OTL Extras logfile created on: 10/15/2010 9:49:28 AM - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 65.00% Memory free 4.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.78 Gb Total Space | 27.58 Gb Free Space | 12.38% Space Free | Partition Type: NTFS Drive D: | 10.00 Gb Total Space | 2.47 Gb Free Space | 24.65% Space Free | Partition Type: NTFS Drive F: | 31.26 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Computer Name: MARVINVARGAS-PC | User Name: Marvin Vargas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4155845207-4000650786-3188489283-1000] "EnableNotifications" = 0 "EnableNotificationsRef" = 2 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01C4AFB1-73C0-471E-9188-5F76640B45C6}" = lport=5358 | protocol=6 | dir=in | app=system | "{025569B8-7B5E-428C-9BE0-C980DF542531}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe | "{091C6E9B-FB5D-489F-8ADD-98DCBAF004B3}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | "{12271EA3-43C1-417B-B7EA-D536ED5DE423}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe | "{184A4099-5560-44AE-A69E-2A4E66C9CEF9}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe | "{21A3B402-E6BC-49EF-BB35-69C9F8063AAC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{21B30671-54F2-4208-900E-4836A29CE0C6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3077CAC0-3936-41C8-85B3-C32F2ECF0131}" = rport=3587 | protocol=6 | dir=out | svc=p2psvc | app=%systemroot%\system32\svchost.exe | "{386B7603-DFFD-41C1-A42D-792C6E706409}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{3F701EC1-6474-48A6-921C-8DC9F2AFCFA3}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | "{43A845BB-776C-4EFD-A525-B12CD534AA49}" = lport=5722 | protocol=6 | dir=in | svc=dfsr | app=%systemroot%\system32\dfsr.exe | "{50F34B62-1E58-41C0-BD9A-7B49DCAE5D81}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe | "{5A399BCC-6DF7-4F00-A726-6156074D5349}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{5A90EEE7-63BB-45B8-B43E-A594F047D284}" = rport=5358 | protocol=6 | dir=out | app=system | "{5F008CC8-8907-4763-8B87-F3659E1C5833}" = rport=5357 | protocol=6 | dir=out | app=system | "{85900A91-7B33-4A3A-B5C4-EE033EDBE8DE}" = lport=2869 | protocol=6 | dir=in | app=system | "{894A7E9E-9C15-48AF-BD38-52D98AD9E3E1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8F71814C-15C2-4623-9550-6FC062C37007}" = rport=5722 | protocol=6 | dir=out | svc=dfsr | app=%systemroot%\system32\dfsr.exe | "{90F81EA3-1162-49CE-A54E-88E014C4028C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{A3289AFD-C466-4037-9E84-59CE4FB4E7D7}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{B1582C8E-E1AA-4B4F-900B-2B15E06A7C94}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\netproj.exe | "{B6DBCA07-F0A5-41BA-9C8E-C5893F1E14EF}" = lport=2869 | protocol=6 | dir=in | app=system | "{B8A4D939-4865-4B48-929A-A11A45872958}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{C45E21FD-09DB-4427-935C-9F2395B5D5EB}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{C4F751D8-6A79-4D35-9F40-071BCA67A6C1}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe | "{C5929B4A-D848-44A9-BA80-319EE421A502}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe | "{C7D7504B-2C10-4860-B910-306E0E279852}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{CD8FC74E-EB19-4AAF-8F7D-E345DCAD6235}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{D0845100-827A-41D6-BC58-0EFEC9116E7E}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\netproj.exe | "{D6B907D8-B8F7-4496-9649-39644F4E2B9E}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | "{D72EF7EB-BEC5-4A61-A85C-74ACB3B1BEE8}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe | "{E7F5D292-3318-4545-8DC7-33814B10056C}" = lport=5357 | protocol=6 | dir=in | app=system | "{F77559EE-5B8D-4A30-BD6E-5E4DA2D24F46}" = lport=3587 | protocol=6 | dir=in | svc=p2psvc | app=%systemroot%\system32\svchost.exe | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00197987-7AB9-4371-9B82-DD2E346ED88E}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | "{0440E400-E028-4FD1-B1C0-C822AB353F50}" = protocol=6 | dir=in | app=%systemroot%\system32\netproj.exe | "{05CBF200-DCD9-4455-8C88-B61E82F0042D}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{0C64BF06-782D-4874-8695-E32DCF91A538}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe | "{0DB907DA-1A10-4CDC-A08B-853EA0712608}" = protocol=6 | dir=out | app=%systemroot%\system32\netproj.exe | "{1BE3DB38-9E92-48FF-85AA-DCE43E513567}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{1CACE799-53DB-46EB-96AD-A12E56E910E7}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{2096DA9E-90D9-4D4B-994E-0FEFE4262F3A}" = protocol=6 | dir=in | app=c:\marvin\torrent\utorrent.exe | "{28CA7825-4B5E-4058-B01C-E0B9F180672A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{294E14C5-3468-4283-84E2-A61DCFBE561E}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{345666D5-2EFB-4A3C-B86D-EF0C17CBC9B9}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{403F215D-DD3B-4510-AA61-13C945797434}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{438400EE-6D17-4FC3-9541-D11BDD3B297C}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe | "{46199D3E-C944-4B2D-9B04-07BB61D8F663}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{462A3F2F-1085-4D07-93C7-5909E3848EC4}" = protocol=17 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{48E8C2C9-2EA4-4FDD-8C83-B69FE2427ACC}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe | "{5B6D62F1-AD02-4279-8AF0-39BDDCF03815}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe | "{5FB26504-5344-43D3-BC41-915D46242AA1}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | "{60F093AC-CAF4-40EA-86E0-B8B375CDBBBF}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{6B683AAD-0523-4A0D-AEF6-C544CFE12119}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{6BD7AACF-6222-4064-9987-5C9FAEB0BF07}" = protocol=6 | dir=in | app=c:\marvin\torrent\utorrent.exe | "{6EE8E2B7-F128-470E-9159-912ECAB587D7}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe | "{71B114E8-EB17-4AEB-BFA4-30BB84D94935}" = protocol=6 | dir=in | app=c:\downloads\sc2-battlereport-4_esrb-downloader.exe | "{75EBDD54-113E-4088-BFB3-BB6D2E1419D0}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "{7A30DD33-349A-40CD-83DB-45F2B02E8E45}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{7CAC5E25-4AF7-4159-881B-A74DDF396E76}" = protocol=17 | dir=in | app=c:\marvin\torrent\utorrent.exe | "{8131B25A-3B50-4532-A13F-7A3BCA271890}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{84523525-463E-428D-90E8-B27843886EE6}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe | "{85A2DA36-1061-4E7D-B214-04CD810F6B81}" = protocol=6 | dir=in | app=%programfiles%\windows collaboration\wincollab.exe | "{8B113959-1A56-45C7-B696-DE4F96698D80}" = protocol=17 | dir=in | app=c:\downloads\sid meier's civilization 4 demo\civilization4.exe | "{8E3E9CA9-C705-4E65-BB4B-C0A17BEDF4CD}" = protocol=6 | dir=in | app=c:\downloads\sid meier's civilization 4 demo\civilization4.exe | "{8F01AE0F-9259-4295-B66D-1963A484BC74}" = protocol=6 | dir=in | app=c:\downloads\diablo3-gameplaytrailer_en-us-downloader.exe | "{97153DD0-9D4A-483E-BA78-51530322B2ED}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe | "{9B374E19-1CDA-464C-9FFE-D27FEC5F6D8B}" = protocol=17 | dir=in | app=c:\program files\shareaza\shareaza.exe | "{9D62CEA2-7EA8-451F-974D-482F584A9252}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | "{9F023746-58CC-429F-BA0A-8511C93B98A8}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{A6692007-FBF0-4A27-95B2-40DF934BBD89}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | "{B4607E4F-CDF6-416C-AF00-01BFD9BCD0EC}" = protocol=17 | dir=in | app=c:\downloads\terran_demo_esrb_xvid.avi-downloader.exe | "{BEA51708-9130-4215-A812-D1AD78BDF546}" = protocol=6 | dir=in | app=c:\program files\shareaza\shareaza.exe | "{CE650AC0-FB43-40EE-A01A-3BDB46D2AC5F}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe | "{D67D3E64-5506-4ACB-B36F-64DB896CC16B}" = protocol=6 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{D683BB28-19CE-49E3-AE7C-0A14A2E7E3E3}" = dir=in | app=c:\program files\msn messenger\livecall.exe | "{DA055D50-BB5D-4F93-9E3E-085B80C95771}" = protocol=6 | dir=in | app=c:\downloads\terran_demo_esrb_xvid.avi-downloader.exe | "{E34F882D-BB16-4095-9C8C-2BCB00E979F5}" = protocol=17 | dir=in | app=c:\downloads\diablo3-gameplaytrailer_en-us-downloader.exe | "{E7B9F9F2-CAAB-4DC5-B038-D937A506C7D7}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe | "{EA09B8E4-F7A5-4086-B5C9-10882F60F4C4}" = protocol=17 | dir=in | app=c:\downloads\sc2-battlereport-4_esrb-downloader.exe | "{F43FADC4-2C85-4A4C-866D-1101219F6B6F}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{F5B7C013-5F49-4A1E-A138-241A7B85F8D5}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe | "{F84E9D8B-06D1-4213-816C-01439D3AACDB}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe | "{F8815B75-11AC-459B-9190-4B4638AC9344}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{F9111D0C-85D7-49D1-AA5F-DCAC39A455E2}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe | "{F924C9E6-528C-49A1-85F0-26069C912054}" = protocol=17 | dir=in | app=c:\marvin\torrent\utorrent.exe | "{F9F2230A-1203-48B4-BE6F-A75EBCB0AA98}" = protocol=17 | dir=out | app=%programfiles%\windows collaboration\wincollab.exe | "{FD932FC6-20A1-4ED7-A46B-A1E13D8112B2}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe | "{FDBC481E-2080-4EE5-8792-90E3564B0AD8}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe | "{FED1AF5D-016B-4F36-A23C-01AD93936C36}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | "TCP Query User{1D9D69DB-F74A-4EC8-9534-CAA59ED3E1EA}C:\last.fm\lastfm.exe" = protocol=6 | dir=in | app=c:\last.fm\lastfm.exe | "TCP Query User{325F312B-929A-49AA-87A9-932A490FDB20}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe | "TCP Query User{56F642A3-F5CA-4F07-9F0A-ADB4385E974D}C:\downloads\valve\steam\steamapps\yovargas\rag doll kung fu demo\rag_doll_kung_fu_steam.exe" = protocol=6 | dir=in | app=c:\downloads\valve\steam\steamapps\yovargas\rag doll kung fu demo\rag_doll_kung_fu_steam.exe | "TCP Query User{7836E460-A21E-42A9-89C8-25211DAD06E9}C:\program files\webot\jre\launch4j-tmp\webot.exe" = protocol=6 | dir=in | app=c:\program files\webot\jre\launch4j-tmp\webot.exe | "TCP Query User{7D09CD9F-88E9-448E-873A-2541B7525A04}C:\games\diablo i\diablo.exe" = protocol=6 | dir=in | app=c:\games\diablo i\diablo.exe | "TCP Query User{A2958B02-86D6-42D2-8378-E729238DF2E2}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{B00E9A93-6C50-4FB9-834F-E1C49ECE5FC2}C:\games\diablo ii\game.exe" = protocol=6 | dir=in | app=c:\games\diablo ii\game.exe | "TCP Query User{D4A722F9-A0EF-4568-B933-3B0F22C3B0C4}C:\games\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\games\starcraft\starcraft.exe | "TCP Query User{DCB872B6-588C-4BDA-AC87-5C217D538B93}C:\program files\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files\trillian\trillian.exe | "TCP Query User{E1A36ED7-DDC4-4DC5-A9EA-3E37D6BD6BDC}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "TCP Query User{F848889D-8DC2-45AF-B523-CC55E957171C}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{1362D18F-E0F3-42AE-9A3F-9C216D942C48}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe | "UDP Query User{181B095A-9F5B-46A9-8F4C-97F14D7976EA}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{1F96A08A-7E68-42C6-BD49-FB2020F1CDEE}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe | "UDP Query User{24B2BCEE-55D3-45CC-BA06-BC20325F88AE}C:\games\diablo i\diablo.exe" = protocol=17 | dir=in | app=c:\games\diablo i\diablo.exe | "UDP Query User{3876F1AB-26D4-431C-9FC2-9158854F0BD7}C:\last.fm\lastfm.exe" = protocol=17 | dir=in | app=c:\last.fm\lastfm.exe | "UDP Query User{416EBEDE-9C76-48F3-9DE6-318D2A4D51D1}C:\games\diablo ii\game.exe" = protocol=17 | dir=in | app=c:\games\diablo ii\game.exe | "UDP Query User{6CA140B9-75C1-46E1-8055-42C94C18A321}C:\program files\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files\trillian\trillian.exe | "UDP Query User{82CB4E8F-C6EF-4AA6-83A6-9C00873FEB15}C:\downloads\valve\steam\steamapps\yovargas\rag doll kung fu demo\rag_doll_kung_fu_steam.exe" = protocol=17 | dir=in | app=c:\downloads\valve\steam\steamapps\yovargas\rag doll kung fu demo\rag_doll_kung_fu_steam.exe | "UDP Query User{A4B85796-F820-422B-9240-58E4B05AC919}C:\games\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\games\starcraft\starcraft.exe | "UDP Query User{D4721CDB-024B-474C-82D1-6FF5EAA536B9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | "UDP Query User{E20A8F4B-DA3E-49B7-9FAD-BC7DFC39260A}C:\program files\webot\jre\launch4j-tmp\webot.exe" = protocol=17 | dir=in | app=c:\program files\webot\jre\launch4j-tmp\webot.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools "{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals "{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour "{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data "{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 21 "{2A241A64-9AD1-4D94-A227-6C3D5D2F854D}" = Sid Meier's Civilization 4 Demo "{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online "{2CD2C0DB-81C3-416B-9FA6-589B9235359B}" = OpenOffice.org 2.4 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6 "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module "{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = URL Assistant "{3FC0833E-073C-4D5D-A046-74BC32358CB3}" = GroupWise Messenger "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker "{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth "{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36 "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.5 "{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works "{6EA45FAC-6F5F-43EE-87D7-4688AF9E2F07}" = Company of Heroes Single Player Demo "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72FD19BF-F4B8-4578-B258-478924F64D9E}" = Anarchy Online and the Lost Eden expansion pack "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7B63B2922B174135AFC0E1377DD81EC2}" = "{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio "{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin "{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1033-7B44-A70800000002}" = Adobe Reader 7.0.8 "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter "{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center "{BCA02FAD-2C86-4C8C-A815-51C09F4E51FF}" = Dual-Core Optimizer "{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer "{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE "{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime "{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform "{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call "{FBBFABCD-E075-457B-A70B-CF40C66CF033}" = Sid Meier's Civilization 4 Demo "AC3Filter_is1" = AC3Filter 1.63b "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "AIM_6" = AIM 6 "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3 "ASIO4ALL" = ASIO4ALL "Audacity_is1" = Audacity 1.2.6 "avast5" = avast! Free Antivirus "Battle.net" = Battle.net "Bookmark Express" = Bookmark Express "CCleaner" = CCleaner (remove only) "Collab" = Collab "Diablo" = Diablo "Diablo II" = Diablo II "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters "DivX Setup.divx.com" = DivX Setup "ERUNT_is1" = ERUNT 1.1j "Expression Tone Generator" = Expression Tone Generator "FL Studio 8" = FL Studio 8 "Free FLV Converter_is1" = Free FLV Converter V 6.7.4 "Free Registry Defrag_is1" = Free Registry Defrag "Google Desktop" = Google Desktop "IL Download Manager" = IL Download Manager "InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}" = Command & Conquer Generals "InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic "JDiskReport 1.3.1" = JGoodies JDiskReport 1.3.1 "LAME for Audacity_is1" = LAME v3.98.2 for Audacity "LastFM_is1" = Last.fm 1.5.4.24567 "MadTracker 2" = MadTracker 2 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Memorex 6136 U Scanner Driver" = Memorex 6136 U Scanner Driver "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Move Networks Player - IE" = Move Networks Media Player for Internet Explorer "Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10) "NetHack - Falcon's Eye_is1" = NetHack 3.3.1 - Falcon's Eye 1.9.2 "NVIDIA Drivers" = NVIDIA Drivers "PoiZone" = PoiZone "RealPlayer 6.0" = RealPlayer "ST6UNST #1" = Hero Editor "Starcraft" = Starcraft "Steam" = Steam "Steam App 12900" = Audiosurf "Studio Buddy" = Studio Buddy "Toxic Biohazard" = Toxic Biohazard "Trillian" = Trillian "uTorrent" = µTorrent "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "Xvid_is1" = Xvid 1.2.2 final uninstall "Yahoo! Messenger" = Yahoo! Messenger [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Steam App 1003" = Rag Doll Kung Fu Demo "Steam App 7710" = Bioshock Demo "Steam App 9100" = Doom 3 Demo [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 10/13/2010 9:33:18 PM | Computer Name = MarvinVargas-PC | Source = Application Error | ID = 1000 Description = Faulting application AcroRd32.exe, version 7.0.8.218, time stamp 0x446abf60, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000005, fault offset 0x0003d13a, process id 0x650, application start time 0x01cb6b3fb9de0cc0. Error - 10/13/2010 9:46:54 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 10/13/2010 9:46:54 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 10/13/2010 9:46:54 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 10/13/2010 9:47:13 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 10/13/2010 9:57:46 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 10/13/2010 10:14:12 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 10/13/2010 10:38:24 PM | Computer Name = MarvinVargas-PC | Source = Application Error | ID = 1000 Description = Faulting application svchost.exe, version 6.0.6001.18000, time stamp 0x47918b89, faulting module ntdll.dll, version 6.0.6001.18000, time stamp 0x4791a7a6, exception code 0xc0000005, fault offset 0x00046480, process id 0x478, application start time 0x01cb67d96b992268. Error - 10/13/2010 10:56:38 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = Error - 10/13/2010 11:01:26 PM | Computer Name = MarvinVargas-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083 Description = [ Media Center Events ] Error - 7/31/2008 7:33:48 PM | Computer Name = MarvinVargas-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 8/28/2008 9:44:55 AM | Computer Name = MarvinVargas-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. [ System Events ] Error - 10/15/2010 9:31:58 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7001 Description = Error - 10/15/2010 9:31:58 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7001 Description = Error - 10/15/2010 9:31:58 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7000 Description = Error - 10/15/2010 9:33:59 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7001 Description = Error - 10/15/2010 9:39:42 AM | Computer Name = MarvinVargas-PC | Source = EventLog | ID = 6008 Description = The previous system shutdown at 9:38:24 AM on 10/15/2010 was unexpected. Error - 10/15/2010 9:39:59 AM | Computer Name = MarvinVargas-PC | Source = HTTP | ID = 15016 Description = Error - 10/15/2010 9:40:17 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7001 Description = Error - 10/15/2010 9:40:17 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7001 Description = Error - 10/15/2010 9:40:17 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7000 Description = Error - 10/15/2010 9:42:08 AM | Computer Name = MarvinVargas-PC | Source = Service Control Manager | ID = 7001 Description = < End of report >