So after searching around it seems that i have the google redirect virus. So i came here looking for help and started reading the cleaning guide.
Thanks for taking your time, Haithin.
Any other information required, please just ask for it. I think that's all i know on my end.
UPDATE2: Tried the programs of the guide again, they are working and will post what's necessary/if it's necessary when i finish the guide. still wondering why it wasn't working last night. but they are all installed now.
UPDATE3: TFC just made my screen go blank for hours, instead of being "quick" like it said. used Ccleaner instead to clear temp. Created a System Restore point, ran ERUNT. Ran Malwarebytes i'll post log below this. Running Avira AntiVir Personal now. Updated windows, rebooted. Still having google redirect.
Having Issues with RootRepeal, Guide says it is a quick run program, however when i have tried to run it, it just gray's out the
Haven't gotten to OTL Log yet been trying to do RootRepeal.
UPDATE4: after leaving RootRepeal on for the whole day while i was at school it finally finished, logs should all be here now.
MBAM LOG
Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 6.0.6002 Service Pack 2
8/31/2009 10:13:17 PM
mbam-log-2009-08-31 (22-13-17).txt
Scan type: Quick Scan
Objects scanned: 92514
Time elapsed: 4 minute(s), 58 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
C:\Windows\ld14.exe (Worm.KoobFace) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\ld14.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
ROOTREPEAL
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/02 09:20
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP2
==================================================
Drivers
-------------------
Name: dump_diskdump.sys
Image Path: C:\Windows\System32\Drivers\dump_diskdump.sys
Address: 0x913AD000 Size: 40960 File Visible: No Signed: -
Status: -
Name: dump_dumpfve.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpfve.sys
Address: 0x913D4000 Size: 69632 File Visible: No Signed: -
Status: -
Name: dump_nvstor32.sys
Image Path: C:\Windows\System32\Drivers\dump_nvstor32.sys
Address: 0x913B7000 Size: 118784 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0xC4C2F000 Size: 49152 File Visible: No Signed: -
Status: -
Name: SASENUM.SYS
Image Path: C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
Address: 0x9FBEE000 Size: 20480 File Visible: No Signed: -
Status: -
Name: SASKUTIL.sys
Image Path: C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Address: 0x9120D000 Size: 151552 File Visible: No Signed: -
Status: -
Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!
Path: C:\Windows\System32\audiodg.exe
PID: 1276 Status: Locked to the Windows API!
Path: C:\Windows\System32\mfpmp.exe
PID: 4040 Status: Locked to the Windows API!
SSDT
-------------------
#: 012 Function Name: NtAdjustPrivilegesToken
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91056d50
#: 021 Function Name: NtAlpcConnectPort
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91057b38
#: 022 Function Name: NtAlpcCreatePort
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x9105717c
#: 054 Function Name: NtConnectPort
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91056346
#: 060 Function Name: NtCreateFile
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91056964
#: 071 Function Name: NtCreatePort
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x910560a8
#: 075 Function Name: NtCreateSection
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x910567d6
#: 077 Function Name: NtCreateSymbolicLinkObject
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91056f36
#: 078 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0x9fd99764
#: 129 Function Name: NtDuplicateObject
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91055b2a
#: 165 Function Name: NtLoadDriver
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x910577d8
#: 186 Function Name: NtOpenFile
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91056b74
#: 194 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0x9fd99750
#: 197 Function Name: NtOpenSection
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x9105667a
#: 201 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0x9fd99755
#: 276 Function Name: NtRequestWaitReplyPort
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x910561be
#: 286 Function Name: NtSecureConnectPort
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x910575b6
#: 317 Function Name: NtSetSystemInformation
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91057978
#: 326 Function Name: NtShutdownSystem
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91056508
#: 332 Function Name: NtSystemDebugControl
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x9105656e
#: 334 Function Name: NtTerminateProcess
Status: Hooked by "C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys" at address 0x912160b0
#: 335 Function Name: NtTerminateThread
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91055e40
#: 382 Function Name: NtCreateThreadEx
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91057282
#: 383 Function Name: NtCreateUserProcess
Status: Hooked by "C:\Windows\System32\DRIVERS\cmdguard.sys" at address 0x91057d82
==EOF==
OTL LOGS
OTL logfile created on: 9/2/2009 7:19:31 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Haithin\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 93.91% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 372.61 Gb Total Space | 45.11 Gb Free Space | 12.11% Space Free | Partition Type: NTFS
Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
Drive F: | 298.09 Gb Total Space | 10.18 Gb Free Space | 3.42% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HAITHIN-PC
Current User Name: Haithin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2008/11/12 15:54:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe
PRC - [2008/09/10 14:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/08/31 22:57:05 | 00,519,936 | ---- | M] () -- C:\Program Files\COMODO\Firewall\cmdagent.exe
PRC - [2007/04/05 21:35:40 | 01,543,614 | ---- | M] () -- C:\Program Files\iPod Access for Windows\iPAHelper.exe
PRC - [2009/05/18 18:04:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/08/02 12:33:50 | 00,080,528 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Nexon\Mabinogi\npkcmsvc.exe
PRC - [2008/01/19 01:33:40 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2009/04/11 00:27:36 | 02,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE
PRC - [2006/12/22 18:12:38 | 00,178,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvraidservice.exe
PRC - [2007/03/01 13:38:48 | 04,390,912 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2006/03/06 09:14:58 | 00,497,152 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\G-series Software\LCDMon.exe
PRC - [2006/12/10 21:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2007/09/12 12:52:18 | 00,172,032 | ---- | M] () -- C:\Program Files\Razer\Lachesis\razerhid.exe
PRC - [2008/06/13 12:19:46 | 00,159,744 | ---- | M] (Razer USA Ltd.) -- C:\Program Files\n52te\n52teHid.exe
PRC - [2009/05/30 12:30:26 | 00,292,136 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/08/31 23:40:32 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/04/11 00:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2007/05/06 00:48:41 | 00,216,064 | ---- | M] () -- C:\Users\Haithin\Program Files\BitTorrent_DNA\dna.exe
PRC - [2008/01/19 01:33:09 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe
PRC - [2009/04/11 00:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprvse.exe
PRC - [2007/08/16 18:05:16 | 00,274,432 | ---- | M] (razercfg MFC Application) -- C:\Program Files\Razer\Lachesis\OSD.exe
PRC - [2008/01/19 01:33:09 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe
PRC - [2008/03/25 20:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/10/18 20:10:42 | 00,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files\Common Files\Nikon\Monitor\NkMonitor.exe
PRC - [2008/01/19 01:33:39 | 00,202,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2008/01/19 01:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
PRC - [2009/04/11 00:28:08 | 00,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2009/06/30 21:20:28 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Users\Haithin\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe
PRC - [2006/03/06 09:17:24 | 00,307,200 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
PRC - [2006/03/06 09:15:42 | 00,289,792 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
PRC - [2006/03/06 09:16:12 | 00,198,656 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
PRC - [2009/04/11 00:28:03 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe
PRC - [2008/03/25 20:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
PRC - [2007/06/05 11:37:12 | 00,163,840 | ---- | M] (Razer Inc.) -- C:\Program Files\Razer\Lachesis\razerofa.exe
PRC - [2008/10/16 20:12:28 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2009/05/30 12:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/08/21 17:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Haithin\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/08/21 17:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Haithin\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2009/08/31 20:17:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Haithin\Desktop\OTL.exe
PRC - [2009/08/21 17:01:41 | 00,833,008 | ---- | M] (Google Inc.) -- C:\Users\Haithin\AppData\Local\Google\Chrome\Application\chrome.exe
========== Win32 Services (SafeList) ==========
SRV - [2008/09/10 14:01:28 | 00,611,664 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice [Auto | Running])
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/07/21 14:34:33 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/05/29 13:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])
SRV - [2009/03/29 22:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2009/08/31 22:57:05 | 00,519,936 | ---- | M] () -- C:\Program Files\COMODO\Firewall\cmdagent.exe -- (cmdAgent [Auto | Running])
SRV - [2008/01/19 01:33:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])
SRV - [2006/11/02 06:34:14 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])
SRV - [2006/11/02 06:34:14 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])
SRV - [2009/04/11 00:28:25 | 01,017,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])
SRV - [2009/02/18 12:39:20 | 00,043,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/11/19 19:23:16 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08 [On_Demand | Running])
SRV - [2008/03/25 21:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc [Auto | Running])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2009/02/18 12:38:42 | 00,879,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2007/04/05 21:35:40 | 01,543,614 | ---- | M] () -- C:\Program Files\iPod Access for Windows\iPAHelper.exe -- (iPAHelper.exe [Auto | Running])
SRV - [2009/05/30 12:30:20 | 00,541,992 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])
SRV - [2009/05/18 18:04:44 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService [Auto | Running])
SRV - [2008/07/18 13:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12 [Auto | Running])
SRV - [2009/02/18 12:38:43 | 00,129,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2009/06/29 14:21:52 | 03,110,016 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\System32\GameMon.des -- (npggsvc [On_Demand | Stopped])
SRV - [2007/08/02 12:33:50 | 00,080,528 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Nexon\Mabinogi\npkcmsvc.exe -- (npkcmsvc [Auto | Running])
SRV - [2008/11/12 15:54:00 | 00,207,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvvsvc.exe -- (nvsvc [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2008/07/18 13:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12 [Auto | Running])
SRV - [2007/01/19 12:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\MSN Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Stopped])
SRV - [2008/01/19 01:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])
SRV - [2008/01/19 01:33:39 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Running])
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://forum.ndkdenver.org/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/home.php
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.13
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/23 16:00:49 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/08/10 23:32:43 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/09/01 11:26:35 | 00,000,000 | ---D | M]
[2009/06/03 21:34:58 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\mozilla\Extensions
[2009/06/03 21:34:58 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/08/30 21:42:29 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\mozilla\Firefox\Profiles\ci4rpxpa.default\extensions
[2009/06/28 01:42:50 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\mozilla\Firefox\Profiles\ci4rpxpa.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/31 23:40:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/08/10 23:32:43 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/11/13 14:19:53 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/08/31 23:40:58 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2008/09/11 12:04:38 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\[email protected]
[2009/08/10 23:32:40 | 00,023,032 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/08/10 23:32:40 | 00,134,648 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
[2007/08/07 13:35:32 | 00,049,152 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32dsw.dll
[2009/08/31 23:40:33 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2007/08/15 16:30:54 | 00,717,312 | ---- | M] (DivX,Inc.) -- C:\Program Files\mozilla firefox\plugins\npdivx32.dll
[2007/09/05 17:03:36 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll
[2009/08/10 23:32:42 | 00,065,528 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2006/10/26 20:12:16 | 00,016,192 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL
[2007/05/10 22:52:34 | 00,095,864 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2006/10/07 05:18:48 | 00,144,984 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/06/02 02:32:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2009/06/02 02:32:19 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2009/06/02 02:32:20 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2009/06/02 02:32:20 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2009/06/02 02:32:20 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2009/06/02 02:32:20 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2009/06/02 02:32:20 | 00,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2006/10/07 05:01:00 | 00,081,920 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/04/25 00:07:18 | 00,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2009/04/25 00:07:18 | 00,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2009/04/25 00:07:18 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/04/25 00:07:18 | 00,002,343 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2009/04/25 00:07:18 | 00,001,706 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/04/25 00:07:18 | 00,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2009/04/25 00:07:18 | 00,000,792 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml
O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [COMODO Firewall Pro] C:\Program Files\COMODO\Firewall\cfp.exe ()
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Jomantha] C:\Program Files\n52te\n52teHid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe ()
O4 - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\G-series Software\LCDMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRaidService] C:\Windows\System32\nvraidservice.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files\BitTorrent\bittorrent.exe File not found
O4 - HKCU..\Run: [DNA] C:\Users\Haithin\Program Files\BitTorrent_DNA\dna.exe ()
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Google Update] C:\Users\Haithin\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Skype] C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} http://www.nvidia.co.../sysreqlab3.cab (System Requirements Lab Class)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150 192.168.1.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
NetSvcs: FastUserSwitchingCompatibility - Service key not found. File not found
NetSvcs: Ias - Service key not found. File not found
NetSvcs: Irmon - Service key not found. File not found
NetSvcs: Nla - Service key not found. File not found
NetSvcs: Ntmssvc - Service key not found. File not found
NetSvcs: NWCWorkstation - Service key not found. File not found
NetSvcs: Nwsapagent - Service key not found. File not found
NetSvcs: SRService - Service key not found. File not found
NetSvcs: Wmi - Service key not found. File not found
NetSvcs: WmdmPmSp - Service key not found. File not found
NetSvcs: LogonHours - Service key not found. File not found
NetSvcs: PCAudit - Service key not found. File not found
NetSvcs: helpsvc - Service key not found. File not found
NetSvcs: uploadmgr - Service key not found. File not found
========== Files/Folders - Created Within 14 Days ==========
[2009/09/01 22:47:49 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/09/01 11:44:49 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/09/01 11:43:31 | 00,000,000 | ---D | C] -- C:\Users\Haithin\AppData\Roaming\SUPERAntiSpyware.com
[2009/09/01 11:43:31 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/09/01 11:40:16 | 00,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009/09/01 00:37:52 | 00,034,816 | ---- | C] () -- C:\Windows\System32\drivers\rootrepeal1.sys
[2009/09/01 00:29:56 | 00,000,015 | ---- | C] () -- C:\Users\Haithin\Desktop\settings.dat
[2009/09/01 00:17:28 | 00,000,858 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Firewall Pro.lnk
[2009/08/31 23:02:49 | 00,249,592 | ---- | C] (COMODO) -- C:\Windows\System32\cssdll32.dll
[2009/08/31 23:00:36 | 00,001,847 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2009/08/31 22:59:09 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2009/08/31 22:59:09 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2009/08/31 22:59:09 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2009/08/31 22:58:54 | 00,000,000 | ---D | C] -- C:\ProgramData\Avira
[2009/08/31 22:58:54 | 00,000,000 | ---D | C] -- C:\Program Files\Avira
[2009/08/31 22:57:09 | 00,000,000 | ---D | C] -- C:\Users\Haithin\AppData\Roaming\Comodo
[2009/08/31 22:57:08 | 00,143,104 | ---- | C] () -- C:\Windows\System32\guard32.dll
[2009/08/31 22:57:08 | 00,085,008 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2009/08/31 22:57:08 | 00,073,232 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2009/08/31 22:57:08 | 00,025,104 | ---- | C] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2009/08/31 22:57:08 | 00,000,000 | ---D | C] -- C:\ProgramData\comodo
[2009/08/31 22:57:08 | 00,000,000 | ---D | C] -- C:\Program Files\COMODO
[2009/08/31 22:55:41 | 00,472,064 | ---- | C] ( ) -- C:\Users\Haithin\Desktop\RootRepeal.exe
[2009/08/31 22:52:45 | 33,961,728 | ---- | C] () -- C:\Users\Haithin\Desktop\avira_antivir_personal_en.exe
[2009/08/31 22:37:45 | 00,001,670 | ---- | C] () -- C:\Users\Haithin\Desktop\CCleaner.lnk
[2009/08/31 22:37:44 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/08/31 22:32:30 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/31 22:32:28 | 00,038,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/08/31 22:32:26 | 00,019,096 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/08/31 22:32:26 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/08/31 22:27:26 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/08/31 22:07:17 | 00,000,000 | ---D | C] -- C:\Users\Haithin\AppData\Roaming\Malwarebytes
[2009/08/31 22:07:13 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/08/31 22:06:25 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/08/31 22:05:55 | 00,000,733 | ---- | C] () -- C:\Users\Haithin\Desktop\NTREGOPT.lnk
[2009/08/31 22:05:55 | 00,000,714 | ---- | C] () -- C:\Users\Haithin\Desktop\ERUNT.lnk
[2009/08/31 22:05:55 | 00,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2009/08/31 20:17:40 | 00,514,048 | ---- | C] (OldTimer Tools) -- C:\Users\Haithin\Desktop\OTL.exe
[2009/08/31 20:15:08 | 00,021,504 | ---- | C] (Doug Knox) -- C:\Users\Haithin\Desktop\SysRestorePoint.exe
[2009/08/31 09:53:41 | 00,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2009/08/31 09:53:41 | 00,000,000 | ---D | C] -- C:\Windows\System32\drivers\zh-HK
[2009/08/31 09:53:41 | 00,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2009/08/31 09:53:40 | 00,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2009/08/31 01:06:42 | 00,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2009/08/31 01:01:51 | 00,000,000 | ---D | C] -- C:\Windows\TEMP
[2009/08/25 10:53:00 | 00,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2009/08/21 10:32:48 | 00,000,001 | -H-- | C] () -- C:\Windows\ex23567.dat
[2009/08/21 10:32:47 | 00,000,002 | ---- | C] () -- C:\Windows\0101120101465753.xe
[2009/08/20 12:44:09 | 00,000,000 | ---D | C] -- C:\Program Files\DDnsFilter
[2009/08/20 12:44:04 | 00,000,002 | ---- | C] () -- C:\Windows\0101120101464857.xe
[2009/08/20 12:44:04 | 00,000,001 | ---- | C] () -- C:\Windows\fdgg34353edfgdfdf
[2009/08/20 12:44:02 | 00,000,002 | ---- | C] () -- C:\Windows\0535251103110107106.yux
[2009/08/20 12:42:00 | 00,000,002 | ---- | C] () -- C:\Windows\010112010146101105.xe
[2009/08/20 12:41:54 | 00,000,247 | ---- | C] () -- C:\Windows\prxid93ps.dat
========== Files - Modified Within 14 Days ==========
[2009/09/02 18:40:31 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/09/02 18:40:31 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/09/02 18:25:05 | 00,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-881228593-4037762995-1695883341-1001UA.job
[2009/09/02 09:20:15 | 00,000,015 | ---- | M] () -- C:\Users\Haithin\Desktop\settings.dat
[2009/09/02 05:04:09 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F61A4FB1-0B2F-44FE-B1D6-B4EE09DBAE3B}.job
[2009/09/02 00:02:19 | 02,711,166 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/09/02 00:02:19 | 00,597,564 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2009/09/02 00:02:19 | 00,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/09/02 00:02:19 | 00,381,834 | ---- | M] () -- C:\Windows\System32\perfh011.dat
[2009/09/02 00:02:19 | 00,336,596 | ---- | M] () -- C:\Windows\System32\prfh0404.dat
[2009/09/02 00:02:19 | 00,325,788 | ---- | M] () -- C:\Windows\System32\prfh0804.dat
[2009/09/02 00:02:19 | 00,117,190 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2009/09/02 00:02:19 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc011.dat
[2009/09/02 00:02:19 | 00,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/09/02 00:02:19 | 00,100,982 | ---- | M] () -- C:\Windows\System32\prfc0404.dat
[2009/09/02 00:02:19 | 00,100,976 | ---- | M] () -- C:\Windows\System32\prfc0804.dat
[2009/09/01 23:23:27 | 00,103,424 | ---- | M] () -- C:\Users\Haithin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/01 22:40:33 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/09/01 22:40:29 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/09/01 22:38:41 | 03,984,438 | -H-- | M] () -- C:\Users\Haithin\AppData\Local\IconCache.db
[2009/09/01 21:25:00 | 00,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-881228593-4037762995-1695883341-1001Core.job
[2009/09/01 11:40:16 | 00,000,056 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat
[2009/09/01 00:37:52 | 00,034,816 | ---- | M] () -- C:\Windows\System32\drivers\rootrepeal1.sys
[2009/09/01 00:19:58 | 00,296,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/09/01 00:17:28 | 00,000,858 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Firewall Pro.lnk
[2009/08/31 23:02:48 | 00,249,592 | ---- | M] (COMODO) -- C:\Windows\System32\cssdll32.dll
[2009/08/31 23:00:37 | 00,001,847 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2009/08/31 22:57:08 | 00,143,104 | ---- | M] () -- C:\Windows\System32\guard32.dll
[2009/08/31 22:57:08 | 00,085,008 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdguard.sys
[2009/08/31 22:57:08 | 00,073,232 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\inspect.sys
[2009/08/31 22:57:08 | 00,025,104 | ---- | M] (COMODO) -- C:\Windows\System32\drivers\cmdhlp.sys
[2009/08/31 22:55:42 | 00,472,064 | ---- | M] ( ) -- C:\Users\Haithin\Desktop\RootRepeal.exe
[2009/08/31 22:53:20 | 33,961,728 | ---- | M] () -- C:\Users\Haithin\Desktop\avira_antivir_personal_en.exe
[2009/08/31 22:46:23 | 00,070,568 | ---- | M] () -- C:\Users\Haithin\AppData\Local\GDIPFONTCACHEV1.DAT
[2009/08/31 22:37:45 | 00,001,670 | ---- | M] () -- C:\Users\Haithin\Desktop\CCleaner.lnk
[2009/08/31 22:32:30 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/08/31 22:05:55 | 00,000,733 | ---- | M] () -- C:\Users\Haithin\Desktop\NTREGOPT.lnk
[2009/08/31 22:05:55 | 00,000,714 | ---- | M] () -- C:\Users\Haithin\Desktop\ERUNT.lnk
[2009/08/31 20:17:41 | 00,514,048 | ---- | M] (OldTimer Tools) -- C:\Users\Haithin\Desktop\OTL.exe
[2009/08/31 20:15:08 | 00,021,504 | ---- | M] (Doug Knox) -- C:\Users\Haithin\Desktop\SysRestorePoint.exe
[2009/08/31 07:25:32 | 00,002,092 | ---- | M] () -- C:\Users\Haithin\Desktop\Google Chrome.lnk
[2009/08/21 10:32:48 | 00,000,001 | -H-- | M] () -- C:\Windows\ex23567.dat
[2009/08/21 10:32:47 | 00,000,002 | ---- | M] () -- C:\Windows\0101120101465753.xe
[2009/08/21 10:30:42 | 00,000,247 | ---- | M] () -- C:\Windows\prxid93ps.dat
[2009/08/20 23:06:34 | 00,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdu.DAT
[2009/08/20 12:44:04 | 00,000,002 | ---- | M] () -- C:\Windows\0101120101464857.xe
[2009/08/20 12:44:04 | 00,000,001 | ---- | M] () -- C:\Windows\fdgg34353edfgdfdf
[2009/08/20 12:44:02 | 00,000,002 | ---- | M] () -- C:\Windows\0535251103110107106.yux
[2009/08/20 12:42:00 | 00,000,002 | ---- | M] () -- C:\Windows\010112010146101105.xe
========== LOP Check ==========
[2009/09/01 11:43:31 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming
[2007/05/06 00:49:13 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\BitTorrent
[2009/09/02 19:16:00 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\DNA
[2009/06/29 20:51:28 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\dvdcss
[2009/07/22 09:20:04 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\GetRightToGo
[2009/05/29 18:32:29 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\Image Zone Express
[2006/11/02 06:35:50 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\Media Center Programs
[2009/06/21 22:07:50 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\mIRC
[2009/03/06 17:15:34 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\n52te
[2008/08/08 23:50:30 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\Nikon
[2009/05/29 18:32:29 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\Printer Info Cache
[2007/10/31 17:35:35 | 00,000,000 | RH-D | M] -- C:\Users\Haithin\AppData\Roaming\SecuROM
[2009/06/21 00:49:45 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\SPORE
[2007/11/11 18:34:45 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\Template
[2009/09/01 23:23:36 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\uTorrent
[2008/07/15 21:48:59 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\Ventrilo
[2009/06/13 01:48:41 | 00,000,000 | ---D | M] -- C:\Users\Haithin\AppData\Roaming\Vso
[2009/09/01 21:25:00 | 00,000,864 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-881228593-4037762995-1695883341-1001Core.job
[2009/09/02 18:25:05 | 00,000,916 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-881228593-4037762995-1695883341-1001UA.job
[2009/09/01 22:40:33 | 00,000,006 | -H-- | M] () -- C:\Windows\Tasks\SA.DAT
[2009/09/01 22:38:54 | 00,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/09/02 05:04:09 | 00,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F61A4FB1-0B2F-44FE-B1D6-B4EE09DBAE3B}.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\system32\eventlog.dll >
< %systemroot%\system32\scecli.dll >
[2009/04/11 00:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\scecli.dll
< %systemroot%\netlogon.dll >
< %systemroot%\system32\cngaudit.dll >
[2006/11/02 03:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cngaudit.dll
< %systemroot%\system32\sceclt.dll >
< %systemroot%\ntelogon.dll >
< %systemroot%\system32\logevent.dll >
< End of report >
OTL Extras logfile created on: 9/2/2009 7:19:31 PM - Run 1
OTL by OldTimer - Version 3.0.10.7 Folder = C:\Users\Haithin\Desktop
Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 93.91% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 372.61 Gb Total Space | 45.11 Gb Free Space | 12.11% Space Free | Partition Type: NTFS
Drive D: | 4.03 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
E: Drive not present or media not loaded
Drive F: | 298.09 Gb Total Space | 10.18 Gb Free Space | 3.42% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: HAITHIN-PC
Current User Name: Haithin
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- File not found
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2486E9A2-2F50-4D8A-B002-5C8877DA6942}" = rport=10244 | protocol=6 | dir=out | app=system |
"{2DBEF202-6CA8-42A7-9323-3834F047D31D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{34CC8D59-1FC1-4B84-BCBC-4EA6DD7E1EBA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3571DC34-EACC-4379-B6F2-91016B3F384B}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{3D507413-07E7-4070-8367-EDC062A8A714}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4816CB14-36EC-4089-8C23-77D4D84E5FD4}" = lport=3390 | protocol=6 | dir=in | app=system |
"{48FD0428-86B3-4362-9539-75023D68D914}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FE5F71E-5565-4F0D-96E1-F58D8B01ED3F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{540A29D8-868D-4B29-AB7F-35A11AC7A928}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5501E76F-B238-4676-96E5-A33B7D271199}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{56C1B9E1-4BE9-4D13-A0A0-960DF7D83D10}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6BC9EAFB-6893-4598-9F5A-79CDAE751023}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FFD6B4C-6A98-405B-A4CC-CA7969E2506F}" = rport=10244 | protocol=6 | dir=out | app=system |
"{78ECE1AD-D468-47FE-B9F6-1B4DF2C373AD}" = lport=10244 | protocol=6 | dir=in | app=system |
"{83DB373A-7351-4C5C-9721-846A2F59A7DB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{86CEF06D-0ABF-4E7A-99F3-E5C069736EF2}" = lport=10244 | protocol=6 | dir=in | app=system |
"{8D8AE248-99BF-4698-8DE1-29E1B9459F7F}" = lport=8085 | protocol=6 | dir=in | name=ddnsfilter |
"{A2D363CD-D6F4-4EF1-96B4-70298E57E6BE}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{AC62FB98-E228-40C3-9B27-E9BF7F6495AA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B59863D0-2F4F-4751-945A-168D423578C5}" = lport=3390 | protocol=6 | dir=in | app=system |
"{BDE303B2-F094-4FCA-91BF-0B47E1586F62}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{C16A86A0-F16F-49CE-B7E0-AC7DF7E68C50}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4044102-608F-441E-B1A7-50959DB23AE4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D788CA05-F5A1-4134-804D-06577ABD9A40}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0A8E6D9-2682-4A92-BFBC-07DFC55C4E4F}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{E4507C3B-1CD0-4297-8727-7B5C2E5FCC77}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B0B244-D37A-41AE-8DF1-A63CB07FE8A3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{051186F8-6650-4232-B4E6-9288B6CE3025}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{079E8ED1-0852-40F7-B96B-A7A6635BC6BD}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{0A94ACBB-8EDB-4CB7-8AD2-2A98237BCF4C}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{139C0F8F-3C67-405C-9169-3979939C634A}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{13BA13A9-5817-4315-A42A-65C0C36332FE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{169C7F64-47F4-4F24-9E77-FF8BC4E1A1F3}" = dir=in | app=c:\program files\msn messenger\livecall.exe |
"{1C6A99F0-B24A-4014-9E45-2FF0981A7D2C}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{2B39623B-16FC-45FE-89DA-EBE7D6D764A2}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{469C7318-D9C6-43D0-9D49-A9D9FCE8C378}" = protocol=17 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{642D19C4-3802-4DB8-80E3-47ACE6A50644}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-enus-downloader.exe |
"{69338D80-FA2E-4D9C-B2B5-96538F10DA49}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{74C72A2B-0E9B-47F4-A372-C866312574AA}" = protocol=6 | dir=in | app=c:\program files\flagship studios\hellgate london\launcher.exe |
"{761D864A-9590-49B4-8DBF-59C441FC0B6F}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"{791FA37D-2D63-4B90-B1FD-269815D614DA}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{7AFD50BB-F631-40BD-8A58-8CE39D54F894}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbstreamerclient.exe |
"{88339F60-5148-4C41-A7EF-FC30C265FF9B}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{A02DA618-16B1-4310-BC76-8D10AF3C07E5}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A1FC2E21-2BE1-4B90-87A3-B53B864BBE84}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{A525B2B8-7232-4774-99C9-3F8E27636206}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A7EFEED3-6FCD-4720-95DD-91B51CFB7A11}" = protocol=6 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{ADF6764C-6981-4399-9DD0-1DF91CCF6F00}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-enus-downloader.exe |
"{AE7C0FAE-42C0-4156-9C48-5B8F1BD88D6E}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{AF56E280-9FDF-4884-92E8-CA59FE5FF58C}" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"{BAF2FC28-AFDB-49F1-B620-E7BE508567DD}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{BB047236-37EB-4C7F-B0BB-EAF25F72B2A9}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{C39FCFA9-E9C5-49B2-BBE9-55FAF1FD44BA}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{CE21AD42-199C-49E4-A25F-7FBCA5645A4F}" = protocol=17 | dir=in | app=c:\program files\gamespy arcade\aphex.exe |
"{D083AFF8-238E-443D-849A-5D660517855B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E213F764-B08D-4571-BB36-24F5BBC94D15}" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"{E7BDF397-CA50-455C-9362-76B79098E5F9}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{F1A42929-5E21-444D-8893-186BB389BD70}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F92125E2-DC82-432B-802A-E908344B6E21}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.2.9901-to-3.1.3.9947-enus-downloader.exe |
"{FAC250EB-D086-4676-835B-0D00939FCB11}" = dir=in | app=c:\program files\msn messenger\msnmsgr.exe |
"{FD136FE8-3002-4FFB-894D-3F50B1D76517}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{04818115-29EA-4F8E-9895-BBD1FDC1B63E}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{051388DF-498A-418F-9BD0-0C73DE6BF7A7}C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-enus-downloader.exe |
"TCP Query User{09A264F2-9074-4017-95BA-62F2532A3AD5}C:\users\haithin\appdata\local\temp\blizzard launcher temporary - 09376fa0\launcher.exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\temp\blizzard launcher temporary - 09376fa0\launcher.exe |
"TCP Query User{15E7EC0A-124F-405E-81CC-9EBB0498A60F}C:\program files\winamp remote\bin\orbtray.exe" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
"TCP Query User{2104704C-CC1A-4D8A-82E2-9AC3FF4F12D9}C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-enus-downloader.exe |
"TCP Query User{21792163-9B23-4A83-9A21-D7423B1A0797}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{347E4A3D-066F-4451-81B2-525B57266107}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\starcraft2cinematictrailer_englishus-avi-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\starcraft2cinematictrailer_englishus-avi-downloader[1].exe |
"TCP Query User{34FF71C8-00D3-4C53-B1FB-9A01A24A8FF5}C:\program files\black isle\bgii - soa\bgmain.exe" = protocol=6 | dir=in | app=c:\program files\black isle\bgii - soa\bgmain.exe |
"TCP Query User{35994005-443C-42E4-937F-6341B5EFD0EA}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{494FF15A-5E99-4167-AB5E-DFBD5C0CED35}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\50kydk3a\03-starcraft2_wwi_gameplay_demo_en-avi-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\50kydk3a\03-starcraft2_wwi_gameplay_demo_en-avi-downloader[1].exe |
"TCP Query User{50D43076-789F-442D-8E9D-9AE17672720D}C:\program files\winamp remote\bin\orb.exe" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"TCP Query User{56DC8AA3-4748-4F19-B3E4-DE0EF56DA012}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{69C97973-9980-4F6B-AA36-58F2EFFFFA21}C:\users\haithin\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{6BC42D32-3267-4E36-BFD8-4DBC9630B998}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\starcraft2cinematictrailer_englishus-avi-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\starcraft2cinematictrailer_englishus-avi-downloader[1].exe |
"TCP Query User{71619F42-E6D5-40B8-9584-BB529F351AA4}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{73345F73-08E2-4846-B1A9-7085A7105DEF}C:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-enus-downloader.exe |
"TCP Query User{74889330-F018-4BFA-8062-B040C4A96460}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{765ECF6C-117A-478F-9279-B515D8B8CB9F}C:\program files\ea games\american mcgee's alice\alice.exe" = protocol=6 | dir=in | app=c:\program files\ea games\american mcgee's alice\alice.exe |
"TCP Query User{81829979-2D36-48F4-AB1A-B7E6A7BD1148}C:\program files\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{882F0CA5-A31A-4D51-B8F9-D5E82B20BE4B}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"TCP Query User{8EB87F27-4423-47FD-99D2-8DAE7BA44F47}C:\program files\secondlife\slvoice.exe" = protocol=6 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"TCP Query User{91104F44-8AC8-431E-8D05-059EB09E9CF6}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"TCP Query User{950202DF-2771-410C-B83C-40281668858B}C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-enus-downloader.exe |
"TCP Query User{A7D73882-AA40-451B-A5BC-1A58694A33BC}C:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-enus-downloader.exe |
"TCP Query User{A972E592-CB78-478D-885B-C577B4F16CCE}C:\program files\world of warcraft\wow-2.0.3-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.0.3-enus-downloader.exe |
"TCP Query User{ADBC89F9-DA92-43D1-9CD6-C91278D5384D}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{B4FEEF27-5503-4318-A359-6CA0540713AD}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{B77EDA23-55CA-42A1-A9BE-E47E0ADDAC5D}C:\program files\world of warcraft\wow-2.0.3.6299-to-2.0.12.6546-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.0.3.6299-to-2.0.12.6546-enus-downloader.exe |
"TCP Query User{BEEB2FD7-1841-4B65-8C46-A7F344615A42}C:\program files\winamp remote\bin\orbir.exe" = protocol=6 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"TCP Query User{C68738B1-11A8-499D-B3E7-F4AFB13DEA83}C:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-enus-downloader.exe |
"TCP Query User{C7FE05E4-E644-4E75-9E12-B05D1A40F27A}C:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-enus-downloader.exe |
"TCP Query User{CA90C8ED-01D7-4BAC-A5FC-4EA1ADA5041D}C:\users\haithin\program files\bittorrent_dna\dna.exe" = protocol=6 | dir=in | app=c:\users\haithin\program files\bittorrent_dna\dna.exe |
"TCP Query User{CB19F947-DE32-4750-B18A-DEC658CD200A}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{D0118A51-DB15-4514-A963-28A57FD008CC}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\1280_starcraft2gameplayvideo_englishus.avi-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\1280_starcraft2gameplayvideo_englishus.avi-downloader[1].exe |
"TCP Query User{D409CDF9-BC79-4BB1-B292-D2C7E926C69E}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[2].exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[2].exe |
"TCP Query User{D5AFBD50-726A-4B53-BA45-22A86A03E827}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{DEB5D432-73DC-4A60-A8A5-37554D0E96D2}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{E1BAA102-23DB-4351-9A4B-62ABD345B635}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[1].exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[1].exe |
"TCP Query User{EC809581-EE51-48D9-874F-21300E304C0E}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{EEDEA867-6663-4664-8CFE-68A368D26519}C:\windows\system32\dplaysvr.exe" = protocol=6 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"TCP Query User{EFFD60DB-3D7A-43B5-987D-F804AFECD9AE}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{F2D684AF-D2CE-474A-B929-A5054734B536}C:\users\haithin\appdata\local\temp\blizzard launcher temporary - 226417a8\launcher.exe" = protocol=6 | dir=in | app=c:\users\haithin\appdata\local\temp\blizzard launcher temporary - 226417a8\launcher.exe |
"TCP Query User{F30AFA1B-2AD0-41E0-806D-FFEAB32652E7}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{F51FBE3F-9895-44D5-B8EE-5A5390A8E7A7}C:\users\haithin\program files\bittorrent_dna\dna.exe" = protocol=6 | dir=in | app=c:\users\haithin\program files\bittorrent_dna\dna.exe |
"UDP Query User{0171D332-CD04-46C7-BAC8-470EAE844BCE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{021E5E00-A4BB-497A-BA3E-410F293D4EB8}C:\program files\secondlife\slvoice.exe" = protocol=17 | dir=in | app=c:\program files\secondlife\slvoice.exe |
"UDP Query User{1AC33A74-7715-41B6-B7F0-25545EA151E0}C:\users\haithin\appdata\local\temp\blizzard launcher temporary - 226417a8\launcher.exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\temp\blizzard launcher temporary - 226417a8\launcher.exe |
"UDP Query User{1F10B938-9B0F-4B83-94A9-821A159ED78E}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{214CE448-CCE1-47A4-A5F4-13D3EA9C1E2E}C:\users\haithin\program files\bittorrent_dna\dna.exe" = protocol=17 | dir=in | app=c:\users\haithin\program files\bittorrent_dna\dna.exe |
"UDP Query User{22D4219F-05B1-4362-BA7F-71C160C6E78B}C:\program files\winamp remote\bin\orb.exe" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orb.exe |
"UDP Query User{23232DDE-F8D1-4226-B5D2-A39F783F60F3}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\1280_starcraft2gameplayvideo_englishus.avi-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\1280_starcraft2gameplayvideo_englishus.avi-downloader[1].exe |
"UDP Query User{25EF1463-7B16-4237-8DA4-656065C25C22}C:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.1.1.6739-to-2.1.2.6803-enus-downloader.exe |
"UDP Query User{28C4329B-7757-452A-94D9-7504E7B51D7F}C:\users\haithin\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{2D1FF5A7-FCDB-463C-98EA-0EB0866FEE1E}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{2E9A57E7-94E4-401E-8540-F9C1943669D2}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\50kydk3a\03-starcraft2_wwi_gameplay_demo_en-avi-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\50kydk3a\03-starcraft2_wwi_gameplay_demo_en-avi-downloader[1].exe |
"UDP Query User{3AC9D302-1920-4106-9164-6BA69BB6283A}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{403E06E8-4F02-4188-85CA-B4F4EC7A479B}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{5307E99C-FE87-48C0-A666-598D44FF1DC4}C:\users\public\games\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"UDP Query User{58952EF3-4822-46B5-85AE-A2195A0816AB}C:\users\haithin\appdata\local\temp\blizzard launcher temporary - 09376fa0\launcher.exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\temp\blizzard launcher temporary - 09376fa0\launcher.exe |
"UDP Query User{5A0E0DB4-0EBC-4882-B8A8-095D632F613A}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{5D35A7C8-8F64-4930-892A-868ACD16A743}C:\program files\world of warcraft\wow-2.0.3-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.0.3-enus-downloader.exe |
"UDP Query User{609CCD28-ECAE-41E0-B197-68F7ED38C96C}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{770FA16F-5A7D-418D-A518-83565C75ECD1}C:\program files\black isle\bgii - soa\bgmain.exe" = protocol=17 | dir=in | app=c:\program files\black isle\bgii - soa\bgmain.exe |
"UDP Query User{78835EC9-1447-4EC9-8E88-D06A64B653A4}C:\program files\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files\skype\phone\skype.exe |
"UDP Query User{7B803CAA-C155-4942-9C19-7110B342F20D}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{829533AC-5067-4973-95CA-01C46562B235}C:\program files\world of warcraft\wow-2.0.3.6299-to-2.0.12.6546-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.0.3.6299-to-2.0.12.6546-enus-downloader.exe |
"UDP Query User{87DC221F-155C-4066-BA71-9210EFD0D1E4}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{8DF33B2D-1ABF-4E89-80D9-C5572CF2A54C}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{930CC33B-634E-4413-80B9-52A4B6CDAB41}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[2].exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[2].exe |
"UDP Query User{95AE7B8F-470A-4183-9D69-E34D2A2885F8}C:\program files\ea games\american mcgee's alice\alice.exe" = protocol=17 | dir=in | app=c:\program files\ea games\american mcgee's alice\alice.exe |
"UDP Query User{A2C5EDAA-2ED8-4F41-842A-28A2182ABB5D}C:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.1.3.6898-to-2.2.0.7272-enus-downloader.exe |
"UDP Query User{A3441821-5756-4FD1-B2BF-11F526AEB31F}C:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.1.0.6729-to-2.1.1.6739-enus-downloader.exe |
"UDP Query User{A9F24303-E333-4D16-9BAE-1CD141DCC065}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{AB74D427-CD7E-4C23-9E32-501E311BD9E7}C:\program files\winamp remote\bin\orbir.exe" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbir.exe |
"UDP Query User{AF7BEF60-6941-49DB-9528-8C1C2640E714}C:\windows\system32\dplaysvr.exe" = protocol=17 | dir=in | app=c:\windows\system32\dplaysvr.exe |
"UDP Query User{B889981D-35EA-40EF-94D5-F313190AFA82}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{BE46B175-AAEC-40C7-9513-723C07E7021F}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\starcraft2cinematictrailer_englishus-avi-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\u17h4oij\starcraft2cinematictrailer_englishus-avi-downloader[1].exe |
"UDP Query User{C214B7DE-A5A8-4B3E-AD3A-5AF1A0625E24}C:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.2.3.7359-to-2.3.0.7561-enus-downloader.exe |
"UDP Query User{CDEBF6DC-146B-48DA-A137-54E1AE89186B}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{D3F346B7-5154-4674-BFBD-3421E1125EFD}C:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.0.12.6546-to-2.1.0.6692-enus-downloader.exe |
"UDP Query User{D3F606FF-7B2E-41C3-AABA-88521CDF3723}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\blacktemple_eg.avi-downloader[1].exe |
"UDP Query User{E0FC9089-96C1-4D8E-881E-AD795C616CF0}C:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.1.0.6692-to-2.1.0.6729-enus-downloader.exe |
"UDP Query User{E1A8DE24-5BD4-40B5-82D6-6E26615F96A9}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{E80F8A05-CE8E-48BB-A473-7EC48F57FA98}C:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-2.1.2.6803-to-2.1.3.6898-enus-downloader.exe |
"UDP Query User{E8737923-8D66-4EEA-B2AA-1F302B61A3A3}C:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\starcraft2cinematictrailer_englishus-avi-downloader[1].exe" = protocol=17 | dir=in | app=c:\users\haithin\appdata\local\microsoft\windows\temporary internet files\content.ie5\xmw2wbdp\starcraft2cinematictrailer_englishus-avi-downloader[1].exe |
"UDP Query User{EE2FE363-BEC0-4F86-B6AD-EDD48874EAAF}C:\program files\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\backgrounddownloader.exe |
"UDP Query User{FBDC9565-F8F6-4561-80F7-089E8DB967F4}C:\users\haithin\program files\bittorrent_dna\dna.exe" = protocol=17 | dir=in | app=c:\users\haithin\program files\bittorrent_dna\dna.exe |
"UDP Query User{FEDFA118-30CE-4F28-B7AF-9AFA58D62753}C:\program files\winamp remote\bin\orbtray.exe" = protocol=17 | dir=in | app=c:\program files\winamp remote\bin\orbtray.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{014585C8-7557-11D4-9ABA-006067325E47}" = Baldur's Gate™ II - Shadows of Amn™ Bonus CD
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{09F25F86-F957-4051-8AB2-0E0D948BBB5D}" = 1310
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{0AC8162B-5175-41D7-B963-8307A40BD456}" = n52te Editor
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{1102D7B1-098C-4F48-92F4-DC403E45A527}" = LightScribe Template Designs - Athletic Pack 1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18143CE1-430E-4FF3-A44F-811FD2910929}" = LightScribe Template Designs - Mythology Pack 1
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}" = mkv2vob
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{25771101-7948-4591-ABF3-B1ECE7A7F45F}" = HP Update
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 16
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{39600969-41C3-4658-876E-16F108FC5C92}" = ISO Recorder
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{49672EC2-171B-47B4-8CE7-50D7806360D7}" = Windows Live Sign-in Assistant
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{519FCD20-AB3E-4A4F-AA30-2AAED80513A8}" = Lightscribe Extended Label Contrast Utility
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{582D2A53-F426-4C5E-A2E6-43C1AB36B907}" = Safari
"{5A080213-5AEC-4BF2-BB32-796EB0E421EC}" = Logitech G-series Keyboard Software
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{659B48CD-0608-4ED5-94C0-0B6C87114F10}" = Apple Mobile Device Support
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D4553DF-2095-4D10-92C0-17934733B51D}" = 1310_Help
"{6D7E031C-4C05-4265-854A-FE9FDEA9984D}" = 1310Trb
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{725F0ABA-808A-4256-885C-1E60245521D0}" = LightScribe Template Designs - Sports Pack 1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7373184D-8E8F-4308-912A-3901071FA1AD}" = LightScribe Applications
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77B5AD60-8F14-11D4-9BC9-0050041A1090}" = American McGee's Alice™
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3AD00A-1819-4B15-BB7D-08B3586336D7}" = 3DMark06
"{7FD71A9E-C4D3-42ED-A998-CDA8290C39A3}" = LightScribe Template Labeler
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DAE4336-2B71-11D4-9A6C-006067325E47}" = Baldur's Gate™ II - Shadows of Amn™
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{90C1F682-9F40-42EC-BBE0-D2A1A4987E1B}" = LightScribe Diagnostic Utility
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{A2B4455D-1046-4732-BFBC-0821BEFC07BC}" = Hellgate: London
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}" = Razer Lachesis
"{CC5702D7-86E2-45A8-99D7-E8B976ADCC56}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D1C70CF7-F2F3-4A15-ADE5-5DF1BA0739E1}" = LightScribe Template Designs - Bonus Pack 1
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D45E8C45-B601-4A80-AFD8-E16338744DE1}" = ArcSoft Panorama Maker 4
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DDBB28C8-B2AA-45A1-8DCE-059A798509FB}" = MobileMe Control Panel
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{ED3F469E-D9EC-4DF1-968F-5812CE2F30F8}" = HP Driver Diagnostics
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1" = BitPim 1.0.2
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner (remove only)
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"COMODO Firewall Pro" = COMODO Firewall Pro
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.52.1
"DVDFab 6_is1" = DVDFab 6.0.1.0 (May 15, 2009)
"Easy CD-DA Extractor 12" = Easy CD-DA Extractor 12
"ERUNT_is1" = ERUNT 1.1j
"Free Easy Burner_is1" = Free Easy Burner V 3.8
"HOMESTUDENTR" = Microsoft Office Home and Student 2007 Trial
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"iPod Access for Windows_is1" = iPod Access for Windows v4.0.3
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.5.0
"LG USB Drivers" = LG USB Drivers
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"mIRC" = mIRC
"Mozilla Firefox (3.0.13)" = Mozilla Firefox (3.0.13)
"NVIDIA Drivers" = NVIDIA Drivers
"SystemRequirementsLab" = System Requirements Lab
"Warcraft III" = Warcraft III
"WinAce Archiver" = WinAce Archiver
"Winamp" = Winamp
"WinRAR archiver" = WinRAR archiver
"World of Warcraft" = World of Warcraft
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DNA" = DNA
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"NCsoft-Aion" = Aion
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 9/2/2009 1:25:06 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
Error - 9/2/2009 2:25:06 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
Error - 9/2/2009 3:25:05 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
Error - 9/2/2009 4:25:06 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
Error - 9/2/2009 5:25:05 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
Error - 9/2/2009 6:00:31 PM | Computer Name = Haithin-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 9/2/2009 6:00:32 PM | Computer Name = Haithin-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 9/2/2009 6:25:06 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
Error - 9/2/2009 7:25:05 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
Error - 9/2/2009 8:25:05 PM | Computer Name = Haithin-PC | Source = Google Update | ID = 20
Description =
[ Media Center Events ]
Error - 5/30/2008 2:00:38 AM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/3/2008 11:45:13 AM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 8/28/2008 8:11:12 AM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/2/2008 5:47:23 AM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 11/15/2008 9:14:35 PM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 1/26/2009 10:35:15 PM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 3/7/2009 2:20:22 AM | Computer Name = Haithin-PC | Source = McrMgr | ID = 109
Description =
Error - 4/19/2009 5:36:47 AM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 6/7/2009 5:35:16 AM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/17/2009 9:29:59 PM | Computer Name = Haithin-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 9/2/2009 12:18:20 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/2/2009 12:18:20 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 9/2/2009 12:18:20 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 9/2/2009 12:42:06 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 9/2/2009 12:42:06 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/2/2009 12:42:09 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 9/2/2009 12:42:11 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 9/2/2009 12:47:49 AM | Computer Name = Haithin-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/2/2009 5:05:18 AM | Computer Name = Haithin-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description =
Error - 9/2/2009 5:05:18 AM | Computer Name = Haithin-PC | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description =
< End of report >
Edited by Haithin, 03 September 2009 - 11:04 AM.
Sign In
Create Account
