Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus check


  • Please log in to reply

#1
Ecnal57

Ecnal57

    New Member

  • Member
  • Pip
  • 1 posts
Hello,

Another computer in my house is currently infected(and on the same network with this machine) with a LOT of malware, trojans, viruses; the owner of that machine([email protected] forum) is currently getting and waiting to get assistance with her problems.

I'm posting because I'd like for this machine to be thoroughly searched. Semi-frequently, strange things will happen on this machine and most recently it gives an odd runtime error I've never heard of(-1:0) whenever I try to run a particular .exe. I tried searching for my error on google but it's never heard of it, I suspect that it's a fake error created by malware. Could you check to see if this laptop is alright? Malwarebytes didn't pick up anything so I won't include a log of of it. Also GMER crashes my computer so I can't include a log of it.

OTL

OTL logfile created on: 1/5/2010 2:08:37 PM - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Users\Grandpa\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 179.22 Gb Total Space | 91.62 Gb Free Space | 51.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 702.31 Mb Total Space | 654.30 Mb Free Space | 93.16% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GRANDPA-PC
Current User Name: Grandpa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/01/05 12:01:33 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Grandpa\Desktop\Downloads\OTL(2).exe
PRC - [2009/12/21 13:50:36 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/10/28 20:21:26 | 00,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/10/11 04:17:36 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/28 09:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/24 12:33:28 | 01,595,016 | ---- | M] (PCSecurityShield) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\vsserv.exe
PRC - [2009/09/24 12:33:26 | 01,493,064 | ---- | M] (PCSecurityShield) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\uiscan.exe
PRC - [2009/09/24 12:33:20 | 01,086,232 | ---- | M] (PCSecurityShield) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\seccenter.exe
PRC - [2009/09/24 12:33:16 | 00,346,168 | ---- | M] (PCSecurityShield) -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Update Service\livesrv.exe
PRC - [2009/09/24 12:32:52 | 01,114,536 | ---- | M] (PCSecurityShield) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdagent.exe
PRC - [2009/06/25 02:22:22 | 00,185,640 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
PRC - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/27 02:27:04 | 29,262,680 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/24 21:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 21:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/10/29 01:29:41 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/24 09:00:28 | 01,799,424 | ---- | M] (Verdiem) -- C:\Program Files\Verdiem\Edison\Edison.exe
PRC - [2008/10/24 09:00:28 | 00,075,008 | ---- | M] (Verdiem) -- C:\Program Files\Verdiem\Edison\edsvc.exe
PRC - [2008/10/16 19:12:28 | 00,569,344 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
PRC - [2008/09/14 21:21:22 | 03,831,068 | ---- | M] () -- C:\Program Files\nFinity\QuickVoice\qvrem.exe
PRC - [2008/09/14 16:38:42 | 00,648,488 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/09/14 16:38:42 | 00,648,488 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/03/25 19:49:02 | 00,184,320 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2008/03/25 19:40:42 | 00,214,360 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
PRC - [2007/05/31 12:21:28 | 00,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdc.exe
PRC - [2007/05/16 12:55:23 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\drivers\XAudio.exe
PRC - [2007/05/12 08:09:15 | 00,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/04/23 19:19:34 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/04/23 19:19:34 | 00,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/04/12 18:23:44 | 00,415,864 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe
PRC - [2007/04/03 12:21:30 | 00,923,768 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007/04/02 18:25:00 | 00,321,656 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2007/03/21 16:00:04 | 00,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 16:00:00 | 00,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/09 02:59:01 | 00,835,584 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2007/03/06 12:52:28 | 03,683,648 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
PRC - [2007/02/27 12:50:42 | 00,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007/01/04 22:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/12/11 00:52:38 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2006/11/28 21:27:46 | 00,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2006/11/28 21:09:58 | 00,135,168 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2006/11/28 21:09:46 | 00,172,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/01/05 12:01:33 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\Grandpa\Desktop\Downloads\OTL(2).exe
MOD - [2009/12/15 10:24:11 | 00,098,304 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas32-v2_58\plugin_net.m32
MOD - [2009/12/15 10:24:10 | 00,176,128 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas32-v2_58\plugin_extra.m32
MOD - [2009/12/15 10:24:05 | 00,270,336 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas32-v2_58\plugin_nt.m32
MOD - [2009/12/15 10:24:01 | 00,151,552 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas32-v2_58\plugin_base.m32
MOD - [2009/12/15 10:24:00 | 00,307,200 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas32-v2_58\plugin_fragments.m32
MOD - [2009/12/15 10:23:55 | 00,126,976 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas32-v2_58\plugin_registry.m32
MOD - [2009/12/15 10:23:53 | 00,225,280 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\Active Virus Control\midas32-v2_58\midas32.dll
MOD - [2008/11/26 23:35:06 | 01,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18175_none_9e7bbe54c9c04bca\GdiPlus.dll
MOD - [2008/01/19 02:26:34 | 01,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/10/28 20:21:14 | 00,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/28 09:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/24 12:37:26 | 00,323,584 | ---- | M] (S.C. BitDefender S.R.L) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Threat Scanner\scan.dll -- (scan)
SRV - [2009/09/24 12:33:28 | 01,595,016 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\vsserv.exe -- (VSSERV)
SRV - [2009/09/24 12:33:16 | 00,346,168 | ---- | M] (PCSecurityShield) [Auto | Running] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Update Service\livesrv.exe -- (LIVESRV)
SRV - [2009/09/13 23:31:30 | 00,183,880 | ---- | M] (BitDefender S.R.L. http://www.bitdefender.com) [On_Demand | Stopped] -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Arrakis Server\bin\arrakis3.exe -- (Arrakis3)
SRV - [2009/06/25 02:22:22 | 00,185,640 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe -- (TeamViewer4)
SRV - [2009/05/29 12:41:26 | 00,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/27 02:27:04 | 29,262,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$VAIO_VEDB) SQL Server (VAIO_VEDB)
SRV - [2009/03/15 16:37:00 | 02,804,788 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/24 21:31:12 | 00,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 21:31:08 | 00,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 21:31:08 | 00,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/11/19 18:23:16 | 00,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2008/10/24 09:00:28 | 00,075,008 | ---- | M] (Verdiem) [Auto | Running] -- C:\Program Files\Verdiem\Edison\edsvc.exe -- (edsvc)
SRV - [2008/09/14 16:38:42 | 00,648,488 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/07/18 12:13:20 | 00,053,760 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2008/07/18 12:13:20 | 00,044,032 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2008/03/25 20:27:36 | 00,135,168 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/01/19 02:38:24 | 00,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 12:21:24 | 00,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 12:21:18 | 00,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/16 12:55:23 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\System32\drivers\XAudio.exe -- (XAudioService)
SRV - [2007/05/12 08:09:15 | 00,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/04/23 19:19:34 | 00,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/03/21 16:00:04 | 00,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/01/26 14:41:32 | 00,075,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 3\ICScsiSV.exe -- (ICScsiSV)
SRV - [2007/01/26 14:41:24 | 00,067,760 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 3\IcVzMonLauncher.exe -- (IcVzMonLauncher)
SRV - [2007/01/26 14:41:24 | 00,043,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\Image Converter 3\IcVzMon.exe -- (Image Converter video recording monitor for VAIO Entertainment)
SRV - [2007/01/24 19:56:24 | 00,075,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe -- (SSScsiSV)
SRV - [2007/01/24 19:56:20 | 00,112,184 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe -- (SonicStage Back-End Service)
SRV - [2007/01/16 17:05:00 | 02,523,136 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/01/16 17:05:00 | 01,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP) VAIO Media Content Collection (UPnP)
SRV - [2007/01/16 17:05:00 | 01,089,536 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP)
SRV - [2007/01/10 19:51:06 | 00,745,472 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/10 12:43:24 | 00,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/01/08 20:06:40 | 00,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP) VAIO Media Content Collection (HTTP)
SRV - [2007/01/08 20:06:40 | 00,397,312 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP)
SRV - [2007/01/08 20:01:34 | 00,491,520 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007/01/04 22:48:52 | 00,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/14 04:21:20 | 00,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 04:02:08 | 00,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 03:46:16 | 00,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/28 21:27:46 | 00,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2006/11/28 21:09:58 | 00,135,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2006/11/28 21:09:46 | 00,172,032 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2006/11/02 07:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2005/11/14 03:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\..\URLSearchHook: {174573de-d1c8-4902-83cd-e7cba3aa5f5d} - C:\Program Files\tunewiki\tbtun1.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com?o=14196&l=dis
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
IE - HKCU\..\URLSearchHook: {174573de-d1c8-4902-83cd-e7cba3aa5f5d} - C:\Program Files\tunewiki\tbtun1.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "tunewiki Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://my.yahoo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:3.6.2.119
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.5
FF - prefs.js..extensions.enabledItems: {c33c5b47-69c8-45a4-a5e0-af85bbe628dd}:1.6.1.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0.11
FF - prefs.js..extensions.enabledItems: {64161300-e22b-11db-8314-0800200c9a66}:0.9.1
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.38
FF - prefs.js..extensions.enabledItems: [email protected]:2.0
FF - prefs.js..extensions.enabledItems: {174573de-d1c8-4902-83cd-e7cba3aa5f5d}:2.0.5.3
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.11.2
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.2
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.5.200812101546
FF - prefs.js..keyword.URL: "http://websearch.ask...ocale=en_US&q="

FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ArcSoft\RAW Thumbnail Viewer\FireFox Extension [2009/08/04 08:01:34 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B728AB94-9BC7-49b7-B76A-422BB31B2FD0}: C:\Program Files\ArcSoft\Video Downloader\Plugin_FireFox [2009/08/04 08:03:00 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdaphffext\ [2009/12/03 09:29:55 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/12/27 11:06:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/12/21 13:50:39 | 00,000,000 | ---D | M]

[2008/08/16 15:53:44 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Extensions
[2010/01/05 13:09:21 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions
[2009/08/14 06:28:22 | 00,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2009/08/21 19:12:54 | 00,000,000 | ---D | M] (tunewiki Toolbar) -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\{174573de-d1c8-4902-83cd-e7cba3aa5f5d}
[2009/04/05 10:22:18 | 00,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/08/22 04:44:36 | 00,000,000 | ---D | M] (Speed Dial) -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\{64161300-e22b-11db-8314-0800200c9a66}
[2009/08/22 04:45:00 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
[2009/08/22 04:44:34 | 00,000,000 | ---D | M] (Interclue) -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\{c33c5b47-69c8-45a4-a5e0-af85bbe628dd}
[2009/05/29 14:35:22 | 00,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009/08/22 04:44:58 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\[email protected]
[2009/08/18 10:42:09 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\[email protected]
[2009/12/25 06:47:11 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\extensions\[email protected]
[2009/12/25 06:47:13 | 00,002,425 | ---- | M] () -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\searchplugins\askcom.xml
[2009/06/19 01:06:26 | 00,000,878 | ---- | M] () -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\searchplugins\conduit.xml
[2009/08/14 06:28:48 | 00,001,196 | ---- | M] () -- C:\Users\Grandpa\AppData\Roaming\Mozilla\Firefox\Profiles\9sd7deat.default\searchplugins\winamp-search.xml
[2010/01/05 13:09:21 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/09/13 22:10:06 | 00,047,104 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Mozilla Firefox\components\FFComm.dll
[2009/05/25 07:23:15 | 00,417,792 | ---- | M] (Invenda Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPcol305.dll
[2008/11/18 15:15:06 | 00,106,128 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npstrlnk.dll

O1 HOSTS File: (761 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (tunewiki Toolbar) - {174573de-d1c8-4902-83cd-e7cba3aa5f5d} - C:\Program Files\tunewiki\tbtun1.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (tunewiki Toolbar) - {174573de-d1c8-4902-83cd-e7cba3aa5f5d} - C:\Program Files\tunewiki\tbtun1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (The Shield Deluxe 2010 Toolbar) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKCU\..\Toolbar\WebBrowser: (tunewiki Toolbar) - {174573DE-D1C8-4902-83CD-E7CBA3AA5F5D} - C:\Program Files\tunewiki\tbtun1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [AppMon Utility] C:\Program Files\Sony\AppMonUtil\AppMonUtility.exe (Sony Corporation)
O4 - HKLM..\Run: [BDAgent] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\bdagent.exe (PCSecurityShield)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\The Shield Deluxe\The Shield Deluxe 2010\IEShow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [Edison] C:\Program Files\Verdiem\Edison\Edison.exe (Verdiem)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickBooks Simple Start] C:\Program Files\Intuit\SimpleStartEntice\entice.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [VAIOSecurity] C:\Program Files\Sony\VAIO Security Center\VSC.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Read EXIF - C:\Program Files\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm ()
O8 - Extra context menu item: Transfer by Image Converter 3 - C:\Program Files\Sony\Image Converter 3\menu.htm ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {00000130-9980-0010-8000-00AA00389B71} http://codecs.micros...86/ACELPACM.CAB (Reg Error: Key error.)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://www.adobe.com...obat/nos/gp.cab (get_atlcom Class)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://www.driverage...driveragent.cab (Driver Agent ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 65.32.5.111 65.32.5.112
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1de36f3e-a44e-11dc-9dae-0013a9e318e2}\Shell\AutoRun\command - "" = E:\LinksysConnectPC.exe -- File not found
O33 - MountPoints2\{1de36f41-a44e-11dc-9dae-0013a9e318e2}\Shell - "" = AutoRun
O33 - MountPoints2\{1de36f41-a44e-11dc-9dae-0013a9e318e2}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\{cb5029a4-0b25-11de-914c-0013a9e318e2}\Shell\AutoRun\command - "" = G:\MI.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/01/04 18:49:35 | 00,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010/01/04 18:16:59 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\Desktop\logs
[2010/01/04 14:18:29 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\AppData\Roaming\Malwarebytes
[2010/01/04 14:18:24 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/04 14:18:21 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/04 14:18:21 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/04 14:18:20 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/04 12:53:51 | 20,422,628 | ---- | C] (Spotmau, Inc. ) -- C:\Users\Grandpa\Desktop\PowerSuite2010_Setup_Windows(5).exe
[2010/01/04 11:28:34 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\AppData\Roaming\BitTorrent
[2010/01/04 11:28:29 | 00,000,000 | ---D | C] -- C:\Program Files\BitTorrent
[2010/01/03 15:09:21 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\musics
[2010/01/03 13:46:58 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2010/01/03 13:46:58 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2010/01/03 13:46:58 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2010/01/03 13:46:27 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/01/03 13:46:24 | 00,000,000 | --SD | C] -- C:\ComboFix
[2010/01/03 13:45:49 | 00,000,000 | ---D | C] -- C:\Qoobox
[2010/01/03 13:45:26 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/12/24 21:45:42 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\Documents\Any Video Converter
[2009/12/24 21:45:31 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\AppData\Roaming\AnvSoft
[2009/12/24 21:45:28 | 00,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2009/12/24 21:27:55 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\Documents\FrostWire
[2009/12/24 21:27:46 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\AppData\Roaming\FrostWire
[2009/12/24 21:25:51 | 00,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2009/12/24 21:25:25 | 00,000,000 | ---D | C] -- C:\Program Files\FrostWire
[2009/12/23 11:57:51 | 00,000,000 | ---D | C] -- C:\Users\Grandpa\Desktop\mg xmas

========== Files - Modified Within 14 Days ==========

[2010/01/05 14:09:48 | 04,194,304 | -HS- | M] () -- C:\Users\Grandpa\ntuser.dat
[2010/01/05 13:44:59 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/05 13:44:59 | 00,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/05 12:46:58 | 00,010,928 | ---- | M] () -- C:\Users\Grandpa\AppData\Roaming\wklnhst.dat
[2010/01/05 11:55:30 | 00,056,733 | ---- | M] () -- C:\Users\Grandpa\AppData\Roaming\nvModes.001
[2010/01/05 11:44:46 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/05 11:44:42 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/05 11:44:40 | 21,458,37056 | -HS- | M] () -- C:\hiberfil.sys
[2010/01/04 18:49:39 | 00,000,919 | ---- | M] () -- C:\Users\Grandpa\Desktop\EVEREST Home Edition.lnk
[2010/01/04 18:11:14 | 00,524,288 | -HS- | M] () -- C:\Users\Grandpa\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/01/04 18:11:14 | 00,065,536 | -HS- | M] () -- C:\Users\Grandpa\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/01/04 14:18:27 | 00,000,836 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/04 14:03:29 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/01/04 13:27:20 | 00,056,733 | ---- | M] () -- C:\Users\Grandpa\AppData\Roaming\nvModes.dat
[2010/01/04 12:53:53 | 20,422,628 | ---- | M] (Spotmau, Inc. ) -- C:\Users\Grandpa\Desktop\PowerSuite2010_Setup_Windows(5).exe
[2010/01/03 15:58:38 | 00,770,466 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/03 15:58:38 | 00,651,546 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/03 15:58:38 | 00,123,448 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/03 10:19:34 | 00,002,231 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/12/30 14:55:24 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2009/12/30 14:54:58 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2009/12/28 17:41:42 | 00,001,670 | ---- | M] () -- C:\Users\Grandpa\Desktop\CCleaner.lnk
[2009/12/24 21:45:37 | 00,000,955 | ---- | M] () -- C:\Users\Grandpa\Desktop\Any Video Converter.lnk

========== Files Created - No Company Name ==========

[2010/01/04 18:49:39 | 00,000,919 | ---- | C] () -- C:\Users\Grandpa\Desktop\EVEREST Home Edition.lnk
[2010/01/04 18:12:25 | 21,458,37056 | -HS- | C] () -- C:\hiberfil.sys
[2010/01/04 14:18:27 | 00,000,836 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/03 13:46:58 | 00,261,632 | ---- | C] () -- C:\Windows\PEV.exe
[2010/01/03 13:46:58 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/01/03 13:46:58 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/01/03 13:46:58 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010/01/03 13:46:58 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/12/24 21:45:37 | 00,000,955 | ---- | C] () -- C:\Users\Grandpa\Desktop\Any Video Converter.lnk
[2009/08/24 08:53:30 | 00,000,014 | ---- | C] () -- C:\Program Files\version.txt
[2009/08/10 06:07:40 | 00,000,178 | ---- | C] () -- C:\Users\Grandpa\AppData\Roaming\QV Prefs
[2009/08/03 14:07:42 | 00,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/01/15 13:45:34 | 00,181,248 | ---- | C] () -- C:\Windows\System32\txmlutil.dll
[2008/01/09 11:17:19 | 00,010,928 | ---- | C] () -- C:\Users\Grandpa\AppData\Roaming\wklnhst.dat
[2007/12/10 11:42:09 | 00,033,792 | ---- | C] () -- C:\Users\Grandpa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/06 22:34:15 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007/12/06 20:21:14 | 00,056,733 | ---- | C] () -- C:\Users\Grandpa\AppData\Roaming\nvModes.001
[2007/12/06 20:02:22 | 00,019,293 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2007/12/06 18:02:17 | 00,056,733 | ---- | C] () -- C:\Users\Grandpa\AppData\Roaming\nvModes.dat
[2007/12/06 15:42:07 | 00,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll
[2007/12/06 15:26:02 | 00,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll
[2007/12/06 15:15:37 | 01,132,112 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe
[2007/05/29 23:22:06 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI
[2007/05/29 21:52:09 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/03/15 13:31:02 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2007/03/15 13:31:00 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2007/03/15 13:30:04 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2007/01/31 14:50:32 | 00,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== LOP Check ==========

[2009/12/08 09:20:53 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Amazon
[2009/12/24 21:45:31 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\AnvSoft
[2009/03/06 15:16:47 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Avery
[2010/01/04 13:18:46 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\BitTorrent
[2007/12/31 11:55:02 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Epocrates
[2009/12/26 17:13:51 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\FrostWire
[2009/02/01 21:43:38 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\GetRightToGo
[2008/03/11 18:16:26 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\iLike
[2009/10/13 05:42:03 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Image Zone Express
[2007/12/24 19:59:53 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\InterVideo
[2010/01/05 09:55:54 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\MailWasherPro
[2009/08/10 06:05:56 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\nFinity
[2007/12/06 20:30:32 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Opera
[2009/01/21 08:32:08 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Preclick
[2008/11/17 13:58:49 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Printer Info Cache
[2008/08/24 12:52:28 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\SystemRequirementsLab
[2009/07/01 15:39:39 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\TeamViewer
[2008/01/09 11:17:21 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\Template
[2009/12/03 09:31:33 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\The Shield Deluxe
[2009/05/12 17:53:43 | 00,000,000 | ---D | M] -- C:\Users\Grandpa\AppData\Roaming\uTorrent
[2010/01/04 14:03:28 | 00,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< >

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/19 02:42:25 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 04:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 04:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/19 02:41:30 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/02/14 03:04:56 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/02/14 03:04:56 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/02/14 03:04:56 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EVENTLOG.DLL >
[2009/06/25 16:04:32 | 00,001,536 | ---- | M] () MD5=8D4CD834292293F4055BAC313268E2DE -- C:\Program Files\Common Files\The Shield Deluxe\The Shield Deluxe Arrakis Server\lib\eventlog.dll

< MD5 for: IASTOR.SYS >
[2007/03/21 15:58:56 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\IaStor.sys
[2007/03/21 15:58:56 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\drivers\iaStor.sys
[2007/03/21 15:58:56 | 00,304,920 | ---- | M] (Intel Corporation) MD5=997E8F5939F2D12CD9F2E6B395724C16 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_3a63e5a6\iaStor.sys
[2007/03/21 15:59:30 | 00,381,720 | ---- | M] (Intel Corporation) MD5=9D7ED4275702E2FC409F2CC563245740 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007/02/28 07:05:36 | 00,277,784 | R--- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\DRIVERS\SATA Driver (Intel) (Non-RAID) 7.0A - 7.0.0.1020\iastor.sys
[2007/02/28 07:05:43 | 00,277,784 | R--- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\DRIVERS\SATA Driver (Intel) (RAID) 7.0A - 7.0.0.1020\iastor.sys
[2007/02/28 07:05:36 | 00,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys
[2007/02/28 07:05:36 | 00,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iastor.inf_8f0cb06b\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/19 02:42:51 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2006/11/02 04:46:11 | 00,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 02:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008/01/19 02:35:36 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/19 02:42:09 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/19 02:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008/01/19 02:36:19 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 04:46:12 | 00,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/19 02:38:03 | 00,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008/01/19 02:36:10 | 00,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2008/08/11 22:39:08 | 00,443,392 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\win32spl.dll

< %systemroot%\Tasks\*.job /lockedfiles >

========== Alternate Data Streams ==========

@Alternate Data Stream - 983 bytes -> C:\Users\Grandpa\Documents\ref_ Access 6.19.2008.eml:OECustomProperty
@Alternate Data Stream - 976 bytes -> C:\Users\Grandpa\Documents\Brevard MoveOn Members Rally For An __OIL FREE PRESIDENT__.eml:OECustomProperty
@Alternate Data Stream - 965 bytes -> C:\Users\Grandpa\Documents\Iran Info Sheet.eml:OECustomProperty
@Alternate Data Stream - 921 bytes -> C:\Users\Grandpa\Documents\Re_ Mary interviewed for FL radio station about EWO.eml:OECustomProperty
@Alternate Data Stream - 901 bytes -> C:\Users\Grandpa\Documents\Emailing_ Eyes Wide Open, March 15, 2008 069.eml:OECustomProperty
@Alternate Data Stream - 901 bytes -> C:\Users\Grandpa\Documents\Emailing_ Eyes Wide Open, March 15, 2008 035.eml:OECustomProperty
@Alternate Data Stream - 901 bytes -> C:\Users\Grandpa\Documents\Emailing_ Eyes Wide Open, March 15, 2008 027.eml:OECustomProperty
@Alternate Data Stream - 897 bytes -> C:\Users\Grandpa\Documents\Fwd_ A dailymail.co.uk article from bill.eml:OECustomProperty
@Alternate Data Stream - 853 bytes -> C:\Users\Grandpa\Documents\letter to the editor.eml:OECustomProperty
@Alternate Data Stream - 849 bytes -> C:\Users\Grandpa\Documents\oil_tax.pdf (application_pdf Object).eml:OECustomProperty
@Alternate Data Stream - 827 bytes -> C:\Users\Grandpa\Documents\Re_ Florida EWO.eml:OECustomProperty
@Alternate Data Stream - 821 bytes -> C:\Users\Grandpa\Documents\Fwd_ Palm Bay Fires.eml:OECustomProperty
@Alternate Data Stream - 807 bytes -> C:\Users\Grandpa\Documents\FW_ A Good Reason To Call Off The Wedding~.eml:OECustomProperty
@Alternate Data Stream - 804 bytes -> C:\Users\Grandpa\Documents\Eyes Wide Open Florida.eml:OECustomProperty
@Alternate Data Stream - 789 bytes -> C:\Users\Grandpa\Documents\Fw_ I am Speechless.eml:OECustomProperty
@Alternate Data Stream - 765 bytes -> C:\Users\Grandpa\Documents\Fw_ Government.eml:OECustomProperty
@Alternate Data Stream - 761 bytes -> C:\Users\Grandpa\Documents\Web Site.eml:OECustomProperty
@Alternate Data Stream - 761 bytes -> C:\Users\Grandpa\Documents\Re_ Candidate Questionnaire .eml:OECustomProperty
@Alternate Data Stream - 733 bytes -> C:\Users\Grandpa\Documents\Re_ boots inventory.eml:OECustomProperty
@Alternate Data Stream - 684 bytes -> C:\Users\Grandpa\Documents\(no subject).eml:OECustomProperty
@Alternate Data Stream - 681 bytes -> C:\Users\Grandpa\Documents\EWO pix.eml:OECustomProperty
@Alternate Data Stream - 661 bytes -> C:\Users\Grandpa\Documents\Code Pink.eml:OECustomProperty
@Alternate Data Stream - 645 bytes -> C:\Users\Grandpa\Documents\ewo.eml:OECustomProperty
@Alternate Data Stream - 4105 bytes -> C:\Users\Grandpa\Documents\our global village.eml:OECustomProperty
@Alternate Data Stream - 2335 bytes -> C:\Users\Grandpa\Documents\4TH ANNUAL PROGRESSIVE FEST.eml:OECustomProperty
@Alternate Data Stream - 2169 bytes -> C:\Users\Grandpa\Documents\Fw_ Capt. Kirk For President.eml:OECustomProperty
@Alternate Data Stream - 1577 bytes -> C:\Users\Grandpa\Documents\Invitation to Live Meeting_ Eyes Wide Open Training - Wednesday, June 25th,1 PM CDT - Attendees.eml:OECustomProperty
@Alternate Data Stream - 1513 bytes -> C:\Users\Grandpa\Documents\FW_ DIVORCE cakes.eml:OECustomProperty
@Alternate Data Stream - 1101 bytes -> C:\Users\Grandpa\Documents\Satellite Beach - EYES WIDE OPEN FLORIDA.eml:OECustomProperty
@Alternate Data Stream - 1065 bytes -> C:\Users\Grandpa\Documents\More updates for your Oil-Free President action.eml:OECustomProperty
@Alternate Data Stream - 1061 bytes -> C:\Users\Grandpa\Documents\Party information.eml:OECustomProperty
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >


Extras

OTL Extras logfile created on: 1/5/2010 2:08:37 PM - Run 1
OTL by OldTimer - Version 3.1.21.0 Folder = C:\Users\Grandpa\Desktop\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18865)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 45.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 179.22 Gb Total Space | 91.62 Gb Free Space | 51.12% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
Drive F: | 702.31 Mb Total Space | 654.30 Mb Free Space | 93.16% Space Free | Partition Type: UDF
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: GRANDPA-PC
Current User Name: Grandpa
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Persona\Persona.exe" = C:\Program Files\Persona\Persona.exe:*:Enabled:Persona -- (CDNetworks Co.,Ltd)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03F475A0-6EAA-4295-B115-BF9D4042396D}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{1F71B173-6340-4DB2-9FA3-3841D3E971BB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{290EEFA2-1595-4C4D-BA04-81B6164AA55B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4CAAF702-0F6E-4345-A1E5-163F6AF970AA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4D1E65D5-4AEA-4F11-9F36-96AB7CDE4714}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{56A85C17-B599-4C58-8815-1AB61EC30EDC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{57566CFB-7B69-4910-B862-767BDFB07AC5}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{715D1C0A-5370-4B01-935D-AF8836C24459}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{74CBD8AF-AD1F-409F-B93E-2D684815C9EF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{81334B42-BCA5-4853-849F-E16FDFBCE5B4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{83CCD96A-9166-44AA-BE7D-0C1E4A2DD5E0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{83E76C64-7F9C-4B48-BB24-B963D65333E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{98B7DAD0-5B9A-4517-954C-8E046981C737}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{A477C37E-8DE4-48EF-B67A-4D92360B4B00}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A59A8B72-6B94-4E02-A927-5FD8F28DD892}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B31D4978-9E45-49AF-8554-B270BC5A5F5E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BA6F844F-7C52-4633-9C3E-D4E3CEFBA1A2}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{C2F98250-894C-4353-9C03-FA920E4AC053}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C9DBDBD8-78C3-4D6A-A3EA-CC9083A55580}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CB11FA30-023F-4312-8F0B-4A1A8450BCE5}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{D9CD4715-49FB-40F5-B6F1-AD3220CF0496}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{DFF4350D-2F85-449D-AF46-69761ABEE2A9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E3B6136D-0856-498E-974D-2CBF0C47423E}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E4B33A73-7137-4A41-95EF-3E76E2A83828}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F517FDA3-DE9B-4910-B738-2B5EC8DEBC29}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FA4723BA-5594-44C9-B9E4-FDBEB91686CD}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{022D72BF-52C7-44BD-954B-12EFB1CF54E7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{07766EC6-845F-4F0D-B83E-AA60BB44A4EB}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0DE82454-FB99-4C23-8432-DDE499507D81}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0E1469C5-B950-4117-95C5-890CA747FFFC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0F257407-A7DA-4C7A-BB8D-9E697373448B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{103708F7-1776-454F-B504-416F46774677}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{127E7263-C6A9-4499-B7B8-D02B3EFFDB50}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{1B7B2544-0D55-490D-B416-9B32386E269B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2178B040-2705-4893-B688-22026CA90A46}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{34252CD7-C379-419B-9F78-06058C016880}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{35963823-5976-45E3-8669-16704D2C44E9}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{37DBD699-74BC-4267-97E8-625B6E0D6464}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3EF55819-EE0F-4769-89AC-AF3C64A878CB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3F42F45A-A414-4513-87F5-B39F5EBDEB07}" = protocol=17 | dir=in | app=c:\users\grandpa\velazul\grand chase\main.exe |
"{442CBAF9-1574-46A4-A1C1-22AEBC313124}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{45F6EDC8-0B6F-45B5-8300-6388ECFC8029}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{4794716C-A7FA-4D13-A351-756C6486E4D5}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{48D437D2-14F2-444C-A41B-7C2406EAE384}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4DD69805-06C9-4FA9-AC51-27D4EF8BE370}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4F2E5339-5068-4ACD-8C2F-D7455EE298E4}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{50184D05-F3A3-4B79-9C3B-D60250A004D1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{511155E8-0D91-47B3-B7D4-8256BA348E1E}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{565BACF9-6CE0-4F25-B810-DB4C22149CCF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5B1871D2-D81F-49D7-9BDF-C06F048DEAF9}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5B4DFA67-774D-4677-9192-D44F566A7647}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5B993B6E-082E-4FB0-B1C1-C79359826A08}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{61C06C03-3157-43FD-A6FE-F6BCA95BBA2C}" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{643A97D0-E464-463C-9C3D-E493656F9C54}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6726AA75-8EBD-4E9E-BD78-DDCC285E3C3D}" = protocol=17 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{69211C97-8C64-481E-8647-7D84236B0343}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6B91959E-7FA9-45F6-BE9E-3AA54B3DB6B5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{717B54F0-2518-49FF-97D1-BFA4EEEF5A8E}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{72FBD81D-E2BC-4C87-8F5E-C6DBA682B025}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{741E3EE9-A295-4305-86EF-181CB00F6CD6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{772C96C8-98E1-4D31-8F84-F77B2EC38FAC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7886F76D-740E-450C-A0F5-206CD6FE0A58}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{792C0601-0D88-4244-BB99-12B9B4230DAF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{808D6330-72AA-45FF-984F-669880539EA9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{81997504-F0FC-4712-B394-010317301A16}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{82A9209D-3228-4108-B163-77EFCF3C1300}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{82C11AB8-46A5-464E-8874-A17B6591DDDA}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{86220CFE-BFF1-4F83-806A-F74D7F72F114}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{86C0CEDE-1A1C-4A62-8ADC-FFEB0DBD30E1}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{88945B1D-83F0-4C87-8484-CDE222319F4F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8B106DBD-0469-435C-B450-87D35528A588}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94A5AEB2-A096-43B5-AF1A-E6B7AD37A47B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{95553564-7F3F-4090-A29F-BD66F59F7865}" = protocol=6 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{962D52EA-E756-4BB6-9885-7D0FFF65F585}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{96E41CD5-6CB3-4523-BB00-4708BCD1F822}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{990E0363-F7AB-4BF1-B197-56E7A5B6726C}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{A765E364-E15E-41D9-A9AC-669897F2CD15}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{AB013D0C-026A-471A-96E9-7CB1FD9ED9D0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B06DF321-6191-4D9D-BA9C-83E73D6B3502}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B6A4C476-5B1C-42C8-9323-6AC04C8EA078}" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"{C1046B2A-AA70-45B7-9F2B-6C5AC3A13E99}" = protocol=6 | dir=in | app=c:\users\grandpa\velazul\grand chase\main.exe |
"{C1A1AF29-392B-43BF-9C78-2AAA89BCE575}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{C3E500AE-9252-45D6-852B-15854ACAB814}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CD84225F-4C5B-4659-889F-25EC9BC46497}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{D8253332-6290-4608-BCC9-8D0F87A06C14}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DBC5F9C0-677C-4F13-8962-C50953E8E6F3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E3474D9E-1B68-4026-B04F-1E6EFEDD57A6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA1B000D-6665-49F5-88E6-2C627BD21EE6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F0EC5718-3199-4EAB-86DD-684C542FDF14}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F46BEA34-7915-461E-9A71-6FE2C63D40BE}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F6B3E8EF-6EF6-48DA-8E9B-7A60F8C85EA5}" = protocol=6 | dir=out | app=system |
"{F78ABECD-6C5E-49DF-8E06-7BEBDE057FB8}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{2DE6E271-AB2F-4ADB-9259-D75D0E5C6EC2}C:\users\grandpa\reeeeeelay\velazul\grand chase\main.exe" = protocol=6 | dir=in | app=c:\users\grandpa\reeeeeelay\velazul\grand chase\main.exe |
"TCP Query User{37942E3E-2246-4205-A6CB-588C292F5A21}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5A048F0E-84A0-46B6-BAB0-B344D7B46605}C:\program files\persona\persona.exe" = protocol=6 | dir=in | app=c:\program files\persona\persona.exe |
"TCP Query User{B5D52396-1E5A-46B8-874C-1150114592CA}C:\program files\simplify media\simplifymedia.exe" = protocol=6 | dir=in | app=c:\program files\simplify media\simplifymedia.exe |
"TCP Query User{B90BDC2F-2EFF-416D-9EF0-8CD340CFFE9E}C:\users\grandpa\desktop\velazul\grand chase\main.exe" = protocol=6 | dir=in | app=c:\users\grandpa\desktop\velazul\grand chase\main.exe |
"TCP Query User{DC34D52C-BB0B-427A-85C3-5EDD70474749}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{E52BFC69-EF51-41CA-B3F1-68E7F274B883}C:\program files\simplify media\simplifymedia.exe" = protocol=6 | dir=in | app=c:\program files\simplify media\simplifymedia.exe |
"TCP Query User{FFD0DA07-70E4-4C69-9C4C-5B5421F12B4C}C:\program files\playonline\squareenix\playonlineviewer\pol.exe" = protocol=6 | dir=in | app=c:\program files\playonline\squareenix\playonlineviewer\pol.exe |
"UDP Query User{0B41D0B5-53DA-4AE5-8D74-05E8CA383E57}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{1C743334-FF7B-432D-A482-2C6FA8E098AC}C:\program files\simplify media\simplifymedia.exe" = protocol=17 | dir=in | app=c:\program files\simplify media\simplifymedia.exe |
"UDP Query User{2C5E72CA-DF72-47D6-A3E0-EB02A722431F}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{549649F3-0B65-4722-8C3B-7C4CB57F2340}C:\users\grandpa\reeeeeelay\velazul\grand chase\main.exe" = protocol=17 | dir=in | app=c:\users\grandpa\reeeeeelay\velazul\grand chase\main.exe |
"UDP Query User{AD77CFCB-1971-4ACB-9042-4E1E03776037}C:\program files\persona\persona.exe" = protocol=17 | dir=in | app=c:\program files\persona\persona.exe |
"UDP Query User{B93E5FB3-91E9-44B1-A7C4-C3E4F9BA0626}C:\program files\playonline\squareenix\playonlineviewer\pol.exe" = protocol=17 | dir=in | app=c:\program files\playonline\squareenix\playonlineviewer\pol.exe |
"UDP Query User{C4A1EBB6-BF39-472E-B7C0-1B1012FB4BDA}C:\program files\simplify media\simplifymedia.exe" = protocol=17 | dir=in | app=c:\program files\simplify media\simplifymedia.exe |
"UDP Query User{E304CAE6-5554-41FF-AA73-05243D9FC597}C:\users\grandpa\desktop\velazul\grand chase\main.exe" = protocol=17 | dir=in | app=c:\users\grandpa\desktop\velazul\grand chase\main.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{0312BD0D-A1FE-4E1A-9208-D436F566D867}" = VAIO Azure Float Wallpaper
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{1417F599-1DBD-4499-9375-B2813E9F890C}" = VAIO Camera Utility
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE
"{1CB58957-89F2-438D-AF0B-900FE5B6EB0E}" = QuickVoice
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235915A8-1C0D-4920-95EA-FE8B773E5F57}" = VAIO Teal Whisper Wallpaper
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 17
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{282E5AB2-8E47-4571-B6FA-6B512555B557}" = HP Photosmart.All-In-One Driver Software 8.0 .A
"{28EAF1F5-4E32-4A52-ADAC-846CF1C5F06D}" = Pure Networks Platform
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (VAIO_VEDB)
"{2CD2C0DB-81C3-416B-9FA6-589B9235359B}" = OpenOffice.org 2.4
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java™ 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{337CBC16-F6F3-411A-9A3F-DB21C57BFDFD}" = Simple Start Entice
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{363188E4-1A27-4DE6-BA48-823D2E205385}" = ArcSoft Scan-n-Stitch Deluxe
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{37530151-56A6-4CE4-9F9F-CE1F5A1356C6}" = ArcSoft Panorama Maker 4
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B203763-8CA0-4A62-AFFD-44F7F7C8889A}" = VAIO Video & Photo Suite
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40DA94AF-34B7-4BA7-A37F-26F899C031FF}" = ArcSoft PhotoStudio Darkroom 2
"{428A6DA3-FD56-44AE-B602-15DCCD6A7515}" = VAIO AV Mode Launcher
"{44F5A980-8A6B-4aca-8D85-EFCE5D67D379}" = AIO_CDA_ProductContext
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4BD5B5D2-406D-4bc5-BB10-2F0D1D367C95}" = c6100_Help
"{4E993095-28F2-4060-9101-99C1FD1195C0}" = VAIO Central
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{500C3FDC-5E5F-485F-BDF5-2C445839CBE0}" =
"{5023B3E9-6B73-471E-8BD9-DA4442AE357C}" = ArcSoft Print Creations - Quick Photo Book
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{55251924-B51C-4E66-8199-5258672518C5}" = Epocrates Essentials for Pocket PC
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{59452470-A902-477F-9338-9B88101681BD}" = Setting Utility Series
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}" = VAIO Photo 2007
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{661F85B9-FB7F-4884-BFCB-09C71930BA8F}" = ArcSoft MediaImpression for Kodak
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Video & Photo Suite
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7617FC2E-EA1B-4F07-A0F5-5D5F437CB32D}" = MioMore Desktop 2008
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.0
"{7D716354-2C08-48DC-9AC5-957348048817}" = VAIO Help And Support
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{82FAC25D-D0E1-4D60-9268-F3DD958BF052}" = ArcSoft RAW Thumbnail Viewer
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C44C027-7B9F-46F1-8FD8-5767403A7CA5}" = AppMon Utility
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91208A47-5D08-4C79-986F-1931940F51BB}" = QuickBooks Product Listing Service
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9542A589-9E34-4D25-BBED-E4AFA039AF56}" = Edison
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9E319E96-ED8E-4B01-9775-C521A1869A25}" = VAIO Power Management
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{A0EB195B-5876-48E6-879D-33D4B2102610}" = SonicStage 4.3
"{A2F04387-D48C-4EE4-BD8D-E3FC888772FF}" = Simplify Media
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AF1C9345-B53D-4110-BFBF-A0DD83AEAB83}" = AIO_CDA_Software
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{AFB6AFBA-88B1-48A7-AF52-BA59BA5F183B}" = Image Converter 3
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B59B3DA8-06F8-4B4C-AE94-5180753EF108}" = VAIO Floral Dusk Wallpaper
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{BABC878D-BB64-4688-9A88-1D9E88F339A9}" = VAIO Productivity Center
"{BADC5319-A2A0-4BE1-A7C3-A271AE0E791D}" = The Shield Deluxe 2010
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = TIPCI
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C299F969-AE3D-4679-ADF5-682A186CE62E}" = VAIO Center Access Bar
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C867F57B-39C1-4341-A164-F569839BCCBF}" = Cards
"{C8B44566-839A-459C-A73D-49764CE216CC}" = ArcSoft Video Downloader
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF96DD04-58E3-4C95-BAB2-AC0FFC633868}" = ArcSoft Print Creations
"{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}" = VAIO Security Center
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D36E4755-83B9-4B10-BE51-0AC5B9F43C1F}" = VAIO Media
"{D6651810-8439-4F25-BACC-5FB66D4B1A63}" = VAIO Media Registration Tool
"{D6E4E5D6-7693-4BB4-95BA-21F38FAFEE90}" = Safari
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D937DD80-3928-4617-876F-538A25AECB17}" = LocationFree Player
"{DA2B455A-B0BE-4C5A-B73A-0615F37C81D5}" = Beowulf TM
"{DD8D2C34-25FC-471E-84C5-5D6F443FDD78}_is1" = TuneWiki ver. 0.1.01.53
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E13A66A4-8A37-451E-B4C5-E60BA0A777E3}" = Preclick PhotoBack Plug-in for HP
"{E2EE273D-E111-4FFD-ACD4-78E1D35E01D2}" = ArcSoft Photo Book Screen Saver
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E74F7423-77CB-4F6A-A44D-604E1010FE50}" = VAIO Entertainment Center
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF3D45BB-2260-4008-88EA-492E7744A9DF}" = Sony Utilities DLL
"{EF8FD9A7-A0E0-473F-A18E-AD1933C9E366}" = Simplify Media
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FAA9B753-45CE-4581-876C-55D97939B631}" = C6100
"7-Zip" = 7-Zip 4.65
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Alexey's Dwice_is1" = Alexey's Dwice version 1.06
"Amazon Kindle For PC" = Amazon Kindle For PC v1.0
"Any Video Converter_is1" = Any Video Converter 3.0.1
"BitTorrent" = BitTorrent
"cayahooantispy" = CA Yahoo! Anti-Spy (remove only)
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FrostWire" = FrostWire 4.18.5
"Grouper Screen Saver_is1" = Grouper Screen Saver 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"InstallShield_{BE1826A9-7EEE-492A-B3BC-DEF3DFAE37EE}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Linksys EasyLink Advisor" = Linksys EasyLink Advisor
"MailWasher Pro_is1" = MailWasher Pro
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"NVIDIA Drivers" = NVIDIA Drivers
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-13-24-01
"Persona" = Hybrid Downloader 1,0,2,6
"Photo Viewer_is1" = Photo Viewer s2.5
"smARTupdate" = smARTupdate
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 4" = TeamViewer 4
"Test My Hardware_is1" = Test My Hardware 2.4
"tunewiki Toolbar" = tunewiki Toolbar
"VAIO Service Utility" = VAIO Service Utility
"WildSnake Arcade: ZombieBall_is1" = WildSnake Arcade: ZombieBall version 1.03
"WildSnake Pinball: Invasion 2_is1" = WildSnake Pinball: Invasion 2 version 1.01
"WildSnake Puzzle: Harvest Lines_is1" = WildSnake Puzzle: Harvest Lines 1.04
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"WinLiveSuite_Wave3" = Windows Live Essentials
"YInstHelper" = Yahoo! Install Manager

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 8/17/2009 1:09:52 PM | Computer Name = Grandpa-PC | Source = VSS | ID = 8194
Description =

Error - 8/17/2009 4:52:43 PM | Computer Name = Grandpa-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/17/2009 4:52:43 PM | Computer Name = Grandpa-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/18/2009 8:59:41 AM | Computer Name = Grandpa-PC | Source = VSS | ID = 12293
Description =

Error - 8/18/2009 12:37:24 PM | Computer Name = Grandpa-PC | Source = VSS | ID = 12293
Description =

Error - 8/18/2009 12:37:29 PM | Computer Name = Grandpa-PC | Source = System Restore | ID = 8193
Description =

Error - 8/18/2009 12:37:29 PM | Computer Name = Grandpa-PC | Source = System Restore | ID = 8210
Description =

Error - 8/18/2009 2:48:36 PM | Computer Name = Grandpa-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/18/2009 2:48:36 PM | Computer Name = Grandpa-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 8/18/2009 2:48:36 PM | Computer Name = Grandpa-PC | Source = Windows Search Service | ID = 3013
Description =

[ Media Center Events ]
Error - 2/23/2008 6:52:14 AM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 4/17/2008 11:49:27 AM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 4/18/2008 6:42:19 PM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/23/2008 5:46:00 PM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/27/2008 4:08:39 PM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 5/31/2008 11:24:43 AM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 8/18/2008 1:48:49 PM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/28/2008 10:15:16 AM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/1/2008 5:37:27 PM | Computer Name = Grandpa-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 8/6/2008 7:45:13 AM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/8/2008 7:45:48 AM | Computer Name = Grandpa-PC | Source = Print | ID = 19
Description = The print spooler failed to share printer QuickBooks PDF Converter
with shared resource name QuickBooks PDF Converter. Error 2114. The printer cannot
be used by others on the network.

Error - 8/8/2008 2:08:28 PM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/9/2008 8:04:46 AM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/9/2008 12:35:12 PM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/9/2008 12:56:36 PM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/9/2008 3:17:16 PM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/10/2008 8:27:08 AM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/10/2008 9:18:03 AM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.

Error - 8/10/2008 12:19:26 PM | Computer Name = Grandpa-PC | Source = ACPI | ID = 327693
Description = : The embedded controller (EC) did not respond within the specified
timeout period. This may indicate that there is an error in the EC hardware or
firmware or that the BIOS is accessing the EC incorrectly. You should check with
your computer manufacturer for an upgraded BIOS. In some situations, this error
may cause the computer to function incorrectly.


< End of report >

Edited by Ecnal57, 05 January 2010 - 04:00 PM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP