Hello. I am running an HP Pavilion dv6000 laptop running Windows Vista. Last night, I began experiencing failure in my different browsers. They'd stop working. Soon enough, my MSN messenger and other internet programs quit connecting to the internet. I called my ISP tech support line and, considering my other laptop was working and after some modem testing, they explained that this was most likely a worn out wireless adapter in my laptop.
Another issue I found is if I reboot my system or shut it down in normal Windows, it leads to a blue screen. Unfortunately, the text is extremely blurry on the blue screen but I can see the loader dumping the physical data or what not.
However...I am able to run out of safe mode and use any internet application, so I'm assuming that they were wrong. I started snooping around for my issue and promptly used Revo Uninstaller to delete my Norton and Trend programs, as they might've been blocking my browser access. This was to no avail. I then found out about hijack this and this forum, so I am wondering where I should go from here.
Please help!
MBAM Log:
Malwarebytes' Anti-Malware 1.37
Database version: 2225
Windows 6.0.6000
6/5/2009 12:41:54 AM
mbam-log-2009-06-05 (00-41-53).txt
Scan type: Quick Scan
Objects scanned: 88740
Time elapsed: 3 minute(s), 35 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
Rooter Log
Microsoft Windows Vista Home Edition (6.0.6000)
C:\ [Fixed] - NTFS - (Total:144231 Mo/Free:1345 Mo)
D:\ [Fixed] - NTFS - (Total:8393 Mo/Free:1765 Mo)
E:\ [CD-Rom] (Total:0 Mo/Free:0 Mo)
Fri 06/05/2009| 0:44
----------------------\\ Processes..
--Locked-- [System Process]
--Locked-- System
---------- \SystemRoot\System32\smss.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\csrss.exe
---------- C:\Windows\system32\wininit.exe
---------- C:\Windows\system32\winlogon.exe
---------- C:\Windows\system32\services.exe
---------- C:\Windows\system32\lsass.exe
---------- C:\Windows\system32\lsm.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\System32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\system32\svchost.exe
---------- C:\Windows\Explorer.EXE
---------- C:\Windows\system32\svchost.exe
---------- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
---------- C:\Windows\system32\wbem\unsecapp.exe
---------- C:\Windows\system32\wbem\wmiprvse.exe
---------- C:\Program Files\Windows Media Player\wmpnscfg.exe
---------- C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
---------- C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
---------- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
---------- C:\Windows\notepad.exe
---------- C:\Windows\notepad.exe
---------- C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
---------- C:\Windows\system32\cmd.exe
---------- C:\Rooter$\RK.exe
----------------------\\ Search..
----------------------\\ ROOTKIT !!
----------------------\\ Cracks & Keygens..
C:\Users\Owner\Desktop\Defcon Crack.rar
1 - "C:\Rooter$\Rooter_1.txt" - Fri 06/05/2009| 0:35
2 - "C:\Rooter$\Rooter_2.txt" - Fri 06/05/2009| 0:45
----------------------\\ Scan completed at 0:45
OTL Log
OTL logfile created on: 6/5/2009 12:33:05 AM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Users\Owner\Documents\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16830)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 71.21% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.85 Gb Total Space | 65.32 Gb Free Space | 46.38% Space Free | Partition Type: NTFS
Drive D: | 8.20 Gb Total Space | 1.72 Gb Free Space | 21.03% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MYLAPTOP
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== Processes (SafeList) ==========
PRC - [2008/10/29 01:20:29 | 02,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2007/07/20 00:54:28 | 03,564,344 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
PRC - [2006/11/02 04:45:50 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\unsecapp.exe
PRC - [2009/03/02 20:59:26 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wbem\wmiprvse.exe
PRC - [2006/11/02 07:36:04 | 00,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2009/05/07 13:33:21 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/05/07 13:33:21 | 00,766,960 | ---- | M] (Google Inc.) -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/06/05 00:32:27 | 00,501,760 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Documents\Downloads\OTL.exe
========== Win32 Services (SafeList) ==========
SRV - [2008/11/07 15:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Stopped])
SRV - [2008/08/29 10:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Stopped])
SRV - [2007/03/28 19:45:34 | 00,270,431 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe -- (CLCapSvc [Auto | Stopped])
SRV - [2006/11/02 01:34:11 | 00,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2007/03/28 19:45:38 | 00,118,877 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe -- (CLSched [Disabled | Stopped])
SRV - [2007/01/09 16:55:34 | 00,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb [Disabled | Stopped])
SRV - [2006/11/02 07:35:28 | 00,291,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 07:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2006/11/02 07:36:00 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2009/03/24 02:29:38 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [Auto | Stopped])
SRV - [2007/03/14 14:07:30 | 00,062,984 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service [Disabled | Stopped])
SRV - [2006/05/02 16:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex [Disabled | Stopped])
SRV - [2004/10/22 04:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2006/11/02 07:36:02 | 00,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/11/20 14:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Stopped])
SRV - [2006/11/02 04:46:05 | 00,017,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\irmon.dll -- (Irmon [Auto | Stopped])
SRV - [2006/12/14 19:49:10 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Disabled | Stopped])
SRV - [2006/11/02 07:36:02 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2007/08/24 03:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 16:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008/07/23 13:54:10 | 00,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2 [Auto | Stopped])
SRV - [2007/02/12 11:36:58 | 00,880,640 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9 [Disabled | Stopped])
SRV - [2007/02/17 09:31:12 | 00,074,656 | R--- | M] (MicroVision Development, Inc.) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr [Disabled | Stopped])
SRV - [2007/03/29 15:59:42 | 00,176,128 | ---- | M] (Starz Entertainment Group LLC) -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service [Disabled | Stopped])
SRV - [2007/07/20 00:54:28 | 03,564,344 | ---- | M] (Webroot Software, Inc.) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe -- (WebrootSpySweeperService [Auto | Running])
SRV - [2007/09/21 08:38:06 | 00,265,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2006/11/02 07:36:04 | 00,895,488 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006/08/05 04:39:20 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.exe -- (XAudioService [Disabled | Stopped])
========== Driver Services (SafeList) ==========
DRV - [2006/11/02 04:51:38 | 00,420,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])
DRV - [2006/11/02 04:51:32 | 00,297,576 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])
DRV - [2006/11/02 04:51:00 | 00,147,048 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])
DRV - [2006/11/02 04:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])
DRV - [2006/11/02 04:49:20 | 00,014,952 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])
DRV - [2007/09/09 02:56:38 | 00,007,168 | ---- | M] () -- C:\Program Files\ArtMoney\artmoney.sys -- (ampro [Auto | Stopped])
DRV - [2006/11/02 04:50:09 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])
DRV - [2006/11/02 04:50:10 | 00,067,688 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])
DRV - [2007/01/03 10:43:12 | 00,534,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\system32\DRIVERS\bcmwl6.sys -- (BCM43XV [On_Demand | Stopped])
DRV - [2007/01/03 10:43:12 | 00,534,016 | ---- | M] (Broadcom Corporation) -- C:\Windows\system32\DRIVERS\bcmwl6.sys -- (BCM43XX [On_Demand | Running])
DRV - [2006/11/02 03:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])
DRV - [2006/11/02 03:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])
DRV - [2006/11/02 03:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])
DRV - [2006/11/02 03:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])
DRV - [2006/11/02 03:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])
DRV - [2006/11/02 03:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])
DRV - [2006/11/02 04:49:28 | 00,016,488 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])
DRV - [2006/11/02 02:30:54 | 00,163,328 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\e100b325.sys -- (E100B [On_Demand | Stopped])
DRV - [2006/11/02 02:30:54 | 00,117,760 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])
DRV - [2006/11/30 12:24:58 | 00,008,192 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\system32\DRIVERS\eabfiltr.sys -- (eabfiltr [System | Stopped])
DRV - [2006/11/02 04:51:34 | 00,316,520 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])
DRV - [2008/04/17 13:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])
DRV - [2006/06/28 11:54:00 | 00,009,472 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\system32\DRIVERS\cpqbttn.sys -- (HBtnKey [On_Demand | Running])
DRV - [2007/02/22 11:24:48 | 00,159,232 | ---- | M] (Conexant Systems Inc.) -- C:\Windows\system32\drivers\CHDART.sys -- (HdAudAddService [On_Demand | Stopped])
DRV - [2006/11/02 04:50:10 | 00,037,480 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])
DRV - [2006/11/02 02:41:49 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])
DRV - [2006/10/18 22:09:26 | 00,986,624 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Stopped])
DRV - [2006/10/18 22:08:14 | 00,206,848 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Stopped])
DRV - [2006/10/18 21:10:57 | 01,380,864 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\igdkmd32.sys -- (ialm [On_Demand | Stopped])
DRV - [2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])
DRV - [2006/11/02 04:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])
DRV - [2006/11/02 04:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])
DRV - [2006/11/02 04:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])
DRV - [2006/11/02 04:50:04 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])
DRV - [2006/11/02 04:50:05 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])
DRV - [2006/11/02 04:50:10 | 00,065,640 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])
DRV - [2007/09/22 00:00:22 | 00,008,413 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\drivers\mcstrm.sys -- (MCSTRM [Auto | Stopped])
DRV - [2006/06/20 01:26:58 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Stopped])
DRV - [2006/11/02 04:49:53 | 00,028,776 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])
DRV - [2006/11/02 04:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])
DRV - [2006/11/02 04:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])
DRV - [2008/02/01 15:17:12 | 00,138,112 | ---- | M] (Nokia) -- C:\Windows\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu [On_Demand | Stopped])
DRV - [2008/02/01 15:17:06 | 00,008,320 | ---- | M] (Nokia) -- C:\Windows\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc [On_Demand | Stopped])
DRV - [2006/11/02 02:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])
DRV - [2006/11/02 02:30:56 | 00,429,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvm60x32.sys -- (NVENETFD [On_Demand | Running])
DRV - [2007/02/28 13:26:00 | 04,465,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvlddmkm.sys -- (nvlddmkm [On_Demand | Stopped])
DRV - [2006/11/02 04:50:24 | 00,088,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])
DRV - [2007/02/16 03:50:32 | 00,012,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvsmu.sys -- (nvsmu [On_Demand | Running])
DRV - [2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])
DRV - [2006/12/22 16:28:56 | 00,100,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32 [Boot | Running])
DRV - [2007/02/02 05:00:00 | 00,043,528 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [Boot | Running])
DRV - [2006/11/02 04:51:45 | 00,900,712 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])
DRV - [2006/11/02 04:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])
DRV - [2006/11/15 12:16:24 | 00,032,256 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rimmptsk.sys -- (rimmptsk [Auto | Running])
DRV - [2006/11/15 07:42:46 | 00,043,520 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rimsptsk.sys -- (rimsptsk [Auto | Running])
DRV - [2007/05/31 13:39:50 | 00,022,656 | ---- | M] (Research In Motion Limited) -- C:\Windows\System32\Drivers\RimUsb.sys -- (RimUsb [On_Demand | Stopped])
DRV - [2007/01/18 10:24:58 | 00,026,496 | ---- | M] (Research in Motion Ltd) -- C:\Windows\system32\DRIVERS\RimSerial.sys -- (RimVSerPort [On_Demand | Stopped])
DRV - [2006/11/15 05:35:20 | 00,037,376 | ---- | M] (REDC) -- C:\Windows\system32\DRIVERS\rixdptsk.sys -- (rismxdp [Auto | Running])
DRV - [2006/11/02 03:58:51 | 00,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Drivers\RootMdm.sys -- (ROOTMODEM [On_Demand | Stopped])
DRV - [2009/05/26 10:05:54 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV [System | Stopped])
DRV - [2009/05/26 10:05:56 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM [On_Demand | Stopped])
DRV - [2009/05/26 10:05:52 | 00,072,944 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys -- (SASKUTIL [System | Stopped])
DRV - [2006/11/02 01:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Stopped])
DRV - [2006/11/02 04:50:10 | 00,038,504 | ---- | M] (Silicon Integrated Systems Corp.) -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2 [Disabled | Stopped])
DRV - [2006/11/02 04:50:16 | 00,071,784 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])
DRV - [2007/07/20 00:42:36 | 00,020,280 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\SYSTEM32\Drivers\SSFS0BB8.SYS -- (SSFS0BB8 [Boot | Running])
DRV - [2007/07/20 00:42:36 | 00,021,816 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\SYSTEM32\Drivers\SSHRMD.SYS -- (SSHRMD [Boot | Running])
DRV - [2007/07/20 00:42:36 | 00,163,128 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\SYSTEM32\Drivers\SSIDRV.SYS -- (SSIDRV [Boot | Running])
DRV - [2007/07/20 00:42:36 | 00,023,864 | ---- | M] (Webroot Software Inc (www.webroot.com)) -- C:\Windows\System32\Drivers\sskbfd.sys -- (SSKBFD [On_Demand | Running])
DRV - [2006/11/02 03:51:25 | 00,030,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\system32\DRIVERS\irstusb.sys -- (STIrUsb [On_Demand | Stopped])
DRV - [2006/11/02 04:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])
DRV - [2006/11/02 04:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])
DRV - [2006/11/02 04:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])
DRV - [2007/01/12 22:59:02 | 00,181,432 | ---- | M] (Synaptics, Inc.) -- C:\Windows\system32\DRIVERS\SynTP.sys -- (SynTP [On_Demand | Running])
DRV - [2006/02/03 11:37:33 | 00,049,536 | ---- | M] (Texas Instruments Incorporated) -- C:\Windows\system32\drivers\tiehdusb.sys -- (TIEHDUSB [On_Demand | Stopped])
DRV - [2006/11/02 04:51:25 | 00,235,112 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])
DRV - [2006/11/02 04:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])
DRV - [2006/11/02 04:50:45 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])
DRV - [2006/11/02 03:55:22 | 00,007,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DRIVERS\umpass.sys -- (UMPass [On_Demand | Stopped])
DRV - [2006/11/02 04:49:30 | 00,017,512 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])
DRV - [2006/11/02 04:50:41 | 00,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])
DRV - [2006/10/18 22:08:04 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Stopped])
DRV - [2006/08/05 04:39:10 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\system32\DRIVERS\xaudio.sys -- (XAudio [Auto | Stopped])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...n&pf=laptop
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...n&pf=laptop
IE - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...n&pf=laptop
IE - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2448592363-892285708-305865034-1000\S-1-5-21-2448592363-892285708-305865034-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaultthis.engineName: "The_Pirate_Bay Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...rchSource=3&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20080609.0
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.5.1116
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {a33fa729-d155-4b23-842b-2c665ecabdb6}:1.5.48.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.10
FF - prefs.js..keyword.URL: "http://search.condui...rchSource=2&q="
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD [2009/05/29 15:13:01 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Plugins: C:\PROGRAM FILES\FLOCK\FLOCK\PLUGINS [2009/01/30 23:03:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Flock\Extensions\\Components: C:\PROGRAM FILES\FLOCK\FLOCK\COMPONENTS [2008/12/26 13:11:41 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS [2009/05/29 15:12:53 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.10\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS [2009/05/29 15:13:10 | 00,000,000 | ---D | M]
[2009/02/17 11:36:43 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions
[2008/12/08 23:27:04 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/02/17 11:36:43 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions\[email protected]
[2009/06/02 20:19:19 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yxhflnzv.default\extensions
[2008/05/20 18:38:14 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yxhflnzv.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}
[2009/01/30 23:09:29 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yxhflnzv.default\extensions\{a33fa729-d155-4b23-842b-2c665ecabdb6}
[2008/03/30 12:50:10 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yxhflnzv.default\extensions\{c36177c0-224a-11da-8cd6-0800200c9a66}
[2008/12/08 23:29:19 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yxhflnzv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2008/12/14 16:49:58 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\Profiles\yxhflnzv.default\extensions\[email protected]
[2008/05/20 18:38:24 | 00,001,901 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\FireFox\Profiles\yxhflnzv.default\searchplugins\aimsearch.xml
[2009/01/15 10:23:14 | 00,000,890 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\FireFox\Profiles\yxhflnzv.default\searchplugins\conduit.xml
[2008/12/08 23:27:05 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/05/04 20:14:11 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/04 20:14:08 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/05/04 20:14:08 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/02/14 12:43:08 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/02/14 12:43:08 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/02/14 12:43:08 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/02/14 12:43:08 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/02/14 12:43:08 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/02/14 12:43:08 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/02/14 12:43:09 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (926 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 ihabback.co.uk
O1 - Hosts: 127.0.0.1 habbotx.com
O1 - Hosts: 127.0.0.1 SnGScriptConsole
O1 - Hosts: 127.0.0.1 iHabbix
O1 - Hosts: 92.48.81.32 iHabbixReloaded
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - Reg Error: Key error. File not found
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (The Pirate Bay Toolbar) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe0.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - MRI_DISABLED - Reg Error: Key error. File not found
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (The Pirate Bay Toolbar) - {a33fa729-d155-4b23-842b-2c665ecabdb6} - C:\Program Files\The_Pirate_Bay\tbThe0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2448592363-892285708-305865034-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (Google Inc.)
O3 - HKU\S-1-5-21-2448592363-892285708-305865034-1000\..\Toolbar\WebBrowser: (no name) - {A33FA729-D155-4B23-842B-2C665ECABDB6} - C:\Program Files\The_Pirate_Bay\tbThe0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\Windows\system32\NvCpl.dll,NvStartup (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (Apple Inc.)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray (Webroot Software, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot (RealNetworks, Inc.)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-18..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter File not found
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [Aim6] File not found
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [BitTorrent DNA] "C:\Users\Owner\Program Files\DNA\btdna.exe" (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c (Google Inc.)
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (Microsoft Corporation)
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" (TomTom)
O4 - HKU\S-1-5-21-2448592363-892285708-305865034-1000..\Run: [WMPNSCFG] "C:\Program Files\Windows Media Player\WMPNSCFG.exe" (Microsoft Corporation)
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MRI_DISABLED [2007/09/21 08:30:12 | 00,000,000 | -H-D | M]
O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 2.lnk = C:\Program Files\ShortKeys2\shortkey.exe (Insight Software Solutions)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html ()
O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [mdnsNSP] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\system32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1DB93715-3B60-43EE-93E6-279BB3E1DF76} http://store1rosemon...hecker_6110.cab (OCXDownloadChecker Control)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} http://musicmix.mess.../Medialogic.CAB (CMediaMix Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zon...O/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zon...ro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} http://messenger.zon...ot.cab57213.cab (CBreakshotControl Class)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_10)
O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} http://store1rosemon...adFile_6110.cab (DownloadFile Control)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\WRNotifier: DllName - WRLogonNTF.dll - C:\Windows\system32\WRLogonNTF.dll (Webroot Software, Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/31 04:49:11 | 00,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 00,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{b4fc7309-fcd2-11dd-bce1-001b246dbd51}\Shell\AutoRun\command - "" = F:\InstallTomTomHOME.exe -- File not found
O33 - MountPoints2\{de51cb35-1e96-11dd-977a-001b246dbd51}\Shell\AutoRun\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\stcvhost.exe -- File not found
O33 - MountPoints2\{de51cb35-1e96-11dd-977a-001b246dbd51}\Shell\open\command - "" = H:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\stcvhost.exe -- File not found
O33 - MountPoints2\{de51cb3a-1e96-11dd-977a-001b246dbd51}\Shell - "" = AutoRun
O33 - MountPoints2\{de51cb3a-1e96-11dd-977a-001b246dbd51}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - * [2009/06/05 00:32:27 | 00,000,000 | R--D | M]
========== Files/Folders - Created Within 30 Days ==========
[2 C:\Users\Owner\Documents\*.tmp files]
[1 C:\Users\Owner\Desktop\*.tmp files]
[2009/06/04 20:57:55 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/06/04 20:57:49 | 00,000,862 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/06/04 20:57:48 | 00,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
[2009/06/04 20:57:48 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/06/03 23:26:56 | 00,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2009/06/03 18:53:25 | 00,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2009/06/03 18:53:23 | 00,000,778 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/03 18:53:21 | 00,040,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/06/03 18:53:20 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/06/03 18:53:19 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/06/03 18:53:19 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/06/03 17:06:56 | 00,001,834 | ---- | C] () -- C:\Users\Owner\Desktop\HijackThis.lnk
[2009/06/03 17:06:56 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/06/03 16:06:23 | 00,115,200 | ---- | C] () -- C:\Users\Owner\Desktop\ResetTCPIP.msi
[2009/06/03 15:56:35 | 91,593,728 | ---- | C] ( ) -- C:\Users\Owner\Desktop\AVGP8.5.287(4.9.2009).exe
[2009/06/03 15:39:47 | 00,001,017 | ---- | C] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk
[2009/06/03 15:39:47 | 00,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2009/06/02 21:30:23 | 04,907,856 | ---- | C] () -- C:\Users\Owner\Desktop\shkey.exe
[2009/06/02 21:29:33 | 00,000,000 | ---D | C] -- C:\Users\Owner\Desktop\ShortKeys.v2.3.2.1.Incl.Keymaker-CORE
[2009/06/02 20:10:48 | 11,764,836 | ---- | C] () -- C:\Users\Owner\Desktop\Sat.TV.For.PC.ED.2009.PF67.exe
[2009/06/02 17:13:29 | 00,000,000 | ---D | C] -- C:\Users\Owner\Desktop\rooms
[2009/06/01 20:39:26 | 00,000,000 | ---D | C] -- C:\Users\Owner\Desktop\FBI Tools
[2009/06/01 20:36:24 | 02,156,341 | ---- | C] () -- C:\Users\Owner\Documents\IMG_0339.JPG
[2009/06/01 20:36:24 | 00,322,132 | ---- | C] () -- C:\Users\Owner\Documents\me cutout.psd
[2009/06/01 20:36:23 | 00,520,581 | ---- | C] () -- C:\Users\Owner\Documents\pic.png
[2009/05/31 00:09:09 | 00,000,014 | ---- | C] () -- C:\Users\Owner\Documents\training guide.SHS
[2009/05/31 00:09:09 | 00,000,008 | ---- | C] () -- C:\Users\Owner\Documents\training guide.shk
[2009/05/30 14:52:40 | 00,000,764 | ---- | C] () -- C:\Users\Owner\Desktop\Darwinia.lnk
[2009/05/30 14:52:34 | 00,000,000 | ---D | C] -- C:\Program Files\Darwinia
[2009/05/30 14:47:50 | 00,565,643 | ---- | C] () -- C:\Users\Owner\Desktop\Defcon Crack.rar
[2009/05/30 00:21:28 | 00,000,000 | ---D | C] -- C:\Downloads
[2009/05/30 00:20:11 | 00,002,006 | ---- | C] () -- C:\Users\Owner\Desktop\Rapidshare Auto Downloader.lnk
[2009/05/30 00:20:10 | 00,000,000 | ---D | C] -- C:\Program Files\vSoft
[2009/05/29 15:13:04 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\xing shared
[2009/05/29 15:13:02 | 00,000,997 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2009/05/28 18:10:21 | 00,000,000 | ---D | C] -- C:\Users\Owner\Documents\Insight Software
[2009/05/28 18:08:33 | 00,000,796 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 2.lnk
[2009/05/28 18:08:32 | 00,000,790 | ---- | C] () -- C:\Users\Owner\Desktop\ShortKeys 2.lnk
[2009/05/28 00:13:12 | 00,000,441 | ---- | C] () -- C:\Users\Owner\Desktop\roman ideas.rtf
[2009/05/25 21:48:44 | 00,000,162 | -H-- | C] () -- C:\Users\Owner\Documents\~$aller title.docx
[2009/05/25 20:54:50 | 00,000,000 | RHSD | C] -- C:\RECYCLER
[2009/05/25 20:54:19 | 00,000,162 | -H-- | C] () -- C:\Users\Owner\Documents\~$tual article.docx
[2009/05/25 17:53:06 | 00,014,794 | ---- | C] () -- C:\Users\Owner\Documents\jose reflection.docx
[2009/05/25 17:11:59 | 00,014,677 | ---- | C] () -- C:\Users\Owner\Documents\instructions.docx
[2009/05/25 16:34:31 | 00,014,539 | ---- | C] () -- C:\Users\Owner\Documents\job.docx
[2009/05/25 15:54:11 | 00,000,000 | ---D | C] -- C:\Users\Owner\Documents\Stuff for School
[2009/05/25 09:48:40 | 00,010,584 | ---- | C] () -- C:\Users\Owner\Documents\smaller title.docx
[2009/05/25 09:48:28 | 00,012,337 | ---- | C] () -- C:\Users\Owner\Documents\actual article.docx
[2009/05/25 00:01:58 | 00,000,162 | -H-- | C] () -- C:\Users\Owner\Documents\~$rticle.docx
[2009/05/24 23:47:55 | 00,046,414 | ---- | C] () -- C:\Users\Owner\Documents\article.docx
[2009/05/24 16:46:20 | 00,002,659 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office Word 2007.lnk
[2009/05/24 16:46:20 | 00,002,621 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office Excel 2007.lnk
[2009/05/24 16:46:20 | 00,002,611 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Office PowerPoint 2007.lnk
[2009/05/24 16:43:01 | 00,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Design Science
[2009/05/24 16:42:40 | 00,000,000 | ---D | C] -- C:\Program Files\MathType
[2009/05/20 17:56:04 | 00,000,862 | ---- | C] () -- C:\Windows\System32\termcap
[2009/05/19 23:43:27 | 00,014,756 | ---- | C] () -- C:\Users\Owner\Documents\Francis Scott Fitzgerald.docx
[2009/05/19 17:25:51 | 00,011,930 | ---- | C] () -- C:\Users\Owner\Documents\lastsatwords.docx
[2009/05/19 17:25:51 | 00,000,162 | -H-- | C] () -- C:\Users\Owner\Documents\~$stsatwords.docx
[2009/05/19 17:15:15 | 00,000,162 | -H-- | C] () -- C:\Users\Owner\Documents\~$ Summer Vocabulary.doc
[2009/05/18 23:22:15 | 00,016,296 | ---- | C] () -- C:\Users\Owner\Documents\Gatsby2.docx
[2009/05/18 23:22:09 | 00,017,120 | ---- | C] () -- C:\Users\Owner\Documents\Gatsby.docx
[2009/05/18 20:33:56 | 00,016,931 | ---- | C] () -- C:\Users\Owner\Documents\ComNazPersian.docx
[2009/05/04 16:53:40 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/05/04 16:53:39 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/03/04 19:03:19 | 01,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2009/01/14 18:28:33 | 00,001,167 | ---- | C] () -- C:\Windows\prov.ini
[2008/11/02 16:11:53 | 00,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2008/09/14 15:32:03 | 00,000,298 | ---- | C] () -- C:\Windows\Ulead32.ini
[2008/06/16 15:07:42 | 00,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
[2008/06/16 15:00:35 | 00,000,412 | ---- | C] () -- C:\Windows\MAXLINK.INI
[2008/05/18 10:38:25 | 00,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/02/10 00:45:49 | 00,000,000 | ---- | C] () -- C:\Windows\VoTW.INI
[2008/01/20 13:11:21 | 00,000,000 | ---- | C] () -- C:\Windows\MSPublisher_Quark Converter.INI
[2008/01/05 13:38:30 | 00,000,156 | ---- | C] () -- C:\Windows\KPCMS.INI
[2008/01/05 13:38:03 | 00,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2007/10/27 23:52:14 | 00,000,126 | ---- | C] () -- C:\Windows\multiview.ini
[2007/10/05 21:52:28 | 00,000,393 | ---- | C] () -- C:\Windows\smsafari.ini
[2007/10/05 21:46:17 | 00,002,554 | ---- | C] () -- C:\Windows\WAVEMIX.INI
[2007/10/05 21:46:06 | 00,000,178 | ---- | C] () -- C:\Windows\SimTower.ini
[2007/10/05 21:41:44 | 00,136,448 | ---- | C] () -- C:\Windows\RMTOOLS.DLL
[2007/09/24 22:01:06 | 00,000,032 | ---- | C] () -- C:\Windows\GunzLauncher.INI
[2007/09/21 08:49:44 | 00,026,424 | ---- | C] () -- C:\Windows\System32\wrlzma.dll
[2007/02/27 15:43:02 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/14 01:01:36 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 01:01:36 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:25:21 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 05:23:31 | 00,000,235 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:23:31 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/05/02 17:38:24 | 00,000,748 | ---- | C] () -- C:\Windows\SetBrowser.ini
[2006/03/09 19:58:00 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005/05/07 07:06:00 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2003/07/25 19:42:06 | 00,000,171 | ---- | C] () -- C:\Windows\af_build_8883-4.ini
[2002/04/14 18:00:22 | 00,007,680 | ---- | C] () -- C:\Windows\System32\kbdruss.dll
========== Files - Modified Within 30 Days ==========
[1 C:\Windows\*.tmp files]
[2 C:\Users\Owner\Documents\*.tmp files]
[1 C:\Users\Owner\Desktop\*.tmp files]
[2009/06/05 00:20:44 | 00,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2009/06/05 00:20:00 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/06/05 00:15:28 | 00,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{3B0DEBD1-D9E2-4CCD-98A9-7D960D70B324}.job
[2009/06/05 00:00:10 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2009/06/04 23:49:24 | 00,013,025 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\nvModes.001
[2009/06/04 23:49:13 | 00,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/06/04 23:49:13 | 00,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/06/04 23:49:12 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/06/04 20:57:49 | 00,000,862 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2009/06/04 17:17:27 | 16,316,5770 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/06/03 18:53:23 | 00,000,778 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/06/03 17:06:56 | 00,001,834 | ---- | M] () -- C:\Users\Owner\Desktop\HijackThis.lnk
[2009/06/03 16:11:20 | 91,593,728 | ---- | M] ( ) -- C:\Users\Owner\Desktop\AVGP8.5.287(4.9.2009).exe
[2009/06/03 16:06:24 | 00,115,200 | ---- | M] () -- C:\Users\Owner\Desktop\ResetTCPIP.msi
[2009/06/03 15:39:47 | 00,001,017 | ---- | M] () -- C:\Users\Owner\Desktop\Revo Uninstaller.lnk
[2009/06/03 01:18:15 | 00,001,126 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUser.job
[2009/06/03 01:18:15 | 00,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2448592363-892285708-305865034-1000.job
[2009/06/02 22:35:37 | 00,000,408 | ---- | M] () -- C:\Windows\tasks\Norton Security Scan for Owner.job
[2009/06/01 19:40:24 | 11,764,836 | ---- | M] () -- C:\Users\Owner\Desktop\Sat.TV.For.PC.ED.2009.PF67.exe
[2009/05/31 00:19:19 | 00,000,014 | ---- | M] () -- C:\Users\Owner\Documents\training guide.SHS
[2009/05/31 00:09:09 | 00,000,008 | ---- | M] () -- C:\Users\Owner\Documents\training guide.shk
[2009/05/30 14:52:40 | 00,000,764 | ---- | M] () -- C:\Users\Owner\Desktop\Darwinia.lnk
[2009/05/30 00:20:11 | 00,002,006 | ---- | M] () -- C:\Users\Owner\Desktop\Rapidshare Auto Downloader.lnk
[2009/05/29 15:13:02 | 00,000,997 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2009/05/29 15:12:29 | 00,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2009/05/28 18:08:33 | 00,000,796 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ShortKeys 2.lnk
[2009/05/28 18:08:32 | 00,000,790 | ---- | M] () -- C:\Users\Owner\Desktop\ShortKeys 2.lnk
[2009/05/28 00:13:12 | 00,000,441 | ---- | M] () -- C:\Users\Owner\Desktop\roman ideas.rtf
[2009/05/26 13:20:08 | 00,040,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/05/26 13:19:56 | 00,019,096 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/05/25 21:55:08 | 00,520,581 | ---- | M] () -- C:\Users\Owner\Documents\pic.png
[2009/05/25 21:48:44 | 00,000,162 | -H-- | M] () -- C:\Users\Owner\Documents\~$aller title.docx
[2009/05/25 21:06:16 | 00,016,931 | ---- | M] () -- C:\Users\Owner\Documents\ComNazPersian.docx
[2009/05/25 20:55:55 | 00,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/05/25 20:55:55 | 00,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/05/25 20:55:55 | 00,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/05/25 20:54:19 | 00,000,162 | -H-- | M] () -- C:\Users\Owner\Documents\~$tual article.docx
[2009/05/25 18:52:10 | 00,012,337 | ---- | M] () -- C:\Users\Owner\Documents\actual article.docx
[2009/05/25 18:43:26 | 00,322,132 | ---- | M] () -- C:\Users\Owner\Documents\me cutout.psd
[2009/05/25 17:53:07 | 00,014,794 | ---- | M] () -- C:\Users\Owner\Documents\jose reflection.docx
[2009/05/25 17:33:51 | 00,014,677 | ---- | M] () -- C:\Users\Owner\Documents\instructions.docx
[2009/05/25 17:31:50 | 00,014,539 | ---- | M] () -- C:\Users\Owner\Documents\job.docx
[2009/05/25 09:48:40 | 00,010,584 | ---- | M] () -- C:\Users\Owner\Documents\smaller title.docx
[2009/05/25 09:43:32 | 00,408,040 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/05/25 00:01:58 | 00,000,162 | -H-- | M] () -- C:\Users\Owner\Documents\~$rticle.docx
[2009/05/25 00:01:33 | 00,046,414 | ---- | M] () -- C:\Users\Owner\Documents\article.docx
[2009/05/25 00:01:07 | 00,002,659 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office Word 2007.lnk
[2009/05/25 00:01:07 | 00,002,621 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office Excel 2007.lnk
[2009/05/25 00:01:07 | 00,002,611 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Office PowerPoint 2007.lnk
[2009/05/20 17:56:01 | 00,000,862 | ---- | M] () -- C:\Windows\System32\termcap
[2009/05/19 23:43:28 | 00,014,756 | ---- | M] () -- C:\Users\Owner\Documents\Francis Scott Fitzgerald.docx
[2009/05/19 17:25:51 | 00,011,930 | ---- | M] () -- C:\Users\Owner\Documents\lastsatwords.docx
[2009/05/19 17:25:51 | 00,000,162 | -H-- | M] () -- C:\Users\Owner\Documents\~$stsatwords.docx
[2009/05/19 17:15:15 | 00,000,162 | -H-- | M] () -- C:\Users\Owner\Documents\~$ Summer Vocabulary.doc
[2009/05/18 23:22:16 | 00,016,296 | ---- | M] () -- C:\Users\Owner\Documents\Gatsby2.docx
[2009/05/18 23:22:10 | 00,017,120 | ---- | M] () -- C:\Users\Owner\Documents\Gatsby.docx
[2009/05/18 07:00:34 | 00,001,628 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_LA4F366DFF3DB4CD4AD64902A1811A4DA.job
[2009/05/11 01:11:31 | 00,021,953 | ---- | M] () -- C:\Users\Owner\Documents\Temas.docx
[2009/05/09 05:09:16 | 00,002,002 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
========== LOP Check ==========
[2008/07/29 22:54:17 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming
[2008/07/29 22:54:17 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Macromedia
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Media Center Programs
[2006/11/02 06:18:34 | 00,000,000 | --SD | M] -- C:\Users\Default\AppData\Roaming\Microsoft
[2008/07/29 22:54:17 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming
[2008/07/29 22:54:17 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Macromedia
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Media Center Programs
[2006/11/02 06:18:34 | 00,000,000 | --SD | M] -- C:\Users\Default User\AppData\Roaming\Microsoft
[2009/06/04 17:28:44 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming
[2009/06/04 17:28:21 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming\hewlett-packard
[2009/06/04 17:26:46 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming\Identities
[2008/07/29 22:54:17 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming\Macromedia
[2009/06/04 17:28:44 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming\Malwarebytes
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming\Media Center Programs
[2009/06/04 17:27:28 | 00,000,000 | --SD | M] -- C:\Users\Jose\AppData\Roaming\Microsoft
[2009/06/04 17:27:03 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming\Real
[2009/06/04 17:27:02 | 00,000,000 | ---D | M] -- C:\Users\Jose\AppData\Roaming\Webroot
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Mcx1\AppData\Roaming
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Mcx1\AppData\Roaming\Media Center Programs
[2008/05/12 20:36:44 | 00,000,000 | --SD | M] -- C:\Users\Mcx1\AppData\Roaming\Microsoft
[2009/06/04 20:57:48 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming
[2007/09/22 08:14:08 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\acccore
[2008/05/18 10:43:37 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Adobe
[2007/12/20 23:59:06 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Apple Computer
[2008/06/16 15:24:27 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ArcSoft
[2008/11/02 00:17:23 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVS4YOU
[2008/11/16 22:55:26 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Azureus
[2009/05/30 20:38:51 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\BitTorrent
[2008/06/16 15:22:47 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Canon
[2007/11/15 22:21:59 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\CopyTrans
[2007/10/05 19:55:55 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\CyberLink
[2009/05/24 16:43:01 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Design Science
[2009/06/05 00:09:25 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DNA
[2008/05/18 10:40:15 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Flock
[2007/12/14 23:04:31 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Google
[2008/07/25 21:56:15 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\GTek
[2007/09/21 07:49:48 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Hewlett-Packard
[2007/10/05 19:55:06 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\HP
[2007/09/21 07:48:14 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Identities
[2007/09/21 21:06:16 | 00,000,000 | -H-D | M] -- C:\Users\Owner\AppData\Roaming\ijjigame
[2008/04/30 22:13:48 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\InstallShield
[2008/01/18 15:51:38 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\LimeWire
[2007/09/22 08:00:57 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Macromedia
[2009/06/03 18:53:25 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Malwarebytes
[2006/11/02 07:37:34 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Media Center Programs
[2009/05/25 00:01:12 | 00,000,000 | --SD | M] -- C:\Users\Owner\AppData\Roaming\Microsoft
[2008/01/27 14:43:48 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Microsoft Games
[2009/04/27 22:39:28 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Mozilla
[2007/10/05 23:24:27 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\muvee Technologies
[2008/03/18 23:01:14 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MySpace
[2007/09/21 21:10:25 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NHN Corporation
[2007/10/26 18:47:13 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Opera
[2008/01/18 16:24:13 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeerNetworking
[2009/02/18 18:01:45 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Progeny
[2008/06/19 00:50:35 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\QQ Games
[2008/05/18 10:41:54 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\QQ Games Plugin
[2008/03/21 20:27:49 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Real
[2008/01/03 23:25:42 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Research In Motion
[2007/10/06 00:32:19 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Roxio
[2008/06/16 15:00:26 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\ScanSoft
[2007/12/16 17:07:04 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SecondLife
[2008/04/30 22:27:15 | 00,000,000 | RH-D | M] -- C:\Users\Owner\AppData\Roaming\SecuROM
[2008/01/04 02:09:11 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Simprit
[2008/08/19 09:51:14 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Skype
[2008/08/13 14:57:25 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\skypePM
[2008/02/25 21:23:31 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Sony
[2009/06/04 20:57:48 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SUPERAntiSpyware.com
[2009/02/17 11:36:40 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TomTom
[2009/02/10 00:10:18 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\U3
[2007/09/21 08:49:44 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Webroot
[2007/09/21 19:54:30 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent
[2008/11/01 21:27:05 | 00,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinFF
[2009/06/05 00:00:10 | 00,000,868 | ---- | M] () -- C:\Windows\Tasks\Google Software Updater.job
[2009/06/03 01:18:15 | 00,001,126 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUser.job
[2009/06/03 01:18:15 | 00,000,856 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2448592363-892285708-305865034-1000.job
[2009/06/02 22:35:37 | 00,000,408 | ---- | M] () -- C:\Windows\Tasks\Norton Security Scan for Owner.job
[2009/06/04 23:49:12 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/06/04 17:14:22 | 00,032,592 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/06/05 00:15:28 | 00,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{3B0DEBD1-D9E2-4CCD-98A9-7D960D70B324}.job
[2009/05/18 07:00:34 | 00,001,628 | ---- | M] () -- C:\Windows\Tasks\wrSpySweeper_LA4F366DFF3DB4CD4AD64902A1811A4DA.job
========== Purity Check ==========
< End of report >
OTL Extras
OTL Extras logfile created on: 6/5/2009 12:33:05 AM - Run 1
OTL by OldTimer - Version 2.1.1.0 Folder = C:\Users\Owner\Documents\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16830)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.94 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 71.21% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 3000 3000 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.85 Gb Total Space | 65.32 Gb Free Space | 46.38% Space Free | Partition Type: NTFS
Drive D: | 8.20 Gb Total Space | 1.72 Gb Free Space | 21.03% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: MYLAPTOP
Current User Name: Owner
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: All users
Output = Standard
File Age = 30 Days
Company Name Whitelist: On
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
"DisableNotifications" = 0
"EnableFirewall" = 1
"" =
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\GloballyOpenPorts\List
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"" =
[2007/03/29 15:59:42 | 00,176,128 | ---- | M] (Starz Entertainment Group LLC) -- C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
[2006/08/30 13:35:12 | 00,952,088 | ---- | M] (EarthLink, Inc.) -- C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink
[2008/12/16 15:16:10 | 00,637,232 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
{040172F7-B5A6-403E-AF33-9E83F45E2C16} = LPORT=139 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{0BB81EC0-44DA-4E5D-868C-9513825091AD} = LPORT=554 | PROTOCOL=6 | DIR=IN | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{12BCD77F-5CCF-4464-9921-6294B605ECE1} = LPORT=2177 | PROTOCOL=6 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{12FB4CE6-3B40-41E0-96E4-C422BF32B5EB} = LPORT=7777 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{1C5281EE-0D12-44B6-879F-45B83C98843E} = LPORT=3390 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{36532B1F-7638-4FE4-8DDE-606026F5C179} = RPORT=3702 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{3B092B1B-840E-44B8-AD74-5748662810CB} = LPORT=554 | PROTOCOL=6 | DIR=IN | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{3D97FDAA-F6EF-45C8-B94E-F90B5772A89C} = RPORT=2177 | PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{45D356BA-689F-42E1-BF55-EA8A61DE1E36} = RPORT=10244 | PROTOCOL=6 | DIR=OUT | APP=SYSTEM |
{4629661E-FB33-4F7F-94FE-EC39516244B5} = RPORT=10244 | PROTOCOL=6 | DIR=OUT | APP=SYSTEM |
{4BE31C0B-697C-4075-91BE-A7A23F44E3A1} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{56D337A1-21CF-4AA7-B62C-CA4A6213C6DB} = LPORT=2177 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{66D78492-38D1-4A19-A393-F843221FB77D} = LPORT=138 | PROTOCOL=17 | DIR=IN | APP=SYSTEM |
{6909705E-B4C9-4BDB-B143-83D889848BCA} = LPORT=10244 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{6CEB5ACB-70B8-4473-AD10-2E50DB256EBE} = LPORT=137 | PROTOCOL=17 | DIR=IN | APP=SYSTEM |
{6DACA317-B947-473B-BA37-19EE6D140531} = LPORT=2869 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{6DFDA544-1020-427B-A041-E4C06AF96966} = RPORT=1900 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{72944AA9-0CFD-41D5-99CC-7604A6513C2D} = LPORT=3390 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{7D672796-4F58-4587-BF95-B6413A6B6000} = LPORT=2177 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{81086A68-79CD-4208-A528-AE0ACBC16194} = LPORT=7777 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{893C066D-5DB3-4AAE-AF6B-594FDDC77A41} = RPORT=2177 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{900C5342-CCC3-40E4-B938-0B3ADC41BD37} = RPORT=137 | PROTOCOL=17 | DIR=OUT | APP=SYSTEM |
{9C3EEE19-2EF5-49A5-9754-3917AC494EFA} = RPORT=1900 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{AAA4AC3F-52E8-460A-8852-4EDCF34A44F6} = LPORT=10244 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{ADF13703-1E91-4BFC-9A8C-F6FE028E743A} = LPORT=RPC-EPMAP | PROTOCOL=6 | DIR=IN | [email protected],-28539 | SVC=RPCSS |
{AF25ACCE-9FC5-453A-B6D3-51ADD5547C7E} = RPORT=1900 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{BBFF34D9-5A35-4B08-BC5E-0F5B91FF934E} = LPORT=2177 | PROTOCOL=6 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{BD0CD5AD-B92E-41CC-8612-99566017DB90} = RPORT=2177 | PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{C6AD4C62-46D2-412E-B0F3-E03D79816346} = LPORT=3702 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=FDRESPUB |
{D53323E7-B5CC-4201-B89D-399B6B63615C} = RPORT=2177 | PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=QWAVE |
{D5BDD8B1-5B2E-44E5-A962-AB68F82EAA85} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=SVCHOST.EXE | SVC=SSDPSRV |
{D8028B0E-8AC9-4A89-A679-53046B060FEC} = RPORT=139 | PROTOCOL=6 | DIR=OUT | APP=SYSTEM |
{DACFA7E0-53C7-4F75-827D-350A037C9FEB} = LPORT=445 | PROTOCOL=6 | DIR=IN | APP=SYSTEM |
{EB228629-47DB-42D0-90CF-9AA946FCCD78} = RPORT=445 | PROTOCOL=6 | DIR=OUT | APP=SYSTEM |
{ED30B230-CDE4-44B1-9A94-33A7B6F955B3} = LPORT=RPC | PROTOCOL=6 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SPOOLSV.EXE | SVC=SPOOLER |
{ED5E79A4-062B-47E5-9732-778C91E88C0E} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{F3180566-CA72-48A7-B073-1C3692D2555D} = LPORT=1900 | PROTOCOL=17 | DIR=IN | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=SSDPSRV |
{FC61C76E-013B-4353-8BEC-C7F736AE913D} = RPORT=138 | PROTOCOL=17 | DIR=OUT | APP=SYSTEM |
========== Vista Active Application Exception List ==========
{05B639E3-B588-437F-AA3B-E8F6A4A9F535} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\DNA\BTDNA.EXE |
{0F894CD6-2270-41A6-960B-C77FFE53E08C} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\COMMON FILES\AOL\LOADER\AOLLOAD.EXE |
{11A61BFA-439C-4313-A3E2-BA1351F3E188} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\EHOME\MCX2PROV.EXE |
{226A078A-3303-4392-85B6-17187C79E3E3} = PROTOCOL=6 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\LOCAL\TEMP\7ZS4B81.TMP\SYMNRT.EXE |
{2319D311-F71D-4BFB-B619-6C928A55A42C} = PROTOCOL=58 | DIR=OUT | [email protected],-28546 |
{2E33957C-8136-4B8A-9910-649890262C36} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\COMMON FILES\AOL\LOADER\AOLLOAD.EXE |
{2F81CA3D-A256-4BCF-8C72-A9B4ECE9CD72} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE |
{34B4B7AF-28F7-49EA-A9CB-CB52DCDCD3B6} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA ENTERTAINMENT\WORLD IN CONFLICT\WIC_DS.EXE |
{364ADEA5-F303-45FF-9C44-306FDE20B3D2} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\SONY\MEDIA MANAGER FOR PSP 2.5\MEDIAMANAGER.EXE |
{493DBEDC-9B4F-4BD5-A2BF-588A89CADD9F} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{51134F5C-05F7-485C-A9F7-8C3A7AF53B8B} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE |
{570844C6-16E4-43F7-8E17-53E873D9720E} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\BITTORRENT\BITTORRENT.EXE |
{629BA8EF-0D48-4899-B815-D4A26DE7D8D9} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\EHOME\MCX2PROV.EXE |
{674A061C-EC74-4431-A070-F1DACE1B21B1} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=MCX2SVC |
{68CDDC74-2F9F-42C4-BC70-58E575BA41B7} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{6E47C99A-F837-4931-BFEA-87A2D43AC2FE} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{6F88928C-AE3D-4AC3-8D17-CCA31F2E752D} = PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{6F8A21E3-BF17-49C5-B59C-A2A2E8C3E73A} = PROTOCOL=17 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\LOCAL\TEMP\7ZS4B81.TMP\SYMNRT.EXE |
{7157DEDE-0DE0-4E8E-8838-958E182826DB} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA ENTERTAINMENT\WORLD IN CONFLICT\WIC.EXE |
{748AB940-A937-49CF-B0BE-DDE3197C8C3F} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE |
{7A39DE37-1BF9-4C25-AE92-3956D2CB8D75} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\BITTORRENT\BITTORRENT.EXE |
{825DD0AB-F15C-4AE4-879F-02D0098A5DBA} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE |
{840B79C6-4954-4B0E-9E05-AEEE616574F6} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{8661D54E-23EC-4DFB-BB45-089BBD381C27} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA ENTERTAINMENT\WORLD IN CONFLICT\WIC_DS.EXE |
{88694940-EF25-4314-863C-9DCF9F3D4393} = PROTOCOL=1 | DIR=OUT | [email protected],-28544 |
{89E9A490-78B2-414B-8612-BEFCDD022717} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{8BD108F6-D406-4C1C-8149-1DB6EEFC2A83} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA ENTERTAINMENT\WORLD IN CONFLICT\WIC_ONLINE.EXE |
{8BE4809C-9731-4EAE-B262-96926B0E44BB} = PROTOCOL=17 | DIR=OUT | APP=%SYSTEMROOT%\EHOME\EHSHELL.EXE |
{8FD81337-2C00-42D7-8253-6D5DCB9B632C} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=UPNPHOST |
{95E87BAB-D6F1-493C-AF4A-24B8CD4E995B} = DIR=IN | APP=C:\PROGRAM FILES\HP\QUICKPLAY\QPSERVICE.EXE |
{964F56F1-41AD-446F-B77E-82B071B28749} = DIR=IN | APP=C:\PROGRAM FILES\HP\QUICKPLAY\QP.EXE |
{9742BC09-4467-42A8-A4AF-F0C5E431E1A8} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{9CDEAFB8-5B8F-4061-A939-1FA7168649C2} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
{AA05AC32-788A-4615-8E41-90AA79563917} = PROTOCOL=58 | DIR=IN | [email protected],-28545 |
{B33D8B4B-4DF8-4E93-9CF8-80A110094D07} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE |
{B48F94D6-139F-452F-803F-5D3A2F9CC4AD} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\DNA\BTDNA.EXE |
{C432388F-5EBD-4ED4-8AB4-83D80D93B534} = PROTOCOL=1 | DIR=IN | [email protected],-28543 |
{C6FFCC69-5FEF-42B6-8093-109073549692} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\EARTHLINK TOTALACCESS\TASKPANL.EXE |
{C94EC91F-9277-4366-A515-D34948ECBD8D} = PROTOCOL=6 | DIR=OUT | APP=%SYSTEMROOT%\SYSTEM32\SVCHOST.EXE | SVC=MCX2SVC |
{CD2C7D8D-42B9-4963-8E5C-C4D29B247FE2} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA ENTERTAINMENT\WORLD IN CONFLICT\WIC.EXE |
{CF5B72B4-91A1-44CE-8D4B-7F7747531A12} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\COMMON FILES\AOL\LOADER\AOLLOAD.EXE |
{D3306056-CA94-472F-8A52-766809ECADE5} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
{DB0A2F1E-3DC0-4B5E-B92D-F5F1B7138AAA} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{DE683E0E-3D89-41A3-A07E-BBBD21DD641A} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{DED82694-D300-4007-93B3-162D9E0BFF3A} = DIR=IN | APP=C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE |
{DFC29E52-4325-47EB-A3E3-610553E93065} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{E348241A-0A72-4A9D-807C-BA75FE45407A} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\SIERRA ENTERTAINMENT\WORLD IN CONFLICT\WIC_ONLINE.EXE |
{E4F0F8A2-47BA-4F40-8539-36E330CD92F4} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\SONY\MEDIA MANAGER FOR PSP 2.5\MEDIAMANAGER.EXE |
{E745917A-2408-415A-90AD-012C9ED4CABF} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE12\ONENOTE.EXE |
{EA043CE4-2AC9-46C3-A920-B9E4F8379F04} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE |
{EB7376D6-C105-4816-9543-435A2CE35442} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE |
{ECF9BBD2-F210-4CD5-BCD6-79DB528B1CCB} = DIR=IN | APP=C:\PROGRAM FILES\WINDOWS LIVE\SYNC\WINDOWSLIVESYNC.EXE |
{EF64F7B7-B1AD-48C8-A679-95FACFFEDBC4} = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\ITUNES\ITUNES.EXE |
{FBADB657-6720-4561-A786-E465D319BBC6} = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\COMMON FILES\AOL\LOADER\AOLLOAD.EXE |
TCP Query User{0D9C9462-879B-47A5-998B-9F3A1AF32B11}C:\program files\ihabbix ltd\ihabbix.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\IHABBIX LTD\IHABBIX.EXE |
TCP Query User{1FCF51AD-E937-4C95-A17E-EF14F81904DE}C:\ijji\english\u_skid.exe = PROTOCOL=6 | DIR=IN | APP=C:\IJJI\ENGLISH\U_SKID.EXE |
TCP Query User{2D27BCA3-132D-4144-A1B7-456E7FBBCF98}C:\program files\mozilla firefox\firefox.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
TCP Query User{536EA136-0F82-42F4-A99E-64FF19A9C057}C:\program files\aim6\aim6.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
TCP Query User{6A9CF5E5-0601-4E57-A240-7290C0686382}C:\program files\msn messenger\msnmsgr.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE |
TCP Query User{6CC7E4BD-2AB0-479D-BFCD-E4063BC73B09}C:\ijji\english\u_sf\soldierfront.exe = PROTOCOL=6 | DIR=IN | APP=C:\IJJI\ENGLISH\U_SF\SOLDIERFRONT.EXE |
TCP Query User{70F462F6-8C9A-41B8-9FE0-622C904E4EB2}C:\program files\flock\flock\flock.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\FLOCK\FLOCK\FLOCK.EXE |
TCP Query User{75D5ED40-5334-4E87-BD3F-28CBAAE318C9}C:\users\owner\program files\dna\btdna.exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\OWNER\PROGRAM FILES\DNA\BTDNA.EXE |
TCP Query User{799FFFA2-05E2-48D1-B6B1-B6CDBD2350A5}C:\program files\dna\btdna.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\DNA\BTDNA.EXE |
TCP Query User{7AAD7DEC-4C20-4A5E-9EF0-7E58130A8084}C:\program files\driftcity\driftcity.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\DRIFTCITY\DRIFTCITY.EXE |
TCP Query User{7E49DD1D-8BE0-4C84-99E4-865581FDEB4B}C:\program files\ihabbix v3\ihabbix.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\IHABBIX V3\IHABBIX.EXE |
TCP Query User{8C459CA4-5432-474B-93CF-A895C86355F6}C:\program files\azureus\azureus.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\AZUREUS\AZUREUS.EXE |
TCP Query User{BE38E2B8-555C-46E6-8387-D2D628177043}C:\program files\azureus\azureus.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\AZUREUS\AZUREUS.EXE |
TCP Query User{BE89908F-120F-49D7-BB8D-525A11A5B6DB}C:\users\owner\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\OCTOSHAPE\OCTOSHAPE.EXE |
TCP Query User{C2E90767-89D7-4E0F-810A-62EA5E50B04C}C:\program files\tencent\qq games\qqgames.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\TENCENT\QQ GAMES\QQGAMES.EXE |
TCP Query User{C37C9473-D62B-4679-B654-32D4A35ED772}C:\users\owner\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\OCTOSHAPE\OCTOSHAPE.EXE |
TCP Query User{C6CBE4DB-506D-4EEC-A3BE-730879707F48}C:\ijji\english\gunz\gunz.exe = PROTOCOL=6 | DIR=IN | APP=C:\IJJI\ENGLISH\GUNZ\GUNZ.EXE |
TCP Query User{D1D71564-81E0-432C-8E98-BB324DC9D4C2}C:\program files\safari\safari.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\SAFARI\SAFARI.EXE |
TCP Query User{D86A75E7-E428-4C5A-99E0-A20AB0E0FA4D}C:\program files\real\realplayer\realplay.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE |
TCP Query User{D94FB42F-C7CD-4FC0-AFDE-9C33D02E7362}C:\users\owner\appdata\local\google\chrome\application\chrome.exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE |
TCP Query User{E2CCEAA6-0450-42C7-9B03-4C8A10DA9293}C:\program files\ihabbix ltd\ihabbix.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\IHABBIX LTD\IHABBIX.EXE |
TCP Query User{E98C7CBF-AB0F-46A8-BBC1-2AC1E0504C32}C:\program files\strategy first\making history 2.0\bin\makehist.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STRATEGY FIRST\MAKING HISTORY 2.0\BIN\MAKEHIST.EXE |
TCP Query User{EED9D189-B601-4339-A0DC-22EC32C3D42F}C:\program files\strategy first\making history 2.0\bin\makehist.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\STRATEGY FIRST\MAKING HISTORY 2.0\BIN\MAKEHIST.EXE |
TCP Query User{F3719363-8F96-4196-88C2-05B5C2DB4920}C:\users\owner\program files\dna\btdna.exe = PROTOCOL=6 | DIR=IN | APP=C:\USERS\OWNER\PROGRAM FILES\DNA\BTDNA.EXE |
TCP Query User{FA055FD4-5B63-4930-B9B6-228A799DAC16}C:\program files\bittorrent\bittorrent.exe = PROTOCOL=6 | DIR=IN | APP=C:\PROGRAM FILES\BITTORRENT\BITTORRENT.EXE |
UDP Query User{032D6563-BBDF-4730-A463-711E66133F35}C:\program files\strategy first\making history 2.0\bin\makehist.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STRATEGY FIRST\MAKING HISTORY 2.0\BIN\MAKEHIST.EXE |
UDP Query User{04485508-1351-4ADE-8546-A0B6D9A9F904}C:\program files\dna\btdna.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\DNA\BTDNA.EXE |
UDP Query User{1178D119-2166-4FED-9FF4-924E4C80E7AA}C:\users\owner\appdata\local\google\chrome\application\chrome.exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE |
UDP Query User{16A0412D-9FC0-4974-BA30-447D548054D4}C:\program files\driftcity\driftcity.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\DRIFTCITY\DRIFTCITY.EXE |
UDP Query User{23A9E754-47AE-4D0A-96F8-762A8B156B74}C:\program files\ihabbix ltd\ihabbix.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\IHABBIX LTD\IHABBIX.EXE |
UDP Query User{2774F5AA-9F1C-4A02-8A6B-2E9808C98836}C:\program files\tencent\qq games\qqgames.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\TENCENT\QQ GAMES\QQGAMES.EXE |
UDP Query User{292A84A7-A191-4A65-9785-129BF529C59C}C:\users\owner\program files\dna\btdna.exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\OWNER\PROGRAM FILES\DNA\BTDNA.EXE |
UDP Query User{328CBD0A-58D7-44A6-8197-819AAA7E7216}C:\ijji\english\u_sf\soldierfront.exe = PROTOCOL=17 | DIR=IN | APP=C:\IJJI\ENGLISH\U_SF\SOLDIERFRONT.EXE |
UDP Query User{3683019E-B2E5-4A4A-A0AE-DD0C3B011063}C:\program files\mozilla firefox\firefox.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE |
UDP Query User{48F691E6-4BD9-4421-B1E2-B1DCADF0E81C}C:\program files\azureus\azureus.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\AZUREUS\AZUREUS.EXE |
UDP Query User{4C55C3D1-0922-4B3C-87AE-ED099E44809D}C:\program files\strategy first\making history 2.0\bin\makehist.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\STRATEGY FIRST\MAKING HISTORY 2.0\BIN\MAKEHIST.EXE |
UDP Query User{4F62E2B3-12C8-48D1-A3F4-91D19563C61D}C:\program files\msn messenger\msnmsgr.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE |
UDP Query User{500C1AAE-7B46-48BC-9D2E-AA8432D5A62D}C:\program files\ihabbix ltd\ihabbix.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\IHABBIX LTD\IHABBIX.EXE |
UDP Query User{594D1EA8-6D81-4A23-8161-47EFE71A6223}C:\ijji\english\gunz\gunz.exe = PROTOCOL=17 | DIR=IN | APP=C:\IJJI\ENGLISH\GUNZ\GUNZ.EXE |
UDP Query User{661345A3-2BA7-46DF-9056-2996F3461D75}C:\users\owner\program files\dna\btdna.exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\OWNER\PROGRAM FILES\DNA\BTDNA.EXE |
UDP Query User{6CB6E499-E135-4059-97F1-EEF4429C916E}C:\program files\safari\safari.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\SAFARI\SAFARI.EXE |
UDP Query User{72F87854-4C12-4651-A2A6-2921B68FF9C3}C:\program files\azureus\azureus.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\AZUREUS\AZUREUS.EXE |
UDP Query User{9ECCCDEE-5ED9-433E-BE4F-89FA298D0914}C:\program files\flock\flock\flock.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\FLOCK\FLOCK\FLOCK.EXE |
UDP Query User{AC27C99F-BE5F-4D57-B908-4C3B6DAB3010}C:\ijji\english\u_skid.exe = PROTOCOL=17 | DIR=IN | APP=C:\IJJI\ENGLISH\U_SKID.EXE |
UDP Query User{ADA4BFFD-1A23-4576-AC16-E1360281CB4A}C:\program files\bittorrent\bittorrent.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\BITTORRENT\BITTORRENT.EXE |
UDP Query User{C98577E9-99E6-4176-87AF-4B1AA348D703}C:\program files\ihabbix v3\ihabbix.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\IHABBIX V3\IHABBIX.EXE |
UDP Query User{D68D4A20-AAF5-49BE-8C59-12E60D61A15F}C:\users\owner\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\OCTOSHAPE\OCTOSHAPE.EXE |
UDP Query User{D891975D-E156-4827-8363-C3DD34FB9BC5}C:\program files\real\realplayer\realplay.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\REAL\REALPLAYER\REALPLAY.EXE |
UDP Query User{DE23A436-C6C0-4438-8BB5-D4D25B2C6E09}C:\program files\aim6\aim6.exe = PROTOCOL=17 | DIR=IN | APP=C:\PROGRAM FILES\AIM6\AIM6.EXE |
UDP Query User{DEB8996E-790B-4BDF-AEBD-2909CEC7FE5A}C:\users\owner\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe = PROTOCOL=17 | DIR=IN | APP=C:\USERS\OWNER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\WWW.MACROMEDIA.COM\BIN\OCTOSHAPE\OCTOSHAPE.EXE |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{07B93C0D-7EC9-471A-BE93-05FEF9C6181D}" = Making History 2.0
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0BFC200F-C45D-4271-AF34-4CA969225DEB}" = muvee autoProducer 6.0
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D6AACB5-9663-472D-8D29-1DC8F4D3E6FF}" = Sony Media Manager for PSP 2.5
"{118DC813-27BC-42EF-810B-472EA0955411}" = WQV Link Ver.2.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412" = CanoScan LiDE 90
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{16913489-B5E3-403E-AFD3-2B19BBE464D4}" = Opera 9.24
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1DCC7418-2089-4BDD-B321-3771956160FC}" = ijji Auto Installer
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216010FF}" = Java™ 6 Update 10
"{290B83AA-093A-45BF-A917-D1C4A1E8D917}" = HP Active Support Library
"{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}" = GTA2
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3AE87269-BD57-4A58-B13D-FC67664BCFB8}" = BlackBerry Desktop Software 4.3
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
"{3FFB3B34-D639-4384-9AE9-DDE58430D86F}" = MSCU for Microsoft Vista
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{5012BC0C-7E1A-329A-8F02-B6846070C5F8}" = Google Talk Plugin
"{53CFE088-F2CC-47C1-8C39-124A0C99AF49}" = 101 Languages of the World
"{5BE157EE-C4F4-4E79-9B15-B4FC8B1D2211}" = Safari
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}" = Windows Live Movie Maker Beta
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}" = RollerCoaster Tycoon 2
"{7C0EDA3C-796B-45EE-BDE6-1474468A8A22}" = iHabbix V3
"{7CE12FDF-B758-46A5-A8CD-785EDFDC5B84}" = Workspace Macro Pro 6.5
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{85BF0E64-6ABB-4EA1-A026-A3DEA6554A60}" = Do It Again
"{88A548E6-4B09-43E7-AD55-3C7D1B37706D}" = ESU for Microsoft Vista
"{89F915D1-FD53-45E1-AA90-6D3234540A1F}" = Timeline Maker Professional 2.1
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}" = Vongo
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{900A92BA-19EF-4A34-86CF-7B6C85BDD971}" = VC_MergeModuleToMSI
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A3BC5D37-30F9-4CF7-BD5C-0DFF063E4B6D}" = 2Wire Wireless Client
"{A4E0CA0F-1903-440A-9B98-FEA6CB049999}" = Nokia Flashing Cable Driver
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.1
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACA4CEDC-3033-46AA-A468-BFF16413B4A2}" = Rapidshare Auto Downloader 3.2.1
"{AF0B98A9-F7E2-4FF5-88C7-7960EB91752B}" = HP User Guides 0041
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4B5AD48-8D34-41D3-BD8A-8A10BD9BDED3}_is1" = Spy Sweeper
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C20B8816-523B-45AD-8200-A5FDC3C1FC1E}" = iHabbix
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D198D2E7-B557-4404-A286-77F249625172}" = Nokia Internet Tablet Software Update Wizard
"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
"{D32067CD-7409-4792-BFA0-1469BCD8F0C8}" = HP Wireless Assistant
"{D4438CB0-8C7F-40B2-A1CF-3D802FBAECB2}" = Animation from Movie
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD7C1079-A2CC-48FB-8208-1EE38C8C2FBA}" = BlackBerry v4.2.1 for the 8100 Series Wireless Handheld
"{DEE88727-779B-47A9-ACEF-F87CA5F92A65}" = ScanSoft OmniPage SE 4
"{E38E1721-7FE7-11D4-A898-0000E83DCDA6}" = Ulead Photo Explorer 7.0 SE
"{E475DFCB-639E-4413-B1AA-8FDF77B5EC43}" = Timeline Maker Professional 2.1
"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = World in Conflict
"{F6B29003-A078-4491-AFBE-62EFB6CFFE19}" = HP Total Care Advisor
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"2Wire SetupWiz" = AT&T Yahoo! High Speed Internet Home Networking Installer
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe PageMaker 7.0" = Adobe PageMaker 7.0
"Adobe Photoshop Elements 1.0" = Adobe Photoshop Elements
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Adobe SVG Viewer" = Adobe SVG Viewer
"Aim Plugin for QQ Games" = Aim Plugin for QQ Games
"AIM Toolbar" = AIM Toolbar 5.0
"AIM_6" = AIM 6
"AIMTunes" = AIMTunes
"ArtMoney PRO_is1" = ArtMoney PRO v7.27
"ArtMoney SE_is1" = ArtMoney SE v7.28
"Audacity_is1" = Audacity 1.2.6
"AutoHotkey" = AutoHotkey 1.0.47.05
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.2
"AVS4YOU Video Converter 6_is1" = AVS Video Converter 6
"Azureus Vuze" = Azureus Vuze
"BlackBerry_{3AE87269-BD57-4A58-B13D-FC67664BCFB8}" = BlackBerry Desktop Software 4.3
"Canon CanoScan LiDE 90 User Registration" = Canon CanoScan LiDE 90 User Registration
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Cheat Engine 5.4_is1" = Cheat Engine 5.4
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"CNN Situation Room" = CNN Situation Room Screen Saver
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = Soft Data Fax Modem with SmartCP
"ColorPic" = ColorPic
"Cool Color Picker_is1" = Cool Color Picker 1.1
"CopyTrans Suite" = CopyTrans Suite (remove only)
"DSMT6" = MathType 6
"Flock" = Flock 1.1
"Fontboard Cyrillic Keyboard_is1" = Fontboard Cyrillic Keyboard
"GameSpy Arcade" = GameSpy Arcade
"GIF Animator" = Microsoft GIF Animator
"Google Updater" = Google Updater
"Google Video Uploader" = Google Video Uploader
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Gunz" = ijji - Gunz
"HijackThis" = HijackThis 2.0.2
"home box office" = home box office Screen Saver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"ICED" = ICED
"InstallShield_{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"KeyboardTest_is1" = KeyboardTest V3.0
"LimeWire" = LimeWire 4.16.2
"Macro Express 3" = Macro Express 3
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MiniRingtone_is1" = MiniRingtone 1.5
"Mozilla Firefox (3.0.10)" = Mozilla Firefox (3.0.10)
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MPEG Converter" = MPEG Converter
"Music Rescue_is1" = Music Rescue 3.1.6
"MySpaceIM" = MySpaceIM
"NVIDIA Drivers" = NVIDIA Drivers
"PDF-XChange 3_is1" = PDF-XChange 3.5
"Protected Music Converter_is1" = Protected Music Converter 0.99.35b
"PSP Video 9" = PSP Video 9 2.25
"QQ Games" = QQ Games
"QQ Pool" = QQ Pool
"RealPlayer 6.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.83
"Rhapsody" = Rhapsody
"RiseOfNations 1.0" = Microsoft Rise Of Nations
"SecondLife" = SecondLife (remove only)
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"ShortKeys 2" = ShortKeys 2
"ShortKeys Lite" = ShortKeys Lite
"SimCopterv1.0" = SimCopter
"SimSafariUninstall" = SimSafari
"SUPER ©" = SUPER © Version 2008.bld.33 (Sep 2, 2008)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The_Pirate_Bay Toolbar" = The_Pirate_Bay Toolbar
"TomTom HOME" = TomTom HOME 2.5.2.60
"Tunatic" = Tunatic
"VidGIF_is1" = VidGIF
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hplaptop Master Uninstall" = My HP Games
"WinAce Archiver" = WinAce Archiver
"WinFF_is1" = WinFF 0.41
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Yahoo! Companion" = Yahoo! Toolbar for Internet Explorer
"Yahoo! Toolbar" = Yahoo! Toolbar
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"ijji.com" = ijji
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2448592363-892285708-305865034-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Google Chrome" = Google Chrome
"ijji.com" = ijji
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6/4/2009 9:57:44 PM | Computer Name = MYLAPTOP | Source = System Restore | ID = 8193
Description =
Error - 6/4/2009 9:57:47 PM | Computer Name = MYLAPTOP | Source = System Restore | ID = 8193
Description =
Error - 6/4/2009 10:01:12 PM | Computer Name = MYLAPTOP | Source = Google Update | ID = 20
Description =
Error - 6/4/2009 10:11:31 PM | Computer Name = MYLAPTOP | Source = EventSystem | ID = 4609
Description =
Error - 6/4/2009 10:12:50 PM | Computer Name = MYLAPTOP | Source = EventSystem | ID = 4609
Description =
Error - 6/4/2009 10:18:01 PM | Computer Name = MYLAPTOP | Source = ESENT | ID = 447
Description = wlcomm (2008) C:\Users\Owner\AppData\Local\Microsoft\Windows Live
Contacts\{42d29f97-fea0-455c-b8d3-0b3ecee4eb39}\: A bad page link (error -327) has
been detected in a B-Tree (ObjectId: 90, PgnoRoot: 200) of database C:\Users\Owner\AppData\Local\Microsoft\Windows
Live Contacts\{42d29f97-fea0-455c-b8d3-0b3ecee4eb39}\DBStore\contacts.edb (477
=> 510, 511).
Error - 6/5/2009 12:58:07 AM | Computer Name = MYLAPTOP | Source = Google Update | ID = 20
Description =
Error - 6/5/2009 1:12:44 AM | Computer Name = MYLAPTOP | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16830, time stamp
0x49ac913e, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc0000005, fault offset 0x02dae860, process id 0x460, application start time
0x01c9e59c3feddc6f.
Error - 6/5/2009 1:20:54 AM | Computer Name = MYLAPTOP | Source = EventSystem | ID = 4609
Description =
Error - 6/5/2009 1:24:19 AM | Computer Name = MYLAPTOP | Source = System Restore | ID = 8193
Description =
[ Media Center Events ]
Error - 12/19/2007 5:16:56 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/1/2008 10:51:44 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/23/2008 7:04:31 PM | Computer Name = HOME | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 5/28/2008 7:34:25 PM | Computer Name = HOME | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 10/27/2008 5:55:21 PM | Computer Name = HOME | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/27/2008 7:50:40 PM | Computer Name = HOME | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 11/27/2008 7:58:29 PM | Computer Name = HOME | Source = Mcx2Svc | ID = 301
Description =
Error - 11/27/2008 7:59:20 PM | Computer Name = HOME | Source = Mcx2Dvcs | ID = 405
Description =
Error - 12/14/2008 12:57:15 PM | Computer Name = HOME | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/5/2009 6:18:00 PM | Computer Name = MYLAPTOP | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ OSession Events ]
Error - 6/4/2009 11:56:52 PM | Computer Name = MYLAPTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 6/5/2009 1:20:57 AM | Computer Name = MYLAPTOP | Source = DCOM | ID = 10005
Description =
Error - 6/5/2009 1:21:00 AM | Computer Name = MYLAPTOP | Source = DCOM | ID = 10005
Description =
Error - 6/5/2009 1:21:02 AM | Computer Name = MYLAPTOP | Source = DCOM | ID = 10005
Description =
Error - 6/5/2009 1:21:13 AM | Computer Name = MYLAPTOP | Source = Service Control Manager | ID = 7001
Description =
Error - 6/5/2009 1:21:13 AM | Computer Name = MYLAPTOP | Source = Service Control Manager | ID = 7001
Description =
Error - 6/5/2009 1:21:13 AM | Computer Name = MYLAPTOP | Source = Service Control Manager | ID = 7001
Description =
Error - 6/5/2009 1:21:13 AM | Computer Name = MYLAPTOP | Source = Service Control Manager | ID = 7026
Description =
Error - 6/5/2009 1:22:46 AM | Computer Name = MYLAPTOP | Source = Service Control Manager | ID = 7001
Description =
Error - 6/5/2009 1:30:26 AM | Computer Name = MYLAPTOP | Source = DCOM | ID = 10005
Description =
Error - 6/5/2009 1:30:26 AM | Computer Name = MYLAPTOP | Source = DCOM | ID = 10005
Description =
< End of report >
Sign In
Create Account
