I currently have a desktop that's running Vista 32 bit home on it. Not sure which other details you need for it as well, let me know and I'd be happy to find out.
I've read the forum topic to remove malware and such, and followed it as well as I could. I kept a running log of everything that I did, step by step as I did it as well. I will post it here, so that you know as well. Please keep in mind that now, my desktop will not go to ANY web page, so anything that I download or view, will have to be done on my laptop, which is running Windows XP.
Thank you much in advance.
Jessica
Errors while trying to run all of the recommended items;
SysRestore;
See the end of this message for details on invoking
just-in-time (JIT) debugging instead of this dialog box.
************** Exception Text **************
System.Runtime.InteropServices.COMException (0x800423F4): Exception from HRESULT: 0x800423F4
at Microsoft.VisualBasic.CompilerServices.LateBinding.LateGet(Object o, Type objType, String name, Object[] args, String[] paramnames, Boolean[] CopyBack)
at Microsoft.VisualBasic.CompilerServices.NewLateBinding.LateGet(Object Instance, Type Type, String MemberName, Object[] Arguments, String[] ArgumentNames, Type[] TypeArguments, Boolean[] CopyBack)
at SysRestorePoint.Module1.CreateRestorePoint()
at SysRestorePoint.Form1.Form1_Load(Object eventSender, EventArgs eventArgs)
at System.EventHandler.Invoke(Object sender, EventArgs e)
at System.Windows.Forms.Form.OnLoad(EventArgs e)
at System.Windows.Forms.Form.OnCreateControl()
at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
at System.Windows.Forms.Control.CreateControl()
at System.Windows.Forms.Control.WmShowWindow(Message& m)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
at System.Windows.Forms.ContainerControl.WndProc(Message& m)
at System.Windows.Forms.Form.WmShowWindow(Message& m)
at System.Windows.Forms.Form.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.OnMessage(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
************** Loaded Assemblies **************
mscorlib
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/Microsoft.NET/Framework/v2.0.50727/mscorlib.dll
----------------------------------------
SysRestorePoint
Assembly Version: 1.3.0.0
Win32 Version: 1.3.0.0
CodeBase: file:///C:/Users/Jessica/Desktop/SysRestorePoint.exe
----------------------------------------
Microsoft.VisualBasic
Assembly Version: 8.0.0.0
Win32 Version: 8.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/assembly/GAC_MSIL/Microsoft.VisualBasic/8.0.0.0__b03f5f7f11d50a3a/Microsoft.VisualBasic.dll
----------------------------------------
System
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System/2.0.0.0__b77a5c561934e089/System.dll
----------------------------------------
System.Windows.Forms
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Windows.Forms/2.0.0.0__b77a5c561934e089/System.Windows.Forms.dll
----------------------------------------
System.Drawing
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Drawing/2.0.0.0__b03f5f7f11d50a3a/System.Drawing.dll
----------------------------------------
System.Runtime.Remoting
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Runtime.Remoting/2.0.0.0__b77a5c561934e089/System.Runtime.Remoting.dll
----------------------------------------
System.Configuration
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Configuration/2.0.0.0__b03f5f7f11d50a3a/System.Configuration.dll
----------------------------------------
System.Xml
Assembly Version: 2.0.0.0
Win32 Version: 2.0.50727.1434 (REDBITS.050727-1400)
CodeBase: file:///C:/Windows/assembly/GAC_MSIL/System.Xml/2.0.0.0__b77a5c561934e089/System.Xml.dll
----------------------------------------
************** JIT Debugging **************
To enable just-in-time (JIT) debugging, the .config file for this
application or computer (machine.config) must have the
jitDebugging value set in the system.windows.forms section.
The application must also be compiled with debugging
enabled.
For example:
<configuration>
<system.windows.forms jitDebugging="true" />
</configuration>
When JIT debugging is enabled, any unhandled exception
will be sent to the JIT debugger registered on the computer
rather than be handled by this dialog box.
==============================================================
Malwarebytes' Anti-Malware;
Webpage will not load - for download or 'home' - when trying to enter the address in manually, it goes to a google search page, and still will not load. Tried to change to just he direct address for the domain, and still nothing.
==============================================================
avast!
two files were detected after running avast - I told it to clean, it said unable, so I chose delete. The files were stated as being "Alureon-Am [RTK]" and "Trojan-gen {Other}"
It ran fine, then sat at 99% complete for almost 5 hours. I pressed escape, the computer booted up, and I was unable to connect to the internet with internet explorer at all. I went ahead and ran avast again, and it only found the first "Alureon-Am {RTK}" this time. I was not in front of my monitor when it booted up after this run of the program.
It is still currently running in the background.
=============================================================
Rooter
When I open this application (I had to download it with my laptop, and transfer it to a network folder for my desktop, which is how I'm now posting any of this) it does not show the application in English. I believe it's in French. I understand the word Error, and then it closes, no matter the option I chose. If you'd like destails, or a screen cap, please let me know and I can post it.
=============================================================
OTList2
OTList Log File;
OTListIt logfile created on: 5/23/2009 10:32:34 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\Jessica\Desktop\For Matthew
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.44% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4090 4095 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.19 Gb Total Space | 35.64 Gb Free Space | 15.97% Space Free | Partition Type: NTFS
Drive D: | 9.70 Gb Total Space | 4.10 Gb Free Space | 42.28% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JESSICA-PC
Current User Name: Jessica
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
PRC - C:\Windows\system32\crypserv.exe (Kenonic Controls Ltd.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
PRC - C:\Windows\system32\lxczcoms.exe ( )
PRC - C:\Windows\system32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\Explorer.EXE (Microsoft Corporation)
PRC - C:\Windows\sttray.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
PRC - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files\AIM6\aim6.exe (AOL LLC)
PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files\AIM6\aolsoftware.exe (AOL LLC)
PRC - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
PRC - C:\Users\Jessica\Desktop\For Matthew\OTListIt2.exe (OldTimer Tools)
========== Win32 Services (SafeList) ==========
SRV - (Apple Mobile Device [Auto | Running]) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple, Inc.)
SRV - (aswUpdSv [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)
SRV - (avast! Antivirus [Auto | Running]) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)
SRV - (avast! Mail Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)
SRV - (avast! Web Scanner [On_Demand | Running]) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)
SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (cmdAgent [Auto | Stopped]) -- File not found
SRV - (Crypkey License [Auto | Running]) -- C:\Windows\system32\crypserv.exe (Kenonic Controls Ltd.)
SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation)
SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (FontCache3.0.0.0 [On_Demand | Running]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (gusvc [Auto | Stopped]) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (IAANTMON [Auto | Running]) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe (Intel Corporation)
SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (lxcz_device [Auto | Running]) -- C:\Windows\system32\lxczcoms.exe ( )
SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Roxio UPnP Renderer 9 [On_Demand | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe (Sonic Solutions)
SRV - (Roxio Upnp Server 9 [Auto | Stopped]) -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe (Sonic Solutions)
SRV - (RoxLiveShare9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (Sonic Solutions)
SRV - (RoxMediaDB9 [On_Demand | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9 [Auto | Stopped]) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (usnjsvc [On_Demand | Running]) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe (Microsoft Corporation)
SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (WLSetupSvc [On_Demand | Stopped]) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe (Microsoft Corporation)
SRV - (WMPNetworkSvc [Auto | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (XAudioService [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.)
========== Driver Services (SafeList) ==========
DRV - (ac97intc [On_Demand | Stopped]) -- C:\Windows\system32\drivers\ac97intc.sys (Intel Corporation)
DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (aswFsBlk [Auto | Running]) -- C:\Windows\system32\DRIVERS\aswFsBlk.sys (ALWIL Software)
DRV - (aswMonFlt [Auto | Running]) -- C:\Windows\system32\DRIVERS\aswMonFlt.sys (ALWIL Software)
DRV - (aswRdr [System | Running]) -- C:\Windows\System32\drivers\aswRdr.sys (ALWIL Software)
DRV - (aswSP [System | Running]) -- C:\Windows\System32\drivers\aswSP.sys (ALWIL Software)
DRV - (aswTdi [System | Running]) -- C:\Windows\System32\drivers\aswTdi.sys (ALWIL Software)
DRV - (bcm4sbxp [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\bcm4sbxp.sys (Broadcom Corporation)
DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (cmdGuard [System | Running]) -- C:\Windows\System32\DRIVERS\cmdguard.sys (COMODO)
DRV - (cmdHlp [System | Running]) -- C:\Windows\System32\DRIVERS\cmdhlp.sys (COMODO)
DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (e1express [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\e1e6032.sys (Intel Corporation)
DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation)
DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (hamachi [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\hamachi.sys (LogMeIn, Inc.)
DRV - (HECI [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HECI.sys (Intel Corporation)
DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWBS2 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\ialmnt5.sys (Intel Corporation)
DRV - (iaStor [Boot | Running]) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (iaStorV [Boot | Running]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (igfx [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation)
DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (Inspect [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\inspect.sys (COMODO)
DRV - (IntelDH [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\IntelDH.sys (Intel Corporation)
DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (netr73 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\WUSB54GCx86.sys (Ralink Technology Inc.)
DRV - (NETw2v32 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\NETw2v32.sys (Intel® Corporation)
DRV - (NetworkX [System | Running]) -- C:\Windows\system32\ckldrv.sys ()
DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (pavboot [Boot | Running]) -- C:\Windows\system32\drivers\pavboot.sys (Panda Security, S.L.)
DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (RimUsb [On_Demand | Stopped]) -- C:\Windows\System32\Drivers\RimUsb.sys (Research In Motion Limited)
DRV - (RimVSerPort [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\RimSerial.sys (Research in Motion Ltd)
DRV - (ROOTMODEM [On_Demand | Running]) -- C:\Windows\System32\Drivers\RootMdm.sys (Microsoft Corporation)
DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (snpstd [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\snpstd.sys ()
DRV - (sptd [Boot | Running]) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (SRS_SSCFilter [On_Demand | Running]) -- C:\Windows\system32\drivers\srs_sscfilter_i386.sys ()
DRV - (STHDA [On_Demand | Running]) -- C:\Windows\system32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\usbaudio.sys (Microsoft Corporation)
DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (vncmirror [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\vncmirror.sys (RealVNC Ltd.)
DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (winachsf [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (XAudio [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.sys (Conexant Systems, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.gateway.c...h...DTP&M=DX430
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...h...DTP&M=DX430
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.c...h...DTP&M=DX430
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "about:blank"
[2009/01/07 14:22:34 | 00,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\mozilla\Firefox\Profiles\8kndky55.default\extensions
[2009/04/19 12:03:39 | 00,000,000 | ---D | M] -- C:\Users\Jessica\AppData\Roaming\mozilla\Firefox\Profiles\8kndky55.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/12/09 19:06:44 | 00,002,158 | ---- | M] () -- C:\Users\Jessica\AppData\Roaming\Mozilla\FireFox\Profiles\8kndky55.default\searchplugins\MySpace.xml
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - Reg Error: Key error. File not found
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.32.5\MySpaceToolbar.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - Reg Error: Key error. File not found
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\windows\system32\BAE.dll (Gateway Inc.)
O3 - HKLM\..\Toolbar: (MySpace Toolbar) - {28AED1AF-B164-44CD-B435-CF04AA955015} - C:\Program Files\MySpace\Toolbar\1.0.32.5\MySpaceToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - Reg Error: Key error. File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h File not found
O4 - HKLM..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h File not found
O4 - HKLM..\Run: [css] C:\Program Files\Comodo\Css\cssurf.exe /s File not found
O4 - HKLM..\Run: [SigmatelSysTrayApp] sttray.exe (SigmaTel, Inc.)
O4 - HKCU..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp (AOL LLC)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe (soft thinks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {36A4B20A-2B75-4101-86CE-F9B03CA4B91C} http://bgweb.nowcdn....DownStarter.cab (DownStarter Control)
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onec...s/wlscctrl2.cab (Windows Live OneCare safety scanner control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} http://webserver.dyy...nt/DyynoCAB.CAB (DyynoX Class)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....NPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} http://support.gatew...rvest/gwCID.CAB (compid Class)
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} http://disteng.neffi...ffyLauncher.cab (NeffyLauncherCtl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.myspace...ronGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.92,85.255.112.104
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{9AD8EE3D-4182-4E08-9056-F23949BBA1EA}\\NameServer = 85.255.112.92,85.255.112.104
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{F6CA162D-FDA8-4AEB-B173-985E3059E249}\\NameServer = 85.255.112.92,85.255.112.104
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\system32\guard32.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\Comodo\Css\cssdll32.dll) - C:\PROGRA~1\Comodo\Css\cssdll32.dll File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\system32\igfxdev.dll (Intel Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/05/23 10:31:41 | 00,000,000 | R--D | M]
========== Files/Folders - Created Within 30 Days ==========
[1 C:\Windows\*.tmp files]
[2009/05/23 10:17:21 | 00,000,000 | ---D | C] -- C:\Rooter$
[2009/05/22 12:50:34 | 00,051,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2009/05/22 12:50:34 | 00,023,152 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2009/05/22 12:50:34 | 00,001,887 | ---- | C] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/05/22 12:50:26 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\Windows\System32\AvastSS.scr
[2009/05/22 12:50:25 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys
[2009/05/22 12:50:25 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2009/05/22 12:50:06 | 01,256,296 | ---- | C] (ALWIL Software) -- C:\Windows\System32\aswBoot.exe
[2009/05/22 12:50:06 | 00,380,928 | ---- | C] () -- C:\Windows\System32\actskin4.ocx
[2009/05/22 12:50:06 | 00,051,792 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2009/05/22 12:50:04 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/05/22 12:49:22 | 34,346,616 | ---- | C] () -- C:\Users\Jessica\Desktop\setupeng.exe
[2009/05/22 12:34:34 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/05/22 12:33:54 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/05/20 16:04:40 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Jessica\Desktop\erunt_setup.exe
[2009/05/20 16:04:15 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Jessica\Desktop\SysRestorePoint.exe
[2009/05/20 15:55:50 | 00,001,912 | ---- | C] () -- C:\Users\Jessica\Desktop\HijackThis.lnk
[2009/05/20 15:55:49 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/05/20 15:55:13 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jessica\Desktop\HJTInstall.exe
[2009/05/16 00:25:38 | 00,126,768 | ---- | C] () -- C:\Users\Jessica\Desktop\mms.wav
[2009/05/15 12:36:28 | 00,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2009/05/15 11:28:16 | 00,000,000 | ---D | C] -- C:\Users\Jessica\Documents\RCT3
[2009/05/15 11:28:16 | 00,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Atari
[2009/05/15 11:13:17 | 00,001,957 | ---- | C] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon® 3.lnk
[2009/05/15 11:11:29 | 00,000,000 | ---D | C] -- C:\Users\Jessica\AppData\Roaming\Leadertech
[2009/05/15 11:11:24 | 00,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2009/05/15 11:11:24 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PocketSoft
[2009/05/15 11:07:37 | 00,000,000 | ---D | C] -- C:\Program Files\Atari
[2009/05/14 11:06:56 | 00,000,122 | ---- | C] () -- C:\Windows\WA.INI
[2009/05/14 11:04:17 | 00,001,698 | ---- | C] () -- C:\Users\Jessica\Desktop\Worms Armageddon.lnk
[2009/05/14 11:04:02 | 01,594,558 | ---- | C] () -- C:\Windows\WANEUninstaller.exe
[2009/05/14 10:59:21 | 00,000,000 | ---D | C] -- C:\Games
[2009/05/14 09:54:28 | 00,251,930 | ---- | C] ( ) -- C:\Windows\System32\winreger.exe
[2009/05/08 14:29:21 | 00,016,384 | ---- | C] () -- C:\Users\Jessica\Desktop\Jessica Resume through state agency.doc
[2009/04/29 23:03:43 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/04/29 23:03:20 | 15,669,6397 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/04/29 16:14:03 | 00,028,544 | ---- | C] (Panda Security, S.L.) -- C:\Windows\System32\drivers\pavboot.sys
[2009/04/29 16:13:59 | 00,000,000 | ---D | C] -- C:\Program Files\Panda Security
[2009/04/29 09:07:27 | 00,102,664 | ---- | C] (Trend Micro Inc.) -- C:\Windows\System32\drivers\tmcomm.sys
[2009/04/26 18:21:27 | 21,198,56128 | -HS- | C] () -- C:\hiberfil.sys
[2009/04/26 15:41:02 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/04/26 15:41:01 | 00,000,000 | ---D | C] -- C:\ProgramData\avg8
[2009/04/26 15:39:52 | 63,049,904 | ---- | C] (AVG Technologies) -- C:\Users\Jessica\Desktop\avg_free_stf_en_85_285a1462.exe
[2009/04/26 15:19:52 | 16,438,680 | ---- | C] () -- C:\Users\Jessica\Desktop\jre-6u13-windows-i586-p-s.exe
[2009/04/26 13:04:46 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2009/04/26 12:32:24 | 00,000,000 | R--D | C] -- C:\Users\Jessica\Desktop\Favorites
[2008/10/15 21:48:23 | 00,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/09/07 18:04:13 | 00,001,361 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2008/07/21 19:42:32 | 00,042,320 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2008/06/23 13:47:06 | 00,042,112 | ---- | C] () -- C:\Windows\System32\drivers\csiidecoder_kern_i386.sys
[2008/06/23 13:47:05 | 00,047,360 | ---- | C] () -- C:\Windows\System32\drivers\Surroundhp_kern_i386.sys
[2008/06/23 13:47:05 | 00,047,104 | ---- | C] () -- C:\Windows\System32\drivers\tshd4_kern_i386.sys
[2008/06/23 13:47:05 | 00,039,808 | ---- | C] () -- C:\Windows\System32\drivers\SRS_SSCFilter_i386.sys
[2008/05/30 12:22:22 | 03,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/05/30 12:18:56 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dtu100.dll.manifest
[2008/05/30 12:18:56 | 00,000,416 | ---- | C] () -- C:\Windows\System32\dpl100.dll.manifest
[2008/05/30 12:18:00 | 00,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2008/05/23 16:38:31 | 00,147,192 | ---- | C] () -- C:\Windows\System32\guard32.dll
[2008/04/22 09:06:04 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/04/22 08:26:01 | 00,685,816 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008/04/15 15:33:37 | 00,001,125 | ---- | C] () -- C:\Windows\Winamp.ini
[2008/04/15 15:33:31 | 00,000,041 | ---- | C] () -- C:\Windows\winampa.ini
[2008/01/22 00:25:55 | 00,000,060 | ---- | C] () -- C:\Windows\Crypkey.ini
[2008/01/22 00:25:52 | 00,024,608 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2008/01/22 00:25:52 | 00,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2008/01/22 00:19:38 | 00,296,448 | ---- | C] () -- C:\Windows\Xenofex.ini
[2008/01/22 00:16:40 | 00,000,110 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2008/01/22 00:02:37 | 00,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/01/21 19:18:14 | 00,000,234 | ---- | C] () -- C:\Windows\Lexstat.ini
[2008/01/21 19:14:07 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxczinpa.dll
[2008/01/21 19:14:07 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcziesc.dll
[2008/01/21 19:14:07 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCZhcp.dll
[2008/01/21 19:14:07 | 00,274,432 | ---- | C] () -- C:\Windows\System32\LXCZinst.dll
[2008/01/21 19:14:06 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxczserv.dll
[2008/01/21 19:14:06 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxczusb1.dll
[2008/01/21 19:14:06 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxczpmui.dll
[2008/01/21 19:14:06 | 00,413,696 | ---- | C] () -- C:\Windows\System32\lxczutil.dll
[2008/01/21 19:14:06 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxczprox.dll
[2008/01/21 19:14:06 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxczpplc.dll
[2008/01/21 19:14:05 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxczhbn3.dll
[2008/01/21 19:14:05 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxczlmpm.dll
[2008/01/21 19:14:04 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxczcomm.dll
[2008/01/21 19:14:03 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxczcomc.dll
[2008/01/11 18:43:44 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1283.dll
[2008/01/11 18:43:44 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008/01/11 18:43:41 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/02/07 21:58:12 | 00,039,899 | ---- | C] () -- C:\Windows\System32\rtsicis.ini
[2007/01/22 12:49:34 | 00,344,064 | ---- | C] () -- C:\Windows\System32\lxczcoin.dll
[2006/12/12 14:13:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2006/12/12 13:48:16 | 00,467,264 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2006/12/12 13:02:50 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:23:31 | 00,000,265 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 05:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/06/07 17:23:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv7.dll
[2006/03/27 15:19:14 | 00,040,960 | ---- | C] () -- C:\Windows\System32\lxczvs.dll
[2006/03/07 15:59:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv6.dll
[2006/01/10 21:11:06 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv5.dll
[2006/01/10 21:11:06 | 00,061,440 | ---- | C] () -- C:\Windows\System32\lxczcnv4.dll
[2004/02/19 00:12:00 | 00,299,776 | ---- | C] () -- C:\Windows\System32\drivers\snpstd.sys
[2004/02/16 03:15:00 | 00,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
[2004/01/28 02:59:00 | 00,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll
[2003/12/09 23:17:00 | 00,057,344 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll
[2003/10/21 18:40:00 | 00,053,248 | ---- | C] () -- C:\Windows\System32\dsnpstd.dll
[2003/01/07 17:05:08 | 00,002,695 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
========== Files - Modified Within 30 Days ==========
[1 C:\Windows\*.tmp files]
[2009/05/23 08:37:11 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/05/23 08:37:11 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/05/22 23:52:13 | 00,000,530 | ---- | M] () -- C:\Users\Jessica\Documents\My Sharing Folders.lnk
[2009/05/22 20:42:01 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/22 20:42:01 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/22 20:42:01 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/22 20:40:01 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/05/22 20:37:24 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/05/22 20:37:02 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/05/22 20:36:28 | 21,198,56128 | -HS- | M] () -- C:\hiberfil.sys
[2009/05/22 12:51:33 | 00,000,004 | ---- | M] () -- C:\Windows\System32\gxvxccounter
[2009/05/22 12:50:34 | 00,001,887 | ---- | M] () -- C:\Users\Public\Desktop\avast! Antivirus.lnk
[2009/05/22 12:50:25 | 00,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2009/05/22 12:49:24 | 34,346,616 | ---- | M] () -- C:\Users\Jessica\Desktop\setupeng.exe
[2009/05/22 12:15:34 | 00,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{61DAC4E2-C802-4C4B-810A-D4A37892152D}.job
[2009/05/20 16:04:46 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Jessica\Desktop\erunt_setup.exe
[2009/05/20 16:04:16 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Jessica\Desktop\SysRestorePoint.exe
[2009/05/20 15:55:50 | 00,001,912 | ---- | M] () -- C:\Users\Jessica\Desktop\HijackThis.lnk
[2009/05/20 15:55:16 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jessica\Desktop\HJTInstall.exe
[2009/05/20 15:40:40 | 00,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2009/05/16 00:25:53 | 00,126,768 | ---- | M] () -- C:\Users\Jessica\Desktop\mms.wav
[2009/05/15 11:22:56 | 00,001,957 | ---- | M] () -- C:\Users\Public\Desktop\RollerCoaster Tycoon® 3.lnk
[2009/05/14 11:15:55 | 00,000,122 | ---- | M] () -- C:\Windows\WA.INI
[2009/05/14 11:04:20 | 01,594,558 | ---- | M] () -- C:\Windows\WANEUninstaller.exe
[2009/05/14 11:04:17 | 00,001,698 | ---- | M] () -- C:\Users\Jessica\Desktop\Worms Armageddon.lnk
[2009/05/14 09:55:23 | 00,251,930 | ---- | M] ( ) -- C:\Windows\System32\winreger.exe
[2009/05/12 23:09:02 | 15,669,6397 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/05/08 14:29:32 | 00,016,384 | ---- | M] () -- C:\Users\Jessica\Desktop\Jessica Resume through state agency.doc
[2009/04/26 15:39:52 | 63,049,904 | ---- | M] (AVG Technologies) -- C:\Users\Jessica\Desktop\avg_free_stf_en_85_285a1462.exe
[2009/04/26 15:19:52 | 16,438,680 | ---- | M] () -- C:\Users\Jessica\Desktop\jre-6u13-windows-i586-p-s.exe
< End of report >
OT List Extras File;
OTListIt Extras logfile created on: 5/23/2009 10:32:34 AM - Run 1
OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\Jessica\Desktop\For Matthew
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.97 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.44% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 4090 4095 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.19 Gb Total Space | 35.64 Gb Free Space | 15.97% Space Free | Partition Type: NTFS
Drive D: | 9.70 Gb Total Space | 4.10 Gb Free Space | 42.28% Space Free | Partition Type: NTFS
Unable to calculate disk information.
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: JESSICA-PC
Current User Name: Jessica
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Output = Minimal
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
Reg Error: Unknown registry data type File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1909851182-3047326298-2530056749-1000]
"EnableNotifications" = 1
"EnableNotificationsRef" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"DisableNotifications" = 0
"EnableFirewall" = 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications" = 0
"EnableFirewall" = 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"DisableNotifications" = 0
"EnableFirewall" = 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
{03FE0366-AE31-457D-9BEF-75E31711EE85} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{06C34F9F-1AF1-4154-85E2-B9C6A6AAEEDA} = RPORT=2177 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-31265 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{0CB07013-025B-44D3-90B1-6DF34564DE34} = LPORT=139 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28503 | APP=SYSTEM |
{1207516C-8472-4E61-8918-D48D0658911D} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32811 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{18FBBDF2-BDEE-491D-B7EA-242EFF4D1794} = RPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32757 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{1D45D392-4A81-456C-AB26-1F986C0C87B6} = LPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32801 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{2B12EA85-4495-4FEB-9DF9-06A9E5BCF269} = RPORT=137 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28523 | APP=SYSTEM |
{2E12C8C0-AF03-472B-9184-A882F9641E54} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (UPNP-IN) | APP=SYSTEM |
{32DF894D-4FD2-43C1-A86C-BD7E7F7D2B30} = RPORT=10243 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-31289 | APP=SYSTEM |
{348CA9B6-4ABC-41E3-B1F3-2EAA629E270C} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32809 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{3B1C2B52-DFC9-4832-886A-CBE925E05319} = RPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32789 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{56656FB3-C162-477E-AE29-8BBA7E491156} = RPORT=139 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28507 | APP=SYSTEM |
{59ADE5F6-028D-48A6-95DB-316048028567} = LPORT=1900 | PROFILE=DOMAIN | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-31269 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{7287F0E3-413C-4466-8DE4-46BF2AFF528D} = LPORT=137 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28519 | APP=SYSTEM |
{771325E7-866F-493A-9C8D-9FBE342FF38A} = LPORT=2869 | PROFILE=DOMAIN | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-31277 | APP=SYSTEM |
{785B1ED0-1B03-47D4-A70C-FE18FE0B16E8} = LPORT=1900 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32753 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{91E5C5F7-D9FC-4CD8-AE48-EAA784FE5B80} = LPORT=2869 | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER 8.1 (UPNP-IN) | APP=SYSTEM |
{93211440-7DD8-4533-9E0C-8359A46E7E56} = LPORT=2177 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-31253 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{9A4083B5-FFF8-4E0C-B284-7A61EF43582B} = LPORT=RPC-EPMAP | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28539 | SVC=RPCSS |
{A5D485BF-3C30-4835-B209-690EA0CC0C50} = LPORT=138 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-28527 | APP=SYSTEM |
{A8CC054F-1D89-40CA-AC32-1AF8C6D08E1F} = RPORT=2177 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-31257 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{ACDB113B-C3E1-4959-A780-1165ECBF4C47} = RPORT=1900 | PROFILE=DOMAIN | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-31273 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{BE5B7DB9-1DA7-4E4D-949C-C98188DD0AEE} = LPORT=10243 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-31285 | APP=SYSTEM |
{D0F5E55B-C268-49AF-B670-DFA6B1973B3D} = LPORT=3702 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-32785 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDPHOST |
{D3A17D26-3B47-4E14-B8C2-38237B0F11B7} = LPORT=1900 | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER 8.1 (SSDP-IN) | APP=SVCHOST.EXE | SVC=SSDPSRV |
{D95B32C8-6766-46FC-A3F4-67619F45134D} = LPORT=RPC | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28535 | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{DC6DD825-4405-4F2D-A5CD-1EA1E5E57A83} = RPORT=445 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-28515 | APP=SYSTEM |
{DE330A80-D926-4C9B-B054-B70F2A6D6C2A} = RPORT=138 | PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-28531 | APP=SYSTEM |
{EA045F37-45E7-4D59-BE67-0BA4071F8B61} = LPORT=2177 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-31261 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{EB3C8A9E-6E5A-4BDF-8679-822F3F0D6002} = RPORT=5355 | PROFILE=PUBLIC | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-32805 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=DNSCACHE |
{F1A39444-D73E-47F8-BA63-FB7B8B10AB8B} = LPORT=445 | PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-28511 | APP=SYSTEM |
========== Vista Active Application Exception List ==========
{014EF3A2-D108-44BE-9234-FD1534BA0444} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=YAHOO! FT SERVER | APP=C:\PROGRAM FILES\YAHOO!\MESSENGER\YSERVER.EXE |
{1055A7BC-CB94-4926-94E3-20C14F9A8CB7} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-31297 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{178F357E-39B1-4A8F-BD28-89AEF705C721} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{200D5BC4-78C1-49B6-B713-B144D81159EB} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=AVG FREE TRAY ICON | APP=C:\PROGRAM FILES\AVG\AVG8\AVGTRAY.EXE |
{211424E8-F20F-41DC-AED8-0121B83639CA} = PROFILE=PRIVATE | PROTOCOL=1 | DIR=OUT | ACTION=ALLOW | [email protected],-28544 |
{2B4EB75E-9838-41C8-A2FD-0E492B53ECBF} = PROFILE=PRIVATE | PROTOCOL=1 | DIR=IN | ACTION=ALLOW | [email protected],-28543 |
{3087A524-88AB-4854-9651-0FBECC503857} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{34FACE7D-F855-45E3-8251-C610A74DB796} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-31301 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{3E713F7A-D8C0-4DF0-BADB-2E8A8C591F37} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{43E19029-B0B4-4C90-96A9-D6804D752470} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-31317 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{44610A2B-F3B9-4224-A77D-D69AB67306F9} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=AIM | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
{464C5716-0BDA-40A4-BAB9-F8F76117E588} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{48AB0A26-E7FE-49A5-814A-BE5A2CC05A2C} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER (PHONE) | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\LIVECALL.EXE |
{49F56ABB-6CFD-428B-B54B-EBC72EDF1EF9} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=YAHOO! MESSENGER | APP=C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE |
{4A8633F7-0FA2-46C0-A170-BF588152AE01} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER 8.1 (PHONE) | APP=C:\PROGRAM FILES\MSN MESSENGER\LIVECALL.EXE |
{4BA3C50A-9244-4314-B0F1-FFEB00EA2A3B} = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{58751106-16FB-4983-BE7F-E49F44D6A71A} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=SFRAME.EXE | APP=C:\PROGRAM FILES\GALA-NET\RAPPELZ_USA\SFRAME.EXE |
{59252EB9-5883-47C8-B017-303F8D6985EA} = PROFILE=PUBLIC | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-32821 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{6331189E-33D7-4890-B49C-4DC26B5D821E} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-31305 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{6C93DF84-EE14-497B-BCCC-FDD380CF1C9A} = PROFILE=DOMAIN | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-31011 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{6F6343A6-1B1B-46A9-89CD-DFCBE7D3D29E} = PROFILE=DOMAIN | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-31007 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{79E328F3-9229-4559-BA24-779255225DC7} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=PRINTER STATUS WINDOW | APP=C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\LXCZPSWX.EXE |
{80A88B6C-A2E4-4037-BC89-6DF3DF788BF0} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=BONJOUR | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{80F90BAB-2445-461F-9B96-D99F19517D35} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=YAHOO! FT SERVER | APP=C:\PROGRAM FILES\YAHOO!\MESSENGER\YSERVER.EXE |
{86AD3969-7B84-4CE4-8F16-896C700F6A66} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=LEXMARK COMMUNICATIONS SYSTEM | APP=C:\WINDOWS\SYSTEM32\LXCZCOMS.EXE |
{86F61309-651A-4054-944A-9E699AA83734} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=YAHOO! MESSENGER | APP=C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE |
{8753D70F-ECEC-425A-9ADE-543A2374E5B9} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | [email protected],-31313 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{9AF8876B-0CC0-47D9-A8CD-875185076025} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=OUT | ACTION=ALLOW | [email protected],-31309 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPNETWK.EXE |
{9CA7F36F-3307-445E-BA48-EF642C3C23B9} = PROFILE=DOMAIN | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-31281 | APP=SYSTEM |
{A636D5FA-F2E3-4A70-A068-B3340B2A8F60} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=AVG FREE USER INTERFACE | APP=C:\PROGRAM FILES\AVG\AVG8\AVGUI.EXE |
{A6E51E16-FD32-4726-94A5-2DF1210EF076} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=ΜTORRENT | APP=C:\PROGRAM FILES\UTORRENT\UTORRENT.EXE |
{B118EBE1-C30F-45C4-B6E5-21C927DC1704} = DIR=IN | ACTION=ALLOW | NAME=SKYPE | APP=C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE |
{B1485068-1A24-4F22-83AF-AC4A5DF4B8E8} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=AVG FREE TRAY ICON | APP=C:\PROGRAM FILES\AVG\AVG8\AVGTRAY.EXE |
{B2484DAE-076E-412E-A566-CCBFBFA33D7F} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=AIM | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
{B34076CC-76B7-42CF-8506-0388E7F5B22A} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=SFRAME.EXE | APP=C:\PROGRAM FILES\GALA-NET\RAPPELZ_USA\SFRAME.EXE |
{BBA13FA1-CFBE-433E-9675-1B695EC522B3} = PROFILE=DOMAIN | PROTOCOL=6 | DIR=OUT | ACTION=ALLOW | [email protected],-31321 | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{C83BF059-10A7-464A-A72C-578FDAAFAA0F} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=LEXMARK COMMUNICATIONS SYSTEM | APP=C:\WINDOWS\SYSTEM32\LXCZCOMS.EXE |
{C9F06B70-8338-4E95-9ABD-468E6C7E50F1} = DIR=IN | ACTION=ALLOW | NAME=MYSPACEIM | APP=C:\PROGRAM FILES\MYSPACE\IM\MYSPACEIM.EXE |
{CC8E9169-1F45-4E97-82A8-4454F0C21EFE} = PROFILE=PRIVATE | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-31293 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
{D14424A9-885F-4A78-A006-ABE7E18ECB8A} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=PRINTER STATUS WINDOW | APP=C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\LXCZPSWX.EXE |
{DA13ABC8-C722-4723-8F95-51C8B1D4DAF0} = PROFILE=PRIVATE | PROTOCOL=58 | DIR=OUT | ACTION=ALLOW | [email protected],-28546 |
{E98612D2-D3AF-49AC-BF43-ADD900FAFC6B} = DIR=IN | ACTION=ALLOW | NAME=WINDOWS LIVE MESSENGER 8.1 | APP=C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE |
{EBC8DBE4-56C2-42C1-9F0D-0AD38D559CFE} = PROFILE=PRIVATE | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=AVG FREE USER INTERFACE | APP=C:\PROGRAM FILES\AVG\AVG8\AVGUI.EXE |
{EBF2E8E9-0F54-4F9D-8C7B-A6D79253EE66} = PROFILE=PRIVATE | PROTOCOL=58 | DIR=IN | ACTION=ALLOW | [email protected],-28545 |
{F4BFC284-3903-4B9A-BBAF-53C81D597D37} = PROFILE=DOMAIN | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | [email protected],-31003 | APP=%PROGRAMFILES%\WINDOWS MEDIA PLAYER\WMPLAYER.EXE |
TCP Query User{02D2FBBD-E748-4302-8C98-3AF9F078C8C1}C:\program files\aim6\aim6.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=AIM | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
TCP Query User{C4967F1F-70C0-44BB-A8EC-069F3759D1F7}C:\program files\yahoo!\messenger\yahoomessenger.exe = PROFILE=PUBLIC | PROTOCOL=6 | DIR=IN | ACTION=ALLOW | NAME=YAHOO! MESSENGER | APP=C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE |
UDP Query User{97DA3600-167F-414E-BBC8-13764EC1368A}C:\program files\yahoo!\messenger\yahoomessenger.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=YAHOO! MESSENGER | APP=C:\PROGRAM FILES\YAHOO!\MESSENGER\YAHOOMESSENGER.EXE |
UDP Query User{C92A5E69-D894-462B-9CFF-348E83D68271}C:\program files\aim6\aim6.exe = PROFILE=PUBLIC | PROTOCOL=17 | DIR=IN | ACTION=ALLOW | NAME=AIM | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0F947884-527C-4D84-A1FA-B83F53CD3AF6}" = Gateway Connect
"{14FCAB34-70BD-49BF-BC23-C2E8954F3CBE}" = Comodo Safe Surf
"{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}" = QuickTime
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1A15507A-8551-4626-915D-3D5FA095CC1B}" = Corel Paint Shop Pro X
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java SE Runtime Environment 6 Update 1
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{44734179-8A79-4DEE-BB08-73037F065543}" = Apple Mobile Device Support
"{508CE775-4BA4-4748-82DF-FE28DA9F03B0}" = Windows Live Messenger
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{66D171AA-670F-4309-9C74-5BA7F7DBA0B3}" = Roxio Media Manager
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 ESD
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{907B4640-266B-4A21-92FB-CD1A86CD0F63}" = RollerCoaster Tycoon® 3
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{98605CAA-5F52-44EC-8AF7-2EC1A4C35F2D}" = BlackBerry Desktop Software 4.2.2
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}" = Spare Backup
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}" = Apple Software Update
"{C3CBE4AD-CC84-484F-8E44-CFB303BFDA4D}" = SRS Audio Sandbox
"{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}" = Rappelz_USA
"{EA926717-CE5A-4CB4-AB21-9E6E9565A458}" = RCT3 Soaked
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F855C3AE-992D-4B84-A09D-07103CDCDAC2}" = Linksys Compact Wireless-G USB Adapter Driver - WUSB54GC
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"Advanced IP Scanner v1.5" = Advanced IP Scanner v1.5
"AIM_6" = AIM 6
"avast!" = avast! Antivirus
"BlackBerry_{98605CAA-5F52-44EC-8AF7-2EC1A4C35F2D}" = BlackBerry Desktop Software 4.2.2
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2008-01-24
"COMODO Firewall Pro" = COMODO Firewall Pro
"D-Link CIF Webcam" = D-Link CIF Webcam
"DyynoPlayer" = DyynoPlayer 0.8.6f
"ERUNT_is1" = ERUNT 1.1j
"Eye Candy 4000" = Eye Candy 4000
"EyeCandy5Textures" = Alien Skin Eye Candy 5 Textures
"Filters Unlimited 1.0" = Filters Unlimited 1.0
"Google Updater" = Google Updater
"HDMI" = Intel® Graphics Media Accelerator Driver
"HECI" = Intel® Management Engine Interface
"HijackThis" = HijackThis 2.0.2
"KPT 6" = KPT 6
"Lexmark 1200 Series" = Lexmark 1200 Series
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft DirectX SDK (August 2008)" = Microsoft DirectX SDK (August 2008)
"MySpaceIM" = MySpaceIM
"MySpaceToolbar" = MySpace Toolbar
"PokerStars" = PokerStars
"PROSet" = Intel® PRO Network Connections Drivers
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6f
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinRAR archiver" = WinRAR archiver
"Worms Armageddon - New Edition" = Worms Armageddon - New Edition
"Xenofex 1.0" = Xenofex 1.0
"Yahoo! Messenger" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Absolute Poker" = Absolute Poker
"uTorrent" = µTorrent
"Yahoo! Messenger for Vista" = Yahoo! Messenger for Vista
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 5/15/2009 12:17:24 PM | Computer Name = Jessica-PC | Source = System Restore | ID = 8193
Description =
Error - 5/15/2009 2:54:06 PM | Computer Name = Jessica-PC | Source = SPP | ID = 16387
Description =
Error - 5/15/2009 2:54:07 PM | Computer Name = Jessica-PC | Source = System Restore | ID = 8193
Description =
Error - 5/15/2009 2:54:07 PM | Computer Name = Jessica-PC | Source = System Restore | ID = 8210
Description =
Error - 5/17/2009 2:18:43 AM | Computer Name = Jessica-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18226, time stamp
0x49ac95d6, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x0021351b, process id 0xd70, application
start time 0x01c9d4d63476932f.
Error - 5/17/2009 3:25:37 AM | Computer Name = Jessica-PC | Source = Application Hang | ID = 1002
Description = The program RCT3plus.exe version 3.2.8.13 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1408 Start Time: 01c9d5d17df64602 Termination Time: 62
Error - 5/17/2009 11:55:09 AM | Computer Name = Jessica-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6001.18226, time stamp
0x49ac95d6, faulting module Flash10a.ocx, version 10.0.12.36, time stamp 0x48e83175,
exception code 0xc0000005, fault offset 0x000ad6a3, process id 0x8fc, application
start time 0x01c9d704d0fa5b14.
Error - 5/17/2009 1:38:31 PM | Computer Name = Jessica-PC | Source = SPP | ID = 16387
Description =
Error - 5/17/2009 1:38:31 PM | Computer Name = Jessica-PC | Source = System Restore | ID = 8193
Description =
Error - 5/17/2009 1:38:31 PM | Computer Name = Jessica-PC | Source = System Restore | ID = 8210
Description =
[ Media Center Events ]
Error - 2/1/2008 4:45:37 PM | Computer Name = Jessica-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/24/2008 9:35:40 PM | Computer Name = Jessica-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/1/2008 4:39:06 PM | Computer Name = Jessica-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 8/28/2008 8:59:50 AM | Computer Name = Jessica-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/20/2009 9:31:25 PM | Computer Name = Jessica-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/3/2009 5:25:50 PM | Computer Name = Jessica-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 11/22/2008 8:17:56 AM | Computer Name = Jessica-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 11/22/2008 8:25:19 AM | Computer Name = Jessica-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 11/22/2008 6:21:32 PM | Computer Name = Jessica-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 11/24/2008 2:34:05 PM | Computer Name = Jessica-PC | Source = DCOM | ID = 10010
Description =
Error - 11/24/2008 2:36:07 PM | Computer Name = Jessica-PC | Source = HTTP | ID = 15016
Description =
Error - 11/24/2008 5:52:41 PM | Computer Name = Jessica-PC | Source = HTTP | ID = 15016
Description =
Error - 11/24/2008 9:22:38 PM | Computer Name = Jessica-PC | Source = HTTP | ID = 15016
Description =
Error - 11/25/2008 10:35:20 PM | Computer Name = Jessica-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:32:30 PM on 11/25/2008 was unexpected.
Error - 11/25/2008 10:35:29 PM | Computer Name = Jessica-PC | Source = HTTP | ID = 15016
Description =
Error - 11/26/2008 3:22:31 AM | Computer Name = Jessica-PC | Source = Service Control Manager | ID = 7031
Description =
< End of report >
I'll check back often, knows everyone's busy and has lives. Also, if ther's not actual information listed above, it does not mean I did not run the program listed, or take the step I was told to, it only means that I did not get an error while running the program. - Thank you again. Please let me know if there's anything else I can do.