Author Topic: [Inactive] Aquired parent's old laptop, runs slow, discs don't eject.  (Read 10980 times)

Offline MikeMobes

  • Bronze Member
  • Posts: 55
Ive recently aquired my parent's old laptop. I have only had it for a couple of days, however it seems to be running sluggishly, and the hardware eject button for the cd/dvd rom only works before windows boots up. Also, they said something popped up saying that the computer was infected, but don't remember what it said. I'm guessing it was just a phishing popup, but I cant be certain it wasn't legitimate either, so here i am.

:::Edit:::
Windows Defender is off and won't turn on. Dialog box is as follows:
 "Windows Defender encountered an error: 0x800106ba. A problem caused this program's service to stop. To start the service, restart your computer or search Help and Support for how to start a service manually"
:::/Edit:::
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Grammaton Cleric at 18:43:00 on 2013-07-14
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4085.2071 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\WLTRYSVC.EXE
C:\Windows\System32\bcmwltry.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\alg.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\WmiPrvSE.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = Internet Explorer, optimized for Bing and MSN
mDefault_Page_URL = hxxp://www.dell.com
uURLSearchHooks: H - No File
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: XBTBPos00: {fcbccb87-9224-4b8d-b117-f56d924beb18} - Fast Browser Search Toolbar Helper
TB: Fast Browser Search Toolbar: {1bb22d38-a411-4b13-a746-c2a4f4ec7344} -
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [PCMService] "C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
TCP: DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
TCP: Interfaces\{B6427DDC-7783-4E52-8833-CAD6901AFB2D} : DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
TCP: Interfaces\{FF641C2F-EE52-4E11-A57A-CCCFDB5FFD63} : DhcpNameServer = 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
BHO-X64: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
BHO-X64: {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-X64: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - Fast Browser Search Toolbar Helper
BHO-X64:     XBTBPos00 - No File
TB-X64: Fast Browser Search Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} -
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
mRun-x64: [PCMService] "C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRunOnce-x64: [Malwarebytes Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /install /silent
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-5-10 65640]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe [?]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-8-27 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2011-8-27 55296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2010-11-18 376144]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2008-7-24 16056]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;\??\C:\Windows\system32\drivers\LMIRfsDriver.sys --> C:\Windows\system32\drivers\LMIRfsDriver.sys [?]
R2 sxuptp;SXUPTP Driver;C:\Windows\system32\DRIVERS\sxuptp.sys --> C:\Windows\system32\DRIVERS\sxuptp.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI Service;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;C:\Windows\system32\DRIVERS\OA001Ufd.sys --> C:\Windows\system32\DRIVERS\OA001Ufd.sys [?]
R3 OA001Vid;Creative Camera OA001 Function Driver;C:\Windows\system32\DRIVERS\OA001Vid.sys --> C:\Windows\system32\DRIVERS\OA001Vid.sys [?]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-23 136176]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-7-14 257416]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-4-23 136176]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-4-26 117144]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-6-20 366600]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 VCR2PC;VCR2PC Analog Capture;C:\Windows\system32\DRIVERS\0140_ION.sys --> C:\Windows\system32\DRIVERS\0140_ION.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-4-16 1024680]
S4 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-2-28 183560]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-19 89920]
S4 QuickBooksDB17;QuickBooksDB17;C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 --> C:\PROGRA~2\Intuit\QUICKB~1\QBDBMgrN.exe -hvQuickBooksDB17 [?]
.
=============== File Associations ===============
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
VBSFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2013-07-15 01:30:59   9552976   ----a-w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BCEA9C01-49A0-4AA1-8D2D-F87CE2D6728E}\mpengine.dll
2013-07-15 01:25:08   108968   ----a-w-   C:\Windows\System32\WindowsAccessBridge-64.dll
2013-07-13 05:40:04   --------   d-----w-   C:\Users\Grammaton Cleric\AppData\Local\ApplicationHistory
2013-07-12 23:09:43   619008   ----a-w-   C:\Windows\System32\qedit.dll
2013-07-12 23:09:43   505344   ----a-w-   C:\Windows\SysWow64\qedit.dll
2013-07-12 23:09:40   1815552   ----a-w-   C:\Program Files\Windows Journal\NBDoc.DLL
2013-07-12 23:09:40   1500672   ----a-w-   C:\Program Files\Windows Journal\JNWDRV.dll
2013-07-12 23:09:40   1476608   ----a-w-   C:\Program Files\Windows Journal\JNTFiltr.dll
2013-07-12 23:09:40   1447936   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-07-12 23:09:39   936960   ----a-w-   C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-07-12 23:04:22   2775040   ----a-w-   C:\Windows\System32\win32k.sys
2013-07-11 02:03:27   --------   dc----w-   C:\Users\Grammaton Cleric\AppData\Local\MigWiz
2013-07-11 01:58:53   --------   d-----w-   C:\Program Files\Windows Easy Transfer 7
2013-06-21 01:51:52   964552   ------w-   C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{093F060F-DBE0-45D1-9162-A0AF50AE6C25}\gapaengine.dll
2013-06-21 01:50:04   1078272   ----a-w-   C:\Windows\System32\certutil.exe
2013-06-21 01:50:03   985600   ----a-w-   C:\Windows\SysWow64\crypt32.dll
2013-06-21 01:50:03   812544   ----a-w-   C:\Windows\SysWow64\certutil.exe
2013-06-21 01:50:03   1269248   ----a-w-   C:\Windows\System32\crypt32.dll
2013-06-21 01:50:02   98304   ----a-w-   C:\Windows\SysWow64\cryptnet.dll
2013-06-21 01:50:02   50688   ----a-w-   C:\Windows\System32\certenc.dll
2013-06-21 01:50:02   41984   ----a-w-   C:\Windows\SysWow64\certenc.dll
2013-06-21 01:50:02   174592   ----a-w-   C:\Windows\System32\cryptsvc.dll
2013-06-21 01:50:02   133120   ----a-w-   C:\Windows\SysWow64\cryptsvc.dll
2013-06-21 01:50:02   132096   ----a-w-   C:\Windows\System32\cryptnet.dll
2013-06-21 01:49:48   30720   ----a-w-   C:\Windows\System32\cryptdlg.dll
2013-06-21 01:49:48   24576   ----a-w-   C:\Windows\SysWow64\cryptdlg.dll
2013-06-21 01:49:43   40448   ----a-w-   C:\Windows\System32\drivers\tcpipreg.sys
2013-06-21 01:49:43   1417576   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2013-06-21 01:49:41   686080   ----a-w-   C:\Windows\System32\win32spl.dll
2013-06-21 01:49:41   443904   ----a-w-   C:\Windows\SysWow64\win32spl.dll
2013-06-21 01:49:41   37376   ----a-w-   C:\Windows\SysWow64\printcom.dll
2013-06-19 04:50:08   247216   ----a-w-   C:\Windows\System32\drivers\MpFilter.sys
.
==================== Find3M  ====================
.
2013-07-15 01:25:06   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-15 01:25:06   692104   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-15 01:24:25   972712   ----a-w-   C:\Windows\System32\deployJava1.dll
2013-07-15 01:24:25   1093032   ----a-w-   C:\Windows\System32\npDeployJava1.dll
2013-06-21 01:40:01   107368   ----a-w-   C:\Windows\System32\LMIRfsClientNP.dll
2013-06-21 01:40:00   35656   ----a-w-   C:\Windows\System32\LMIport.dll
2013-06-21 01:40:00   100680   ----a-w-   C:\Windows\System32\LMIinit.dll
2013-06-19 04:50:08   139616   ----a-w-   C:\Windows\System32\drivers\NisDrvWFP.sys
2013-06-03 01:19:37   107368   ----a-w-   C:\Windows\System32\LMIRfsClientNP.dll.000.bak
2013-05-29 05:43:16   2312704   ----a-w-   C:\Windows\System32\jscript9.dll
2013-05-29 05:35:44   1392128   ----a-w-   C:\Windows\System32\wininet.dll
2013-05-29 05:34:14   1494528   ----a-w-   C:\Windows\System32\inetcpl.cpl
2013-05-29 05:29:56   173056   ----a-w-   C:\Windows\System32\ieUnatt.exe
2013-05-29 05:29:02   599040   ----a-w-   C:\Windows\System32\vbscript.dll
2013-05-29 05:25:09   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2013-05-29 01:50:14   1800704   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2013-05-29 01:41:52   1427968   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2013-05-29 01:41:08   1129472   ----a-w-   C:\Windows\SysWow64\wininet.dll
2013-05-29 01:37:15   142848   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2013-05-29 01:36:09   420864   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2013-05-29 01:33:22   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2013-05-08 04:18:16   1706496   ----a-w-   C:\Windows\System32\WMVDECOD.DLL
2013-05-08 04:04:52   1548288   ----a-w-   C:\Windows\SysWow64\WMVDECOD.DLL
2013-05-02 15:29:56   278800   ------w-   C:\Windows\System32\MpSigStub.exe
2013-04-17 12:32:54   327680   ----a-w-   C:\Windows\System32\d3d10_1core.dll
2013-04-17 12:32:54   287232   ----a-w-   C:\Windows\System32\d3d10core.dll
2013-04-17 12:32:54   196096   ----a-w-   C:\Windows\System32\d3d10_1.dll
2013-04-17 12:32:54   1268224   ----a-w-   C:\Windows\System32\d3d10.dll
2013-04-17 11:29:44   2002944   ----a-w-   C:\Windows\System32\d3d10warp.dll
2013-04-17 11:28:53   219648   ----a-w-   C:\Windows\SysWow64\d3d10_1core.dll
2013-04-17 11:28:53   189952   ----a-w-   C:\Windows\SysWow64\d3d10core.dll
2013-04-17 11:28:53   160768   ----a-w-   C:\Windows\SysWow64\d3d10_1.dll
2013-04-17 11:28:53   1029120   ----a-w-   C:\Windows\SysWow64\d3d10.dll
2013-04-17 11:27:55   566272   ----a-w-   C:\Windows\System32\d3d10level9.dll
2013-04-17 11:02:02   834048   ----a-w-   C:\Windows\System32\d2d1.dll
2013-04-17 10:58:11   1556480   ----a-w-   C:\Windows\System32\DWrite.dll
2013-04-17 10:58:10   1149440   ----a-w-   C:\Windows\System32\FntCache.dll
2013-04-17 10:34:33   1172480   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2013-04-17 10:33:05   486400   ----a-w-   C:\Windows\SysWow64\d3d10level9.dll
2013-04-17 10:14:27   683008   ----a-w-   C:\Windows\SysWow64\d2d1.dll
2013-04-17 10:10:35   1069056   ----a-w-   C:\Windows\SysWow64\DWrite.dll
.
============= FINISH: 18:43:19.48 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 7/9/2008 6:09:22 PM
System Uptime: 7/14/2013 6:10:25 PM (0 hours ago)
.
Motherboard: Dell Inc. |  | 0M263C
Processor: Intel(R) Core(TM)2 Duo CPU     T8100  @ 2.10GHz | Microprocessor | 2101/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 288 GiB total, 176.189 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 4.983 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP936: 5/16/2013 6:21:22 PM - Windows Update
RP937: 5/17/2013 3:00:13 AM - Windows Update
RP938: 5/18/2013 - Scheduled Checkpoint
RP939: 5/19/2013 12:00:01 AM - Scheduled Checkpoint
RP940: 5/21/2013 5:55:02 PM - Windows Update
RP941: 5/27/2013 10:19:37 AM - Windows Update
RP942: 5/30/2013 5:31:02 PM - Scheduled Checkpoint
RP943: 5/31/2013 5:43:06 PM - Windows Update
RP944: 6/2/2013 - Scheduled Checkpoint
RP945: 6/4/2013 3:27:45 PM - Windows Update
RP946: 6/6/2013 12:00:01 AM - Scheduled Checkpoint
RP947: 6/7/2013 12:00:01 AM - Scheduled Checkpoint
RP948: 6/8/2013 12:00:01 AM - Scheduled Checkpoint
RP950: 6/9/2013 10:49:16 AM - Windows Update
RP951: 6/10/2013 9:15:45 PM - Scheduled Checkpoint
RP952: 6/11/2013 1:21:19 PM - Scheduled Checkpoint
RP954: 6/18/2013 5:33:51 PM - Windows Update
RP955: 6/21/2013 4:11:52 PM - Windows Update
RP956: 6/23/2013 12:00:01 AM - Scheduled Checkpoint
RP957: 7/10/2013 6:18:38 PM - Scheduled Checkpoint
RP958: 7/10/2013 6:54:08 PM - Windows Update
RP959: 7/10/2013 6:58:07 PM - Windows Update
RP960: 7/12/2013 10:17:50 PM - Windows Update
RP961: 7/14/2013 5:47:35 PM - Scheduled Checkpoint
RP962: 7/14/2013 6:20:51 PM - Installed Java 7 Update 25 (64-bit)
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Advanced Audio FX Engine
Apple Application Support
Apple Software Update
Belkin Setup and Router Monitor
Bing Bar
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
D3DX10
Dell Video Chat (remove only)
Dell Webcam Central
ECDSDesktopVersionSetup
erLT
ExactCharge Setup
FileHippo.com Update Checker
Garmin USB Drivers
Garmin WebUpdater
GIMP 2.6.11
Google Chrome
Google Earth
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
ION EZ Video Converter
ITECIR Driver
Live! Cam Avatar Creator
LiveUpdate (Symantec Corporation)
Logitech Updater
LogMeIn
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.75.0.1300
MediaDirect
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft UI Engine
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
Music Rescue
Netflix in Windows Media Center
OpenOffice.org 3.4
palmOne
QuickBooks Pro 2007
QuickTime
Roxio Creator Audio
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler 3
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Segoe UI
Skype™ 5.10
SupportSoft Assisted Service
TreeSize Free V2.5
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Video Mover
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
7/14/2013 6:05:02 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.1875.0     Update Source: Microsoft Update Server     Update Stage: Install     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80240016     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/14/2013 6:05:02 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.1875.0     Update Source: Microsoft Update Server     Update Stage: Install     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80240016     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/14/2013 6:05:02 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.1875.0     Update Source: Microsoft Update Server     Update Stage: Download     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80240016     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/14/2013 5:46:51 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004]  - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
7/14/2013 5:46:50 PM, Error: BTHUSB [17]  - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
7/12/2013 6:36:02 PM, Error: bowser [8003]  - The master browser has received a server announcement from the computer DADS-LAPTOP that believes that it is the master browser for the domain on transport NetBT_Tcpip_{B6427DDC-7783-4E52-8833-CAD6901AFB2D}. The master browser is stopping or an election is being forced.
7/12/2013 6:22:59 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
7/12/2013 6:22:59 PM, Error: Service Control Manager [7000]  - The Windows Search service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
7/12/2013 4:05:37 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/12/2013 10:14:33 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
7/10/2013 6:42:21 PM, Error: Microsoft-Windows-Dhcp-Client [1001]  - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 001FE152C906.  The following error occurred:  The semaphore timeout period has expired.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 105.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 2.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:38:53 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:42 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 105.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 2.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:37 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:37 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:28:33 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/10/2013 6:19:37 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 105.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=260974&clcid=0x409&NRI=true&arch=x64&eng=2.1.9607.0&sig=105.0.0.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 2.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:19:33 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:19:33 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x64&eng=1.1.9607.0&avdelta=1.153.459.0&asdelta=1.153.459.0&prod=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
7/10/2013 6:19:28 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:      Previous Signature Version: 1.153.459.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
7/10/2013 6:18:07 PM, Error: Tcpip [4199]  - The system detected an address conflict for IP address 192.168.2.4 with the system having network hardware address 68-A3-C4-AF-0A-59. Network operations on this system may be disrupted as a result.
.
==== End Of File ===========================
« Last Edit: July 14, 2013, 09:01:16 PM by Hoov »

Offline Hoov

  • Malware Removal Mentors
  • Administrator
  • Diamond Member
  • Posts: 27141
  • Unwilling part owner of Gov't. Motors and Chrysler
    • Hoov's Personal Site
My name is Hoov and I will be helping you with your problem. As you have been helped here before I will skip the preliminaries and get right to the issue.

1.Download and scan with CCleaner
When you get to the website, there is a dark grey box on the left side with two tabs along the top. Inside this Dark Grey box is a light grey box. Below that light grey box is where the download links are at. The pay amount is for paid support.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:

    • Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
    • Clean all the entries in the "Windows Explorer" section.
    • Clean all entries in the "System" section.
    • Clean all entries in the "Advanced" section.
    • Clean any others that you choose.


    In the Applications Tab
      • Clean all except cookies in the Firefox/Mozilla section if you use it.
      • Clean all in the Opera section if you use it.
      • Clean Sun Java in the Internet Section.
      • Clean any others that you choose.


      4. Click the "Run Cleaner" button.
      5. A pop up box will appear advising this process will permanently delete files from your system.
      6. Click "OK" and it will scan and clean your system.
      7. Click "exit" when done.

      Please start up Malwarebytes' Anti-Malware and update it then run a quick scan. If it finds anything, fix it and post the resulting log. If it finds nothing, post that log instead.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline MikeMobes

      • Bronze Member
      • Posts: 55
      Ran CCleaner, ran Malwarebytes.

      No malicious items detected:

      Malwarebytes Anti-Malware 1.75.0.1300
      http://www.malwarebytes.org

      Database version: v2013.07.14.08

      Windows Vista Service Pack 2 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Grammaton Cleric :: DADS-PC [administrator]

      7/14/2013 8:30:54 PM
      mbam-log-2013-07-14 (20-30-54).txt

      Scan type: Quick scan
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
      Scan options disabled:
      Objects scanned: 289765
      Time elapsed: 5 minute(s), 22 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.Now check to see how it is running.

      Once you have decided, run msconfig and select normal startup then click apply then OK and come back here and let me know how it ran.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline MikeMobes

      • Bronze Member
      • Posts: 55
      It was snappy with the clean boot. No luck with defender or the disc drive

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Those could be legitimate problems. But lets see what we can do to get the computer to run better first so we have room to try and fix those two.

      Please run the two tools below and post the logs generated. You will need to split them up between multiple posts.


      Download Silent Runners.zip and extract it to a new folder on your Desktop.

          * Run the Silent Runners.vbs file.
          * You will receive a prompt: "Do you want to skip supplementary searches?" - click "NO."
          * If your antivirus has a script blocker, you will get a warning asking if you want to allow Silent Runners.vbs to run.
          * This script is not malicious so please allow it.
          * A text file will appear in the folder - it''s not done, let it run. (It won''t appear to be doing anything!)
          * Once the "All Done!" prompt flashes up, open the text file, and copy & paste it in your next reply.


      Download OTL to your Desktop
      • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
      • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
        • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
        • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline MikeMobes

      • Bronze Member
      • Posts: 55
      Tried running Silent Runners.vbs after extracting it to the desktop, and i get an error message:

      "Silent Runners" has launched as a 32-bit process in a 64-bit OS, which will prevent it from functioning correctly.
      This script must exit.

      OTL ran fine, heres the logs:

      OTL.txt

      OTL logfile created on: 7/15/2013 3:04:01 PM - Run 1
      OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Grammaton Cleric\Downloads
      64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
       
      3.99 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 43.47% Memory free
      8.19 Gb Paging File | 6.10 Gb Available in Paging File | 74.47% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]
       
      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 288.01 Gb Total Space | 176.26 Gb Free Space | 61.20% Space Free | Partition Type: NTFS
      Drive D: | 10.00 Gb Total Space | 4.98 Gb Free Space | 49.83% Space Free | Partition Type: NTFS
       
      Computer Name: DADS-PC | User Name: Grammaton Cleric | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
       
      ========== Processes (SafeList) ==========
       
      PRC - [2013/07/15 14:56:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Grammaton Cleric\Downloads\OTL.exe
      PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
      PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
      PRC - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
      PRC - [2011/02/24 21:08:32 | 007,034,272 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
      PRC - [2011/02/24 21:08:32 | 001,770,400 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
      PRC - [2011/02/11 18:28:52 | 001,522,080 | ---- | M] (Affinegy, Inc.) -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
      PRC - [2008/05/06 10:18:02 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
      PRC - [2008/01/14 08:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
      PRC - [2007/08/31 09:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe
       
       
      ========== Modules (No Company Name) ==========
       
      MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
      MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
      MOD - [2011/02/24 21:08:36 | 000,022,944 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
      MOD - [2011/02/24 20:39:00 | 000,658,432 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
      MOD - [2011/02/15 13:16:44 | 007,187,456 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
      MOD - [2011/02/15 13:15:58 | 000,325,632 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
      MOD - [2011/02/15 13:15:52 | 001,954,304 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
      MOD - [2011/02/15 13:15:52 | 000,847,360 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
      MOD - [2011/02/15 12:25:30 | 000,119,808 | ---- | M] () -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
       
       
      ========== Services (SafeList) ==========
       
      SRV:64bit: - [2013/06/20 20:33:08 | 000,366,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
      SRV:64bit: - [2013/06/20 20:33:08 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
      SRV:64bit: - [2010/02/17 18:25:42 | 000,181,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe -- (Belkin Local Backup Service)
      SRV:64bit: - [2010/02/09 15:55:52 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe -- (Belkin Network USB Helper)
      SRV:64bit: - [2008/06/09 21:47:06 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\WLTRYSVC.EXE -- (wltrysvc)
      SRV:64bit: - [2008/05/29 05:48:22 | 000,246,272 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_0c642403\STacSV64.exe -- (STacSV)
      SRV:64bit: - [2008/05/29 05:48:18 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_0c642403\AESTSr64.exe -- (AESTFilters)
      SRV:64bit: - [2008/01/20 19:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
      SRV - [2013/07/14 18:25:07 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
      SRV - [2013/07/10 19:39:55 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
      SRV - [2013/06/20 18:40:17 | 000,226,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe -- (LMIMaint)
      SRV - [2013/06/20 18:40:00 | 000,376,144 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
      SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
      SRV - [2012/07/03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
      SRV - [2011/06/09 19:53:56 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
      SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
      SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
      SRV - [2011/02/24 21:08:34 | 000,566,688 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
      SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
      SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
      SRV - [2009/03/29 21:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
      SRV - [2008/01/09 03:45:36 | 003,192,184 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
      SRV - [2007/08/31 09:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
      SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
      SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
      SRV - [2006/11/28 15:28:12 | 000,020,480 | ---- | M] ( ) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
      SRV - [2006/11/09 15:30:14 | 000,065,536 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
      SRV - [2006/09/13 10:32:12 | 000,128,536 | ---- | M] (iAnywhere Solutions, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Intuit\QuickBooks 2007\QBDBMgrN.exe -- (QuickBooksDB17)
       
       
      ========== Driver Services (SafeList) ==========
       
      DRV:64bit: - [2013/06/20 18:40:01 | 000,107,368 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
      DRV:64bit: - [2013/06/18 21:50:08 | 000,139,616 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
      DRV:64bit: - [2013/02/11 19:18:19 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
      DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
      DRV:64bit: - [2012/04/25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
      DRV:64bit: - [2012/02/29 06:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
      DRV:64bit: - [2011/01/08 20:11:16 | 000,301,504 | ---- | M] (Trident Multimedia Technologies Co.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\0140_ION.sys -- (VCR2PC)
      DRV:64bit: - [2010/03/08 10:03:36 | 000,067,104 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\itecir.sys -- (itecir)
      DRV:64bit: - [2009/09/30 17:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
      DRV:64bit: - [2009/09/08 10:40:14 | 000,023,464 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElRawDsk.sys -- (ElRawDisk)
      DRV:64bit: - [2009/06/22 16:50:00 | 000,291,352 | ---- | M] (silex technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\sxuptp.sys -- (sxuptp)
      DRV:64bit: - [2009/04/10 22:03:32 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
      DRV:64bit: - [2009/03/08 17:06:00 | 000,319,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Vid.sys -- (OA001Vid)
      DRV:64bit: - [2009/03/06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA001Ufd.sys -- (OA001Ufd)
      DRV:64bit: - [2008/07/24 18:46:08 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
      DRV:64bit: - [2008/07/24 18:45:20 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\lmimirr.sys -- (lmimirr)
      DRV:64bit: - [2008/06/16 04:59:30 | 000,125,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
      DRV:64bit: - [2008/06/16 04:58:58 | 007,709,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
      DRV:64bit: - [2008/06/12 21:45:00 | 000,019,880 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
      DRV:64bit: - [2008/06/12 21:44:54 | 000,120,872 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
      DRV:64bit: - [2008/06/12 21:44:54 | 000,036,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwl2cap.sys -- (btwl2cap)
      DRV:64bit: - [2008/06/12 21:44:52 | 000,092,200 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
      DRV:64bit: - [2008/06/09 21:47:00 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCM42RLY.sys -- (BCM42RLY)
      DRV:64bit: - [2008/06/09 21:46:52 | 001,372,664 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
      DRV:64bit: - [2008/06/03 21:56:56 | 000,199,728 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
      DRV:64bit: - [2008/06/03 03:41:24 | 000,239,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\k57nd60a.sys -- (k57nd60a)
      DRV:64bit: - [2008/06/03 03:26:06 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rixdpx64.sys -- (rismxdp)
      DRV:64bit: - [2008/06/03 03:26:04 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimmpx64.sys -- (rimmptsk)
      DRV:64bit: - [2008/06/03 03:26:02 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\rimspx64.sys -- (rimsptsk)
      DRV:64bit: - [2008/05/29 05:48:30 | 000,454,656 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
      DRV:64bit: - [2008/02/29 03:16:52 | 000,057,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
      DRV:64bit: - [2008/02/29 03:16:44 | 000,054,800 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
      DRV:64bit: - [2008/01/20 19:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express)
      DRV:64bit: - [2007/11/14 01:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
      DRV:64bit: - [2006/11/02 00:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
      DRV - [2013/06/02 18:20:14 | 000,016,056 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
       
       
      ========== Standard Registry (SafeList) ==========
       
       
      ========== Internet Explorer ==========
       
      IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
      IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
      IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
      IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.com
      IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
       
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=OIE9MSE&PC=UP09
      IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
      IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
      IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
      IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}
      IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
       
      ========== FireFox ==========
       
      FF - prefs.js..browser.search.useDBForOrder: true
      FF - prefs.js..extensions.enabledAddons: LogMeInClient%40logmein.com:1.0.0.664
      FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
      FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
      FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
      FF - prefs.js..extensions.enabledItems: LogMeInClient@logmein.com:1.0.0.664
       
       
      FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
      FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
      FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
      FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
      FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
      FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
      FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
      FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
      FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
       
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/15 14:58:03 | 000,000,000 | ---D | M]
      FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/07/15 14:58:03 | 000,000,000 | ---D | M]
       
      [2008/08/28 23:50:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Extensions
      [2013/07/14 17:50:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions
      [2013/07/14 17:50:17 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
      [2011/08/29 11:56:51 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\LogMeInClient@logmein.com
      [2012/02/29 11:00:42 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Grammaton Cleric\AppData\Roaming\Mozilla\Firefox\Profiles\a4guv6qc.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
      [2013/07/10 19:39:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
      [2013/07/10 19:39:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
      [2010/03/25 11:00:31 | 000,003,700 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fast.png
      [2010/03/25 11:00:31 | 000,001,963 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fast.xml
       
      O1 HOSTS File: ([2012/07/11 15:35:27 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
      O1 - Hosts: 127.0.0.1       localhost
      O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
      O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
      O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
      O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
      O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
      O2 - BHO: (no name) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
      O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No CLSID value found.
      O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
      O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
      O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Windows\SysNative\WLTRAY.exe (Dell Inc.)
      O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
      O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
      O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
      O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
      O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
      O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
      O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
      O4 - HKLM..\Run: [InstaLAN] C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
      O4 - HKLM..\Run: [PCMService] C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
      O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
      O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
      O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
      O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
      O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
      O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
      O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
      O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
      O1364bit: - gopher Prefix: missing
      O13 - gopher Prefix: missing
      O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (Reg Error: Key error.)
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6427DDC-7783-4E52-8833-CAD6901AFB2D}: DhcpNameServer = 192.168.2.1 156.154.70.22 156.154.71.22 192.168.2.1
      O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF641C2F-EE52-4E11-A57A-CCCFDB5FFD63}: DhcpNameServer = 192.168.0.1
      O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
      O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
      O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
      O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
      O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
      O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
      O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
      O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
      O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
      O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
      O32 - HKLM CDRom: AutoRun - 1
      O33 - MountPoints2\{dacf397b-4e1b-11dd-a2e8-806e6f6e6963}\Shell - "" = AutoRun
      O33 - MountPoints2\{dacf397b-4e1b-11dd-a2e8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\DVD_SPECIAL_FEATURES.exe
      O34 - HKLM BootExecute: ("""autocheck autochk *""")
      O35:64bit: - HKLM\..comfile [open] -- "%1" %*
      O35:64bit: - HKLM\..exefile [open] -- "%1" %*
      O35 - HKLM\..comfile [open] -- "%1" %*
      O35 - HKLM\..exefile [open] -- "%1" %*
      O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
      O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
      O37 - HKLM\...com [@ = comfile] -- "%1" %*
      O37 - HKLM\...exe [@ = exefile] -- "%1" %*
      O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
      O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
       
      ========== Files/Folders - Created Within 30 Days ==========
       
      [2013/07/15 15:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
      [2013/07/15 15:02:16 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
      [2013/07/15 15:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
      [2013/07/15 15:02:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
      [2013/07/15 15:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
      [2013/07/15 14:59:34 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
      [2013/07/15 14:57:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
      [2013/07/15 14:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
      [2013/07/15 14:56:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
      [2013/07/15 14:55:15 | 000,000,000 | -HSD | C] -- C:\Config.Msi
      [2013/07/14 21:15:18 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\AppData\Roaming\gtk-2.0
      [2013/07/14 21:14:37 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\.thumbnails
      [2013/07/14 21:13:37 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\.gimp-2.6
      [2013/07/14 21:13:36 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\Documents\gegl-0.0
      [2013/07/14 20:24:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
      [2013/07/14 18:39:07 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Grammaton Cleric\Desktop\dds.com
      [2013/07/14 18:24:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java
      [2013/07/12 22:40:04 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\AppData\Local\ApplicationHistory
      [2013/07/10 19:39:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
      [2013/07/10 19:03:27 | 000,000,000 | ---D | C] -- C:\Users\Grammaton Cleric\AppData\Local\MigWiz
      [2013/07/10 18:58:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Easy Transfer 7
       
      ========== Files - Modified Within 30 Days ==========
       
      [2013/07/15 15:03:14 | 000,001,696 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2013/07/15 14:57:52 | 000,001,758 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
      [2013/07/15 14:57:14 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
      [2013/07/15 14:57:00 | 000,513,136 | ---- | M] () -- C:\Users\Grammaton Cleric\Desktop\Silent Runners.vbs
      [2013/07/15 14:56:33 | 000,000,629 | ---- | M] () -- C:\Windows\SysNative\mapisvc.inf
      [2013/07/15 14:13:01 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
      [2013/07/15 14:13:00 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
      [2013/07/15 13:22:40 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
      [2013/07/15 13:22:40 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
      [2013/07/14 21:26:04 | 000,716,800 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
      [2013/07/14 21:26:04 | 000,613,520 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
      [2013/07/14 21:26:04 | 000,108,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
      [2013/07/14 21:22:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
      [2013/07/14 21:22:28 | 4284,456,960 | -HS- | M] () -- C:\hiberfil.sys
      [2013/07/14 21:20:33 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
      [2013/07/14 21:15:18 | 000,000,864 | ---- | M] () -- C:\Users\Grammaton Cleric\.recently-used.xbel
      [2013/07/14 21:08:09 | 000,314,632 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013/07/14 20:24:24 | 000,000,772 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/07/14 18:30:46 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/07/14 17:51:25 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
      [2013/07/12 22:33:55 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
      [2013/07/10 18:31:54 | 000,000,680 | ---- | M] () -- C:\Users\Grammaton Cleric\AppData\Local\d3d9caps.dat
      [2013/07/10 18:31:52 | 000,002,051 | ---- | M] () -- C:\Users\Grammaton Cleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      [2013/06/20 18:40:01 | 000,107,368 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
      [2013/06/20 18:40:00 | 000,100,680 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
      [2013/06/20 18:40:00 | 000,035,656 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
       
      ========== Files Created - No Company Name ==========
       
      [2013/07/15 15:03:14 | 000,001,696 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
      [2013/07/15 14:57:52 | 000,001,758 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
      [2013/07/14 21:20:21 | 000,001,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EZ VHS Converter Monitor.lnk
      [2013/07/14 21:20:21 | 000,000,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
      [2013/07/14 21:15:18 | 000,000,864 | ---- | C] () -- C:\Users\Grammaton Cleric\.recently-used.xbel
      [2013/07/14 21:07:33 | 000,314,632 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
      [2013/07/14 20:24:24 | 000,000,772 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
      [2013/07/14 18:30:46 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
      [2013/07/10 18:58:57 | 000,001,901 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Easy Transfer 7.lnk
      [2013/07/10 18:31:52 | 000,002,051 | ---- | C] () -- C:\Users\Grammaton Cleric\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
      [2012/07/28 17:01:40 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
      [2012/07/25 22:49:48 | 000,000,000 | ---- | C] () -- C:\Users\Grammaton Cleric\AppData\Roaming\wklnhst.dat
      [2012/05/23 18:49:32 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
      [2012/05/23 18:49:32 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
      [2012/05/23 18:49:32 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
      [2012/05/23 18:49:32 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
      [2010/10/07 19:25:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
      [2010/02/22 18:37:30 | 001,122,304 | ---- | C] () -- C:\Users\Grammaton Cleric\s-1-5-21-2374070308-3082580766-196985646-1002.rrr
      [2008/08/29 00:13:52 | 000,003,584 | ---- | C] () -- C:\Users\Grammaton Cleric\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [2008/08/28 22:39:44 | 000,000,680 | ---- | C] () -- C:\Users\Grammaton Cleric\AppData\Local\d3d9caps.dat
       
      ========== ZeroAccess Check ==========
       
      [2006/11/02 08:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
       
      [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
       
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
       
      [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
       
      [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
      "" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 10:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
      "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Apartment
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/04/11 00:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
      "" = C:\Windows\sysWOW64\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Free
       
      [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
      "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008/01/20 19:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
      "ThreadingModel" = Both
       
      [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
       
      ========== LOP Check ==========
       
      [2013/07/14 21:15:18 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\gtk-2.0
      [2009/11/22 22:50:11 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\HotSync
      [2011/01/26 15:51:08 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\JAM Software
      [2012/07/26 11:33:16 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\OpenOffice.org
      [2012/07/14 21:25:39 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\Samsung
      [2012/07/25 22:49:50 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\Template
      [2011/11/02 14:44:39 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\TuneUp Software
      [2012/07/27 20:33:04 | 000,000,000 | ---D | M] -- C:\Users\Grammaton Cleric\AppData\Roaming\WinPatrol
       
      ========== Purity Check ==========
       
       
       
      ========== Alternate Data Streams ==========
       
      @Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:D287FACF

      < End of report >

      Offline MikeMobes

      • Bronze Member
      • Posts: 55
      And here's extras.txt

      OTL Extras logfile created on: 7/15/2013 3:04:01 PM - Run 1
      OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Grammaton Cleric\Downloads
      64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
      Internet Explorer (Version = 9.0.8112.16421)
      Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
       
      3.99 Gb Total Physical Memory | 1.73 Gb Available Physical Memory | 43.47% Memory free
      8.19 Gb Paging File | 6.10 Gb Available in Paging File | 74.47% Paging File free
      Paging file location(s): ?:\pagefile.sys [binary data]
       
      %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
      Drive C: | 288.01 Gb Total Space | 176.26 Gb Free Space | 61.20% Space Free | Partition Type: NTFS
      Drive D: | 10.00 Gb Total Space | 4.98 Gb Free Space | 49.83% Space Free | Partition Type: NTFS
       
      Computer Name: DADS-PC | User Name: Grammaton Cleric | Logged in as Administrator.
      Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
      Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
       
      ========== Extra Registry (SafeList) ==========
       
       
      ========== File Associations ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
      .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
      .js[@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .jse[@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .vbe[@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .vbs[@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .wsf[@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
      .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
      .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
      .js [@ = JSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .jse [@ = JSEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .vbe [@ = VBEFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .vbs [@ = VBSFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
      .wsf [@ = WSFFile] -- C:\Windows\SysWow64\CScript.exe (Microsoft Corporation)
       
      [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
      .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
       
      ========== Shell Spawning ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
      http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
      InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
      jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
      Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
      batfile [open] -- "%1" %*
      cmdfile [open] -- "%1" %*
      comfile [open] -- "%1" %*
      cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
      exefile [open] -- "%1" %*
      helpfile [open] -- Reg Error: Key error.
      htmlfile [edit] -- Reg Error: Key error.
      http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
      inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
      jsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      jsefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      piffile [open] -- "%1" %*
      regfile [merge] -- Reg Error: Key error.
      scrfile [config] -- "%1"
      scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
      scrfile [open] -- "%1" /S
      txtfile [edit] -- Reg Error: Key error.
      vbefile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      vbsfile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      wsffile [open] -- %SystemRoot%\SysWow64\CScript.exe "%1" %* (Microsoft Corporation)
      Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
      Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
      Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
      Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
      Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
      Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
       
      ========== Security Center Settings ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
      "cval" = 1
      "UacDisableNotify" = 0
      "InternetSettingsDisableNotify" = 0
      "AutoUpdateDisableNotify" = 0
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
      "AntiVirusOverride" = 0
      "AntiSpywareOverride" = 0
      "FirewallOverride" = 0
      "VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
      "VistaSp2" = C7 E4 75 A9 CB 68 CA 01  [binary data]
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
      "oobe_av" = 1
       
      ========== Firewall Settings ==========
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
      "EnableFirewall" = 1
      "DisableNotifications" = 0
       
      ========== Authorized Applications List ==========
       
       
      ========== Vista Active Open Ports Exception List ==========
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{0DE01A37-D5CA-4298-AA0F-88393D2D03AF}" = lport=2869 | protocol=6 | dir=in | app=system |
      "{136FDFEF-FD0A-4506-B908-E3513F4B5015}" = lport=138 | protocol=17 | dir=in | app=system |
      "{1992C10B-3739-4B59-8AC4-F0B3D4A88F33}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{2DFBCBDD-A495-4AA8-B602-C78478D05B8C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
      "{3B1900B8-D2CE-4B13-AEE2-C6EE0CC80D10}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
      "{4115693D-DD67-413E-A59D-5AAF89156DC5}" = rport=445 | protocol=6 | dir=out | app=system |
      "{4D3D11ED-8FD5-4EBC-9EE3-B28281BDB3AC}" = rport=138 | protocol=17 | dir=out | app=system |
      "{58414D2A-10D3-4E8B-802C-B537E7B4EE01}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
      "{69316C18-91E2-41BD-8352-8B0D88C786DF}" = lport=445 | protocol=6 | dir=in | app=system |
      "{86102BBE-A9DA-4906-B7B5-4676342E5EFE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{8873E344-F35E-413B-ADDC-B4F6F2D5A307}" = rport=139 | protocol=6 | dir=out | app=system |
      "{8DA1A785-43FC-4002-AF7F-646EC529F9A6}" = rport=2869 | protocol=6 | dir=out | app=system |
      "{94914026-3986-4659-8486-3BB07B27BA2C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
      "{A9D442EB-96EC-4AE1-BF35-244A8DC31184}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
      "{ABB69C82-C837-47FC-A8A3-F7C3E68938FA}" = lport=139 | protocol=6 | dir=in | app=system |
      "{B09440DC-E418-4273-B7B3-CF810221714A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
      "{C3854F1E-8626-4119-9124-2E43FBCF0757}" = rport=137 | protocol=17 | dir=out | app=system |
      "{CC10DB07-AF69-4B58-8D35-FD76F17F3F19}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
      "{CDFD8385-A2A0-4780-A62D-0CEF05C0808A}" = lport=19540 | protocol=17 | dir=in | name=sxuptp |
      "{D09F0662-24B7-45FB-803D-87E6D928924A}" = lport=137 | protocol=17 | dir=in | app=system |
      "{D5357A71-F7CA-4E4B-8482-9F4B8DAD9D7F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
      "{D775AF8E-58BF-4FDB-B22F-0D0D1CC7067E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{E28DC199-EB92-45AF-AD7C-07CD5FBF8C47}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{EA4A46C9-561E-494F-B337-F7C1092011F1}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
      "{F42C94A8-8D82-41EA-BC4B-3883D64436C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
       
      ========== Vista Active Application Exception List ==========
       
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
      "{06882F69-0BBD-4D73-884B-03B5B4310017}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
      "{0968031F-8E75-41BD-8257-52AB6062760B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
      "{097B20CB-BB75-44FC-9224-6EED37851232}" = protocol=6 | dir=in | app=c:\program files (x86)\ion\ez video converter\mediatv.exe |
      "{17560F42-9047-42A1-B659-F676A2C9E953}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
      "{1FF84AB2-E72E-40EB-9624-EF2A07562044}" = dir=in | app=c:\program files (x86)\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
      "{208144AA-CEC7-437D-8EFD-6E0978F99285}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
      "{20CAD705-7CDF-4DF0-8068-9F78ADF863FD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
      "{2740E4B4-51EF-4DAA-81EB-DA26F8B750B6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
      "{286A1D1E-F2ED-46D8-968A-2581AD5073B8}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
      "{2909FDF1-495A-4B64-86DF-7C683CF8B197}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
      "{3226DFD6-1E9D-4742-9242-BA0CFAC7FC6B}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
      "{3435DF11-917F-4439-8D96-E37FCCE46506}" = dir=in | app=c:\program files (x86)\dell\mediadirect\pcmservice.exe |
      "{365A1E5B-AA69-456A-9CF2-9388F2513E9F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
      "{3A1BF772-5CE5-4CFC-8EFE-8D08FE6F4FEE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{3BD415BF-FC6B-41BE-B648-DAFD09E60151}" = dir=in | app=c:\program files\belkin\belkin usb print and storage center\connect.exe |
      "{3E29797F-152D-47D4-A0CC-7F0D4EA6270A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
      "{4581CC5C-06A1-45CD-9E78-7C0EACECBFAD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
      "{4A3DD0A7-0BCD-452C-8014-2CF300B88978}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
      "{4D96C61A-FEC0-4C6D-890A-269694A61897}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
      "{50ED9A54-9925-432A-9E78-FBE62E834877}" = protocol=6 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
      "{5568F2A5-FF7A-42DA-BBC2-B5C368B74011}" = dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
      "{55730810-3CCC-4E0D-865B-888F0B098D2A}" = protocol=17 | dir=in | app=c:\program files (x86)\iolo\system mechanic professional\sysmech.exe |
      "{57CEBECE-C44B-4F43-9145-B4EFF12D8903}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
      "{58419855-F69D-4A02-876D-00F1C559D503}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
      "{5A900C14-F49A-42C7-B688-7BA0E3C6C50C}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
      "{5BB0C15D-41C9-4AFD-9F91-46003AB231FF}" = protocol=17 | dir=in | app=c:\program files (x86)\ion\ez video converter\mediatv.exe |
      "{5C329372-5740-4F61-8BE4-590AED373733}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
      "{5D6BD7F6-7C86-4E06-AE1B-D5FD076EF496}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
      "{6E107267-553E-48FF-A6F5-F1746785BA5D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
      "{78FBE1AA-FC9D-490D-83C3-CD56B63416F4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{7E9DDC9D-5D49-48F5-80C5-5CC945490378}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
      "{824FEF23-F35E-4111-BA5D-7ED1A54B2F53}" = dir=in | app=c:\program files (x86)\dell\mediadirect\kernel\dms\clmsservice.exe |
      "{86DC6EAB-4853-4C59-A90B-11301C10A1A1}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
      "{91F1D54C-48F7-4053-B191-7E4B20C12858}" = protocol=17 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
      "{941F4419-7CD8-41F3-92FA-0FE7075B5037}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
      "{A158BE8F-20B3-417C-9275-AF325EB06599}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
      "{A5159FE5-2B79-4902-951C-A8C4D0D1F211}" = dir=in | app=c:\program files (x86)\dell\mediadirect\mediadirect.exe |
      "{A7DB0A16-8CD0-46D5-8CF1-AFDD4F1827BE}" = protocol=6 | dir=in | app=c:\program files (x86)\belkin\router setup and monitor\belkinsetup.exe |
      "{B10C9790-66F6-4B9C-BF9C-5ED75CB0B91C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
      "{B2D10453-D5FE-471D-B35F-1748A0ED9A95}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
      "{B46BC8A6-9019-485E-9482-C3772C57B9D1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{CA179997-A854-49B3-B6F7-10EE66E092D6}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
      "{D2614E21-0963-4094-97C3-71B429A72AA3}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
      "{E6325B36-0BB1-4C33-9D86-3B091270B4BF}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
      "{E80CF1C6-5499-4766-B607-C2EB6A74A900}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
      "{F7BD2D34-0E80-4B6C-9521-156913D721F6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
      "TCP Query User{3F5EA5F7-00F6-458F-A488-8D30CDB92C8D}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
      "TCP Query User{AD88E2B3-6E1B-4BC4-AB32-21CA86F585FA}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
      "TCP Query User{F152C085-925E-4192-9D79-2AAB54B26D61}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
      "UDP Query User{2A42D033-EE1B-442A-83ED-9174AEBCBF51}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
      "UDP Query User{5BFE9885-D89F-4E8B-80AE-25E2506E70BC}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
      "UDP Query User{7999F350-FEBF-4B78-B4A7-7DEFAB55A7B4}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
       
      ========== HKEY_LOCAL_MACHINE Uninstall List ==========
       
      64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
      "{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.4401
      "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
      "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
      "{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
      "{27726449-83B8-428D-92DE-101346C1E15C}" = Microsoft Security Client
      "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
      "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
      "{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
      "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
      "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
      "{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
      "{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
      "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
      "{87CF757E-C1F1-4D22-865C-00C6950B5258}" = QuickSet
      "{90B5B05F-AFDA-4922-A153-45B14200BA77}" = SPBBC 64bit
      "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
      "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
      "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
      "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
      "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
      "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
      "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
      "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
      "Belkin USB Print and Storage Center" = Belkin USB Print and Storage Center
      "Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card Utility
      "CCleaner" = CCleaner
      "Creative OA001" = Integrated Webcam Driver (1.06.03.0309) 
      "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
      "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
      "Microsoft Security Client" = Microsoft Security Essentials
       
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
      "{04E364F1-4582-4567-A6C8-C7FBBCC86C91}" = ION EZ Video Converter
      "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
      "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
      "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
      "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
      "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
      "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
      "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
      "{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
      "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
      "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
      "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
      "{3364BD16-5A28-4862-86A1-A8FF5FD23919}" = Music Rescue
      "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
      "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
      "{4ecaf021-478c-40c1-b777-3368a15f9966}" = Macromedia Flash Player
      "{51071D66-D034-4239-94E0-723FCA10B6FE}" = OpenOffice.org 3.4
      "{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
      "{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
      "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
      "{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
      "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
      "{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
      "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
      "{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
      "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
      "{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
      "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
      "{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
      "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
      "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
      "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
      "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
      "{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
      "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
      "{7E545666-F422-45FD-B3DF-C0B99A1A579F}" = QuickBooks Pro 2007
      "{7F831576-6246-42C7-B523-55B3F96509CC}" = LogMeIn
      "{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
      "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
      "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
      "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
      "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
      "{915FECEE-AC40-4ABD-8B50-419A4A7E2751}" = ExactCharge Setup
      "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
      "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
      "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      "{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
      "{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
      "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
      "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
      "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
      "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
      "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
      "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
      "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
      "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
      "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
      "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
      "{D17111CB-C992-42A9-9D56-C19395102AAA}" = Garmin WebUpdater
      "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
      "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
      "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
      "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
      "{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
      "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
      "{ED56170A-EB77-4CD9-B888-A380DA748945}" = ECDSDesktopVersionSetup
      "{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
      "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
      "{F751C062-87DA-4D33-8A12-6E7F1D4C051C}" = Netflix in Windows Media Center
      "{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
      "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
      "{FF8157AA-F640-45BD-B7C2-BAA1016B267A}" = palmOne
      "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
      "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
      "Advanced Audio FX Engine" = Advanced Audio FX Engine
      "Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
      "Dell Video Chat" = Dell Video Chat (remove only)
      "Dell Webcam Central" = Dell Webcam Central
      "FileHippo.com" = FileHippo.com Update Checker
      "Google Chrome" = Google Chrome
      "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
      "Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
      "Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
      "MozillaMaintenanceService" = Mozilla Maintenance Service
      "TreeSize Free_is1" = TreeSize Free V2.5
      "Video Mover_is1" = Video Mover
      "WinGimp-2.0_is1" = GIMP 2.6.11
      "WinLiveSuite" = Windows Live Essentials
       
      ========== Last 20 Event Log Errors ==========
       
      [ Application Events ]
      Error - 7/15/2013 3:20:59 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 3:40:06 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 3:58:52 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 4:23:20 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 4:44:24 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 5:02:51 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 5:20:20 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 5:37:30 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 5:54:50 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      Error - 7/15/2013 6:12:18 PM | Computer Name = Dads-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
      Description = Information Level: error  Initialization of the COM subsystem failed.
       Error code: 0x80070422.
       
      [ Broadcom Wireless LAN Events ]
      Error - 10/5/2012 5:46:09 PM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
      Description = 14:46:09, Fri, Oct 05, 12 Error - Unable to gain access to user store

       
      Error - 3/13/2013 8:46:34 PM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
      Description = 17:46:34, Wed, Mar 13, 13 Error - Unable to gain access to user store

       
      Error - 5/11/2013 3:29:40 PM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
      Description = 12:29:40, Sat, May 11, 13 Error - Unable to gain access to user store

       
      Error - 5/12/2013 5:49:38 AM | Computer Name = Dads-PC | Source = WLAN-Tray | ID = 0
      Description = 02:49:38, Sun, May 12, 13 Error - Unable to gain access to user store

       
      [ Media Center Events ]
      Error - 6/3/2009 9:18:30 PM | Computer Name = Dads-PC | Source = Media Center Guide | ID = 0
      Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
       returned 10000105  Process: DefaultDomain Object Name: Media Center Guide
       
      Error - 6/10/2009 12:00:37 AM | Computer Name = Dads-PC | Source = MCUpdate | ID = 0
      Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
       
      Error - 5/19/2012 1:10:17 AM | Computer Name = Dads-PC | Source = MCUpdate | ID = 0
      Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
       due to an abandoned mutex.'.
       
      Error - 6/18/2013 7:41:02 PM | Computer Name = Dads-PC | Source = MCUpdate | ID = 0
      Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
       due to an abandoned mutex.'.
       
      [ System Events ]
      Error - 7/14/2013 8:46:51 PM | Computer Name = Dads-PC | Source = ipnathlp | ID = 31004
      Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
       may indicate that the system is low on virtual memory, or that the memory manager
       has encountered an internal error.
       
      Error - 7/14/2013 9:05:02 PM | Computer Name = Dads-PC | Source = Microsoft Antimalware | ID = 2001
      Description = %%860 has encountered an error trying to update signatures.     New Signature
       Version:      Previous Signature Version: 1.153.1875.0     Update Source: %%859     Update Stage:
       %%854     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803

         User:
       NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error
       code: 0x80240016     Error description: An unexpected problem occurred while checking
       for updates. For information on installing or troubleshooting updates, see Help
       and Support.
       
      Error - 7/14/2013 9:05:02 PM | Computer Name = Dads-PC | Source = Microsoft Antimalware | ID = 2001
      Description = %%860 has encountered an error trying to update signatures.     New Signature
       Version:      Previous Signature Version: 1.153.1875.0     Update Source: %%859     Update Stage:
       %%854     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803

         User:
       NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error
       code: 0x80240016     Error description: An unexpected problem occurred while checking
       for updates. For information on installing or troubleshooting updates, see Help
       and Support.
       
      Error - 7/14/2013 9:05:02 PM | Computer Name = Dads-PC | Source = Microsoft Antimalware | ID = 2001
      Description = %%860 has encountered an error trying to update signatures.     New Signature
       Version:      Previous Signature Version: 1.153.1875.0     Update Source: %%859     Update Stage:
       %%853     Source Path: http://www.microsoft.com     Signature Type: %%800     Update Type: %%803

         User:
       NT AUTHORITY\SYSTEM     Current Engine Version:      Previous Engine Version: 1.1.9607.0     Error
       code: 0x80240016     Error description: An unexpected problem occurred while checking
       for updates. For information on installing or troubleshooting updates, see Help
       and Support.
       
      Error - 7/14/2013 9:09:51 PM | Computer Name = Dads-PC | Source = DCOM | ID = 10010
      Description =
       
      Error - 7/15/2013 3:51:52 AM | Computer Name = Dads-PC | Source = PlugPlayManager | ID = 12
      Description = The device 'Optiarc DVD+-RW AD-7640S ATA Device' (IDE\CdRomOptiarc_DVD+-RW_AD-7640S________________HD14____\5&31a73856&0&1.0.0)
       disappeared from the system without first being prepared for removal.
       
      Error - 7/15/2013 3:51:51 AM | Computer Name = Dads-PC | Source = atapi | ID = 262153
      Description = The device, \Device\Ide\IdePort1, did not respond within the timeout
       period.
       
      Error - 7/15/2013 5:58:55 PM | Computer Name = Dads-PC | Source = Service Control Manager | ID = 7031
      Description =
       
      Error - 7/15/2013 5:59:51 PM | Computer Name = Dads-PC | Source = Service Control Manager | ID = 7031
      Description =
       
      Error - 7/15/2013 6:00:51 PM | Computer Name = Dads-PC | Source = Service Control Manager | ID = 7032
      Description =
       
       
      < End of report >

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Sorry about that, try this instead.

      Download http://spywarehammer.com/Tools/HijackThis.exe and install it. Once it is running click the Open the Misc Tools Section Then click the Generate Startuplist log button. DO NOT check the two boxes next to the button. When you get a log, post the results here.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline MikeMobes

      • Bronze Member
      • Posts: 55
      Here's the Hijack This Startup List Log:

      StartupList report, 7/15/2013, 9:05:04 PM
      StartupList version: 1.52.2
      Started from : C:\Users\Grammaton Cleric\Downloads\HijackThis.EXE
      Detected: Windows Vista SP2 (WinNT 6.00.1906)
      Detected: Internet Explorer v9.00 (9.00.8112.16496)
      * Using default options
      ==================================================

      Running processes:

      C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe
      C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
      C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
      C:\Program Files (x86)\Belkin\Router Setup and Monitor\dlnaPlugin.exe
      C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
      C:\Program Files (x86)\Mozilla Firefox\firefox.exe
      C:\Program Files (x86)\Internet Explorer\IELowutil.exe
      C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
      C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
      C:\Users\Grammaton Cleric\Downloads\HijackThis.exe

      --------------------------------------------------

      Listing of startup folders:

      Shell folders Common Startup:
      [C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
      Bluetooth.lnk = ?
      EZ VHS Converter Monitor.lnk = C:\Program Files (x86)\ION\EZ VHS Converter\MediaTVMonitor.exe

      --------------------------------------------------

      Checking Windows NT UserInit:

      [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
      UserInit = C:\Windows\system32\userinit.exe,

      --------------------------------------------------

      Autorun entries from Registry:
      HKLM\Software\Microsoft\Windows\CurrentVersion\Run

      PCMService = "C:\Program Files (x86)\Dell\MediaDirect\PCMService.exe"
      InstaLAN = "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
      ArcSoft Connection Service = "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe"
      APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      AppleSyncNotifier = C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
      Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
      iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

      --------------------------------------------------

      Autorun entries from Registry:
      HKCU\Software\Microsoft\Windows\CurrentVersion\Run

      Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      MobileDocuments = C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
      FileHippo.com = "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
      ehTray.exe = C:\Windows\ehome\ehTray.exe

      --------------------------------------------------

      File association entry for .HTA:
      HKEY_CLASSES_ROOT\htafile\shell\open\command

      (Default) = NOTEPAD.EXE %1

      --------------------------------------------------

      Shell & screensaver key from C:\Windows\SYSTEM.INI:

      Shell=*INI section not found*
      SCRNSAVE.EXE=*INI section not found*
      drivers=*INI section not found*

      Shell & screensaver key from Registry:

      Shell=explorer.exe
      SCRNSAVE.EXE=C:\Windows\system32\Aurora.scr
      drivers=*Registry value not found*

      Policies Shell key:

      HKCU\..\Policies: Shell=*Registry value not found*
      HKLM\..\Policies: Shell=*Registry value not found*

      --------------------------------------------------


      Enumerating Browser Helper Objects:

      (no name) - (no file) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
      (no name) - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
      (no name) - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f}
      (no name) - (no file) - {DBC80044-A445-435b-BC74-9C25C1C588A9}
      XBTBPos00 - (no file) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18}

      --------------------------------------------------

      Enumerating Task Scheduler jobs:

      Adobe Flash Player Updater.job
      GoogleUpdateTaskMachineCore.job
      GoogleUpdateTaskMachineUA.job
      User_Feed_Synchronization-{31FF5D21-C0A4-4088-88D1-E5B69F09B617}.job

      --------------------------------------------------

      Enumerating Download Program Files:

      [{C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3}]
      CODEBASE = http://support.dell.com/systemprofiler/DellSystemLite.CAB

      --------------------------------------------------

      Enumerating Winsock LSP files:

      NameSpace #1: C:\Windows\system32\NLAapi.dll
      NameSpace #2: C:\Windows\system32\napinsp.dll
      NameSpace #3: C:\Windows\system32\pnrpnsp.dll
      NameSpace #4: C:\Windows\system32\pnrpnsp.dll
      NameSpace #7: C:\Windows\system32\wshbth.dll
      NameSpace #8: C:\Program Files (x86)\Bonjour\mdnsNSP.dll

      --------------------------------------------------

      Enumerating Windows NT logon/logoff scripts:
      *No scripts set to run*

      Windows NT checkdisk command:
      BootExecute = """autocheck autochk *"""

      Windows NT 'Wininit.ini':
      PendingFileRenameOperations: C:\Program Files (x86)\Google\Update\1.3.21.145||C:\Windows\TEMP\GoogleUpdateSetup.exe399d79b||C:\Config.Msi\3c4d927.rbf||C:\Config.Msi\3c4d92a.rbf||C:\Config.Msi\3c4d92e.rbf||C:\Config.Msi\3c4d931.rbf||C:\Config.Msi\3c4d935.rbf||C:\Config.Msi\3c4d937.rbf||C:\Config.Msi\3c4d938.rbf||C:\Config.Msi\3c4d93c.rbf||C:\Config.Msi\3c4d9d6.rbf||C:\Config.Msi\3c4da10.rbf||C:\Config.Msi\3c4da3c.rbf||C:\Config.Msi\3c4da3f.rbf||C:\Config.Msi\3c4da83.rbf


      --------------------------------------------------

      Enumerating ShellServiceObjectDelayLoad items:

      WebCheck: C:\Windows\SysWOW64\webcheck.dll

      --------------------------------------------------
      End of report, 6,501 bytes
      Report generated in 0.078 seconds

      Command line options:
         /verbose  - to add additional info on each section
         /complete - to include empty sections and unsuspicious data
         /full     - to include several rarely-important sections
         /force9x  - to include Win9x-only startups even if running on WinNT
         /forcent  - to include WinNT-only startups even if running on Win9x
         /forceall - to include all Win9x and WinNT startups, regardless of platform
         /history  - to list version history only

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      OK, I can see a few things I would turn off if it were my computer. But it is not, so I need to know what you eventually want to use this computer for? With the memory not being used, the harddrive being mostly empty, and the swap file on the large side, your computer should be zipping along. That leaves what is running in the background. Also I am concerned there may be pieces of old security programs running in the back ground that would prevent the current programs from running. So I need you to run one more small scanner.

      • Download Security Check by screen317 from HERE or HERE
      • Save it to your Desktop.
      • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box. Press any key when asked.
      • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline MikeMobes

      • Bronze Member
      • Posts: 55
      I'm open to suggestion as far as things to turn off goes.  I plan on using this laptop as a home office type computer. As long as it will handle Kies, Open Office, the internet, stream videos, skype, GIMP...  No Crysis or anything crazy.

      Here's the checkup.txt

       Results of screen317's Security Check version 0.99.69 
       Windows Vista Service Pack 2 x64 (UAC is enabled) 
       Internet Explorer 9 
       Internet Explorer 8 
      ``````````````Antivirus/Firewall Check:``````````````[/u]
       Windows Firewall Enabled! 
      Microsoft Security Essentials   
       Antivirus up to date! 
      `````````Anti-malware/Other Utilities Check:`````````[/u]
       Malwarebytes Anti-Malware version 1.75.0.1300 
       Adobe Flash Player    11.8.800.94 
       Adobe Reader 10.1.7 Adobe Reader out of Date! 
       Mozilla Firefox (22.0)
       Google Chrome 28.0.1500.71 
       Google Chrome 28.0.1500.72 
      ````````Process Check: objlist.exe by Laurent````````[/u] 
       Microsoft Security Essentials MSMpEng.exe
       Microsoft Security Essentials msseces.exe
      `````````````````System Health check`````````````````[/u]
       Total Fragmentation on Drive C: 0 %
      ````````````````````End of Log``````````````````````[/u]

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Below are a set of suggestions to help the computer run better. If you are unsure about a suggestion, just ask. If you would rather not do as suggested, just let me know so I don't wonder why it has not changed.

      First off is Adobe Acrobat. I recommend getting rid of that. It has become to big a problem. Instead I suggest ]Foxit reader. It does the exact same things as Acrobat, but is smaller and integrates into browsers with fewer problems.

      Next is you have remnants of Norton programs installed. If you don't need your license number go to step three on this page, download Norton Removal Tool. If you do need your license number than please go to the license recovery instructions.

      Next I would go into Router Setup and Monitor and stop it from starting with Windows. Then run it when you need it.

      Do the same with Dell MediaDirect, unless you use it a lot it is just sucking up resources.

      Next go to the programs and features control panel and uninstall every version of Java listed. Then go to into Firefox and then to Tools and then to Addons and go thru the addons and uninstall anything Java there. Once you have uninstalled Java, go to http://www.java.com/en/ and click the bIg read Download and Install button.

      Once that is done, reboot the computer and see how it is running. Let me know how its going.

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!

      Offline MikeMobes

      • Bronze Member
      • Posts: 55
      Ok, Acrobat removed, The norton removal tool pops up an error message saying that im supposed to remove "norton utilities 14" throught the add/remove programs before i can proceed with the removal tool. The problem is that there are no norton programs listed in programs and features. Router Set Up successfully disabled.  In Dell MediaDirect, i cant for the life of me find a way to disable its startup. Uninstalled the one Java instance i found in programs and features.

      Offline Hoov

      • Malware Removal Mentors
      • Administrator
      • Diamond Member
      • Posts: 27141
      • Unwilling part owner of Gov't. Motors and Chrysler
        • Hoov's Personal Site
      Do you know how to edit the registry?

      Former Consumer Security MVP
      2011-2014

      If I am helping you and you don't hear from me for 24Hrs, send me a PM Please!