x0000001a    0x00041790    0xc0801084    0x0000ffff    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+40606    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini052308-01.dmp    2    15    6000    139,176   
Mini040908-01.dmp    4/9/2008 5:07:46 PM    BAD_POOL_CALLER    0x000000c2    0x00000007    0x0000113d    0x00000000    0xb6074450    ntkrnlpa.exe    ntkrnlpa.exe+d8681    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini040908-01.dmp    2    15    6000    139,176   
Mini032508-01.dmp    3/25/2008 7:11:28 PM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x81cd8ec0    0xb6be7844    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+d8ec0    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini032508-01.dmp    2    15    6000    139,176   
Mini032308-01.dmp    3/23/2008 11:58:41 AM    KERNEL_MODE_EXCEPTION_NOT_HANDLED    0x1000008e    0xc0000005    0x950d577a    0xa91c7c30    0x00000000    win32k.sys    win32k.sys+d577a    Multi-User Win32 Driver    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16386 (vista_rtm.061101-2205)    32-bit        C:\Windows\Minidump\Mini032308-01.dmp    2    15    6000    139,176   
Mini021708-01.dmp    2/17/2008 1:42:27 PM    MEMORY_MANAGEMENT    0x0000001a    0x00041790    0xc08010a8    0x00000203    0x00000000    ntkrnlpa.exe    ntkrnlpa.exe+40606    NT Kernel & System    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.17021 (vista_gdr.100218-0019)    32-bit        C:\Windows\Minidump\Mini021708-01.dmp    2    15    6000    139,176   
Mini021508-01.dmp    2/15/2008 3:26:16 PM    NTFS_FILE_SYSTEM    0x00000024    0x000c08ac    0x00000000    0x00000000    0x00000000    Ntfs.sys    Ntfs.sys+10866    NT File System Driver    Microsoft® Windows® Operating System    Microsoft Corporation    6.0.6000.16386 (vista_rtm.061101-2205)    32-bit        C:\Windows\Minidump\Mini021508-01.dmp    2    15    6000    139,176   

 

 

 

 

 

 

0 Kudos
Highlighted
4 Beryllium

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hiya catfish 401,

There are a lot of remnants running from Trend micro, also a driver from Panda security. These remnants may very well be the cause of your crashes. The best way forward is to strip away the old security remnants and see if that action helps before we go any further.

Proceed as follows please :-

Step 1

Re-Run user posted image by double left click, Vista and Widows 7 users right click and select Run as Administrator.
  • Under the user posted image box at the bottom, paste in the following from between the dotted lines
    ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    :OTL
    PRC - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe
    PRC - [2006/11/21 13:02:24 | 001,807,960 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
    PRC - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe
    SRV - [2008/05/19 15:17:14 | 001,475,936 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\PcCtlCom.exe -- (PcCtlCom)
    SRV - [2006/11/09 15:04:02 | 000,566,872 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\tmproxy.exe -- (tmproxy)
    SRV - [2006/11/09 15:03:42 | 000,923,216 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security 14\TmPfw.exe -- (TmPfw)
    SRV - [2006/09/18 16:50:54 | 000,345,696 | ---- | M] (Trend Micro Inc.) [Auto | Stopped] -- C:\Program Files\Trend Micro\Internet Security 14\Tmntsrv.exe -- (Tmntsrv)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
    O4 - HKLM..\Run: [EarthLink Installer] File not found
    O4 - HKCU..\Run: [Search Protection] File not found
    O4 - HKCU..\Run: [Simple Star PhotoShow Media Manager] File not found
    O16 - DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} http://mediaplayer.walmart.com/installer/install.cab (Reg Error: Key error.)
    @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:2C15EF07
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    @Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:B85416EB
    :Services
    pavboot
    tmxpflt
    tmpreflt
    vsapint
    tmcfw
    tmtdi
    :Reg

    :Files
    ipconfig /flushdns /c
    C:\Windows\system32\drivers\pavboot.sys
    C:\Windows\System32\drivers\tmxpflt.sys
    C:\Windows\System32\drivers\tmpreflt.sys
    C:\Windows\System32\drivers\vsapint.sys
    C:\Windows\System32\drivers\TM_CFW.sys
    C:\Windows\System32\drivers\tmtdi.sys
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [EMPTYFLASH]
    [CREATERESTOREPOINT]

    ----------------------------------------------------------------------------------------------------------------------------------------------------------
  • Then click user posted image button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


Step 2


You have not posted the Bluescreen viewer log, you`ve actually posted the mini dumps that BSV reads. Can you try that one again.

What i`d like in your reply :-

  • Log from OTL Fix
  • Log from OTL Quick scan
  • Log from Blue screen viewer


Kevin

[img]http://en.community.dell.com/cfs-file.ashx/__key/communityserver-components-userfiles/00-00-87-63-64-Attached+Files/0172.dellrsnew.jpg[/img]
 

 

0 Kudos
Highlighted
2 Bronze

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Here you go:

DDS (Ver_10-12-12.02) - NTFSx86 
Run by Robin at 19:15:14.29 on Thu 02/03/2011
Internet Explorer: 7.0.6000.17037
Microsoft® Windows Vista™ Home Premium   6.0.6000.0.1252.1.1033.18.3061.1486 [GMT -5:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\aestsrv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\Program Files\Windows Live\Family Safety\fsssvc.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Windows\system32\rundll32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Smith Micro\StuffIt11\ArcNameService.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Dell DataSafe Local Backup\Toaster.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\Windows Live\Family Safety\fssui.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Users\Robin\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\mobsync.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Robin\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071208
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=4071208
uSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
mDefault_Search_URL = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com
mSearch Page = hxxp://us.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: Windows Live OneCare Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - c:\program files\windows live\family safety\fssbho.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [Simple Star PhotoShow Media Manager] c:\progra~1\simple~1\photos~1\data\xtras\mssysmgr.exe
uRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
uRun: [Search Protection] c:\program files\yahoo!\search protection\SearchProtection.exe
uRun: [SansaDispatch] c:\users\robin\appdata\roaming\sandisk\sansa updater\SansaDispatch.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ECenter] c:\dell\e-center\EULALauncher.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [UVS11 Preload] c:\program files\ulead systems\ulead videostudio 11\uvPL.exe
mRun: [EarthLink Installer] " /C
mRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
mRun: [pccguide.exe] "c:\program files\trend micro\internet security 14\pccguide.exe"
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel Photo Downloader.exe" -startup
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [DellSupportCenter] "c:\program files\dell support center\bin\sprtcmd.exe" /P DellSupportCenter
mRun: [fssui] "c:\program files\windows live\family safety\fssui.exe" -autorun
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
mRun: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
mRun: [UVS10 Preload] c:\program files\ulead systems\ulead videostudio se dvd\uvPL.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRunOnce: [Launcher] c:\program files\dell datasafe local backup\components\scheduler\Launcher.exe
mRunOnce: [DSUpdateLauncher] "c:\program files\dell datasafe local backup\components\dsupdate\hstart.exe" /noconsole /d="c:\program files\dell datasafe local backup\components\dsupdate" /runas "c:\program files\dell datasafe local backup\components\dsupdate\DSUpd.exe"
mRunOnce: [STToasterLauncher] c:\program files\dell datasafe local backup\toasterLauncher.exe
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\users\robin\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewer\QuickDCF.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickset.lnk - c:\program files\dell\quickset\quickset.exe
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} - hxxp://zone.msn.com/binFrameWork/v10/StagingUI.cab55579.cab
DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - hxxp://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://zone.msn.com/bingame/trix/default/TriJinx.1.0.0.87.cab
DPF: {3BB54395-5982-4788-8AF4-B5388FFDD0D8} - hxxp://zone.msn.com/BinFrameWork/v10/ZBuddy.cab55579.cab
DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} - hxxp://www.nanoscan.com/as/cabs/ascstubie.cab
DPF: {5736C456-EA94-4AAC-BB08-917ABDD035B3} - hxxp://zone.msn.com/binframework/v10/ZPAChat.cab55579.cab
DPF: {74C861A1-D548-4916-BC8A-FDE92EDFF62C} - hxxp://mediaplayer.walmart.com/installer/install.cab
DPF: {809A6301-7B40-4436-A02C-87B8D3D7D9E3} - hxxp://zone.msn.com/bingame/zpagames/zpa_dmno.cab55579.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} - hxxp://zone.msn.com/binframework/v10/StProxy.cab55579.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg8\toolbar\IEToolbar.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: AVGRSSTX.DLL c:\progra~1\google\google~2\GOEC62~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\robin\appdata\roaming\mozilla\firefox\profiles\tmhxc6w8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - chrome://speeddial/content/speeddial.xul
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc6d4ae&v=6.010.006.004&i=29&tp=ab&iy=b&ychte=us&lng=en-US&q=
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg8\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\program files\mcafee\siteadvisor\components\McFFPlg.dll
FF - component: c:\users\robin\appdata\roaming\mozilla\firefox\profiles\tmhxc6w8.default\extensions\support@lastpass.com\platform\winnt_x86-msvc\components\lpxpcom.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\java\jre1.6.0\bin\npjpi160.dll
FF - plugin: c:\program files\panda security\totalscan\npwrapper.dll
FF - plugin: c:\users\robin\appdata\roaming\mozilla\firefox\profiles\tmhxc6w8.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\users\robin\appdata\roaming\mozilla\firefox\profiles\tmhxc6w8.default\extensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - c:\program files\avg\avg8\Firefox
FF - Ext: AVG Security Toolbar em:version=6.010.006.004 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - c:\program files\avg\avg8\toolbar\firefox\avg@igeared
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
FF - Ext: McAfee SiteAdvisor: {B7082FAA-CB62-4872-9106-E42DD88EDE45} - c:\program files\mcafee\SiteAdvisor
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: SmartSearch: {4fa0d965-cd01-4d08-9bdb-0d8c47cfd5d8} - %profile%\extensions\{4fa0d965-cd01-4d08-9bdb-0d8c47cfd5d8}
FF - Ext: ColorfulTabs: {0545b830-f0aa-4d7e-8820-50a4629a56fe} - %profile%\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
FF - Ext: Surf Canyon - Search Engine Assistant: {75623d5d-4683-402a-b610-ac4bab767c86} - %profile%\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
FF - Ext: CraigZilla: craigzilla@studioshorts.com - %profile%\extensions\craigzilla@studioshorts.com
FF - Ext: Text-to-Image: {f701c26a-479a-4724-b4f1-870db12f063c} - %profile%\extensions\{f701c26a-479a-4724-b4f1-870db12f063c}
FF - Ext: Speed Dial: {64161300-e22b-11db-8314-0800200c9a66} - %profile%\extensions\{64161300-e22b-11db-8314-0800200c9a66}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Craigslist Image Prefetcher: CLIP@chris.synan - %profile%\extensions\CLIP@chris.synan
FF - Ext: FoxTab: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a} - %profile%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
FF - Ext: LastPass: support@lastpass.com - %profile%\extensions\support@lastpass.com
FF - Ext: Adobe DLM (powered by getPlus(R)): {E2883E8F-472F-4fb0-9522-AC9BF37916A7} - %profile%\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
FF - Ext: AmazonAssist: sidecar@amazon.com - %profile%\extensions\sidecar@amazon.com
FF - Ext: Window Shopper - Powered by Superfish: superfish@superfish.com - %profile%\extensions\superfish@superfish.com
FF - Ext: IE Tab 2 (FF 3.6+): {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} - %profile%\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true
============= SERVICES / DRIVERS ===============

R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2010-7-16 28552]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-4 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2008-11-4 27784]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-10 108552]
R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\AEstSrv.exe [2007-12-8 73728]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-11-4 908056]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-11-4 297752]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2008-10-4 43816]
R2 fsssvc;Windows Live OneCare Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2007-12-17 523816]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2011-1-13 88176]
R2 SftService;SoftThinks Agent Service;c:\program files\dell datasafe local backup\SftService.exe [2010-12-29 689472]
R2 TmPfw;Trend Micro Personal Firewall;c:\progra~1\trendm~1\intern~1\TmPfw.exe [2006-8-29 923216]
R2 tmpreflt;tmpreflt;c:\windows\system32\drivers\tmpreflt.sys [2008-2-29 36368]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2010-8-24 92008]
R3 tmcfw;Trend Micro Common Firewall Service;c:\windows\system32\drivers\TM_CFW.sys [2008-2-29 280392]
S2 Tmntsrv;Trend Micro Real-time Service;c:\progra~1\trendm~1\intern~1\Tmntsrv.exe [2006-9-18 345696]
S2 tmproxy;Trend Micro Proxy Service;c:\progra~1\trendm~1\intern~1\tmproxy.exe [2006-8-29 566872]
S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg8\toolbar\ToolbarBroker.exe [2010-10-26 517448]
S3 cmeu0wdm;CardMan 2020;c:\windows\system32\drivers\cmeu0wdm.sys [2005-5-23 43737]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2007-12-8 30192]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 U6000ALL;HDTV110 TV Box(ALL);c:\windows\system32\drivers\dmdcap.sys [2007-6-8 230784]

=============== Created Last 30 ================

2011-02-02 23:50:38 5890896 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{6ae8c8fa-0e60-4301-b6b8-9b7a99773dfa}\mpengine.dll
2011-02-01 00:00:47 -------- d-sh--w- c:\users\robin\%APPDATA%
2011-01-26 21:35:05 -------- d-----w- C:\_OTL

==================== Find3M  ====================


============= FINISH: 19:16:12.46 ===============

 


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 12/8/2007 6:56:57 AM
System Uptime: 2/3/2011 5:51:09 PM (2 hours ago)

Motherboard: Dell Inc. |  | 0KY767
Processor: Intel(R) Core(TM)2 Duo CPU     T5250  @ 1.50GHz | Microprocessor | 1500/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 136 GiB total, 91.843 GiB free.
😧 is FIXED (NTFS) - 10 GiB total, 5.41 GiB free.
E: is CDROM (UDF)

==== Disabled Device Manager Items =============

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0002
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0002
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0003
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0003
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0004
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0004
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0005
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0005
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0006
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0006
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0007
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0007
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0008
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0008
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0009
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0009
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: isatap.{5A03A83F-30D9-4B66-AF27-69E25F0A7A21}
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0007
Manufacturer: Microsoft
Name: isatap.{3A372AC4-87A6-4A2E-B00D-B9A632B884DC}
PNP Device ID: ROOT\*ISATAP\0007
Service: tunnel

Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: Officejet 6500 E709n
Device ID: ROOT\IMAGE\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\IMAGE\0000
Service: StillCam

Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:

Class GUID: {4d36e979-e325-11ce-bfc1-08002be10318}
Description: Officejet 6500 E709n
Device ID: ROOT\PRINTER\0000
Manufacturer: HP
Name: Officejet 6500 E709n
PNP Device ID: ROOT\PRINTER\0000
Service:

==== System Restore Points ===================

RP1191: 2/3/2011 7:00:16 PM - Windows Update

==== Installed Programs ======================

32 Bit HP CIO Components Installer
6500_E709_eDocs
6500_E709_Help
6500_E709n
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 8.1.2
Adobe Reader 8.1.2 Security Update 1 (KB403742)
Ashley Jones: The Heart Of Egypt
AVG Free 8.5
Blaze Video Magic 2.0
Bonjour
bpd_scan
BPDSoftware
BPDSoftware_Ini
Broadcom Management Programs
BudgetExpress 3
BufferChm
CA Yahoo! Anti-Spy (remove only)
Conexant HDA D330 MDC V.92 Modem
Corel Paint Shop Pro Photo X2
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Getting Started Guide
Dell Support Center (Support Software)
Dell Touchpad
Dell Wireless WLAN Card
DellSupport
Desktop Encyclopedia
Destination Component
DeviceDiscovery
DHTML Editing Component
Digital Line Detect
DocMgr
DocProc
Edges
Family Tree Heritage
Family Tree Heritage Collaboration Support
Fax
FinePixViewer Resource
FinePixViewer Ver.5.1
Google Desktop
Google Earth
Google Updater
GoToAssist 8.0.0.514
GPBaseService2
Highlight Viewer (Windows Live Toolbar)
HiJackThis
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hoyle Board Games 2007
Hoyle Card Games 2007
Hoyle Puzzle Games 2007
HP Customer Participation Program 12.0
HP Document Manager 2.0
HP Imaging Device Functions 12.0
HP Officejet 6500 E709 Series
HP Smart Web Printing
HP Solution Center 12.0
HP Update
HPProductAssistant
HPSSupply
InterVideo DeviceService
Java(TM) SE Runtime Environment 6
Jewel Quest
Kaspersky Online Scanner
L&H TTS3000 Español
Lernout & Hauspie TruVoice American English TTS Engine
Luxor 2
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
MarketResearch
McAfee Security Scan Plus
McAfee SiteAdvisor
MediaDirect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Modem Diagnostic Tool
MostFun - TriJinx
MostFun.com Games - Ashley Jones: The Heart Of Egypt (remove only)
MostFun.com Games - Edges (remove only)
MostFun.com Games - Jewel Quest (remove only)
MostFun.com Games - Luxor 2 (remove only)
Mozilla Firefox (3.6.13)
Mozilla Sunbird (0.5)
Mozilla Thunderbird (2.0.0.0)
MSVCSetup
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
Music, Photos & Videos Launcher
NetWaiting
Network
NetZeroInstallers
OCR Software by I.R.I.S. 12.0
OGA Notifier 2.0.0048.0
One Touch Video Capture
OutlookAddinSetup
Panda ActiveScan 2.0
Panda TotalScan
PDF-XChange 3
Product Documentation Launcher
ProductContext
QualxServ Service Agreement
Quicken WillMaker Plus 2008
QuickSet
QuickTime
RAW FILE CONVERTER LE
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
Sansa Updater
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
Smart Menus (Windows Live Toolbar)
SmartWebPrinting
SolutionCenter
Sonic Activation Module
Status
StuffIt Deluxe 11 for Windows
Sudoku Crunch
TomTom HOME 2.7.6.2056
TomTom HOME Visual Studio Merge Modules
Toolbox
Total 3D Home and Landscape Deluxe Suite
TrayApp
Trend Micro PC-cillin Internet Security 14
Ulead VideoStudio 11
Ulead VideoStudio SE DVD
Uniblue RegistryBooster
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User's Guides
VC500 Driver
VideoStudio
Walmart MP3 Music Downloads
Walmart Photo Manager
WebReg
Windows Live Essentials
Windows Live Favorites for Windows Live Toolbar
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live OneCare Family Safety
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Writer
Windows Media Player Firefox Plugin
Windows Mobile Device Center
Windows Mobile Device Center Driver Update

==== Event Viewer Messages From Past Week ========

2/2/2011 7:41:16 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Guest\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
2/2/2011 6:18:09 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the AffinegyService service to connect.
2/2/2011 6:18:09 PM, Error: Service Control Manager [7000]  - The AffinegyService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
2/2/2011 6:17:25 PM, Error: Microsoft-Windows-Windows Defender [2004]  - Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.   Signatures Attempted: Current   Error Code: 0x8050a001   Error description: The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support.    Signatures loading: Backup   Loading signature version: 1.97.22.0   Loading engine version: 1.1.6402.0
2/2/2011 5:33:14 PM, Error: EventLog [6008]  - The previous system shutdown at 5:31:17 PM on 2/2/2011 was unexpected.
2/2/2011 11:57:40 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapiMgr service.
1/31/2011 7:27:49 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
1/31/2011 7:27:42 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
1/31/2011 7:27:38 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
1/31/2011 7:27:27 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
1/31/2011 7:26:57 PM, Error: EventLog [6008]  - The previous system shutdown at 7:25:10 PM on 1/31/2011 was unexpected.
1/31/2011 6:12:37 PM, Error: Print [6161]  - The document MAN_F7D1301_v1_8820-00370_Basic_Router.pdf, owned by Robin, failed to print on printer HP Officejet 6500 E709n Series (Copy 1). Try to print the document again, or restart the print spooler.  Data type: NT EMF 1.008. Size of the spool file in bytes: 22748116. Number of bytes printed: 0. Total number of pages in the document: 10. Number of pages printed: 0. Client computer: \\ROBIN-PC. Win32 error code returned by the print processor: 6. The handle is invalid.
1/28/2011 5:45:55 PM, Error: Service Control Manager [7031]  - The Windows Defender service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
1/28/2011 5:45:42 PM, Error: Microsoft-Windows-Windows Defender [5008]  - Windows Defender engine has been terminated due to an unexpected error.   Failure Type: Crash   Exception code: 0xc0000005   Resource: process:pid:3052

==== End Of File ===========================

0 Kudos
Highlighted
4 Beryllium

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hiya Robin,

Looks like we are back where we started, we still have the original issue that must be addressed before we progress. You have AVG 8 which is outdated and you have Trendmicro.

You must run the Trendmicro removal utility to get rid of all remneants, next you need to either update AVG to the newest version or remove that too and install something better like Microsoft Security Essential. (highly recommended) and free.

The TrendMicro removal utility is available Here please use it.

Regarding AVG get the most recent version Here the free version is top left.

If you are removing AVG use the removal utility available Here read the link.

If you are installing Microsoft Security Essentials, get it Here hit the big blue "Download now" tab and follow the prompts, it will want to update and carry out a quick scan, please allow it. If it finds anything let me know. It does not produce a log but information can be found under the History tab in the main interface.

When you have completed the above post back with a new set of DDS logs and an update on your system, specific issues etc..

Kevin

[img]http://en.community.dell.com/cfs-file.ashx/__key/communityserver-components-userfiles/00-00-87-63-64-Attached+Files/0172.dellrsnew.jpg[/img]
 

 

0 Kudos
Highlighted
2 Bronze

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hey Kevin,

Not having very good luck.  After I ran the removal tool for TrendMicro, I couldn't get back onto the internet again (i'm actually on my work computer again).  I believe I am having some kind of problem with wireless card drivers or something.  I cannot even access the internet through my neighbor's unsecured signal.  I'm definately confused.  I think i can run the DDS thing again because i think it' s in my recycle bin, however i won't be able to post the logs. Standing by for further instructions.  Am i at the point where i take it to a repair shop to take a look at.

Thanks

 

0 Kudos
Highlighted
4 Beryllium

Re: Computer crashes (blue screen) often; computer may have infected yesterday with a trojan. hijack this attached.

Hiya Robin,

Lets not panic just yet, if you take your system to a shop you may end up paying out a lot of money for something which may be an easy fix. I`ve done a lot of searching about and may have found the answer.

You will have to use system restore again, that should get your connection back. Next go Here and read through the thread carefully. Apparently it is a common fault when unistalling TM a driver is left and causes the issue you now have.

Let me know how you get on,

Kevin

[img]http://en.community.dell.com/cfs-file.ashx/__key/communityserver-components-userfiles/00-00-87-63-64-Attached+Files/0172.dellrsnew.jpg[/img]
 

 

0 Kudos