Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HP Desktop Freezes after 5 minutes


  • Please log in to reply

#1
xgs

xgs

    New Member

  • Member
  • Pip
  • 2 posts
My HP desktop freezes after being on for about 5 minutes. I then have to turn off the computer again, restart it and then it shuts down after 5 minutes again. After I run the recommended Antivirus/antispyware sequence it starts running again for a few days and then it goes back to having the same problem. Someone please help. Thanks

These are the computer specs:
HP Pavillion Desktop a6642p
Intel Pentium Dual Core Desktop Processor E5200
6GB
500GB HD
DVD burner with lightscribe technology
Intel Graphics media accelerator 3100
Windows Vista Home Premium 64 bit

Below are the respective log files
OTL.TXT

OTL logfile created on: 6/13/2010 8:49:35 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\user\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.72 Gb Total Space | 317.62 Gb Free Space | 70.00% Space Free | Partition Type: NTFS
Drive D: | 12.03 Gb Total Space | 1.64 Gb Free Space | 13.59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BBGDESKTOP
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/06/13 20:43:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe
PRC - [2010/05/26 11:03:40 | 002,346,192 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 3\AWC.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/03/18 14:33:26 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\user\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe
PRC - [2010/03/18 11:19:26 | 000,207,360 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/10 22:32:26 | 000,648,536 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/11/02 13:17:08 | 000,604,888 | ---- | M] (TiVo Inc.) -- C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe
PRC - [2009/11/02 13:17:06 | 002,195,160 | ---- | M] (TiVo Inc.) -- C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe
PRC - [2009/11/02 13:17:04 | 000,430,808 | ---- | M] (TiVo Inc.) -- C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe
PRC - [2009/09/09 14:26:36 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/08/06 14:44:48 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009/08/06 14:44:46 | 000,122,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/06/11 03:51:50 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/11 03:51:48 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/08/30 10:50:42 | 000,205,480 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2007/04/10 17:46:35 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX3000.exe
PRC - [2006/11/03 11:01:16 | 000,319,488 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC7302\Monitor.exe


========== Modules (SafeList) ==========

MOD - [2010/06/13 20:43:35 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\user\Downloads\OTL.exe
MOD - [2010/04/01 09:57:36 | 000,015,056 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\sahook.dll
MOD - [2010/03/05 10:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
MOD - [2009/09/30 21:02:17 | 002,537,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wpdshext.dll
MOD - [2009/04/11 02:28:25 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wmiutils.dll
MOD - [2009/04/11 02:28:25 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemsvc.dll
MOD - [2009/04/11 02:28:25 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemprox.dll
MOD - [2009/04/11 02:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\fastprox.dll
MOD - [2009/04/11 02:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/04/11 02:28:18 | 000,168,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dnsapi.dll
MOD - [2009/04/11 02:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rsaenh.dll
MOD - [2009/04/11 02:21:38 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396
ca17ae07\GdiPlus.dll
MOD - [2008/01/20 22:51:04 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\wbemdisp.dll
MOD - [2008/01/20 22:51:03 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdsapi.dll
MOD - [2008/01/20 22:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2008/01/20 22:49:12 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sxs.dll
MOD - [2008/01/20 22:48:14 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbemcomn.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/12/09 20:30:34 | 000,017,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/10/27 20:16:44 | 000,434,728 | ---- | M] (GreenPrint Technologies LLC.) [Auto | Running] -- C:\Program Files\GreenPrint\gpsrht01.exe -- (GreenPrint)
SRV:64bit: - [2009/09/24 21:26:26 | 001,142,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/04/11 03:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:64bit: - [2009/03/30 17:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/26 11:16:04 | 000,110,312 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/11/02 13:17:00 | 001,098,968 | ---- | M] (TiVo Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\TiVo\Desktop\TiVoBeacon.exe -- (TivoBeacon2)
SRV - [2009/09/22 13:12:45 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/03/30 00:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/06/11 03:51:50 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/01/11 18:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/10/14 22:15:16 | 000,963,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2007/05/17 17:45:33 | 000,443,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV - [2006/11/02 09:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 02:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 02:35:15 | 000,055,846 | ---- | M] () [On_Demand | Running] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/10/16 02:33:06 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/09/22 13:08:14 | 000,052,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/09/02 04:09:34 | 000,221,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/11 01:40:06 | 000,694,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2009/04/11 01:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2009/04/11 01:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2009/04/11 01:39:53 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2009/04/11 01:39:35 | 000,036,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\WinUSB.SYS -- (winusb)
DRV:64bit: - [2009/04/11 01:39:34 | 000,098,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2009/02/26 19:46:34 | 010,276,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2008/12/04 21:48:52 | 000,407,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/11/26 14:51:18 | 000,390,144 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr6164.sys -- (rt61x64)
DRV:64bit: - [2008/11/11 13:59:26 | 000,004,608 | ---- | M] (SupportSoft Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ssrangdr.sys -- (ssrangdr)
DRV:64bit: - [2008/08/20 06:49:44 | 000,058,368 | ---- | M] (ASIX Electronics Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ax88772.sys -- (AX88772)
DRV:64bit: - [2008/05/20 18:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/01/20 22:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 22:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 22:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2007/09/10 08:50:26 | 000,527,360 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PAC7302.SYS -- (PAC7302)
DRV:64bit: - [2007/06/20 19:57:36 | 000,029,184 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motmodem.sys -- (motmodem)
DRV:64bit: - [2007/04/10 17:46:36 | 002,105,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VX3000.sys -- (VX3000)
DRV:64bit: - [2007/02/16 02:45:24 | 001,095,680 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CM10664.sys -- (CM1063264)
DRV - [2008/01/20 22:49:57 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\winusb.dll -- (winusb)
DRV - [2007/04/10 17:46:37 | 000,111,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\VX3000.dll -- (VX3000)
DRV - [2006/09/18 17:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 17:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=en&source=iglk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B0 6F 9F 01 49 F3 C9 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.1


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/02 11:58:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files (x86)\McAfee\SiteAdvisor [2010/06/09 09:35:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/06 14:27:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/06/08 04:41:29 | 000,000,000 | ---D | M]

[2010/03/23 12:22:22 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Extensions
[2010/06/13 06:17:56 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\0xsctuiv.default\extensions
[2010/04/29 13:47:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\0xsctuiv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/05/08 14:47:52 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\user\AppData\Roaming\mozilla\Firefox\Profiles\0xsctuiv.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/06/13 06:17:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/08/03 09:19:02 | 000,442,368 | ---- | M] (Invenda Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol308.dll

O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - Reg Error: Value error. File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [CM106Sound] C:\Windows\Syswow64\CM106.CPL (C-Media Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe (PixArt Imaging Incorporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [CarboniteSetupLite] C:\Program Files (x86)\Carbonite\CarbonitePreinstaller.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TivoNotify] C:\Program Files (x86)\TiVo\Desktop\TiVoNotify.exe (TiVo Inc.)
O4 - HKCU..\Run: [TivoServer] C:\Program Files (x86)\TiVo\Desktop\TiVoServer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TivoTransfer] C:\Program Files (x86)\TiVo\Desktop\TiVoTransfer.exe (TiVo Inc.)
O4 - HKCU..\Run: [TranscodingService] C:\Program Files (x86)\TiVo\Desktop\Plus\\TranscodingService.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {21C6245C-9408-11D7-BF3B-00E09876DF26} http://www.webattend...ents/wt0523.cab (WebTrain.ctlWebTrain)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} https://h20436.www2....re/HPDEXAXO.cab (HP Download Manager)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (Reg Error: Value error.)
O16 - DPF: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} http://h20264.www2.h...osticsVista.cab (Reg Error: Value error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {83AB6E4D-CDD7-11D3-B5E7-00104B9AFF6E} http://sef.mlxchange...ol/IRCSharc.cab (GeacRevw Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg...l_v1-0-29-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.4.2_18)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {DAF7E6E6-D53A-439A-B28D-12271406B8A9} http://mobileapps.bl...re/AxLoader.cab (RIM AxLoader)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Value error.)
O16 - DPF: Web-Based Email Tools http://email.secures...et/Download.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\clouds.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\clouds.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{52f5ddfd-cde0-11dd-830a-00221581a796}\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 90 Days ==========

[2010/06/13 06:15:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010/06/13 06:14:58 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/06/12 05:12:09 | 002,476,343 | -H-- | C] () -- C:\Users\user\AppData\Local\IconCache.db
[2010/05/25 11:18:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPublisher
[2010/05/25 11:18:40 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\MyPublisher
[2010/05/23 06:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\McAfee
[2010/05/23 06:36:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\McAfee
[2010/05/23 06:35:05 | 000,000,000 | ---D | C] -- C:\fe76c068568b465a5489a99572f078
[2010/05/08 14:48:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow
[2010/05/08 14:47:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/05/08 14:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2010/05/06 05:37:38 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Malwarebytes
[2010/05/06 05:37:30 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/05/06 05:37:29 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/05/06 05:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/05/06 05:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/05/06 05:35:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/05/06 05:35:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/05/06 04:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/04/28 12:02:55 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\KRC
[2010/04/28 11:06:43 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/04/28 11:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/04/28 11:06:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/04/28 11:02:21 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/04/28 11:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2010/04/25 12:15:19 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\BOXEE
[2010/04/25 12:14:39 | 000,368,242 | ---- | C] () -- C:\Users\user\AppData\Local\dd_vcredistMSI4838.txt
[2010/04/25 12:14:38 | 000,013,078 | ---- | C] () -- C:\Users\user\AppData\Local\dd_vcredistUI4838.txt
[2010/04/25 12:13:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Boxee
[2010/04/25 08:47:08 | 000,000,000 | R--D | C] -- C:\Users\user\Documents\My TiVo Recordings
[2010/04/25 08:47:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\TiVo Desktop
[2010/04/25 08:47:08 | 000,000,000 | ---D | C] -- C:\ProgramData\TiVo
[2010/04/25 08:47:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TiVo
[2010/04/25 08:47:08 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\My TiVo Recordings for Portables
[2010/04/24 17:34:57 | 000,000,000 | ---- | C] () -- C:\Users\user\AppData\Local\prvlcl.dat
[2010/04/07 10:10:32 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Blackberry Desktop
[2010/04/07 10:06:53 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Research In Motion
[2010/04/07 10:03:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Research In Motion
[2010/04/07 10:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Research In Motion
[2010/04/07 10:02:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Research In Motion
[2010/04/06 14:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/04/05 15:22:51 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/04/05 12:57:05 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{0ddae5a0-40d1-11df-a4f5-ea4bfad03bb9}.TMContainer00000000000000000002.regtrans-ms
[2010/04/05 12:57:05 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{0ddae5a0-40d1-11df-a4f5-ea4bfad03bb9}.TMContainer00000000000000000001.regtrans-ms
[2010/04/05 12:57:05 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{0ddae5a0-40d1-11df-a4f5-ea4bfad03bb9}.TM.blf
[2010/03/30 07:48:49 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/03/28 07:01:17 | 000,000,732 | ---- | C] () -- C:\Users\user\AppData\Local\d3d9caps64.dat
[2010/03/23 14:57:27 | 000,000,000 | ---D | C] -- C:\ProgramData\avg9
[2010/03/23 12:21:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Mozilla
[2010/03/18 10:32:08 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\Organization forms
[2010/03/17 09:54:28 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{605a6e75-31c7-11df-ba65-00221581a796}.TMContainer00000000000000000002.regtrans-ms
[2010/03/17 09:54:28 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{605a6e75-31c7-11df-ba65-00221581a796}.TMContainer00000000000000000001.regtrans-ms
[2010/03/17 09:54:27 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{605a6e75-31c7-11df-ba65-00221581a796}.TM.blf
[2010/03/17 09:49:08 | 000,262,144 | -H-- | C] () -- C:\Users\user\NTUSER.rhk.LOG1
[2010/03/17 09:49:08 | 000,000,000 | -H-- | C] () -- C:\Users\user\NTUSER.rhk.LOG2
[2010/03/17 09:36:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wise Registry Cleaner
[2010/03/16 14:37:58 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Sammsoft
[2010/03/16 12:18:14 | 000,441,108 | ---- | C] () -- C:\Users\user\AppData\Local\dd_vcredistMSI15A8.txt
[2010/03/16 12:18:14 | 000,013,370 | ---- | C] () -- C:\Users\user\AppData\Local\dd_vcredistUI15A8.txt
[2010/03/16 12:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/03/16 12:17:31 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2008/12/02 17:43:37 | 000,151,552 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp2std.dll

========== Files - Modified Within 90 Days ==========

[2010/06/13 20:50:04 | 000,000,416 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D8559AEF-529F-444C-B6BB-4113654BA383}.job
[2010/06/13 20:46:42 | 006,553,600 | ---- | M] () -- C:\Users\user\NTUSER.DAT
[2010/06/13 20:45:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/13 20:45:57 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/13 20:38:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-597769071-336554195-1604139624-1000UA.job
[2010/06/13 20:14:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/13 14:38:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-597769071-336554195-1604139624-1000Core.job
[2010/06/13 09:14:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/13 06:46:21 | 000,000,465 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2010/06/13 06:45:54 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010/06/13 06:45:52 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/13 06:45:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/13 06:44:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/06/13 06:44:17 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{0ddae5a0-40d1-11df-a4f5-ea4bfad03bb9}.TMContainer00000000000000000001.regtrans-ms
[2010/06/13 06:44:17 | 000,065,536 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{0ddae5a0-40d1-11df-a4f5-ea4bfad03bb9}.TM.blf
[2010/06/13 06:44:11 | 002,476,343 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db
[2010/06/13 06:14:58 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/13 05:48:38 | 000,000,000 | ---- | M] () -- C:\Users\user\AppData\Local\prvlcl.dat
[2010/06/11 12:26:41 | 000,406,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/09 16:48:59 | 000,000,060 | ---- | M] () -- C:\Windows\wpd99.drv
[2010/06/09 16:22:06 | 000,019,060 | ---- | M] () -- C:\Users\user\Desktop\WEBSITE LOGINS.docx
[2010/06/09 13:18:21 | 000,002,617 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Outlook 2007.lnk
[2010/06/07 14:08:30 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\Java Web Start.lnk
[2010/06/03 12:05:30 | 000,045,056 | ---- | M] () -- C:\Users\user\Desktop\Labels Misc & Personal Orange Template.doc
[2010/06/03 11:53:32 | 000,044,032 | ---- | M] () -- C:\Users\user\Desktop\Labels CC Blue Template.doc
[2010/06/01 13:48:05 | 000,043,520 | ---- | M] () -- C:\Users\user\Desktop\Labels Taxes Red Template.doc
[2010/05/29 12:32:33 | 000,000,732 | ---- | M] () -- C:\Users\user\AppData\Local\d3d9caps64.dat
[2010/05/29 10:34:45 | 001,156,682 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/05/29 10:34:45 | 000,297,060 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/05/29 10:34:45 | 000,005,258 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/05/26 11:59:14 | 000,000,162 | -H-- | M] () -- C:\Users\user\Desktop\~$BSITE LOGINS.docx
[2010/05/25 13:13:12 | 000,014,360 | ---- | M] () -- C:\Users\user\Desktop\Operations Manual.docx
[2010/05/25 11:18:49 | 000,001,074 | ---- | M] () -- C:\Users\user\Desktop\MyPublisher.lnk
[2010/05/10 13:04:48 | 000,000,430 | ---- | M] () -- C:\Users\user\Desktop\KRC - Shortcut.lnk
[2010/05/06 15:35:21 | 000,044,032 | ---- | M] () -- C:\Users\user\Desktop\Labels Bank Green Template.doc
[2010/05/06 15:08:24 | 000,044,544 | ---- | M] () -- C:\Users\user\Desktop\Labels Utilities Yellow Template.doc
[2010/05/06 13:06:35 | 000,000,140 | ---- | M] () -- C:\Users\user\AppData\Roaming\wklnhst.dat
[2010/05/06 05:37:33 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/06 04:49:36 | 000,001,890 | ---- | M] () -- C:\Users\user\Desktop\HijackThis.lnk
[2010/05/05 12:29:59 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\bd4040cn.dat
[2010/05/05 12:29:59 | 000,000,026 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2010/05/05 11:48:26 | 000,008,518 | ---- | M] () -- C:\Users\user\Desktop\Book1.xlsx
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/28 11:08:01 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/25 08:47:15 | 000,000,837 | ---- | M] () -- C:\Users\Public\Desktop\TiVo Desktop.lnk
[2010/04/20 11:11:09 | 000,091,010 | ---- | M] () -- C:\Users\user\Desktop\pant order.pdf
[2010/04/19 05:40:34 | 000,001,879 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/07 10:16:18 | 000,000,256 | ---- | M] () -- C:\Windows\SysWow64\pool.bin
[2010/04/07 10:03:06 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/04/06 14:26:46 | 000,001,718 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/04/05 15:14:47 | 000,001,866 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2010/04/05 14:20:54 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{0ddae5a0-40d1-11df-a4f5-ea4bfad03bb9}.TMContainer00000000000000000002.regtrans-ms
[2010/04/05 12:55:53 | 006,291,456 | ---- | M] () -- C:\Users\user\NTUSER.bak
[2010/04/05 12:55:53 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{605a6e75-31c7-11df-ba65-00221581a796}.TMContainer00000000000000000001.regtrans-ms
[2010/04/05 12:55:53 | 000,065,536 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{605a6e75-31c7-11df-ba65-00221581a796}.TM.blf
[2010/03/23 15:42:00 | 000,444,479 | ---- | M] () -- C:\Users\user\Desktop\scan2.pdf
[2010/03/23 15:29:00 | 000,445,253 | ---- | M] () -- C:\Users\user\Desktop\Scan1.pdf
[2010/03/23 12:21:04 | 000,001,740 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/17 11:30:20 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{605a6e75-31c7-11df-ba65-00221581a796}.TMContainer00000000000000000002.regtrans-ms
[2010/03/17 09:57:06 | 000,107,816 | ---- | M] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/17 09:49:25 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{ecc8f4f6-ddb7-11de-b23a-00221581a796}.TMContainer00000000000000000001.regtrans-ms
[2010/03/17 09:49:25 | 000,065,536 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{ecc8f4f6-ddb7-11de-b23a-00221581a796}.TM.blf
[2010/03/17 09:37:01 | 000,001,852 | ---- | M] () -- C:\Users\Public\Desktop\Clear with 1 click.lnk
[2010/03/17 09:37:01 | 000,000,954 | ---- | M] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2010/03/17 09:30:26 | 000,001,018 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/03/17 09:30:26 | 000,000,134 | ---- | M] () -- C:\Users\user\Desktop\IObit Freeware.url
[2010/03/16 12:24:35 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

========== Files Created - No Company Name ==========

[2010/06/13 06:14:58 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/07 14:08:30 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\Java Web Start.lnk
[2010/05/26 11:59:14 | 000,000,162 | -H-- | C] () -- C:\Users\user\Desktop\~$BSITE LOGINS.docx
[2010/05/25 13:02:37 | 000,014,360 | ---- | C] () -- C:\Users\user\Desktop\Operations Manual.docx
[2010/05/25 11:18:49 | 000,001,074 | ---- | C] () -- C:\Users\user\Desktop\MyPublisher.lnk
[2010/05/10 13:04:48 | 000,000,430 | ---- | C] () -- C:\Users\user\Desktop\KRC - Shortcut.lnk
[2010/05/08 14:48:05 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/05/06 13:35:12 | 000,043,520 | ---- | C] () -- C:\Users\user\Desktop\Labels Taxes Red Template.doc
[2010/05/06 13:34:55 | 000,044,032 | ---- | C] () -- C:\Users\user\Desktop\Labels Bank Green Template.doc
[2010/05/06 13:34:35 | 000,045,056 | ---- | C] () -- C:\Users\user\Desktop\Labels Misc & Personal Orange Template.doc
[2010/05/06 13:33:41 | 000,044,544 | ---- | C] () -- C:\Users\user\Desktop\Labels Utilities Yellow Template.doc
[2010/05/06 13:33:08 | 000,044,032 | ---- | C] () -- C:\Users\user\Desktop\Labels CC Blue Template.doc
[2010/05/06 05:37:33 | 000,000,810 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/05/06 04:49:36 | 000,001,890 | ---- | C] () -- C:\Users\user\Desktop\HijackThis.lnk
[2010/05/05 11:48:26 | 000,008,518 | ---- | C] () -- C:\Users\user\Desktop\Book1.xlsx
[2010/04/28 14:11:36 | 000,019,060 | ---- | C] () -- C:\Users\user\Desktop\WEBSITE LOGINS.docx
[2010/04/28 11:08:01 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/04/25 08:47:15 | 000,000,837 | ---- | C] () -- C:\Users\Public\Desktop\TiVo Desktop.lnk
[2010/04/20 11:11:06 | 000,091,010 | ---- | C] () -- C:\Users\user\Desktop\pant order.pdf
[2010/04/13 10:03:55 | 000,001,879 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/04/07 10:03:06 | 000,001,861 | ---- | C] () -- C:\Users\Public\Desktop\Desktop Manager.lnk
[2010/04/06 14:26:46 | 000,001,718 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/03/23 15:42:00 | 000,444,479 | ---- | C] () -- C:\Users\user\Desktop\scan2.pdf
[2010/03/23 15:29:00 | 000,445,253 | ---- | C] () -- C:\Users\user\Desktop\Scan1.pdf
[2010/03/23 12:21:04 | 000,001,740 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/03/18 09:41:57 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\pool.bin
[2010/03/17 09:37:01 | 000,001,852 | ---- | C] () -- C:\Users\Public\Desktop\Clear with 1 click.lnk
[2010/03/17 09:37:01 | 000,000,954 | ---- | C] () -- C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
[2010/03/17 09:30:40 | 000,000,392 | ---- | C] () -- C:\Windows\tasks\AWC Startup.job
[2010/03/17 09:30:26 | 000,001,018 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare.lnk
[2010/03/17 09:30:26 | 000,000,134 | ---- | C] () -- C:\Users\user\Desktop\IObit Freeware.url
[2010/03/16 12:24:35 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2009/12/28 14:05:56 | 000,000,465 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/12/28 14:05:56 | 000,000,026 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2009/06/24 09:39:21 | 000,000,322 | ---- | C] () -- C:\Windows\SysWow64\Remover.ini
[2009/06/08 11:00:58 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/08 11:00:08 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/02/24 12:12:47 | 000,712,872 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/01/05 10:36:28 | 000,172,128 | ---- | C] () -- C:\Windows\_isusr32.dll
[2009/01/05 10:36:24 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\_isusr2k.dll
[2009/01/03 15:53:21 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\Zlib.dll
[2008/12/17 19:54:13 | 000,049,152 | ---- | C] () -- C:\Windows\SysWow64\CM106rm.dll
[2008/12/17 19:54:13 | 000,000,508 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2008/12/17 19:53:25 | 000,002,069 | ---- | C] () -- C:\Windows\Cm106.ini.cfg
[2008/12/17 19:53:25 | 000,000,205 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2008/12/17 19:53:24 | 000,065,536 | ---- | C] () -- C:\Windows\VMix.dll
[2008/12/17 19:53:24 | 000,005,340 | ---- | C] () -- C:\Windows\Cm106.ini
[2008/12/04 14:30:46 | 000,000,060 | ---- | C] () -- C:\Windows\wpd99.drv
[2008/12/04 14:30:45 | 000,047,616 | ---- | C] () -- C:\Windows\SysWow64\pdf995mon64.dll
[2008/12/04 10:46:14 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/12/02 17:43:37 | 012,006,784 | ---- | C] () -- C:\Windows\SysWow64\drivers\snp2sxp.sys
[2008/12/02 17:43:37 | 000,024,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\sncamd.sys
[2008/12/02 17:43:37 | 000,015,497 | ---- | C] () -- C:\Windows\snp2std.ini
[2008/08/20 00:34:39 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/08/20 00:34:39 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/02/04 19:23:10 | 000,693,792 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/06/12 11:25:54 | 000,000,920 | ---- | C] () -- C:\Windows\SysWow64\WLAN.INI
[2007/04/10 17:46:36 | 000,015,498 | ---- | C] () -- C:\Windows\VX3000.ini
[2007/03/20 16:44:02 | 000,000,566 | ---- | C] () -- C:\Windows\SysWow64\SP7302.ini
[2006/11/02 09:12:52 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\missouri.dll
[2006/10/27 14:52:34 | 000,000,518 | ---- | C] () -- C:\Windows\SysWow64\SP7311.ini
[2005/01/17 17:10:16 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2004/08/09 17:00:42 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI

========== LOP Check ==========

[2009/06/23 14:21:48 | 000,000,000 | -HSD | M] -- C:\Users\user\AppData\Roaming\.#
[2010/04/07 10:10:33 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Blackberry Desktop
[2010/04/25 12:15:19 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\BOXEE
[2009/06/25 14:28:50 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\CopyTrans
[2008/12/01 15:29:09 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\GetRightToGo
[2009/12/05 15:11:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Image Zone Express
[2009/11/10 12:35:32 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\IObit
[2009/08/07 10:07:03 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Leadertech
[2009/09/23 14:44:27 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\LimeWire
[2010/05/25 11:18:40 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\MyPublisher
[2008/12/04 14:31:59 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\pdf995
[2009/09/02 10:07:57 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Printer Info Cache
[2010/04/07 10:06:53 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Research In Motion
[2010/03/16 14:45:31 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Sammsoft
[2009/01/05 10:36:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Sharp
[2009/03/26 10:55:14 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Simple Star
[2010/02/23 15:12:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Skinux
[2009/01/08 12:38:42 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Spearit
[2008/11/29 08:42:30 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\SupportSoft
[2008/12/11 14:29:03 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Template
[2009/07/14 11:47:23 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\TrueSwitch
[2010/03/02 11:47:12 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WinBatch
[2009/06/25 14:09:29 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\WindSolutions
[2010/06/13 06:45:54 | 000,000,392 | ---- | M] () -- C:\Windows\Tasks\AWC Startup.job
[2010/06/13 06:44:24 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/06/13 20:50:04 | 000,000,416 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{D8559AEF-529F-444C-B6BB-4113654BA383}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2010/03/16 10:23:19 | 000,002,236 | ---- | M] () -- C:\aaw7boot.log
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/08/20 01:18:50 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/05/05 11:56:37 | 000,000,500 | ---- | M] () -- C:\FINIS_IT.TXT
[2007/11/06 22:13:42 | 000,359,256 | ---- | M] (Hewlett-Packard) -- C:\hpzids40.dll
[1995/08/15 03:00:00 | 000,536,048 | ---- | M] (Microsoft Corporation) -- C:\OC25.DLL
[2010/06/13 06:45:37 | 2450,866,175 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 02:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 22:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 02:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll

< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 22:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll

< End of report >

EXTRAS.TXT

OTL Extras logfile created on: 6/13/2010 8:49:35 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\user\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 83.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453.72 Gb Total Space | 317.62 Gb Free Space | 70.00% Space Free | Partition Type: NTFS
Drive D: | 12.03 Gb Total Space | 1.64 Gb Free Space | 13.59% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: BBGDESKTOP
Current User Name: user
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = C3 D4 39 12 51 E8 C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{14709C2F-C409-4639-B53D-E6AC3BE26061}" = rport=138 | protocol=17 | dir=out | app=system |
"{195BADE4-D4B7-40DF-BA86-F13993C80003}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1C27274A-D39A-47EC-975C-D6E6C7E68A9D}" = lport=7288 | protocol=6 | dir=in | name=tivo hme host: port %d |
"{2F3581F7-344D-431E-B90C-936E61C1E7DB}" = lport=139 | protocol=6 | dir=in | app=system |
"{4A80347F-5D4E-4AE7-894D-B7B1881E23FE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5C050BCD-B836-40B1-B27F-36F1DA52E954}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6CA8CBD9-48B1-4C83-8761-14744BAA0374}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8F30D981-3CE7-442D-8EDE-372DC9F4383F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{96085BC2-447A-4454-A952-B26F8A2603CB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A234D661-A17A-432A-A13D-3D76998D6C1A}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AE9F9E7E-63CB-4D8E-AA70-38007CA73807}" = lport=137 | protocol=17 | dir=in | app=system |
"{B39A6C0E-2D02-4ACD-BCA6-6FC82835062E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{B8FFD8E4-1D6B-4F40-B710-44C656971B48}" = lport=138 | protocol=17 | dir=in | app=system |
"{CF906B9D-DD71-4AE4-8BAB-83AC79ACCB8F}" = rport=139 | protocol=6 | dir=out | app=system |
"{D546781D-C6F7-4150-B51E-81A0E995C4FF}" = rport=137 | protocol=17 | dir=out | app=system |
"{D8BC902E-2E49-4431-ADAE-54B30AC08232}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E0B753A9-14F6-455E-9AD8-800C7D5AF4DF}" = rport=445 | protocol=6 | dir=out | app=system |
"{E1F39235-A99F-4F7D-B362-4EB43415C77A}" = lport=5353 | protocol=17 | dir=in | name=mdns-sd/bonjour |
"{E5116279-FEFA-4D15-BF6D-15A4B88F04B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E81CBCAC-700C-4934-92E1-1F5D16A42767}" = lport=445 | protocol=6 | dir=in | app=system |
"{F5DDEF05-343D-4B25-BE3F-E4D2F0817C10}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F86A3DB5-C48E-4355-BE3F-181CD24C57D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{FCA49652-9E12-4ABD-AD17-464FDF464895}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00A4C1C3-0EC9-4195-8DC9-4ED4C953D99D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{02CE23E0-9D02-4403-B921-145339F16027}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{051DE33B-57B8-4916-8610-7123019CA558}" = protocol=1 | dir=in | [email protected],-28543 |
"{063EC544-32E9-4A47-9DA4-96FB7AD7D986}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{0CB3A37C-B6CD-4B47-916B-17A34B5D31A9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{0D018594-0358-4F1B-A699-AF96BA2E2800}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{0D2E5847-471E-4DFF-80A7-AFFE1513289F}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
"{0E9D437D-E5C8-4EE3-B95F-FB5AF5161276}" = protocol=17 | dir=in | app=c:\users\user\appdata\local\temp\7zs77ee.tmp\symnrt.exe |
"{168F92D9-4B36-4E69-A4A4-3054E78754B9}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{19732E70-49EA-45D4-8203-DC95B876BCAA}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
"{2108FCBA-A164-48A2-815A-4778D845278E}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivotransfer.exe |
"{2C76951E-0ADE-4926-B438-4B8A8B37CA73}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\curl.exe |
"{2EAA2BC3-8EFE-44BC-ACD8-EB8C7D9C16F3}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{35745A7E-51E3-441D-9AAC-D9BAB5FCD3A4}" = protocol=58 | dir=in | [email protected],-28545 |
"{3B000115-E9E5-4D3A-9E9D-F824C8878AE2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3DF37043-45FD-451A-8C87-A2A203DCD4F0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{3F01796D-2D30-4E7F-B3BE-4711EC664975}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{40AD8DCE-500C-4921-8514-4E9672566070}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivodesktop.exe |
"{42BA7D81-7FBC-49B3-96E3-7D45BADEE92C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{5023AE21-A900-427D-99E3-6A53F122ABED}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{52E9094B-BB55-48BF-9B11-93DFAAC6C031}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{552A689A-C7FB-481A-894C-41961479D106}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{58CAAACA-1BF1-4A63-B321-03C3A194E46F}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5B5B6483-6092-4C7F-920A-1CC089B80414}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivotransfer.exe |
"{5D79F27B-0007-4626-AFA4-4CA0B9004F24}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{62C58549-8B5B-4A8D-9AA3-B8BC3F9051DE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{65B44493-38A4-4B17-BDAF-DE5F1B214A12}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{68C49880-0337-4AC0-A051-01641891286F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{6981E0EA-430D-4868-AFE6-94E08D371463}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{6C2BA948-F6DE-4AC7-9154-76E260BA4B23}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{724A5C0A-5EA8-46CF-BEAF-690B977DBE77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{775E5C64-835C-4955-9CB8-7671AEAE8BAC}" = protocol=6 | dir=in | app=c:\users\user\appdata\local\temp\7zs77ee.tmp\symnrt.exe |
"{7B6876F4-0DD7-4B06-A72E-5F3CED4C2367}" = protocol=58 | dir=out | [email protected],-28546 |
"{7C44D539-9BC2-4A7E-9D71-6FB4A85603F9}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\curl.exe |
"{850A89BF-31F9-492E-816F-E3344CE7A440}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{8763EB87-937F-4284-AE00-887F73FCF48C}" = protocol=1 | dir=out | [email protected],-28544 |
"{8A8AC4FB-3388-4906-951C-4BEBE3FE216D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{8B864351-C801-4E15-B80D-462EB70FA3DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{8BD30A9D-216C-40F0-80AD-34295FD6620D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{90A63D13-066A-48BB-B4EA-5BFF52F5100B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{946E0F1F-6BC5-4AF0-A9DE-472383201815}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{98ABEED7-C95B-42DC-B8B7-778FE3521529}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A12F51EB-F8E7-4FA9-A0BE-49173DAC5B45}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A3AB89E3-C60A-4B8D-B4ED-79BCF9CFA88F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{A405C089-6561-42B6-87C4-BB983346A259}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{A454DF54-D44B-4E12-B6F6-6B4E397CEFC8}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{A6D6D989-C2EF-465C-8F3A-32E331152B45}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{AAE8A3C8-14AB-42D0-A6B5-B87B312841D3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{AC1AC564-6A05-41EA-AC4A-6177EAA1FF3B}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivobeacon.exe |
"{AF6F6DBD-B3C4-44BA-9788-F81A6A6CF9F9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{B2CBFD37-1D55-48DE-BA60-A051B6D4C36B}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B47DE6CA-A5CD-4057-9ED4-14B0B4B5EFBD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{BAC34799-66DF-4A3A-956E-6CB193B104D9}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{C2C46716-82AA-4230-9B12-D3FCF0C0FE99}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{C447830D-E826-46F7-A3E4-5E9A4E63E0FE}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{C7B61CA3-46E9-4968-A4DA-249FDB12904A}" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivodesktop.exe |
"{C7FD08C0-F0A1-46AD-B59C-61A66C753DDE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{CED21477-62E3-4C0F-A8F9-6EE26A7C6631}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CF8E74A6-FF6A-4D91-8578-B8FFABC7A50F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{D8917CE6-A0EF-4AAA-ABA6-5DFF58D70D4D}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{DB6D9553-02D0-41FB-84AB-0BDF85764277}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E593E93E-F55E-4609-ADAE-00688885EA08}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{EB67C7EE-F97E-45EB-98C4-211695A538C1}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{FB9E1A34-F241-40A4-B4A0-DBABA887C82B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{FE20BF69-0F6A-48D5-B07C-7EAA4E1FF2F3}" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivobeacon.exe |
"{FF311625-7118-42B2-AD1F-D484B8B52D40}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"TCP Query User{10E44023-FA0E-4EB4-919C-FC7309944C9F}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{17CF0DFD-1AE7-4D2B-BA3C-0907FBE41B32}C:\program files (x86)\boxee\boxee.exe" = protocol=6 | dir=in | app=c:\program files (x86)\boxee\boxee.exe |
"TCP Query User{41570D83-7188-444C-9F09-EB6D146D31C9}C:\program files (x86)\tivo\desktop\tivoserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
"TCP Query User{A668526A-DCF5-4863-8C2A-0CAE1A0E5942}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"UDP Query User{2E35ED3D-CB25-4C79-BCC0-36408D9D961C}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"UDP Query User{B6C64E82-1C0A-436C-8E99-1C2020F4137B}C:\program files (x86)\boxee\boxee.exe" = protocol=17 | dir=in | app=c:\program files (x86)\boxee\boxee.exe |
"UDP Query User{BD9E7DED-7684-4A80-9ED3-ABDDB26D5B09}C:\program files (x86)\tivo\desktop\tivoserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tivo\desktop\tivoserver.exe |
"UDP Query User{EA421EB1-E12A-4098-BA1D-980DB49780A0}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{240FCE0B-F553-4ab3-9C7B-3CD082FCA117}" = NetDeviceManager64
"{2C49B82D-E23D-4258-9CBC-79CCB8E5FF17}" = GreenPrint
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{591362D4-590B-457E-9BA3-F4D9508B88BA}" = MobileMe Control Panel
"{67335AB1-6341-4f87-A5B4-7FA92CEB77A4}" = HP Officejet All-In-One Series
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83584F8F-6828-440D-B0B4-52495D5DA803}" = iTunes
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"C-Media CM106 Like Sound Driver" = TOSHIBA USB Audio
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{0E549A13-2B3D-4633-BA41-DC88C2D6F9A3}" = ProductContext
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1147FF9A-D576-4cb5-B5E7-FCA21D1E7D26}" = J4680
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{188C0E25-3D65-4DAC-9C00-7483FBA4C7EB}" = Status
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 17
"{2750B389-A2D2-4953-99CA-27C1F2A8E6FD}" = Microsoft SQL Server 2005 Tools Express Edition
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3825B383-7880-48C8-AADD-49B0D764B151}" = 4660_4680_Help
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{48FD006F-2320-4C13-AB11-F4D54EDC50E0}" = Mr. Rebates Desktop Icons
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4DDC3BED-CC68-44AA-B435-D727B620CA5B}" = Linksys Wireless-G PCI Adapter Driver - WMP54Gv4.1
"{4E839090-3B68-436A-B3CF-A2A08C38DD26}" = TiVo Desktop 2.8
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50802F8E-03B4-479D-A643-16DE5A3586CB}" = BPDSoftware_Ini
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{58E6A969-8215-4ABC-BD73-FCB25EA6F544}" = FormViewer
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7148F0A8-6813-11D6-A77B-00B0D0142180}" = Java 2 Runtime Environment, SE v1.4.2_18
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{75438C0E-9925-412E-AD85-D0E71C6CE2ED}" = USB2.0 PC Camera (SN9C201&202)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85AF94EC-55DE-452A-8FD7-C34E598B3F1F}" = Adobe Premiere Elements 7.0 Templates
"{867DD3AD-D155-4035-AAB3-E74673AC8464}" = PC VGA [email protected] Plus
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_SMALLBUSINESSR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_SMALLBUSINESSR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_SMALLBUSINESSR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{961034C0-58DF-11DF-97FD-005056806466}" = Google Earth Plug-in
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A67BB21E-D419-45BB-AB86-7D87D14BBCE2}" = Safari
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{ABA00898-9467-4689-9F40-DE7F58C8429C}" = Fax
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AF833083-331F-4EC2-8FAA-FE0B8BF12C0E}" = WebTrain Communicator
"{AFBBF30D-ADA9-4313-464E-14458B6BE034}" = PhotoshopdotcomInspirationBrowser
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D1AA2ABD-A75C-409C-A8CF-1DFC5C7E91FA}" = ArcSoft Collage Creator
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D3737952-FF6E-4E72-BDEE-B0DC1C69F80B}" = BPD_HPSU
"{D564B5E2-CCB5-4A5C-B35E-2FC30BBC9336}" = Adobe Premiere Elements 7.0
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F4EAEBEA-3E46-43b8-A63C-AD180AE86918}" = BPDSoftware
"{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"BlackBerry_{CE86E2F5-850C-4207-94A3-A58D647B1733}" = BlackBerry Desktop Software 5.0.1
"BOXEE" = Boxee
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Carbonite Setup Lite" = Carbonite Online Backup Setup
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CopyTrans Suite" = CopyTrans Suite Remove Only
"Digital Editions" = Adobe Digital Editions
"ERUNT_is1" = ERUNT 1.1j
"ffdshow_is1" = ffdshow
"Font Management System4.0.0.0" = Font Management System
"Giggles-ABC's & 123's - Vista Update_is1" = Giggles Computer Funtime For Baby™ - ABC's & 123's Vista Update
"Giggles-ABC's y 123's Windows Vista_is1" = Giggles Compudiversión Para el Bebé™ - ABC's y 123's Windows Vi
"Giggles-ABC's y 123's_is1" = Giggles Compudiversión Para el Bebé™ - ABC's y 123's
"Giggles-Figuras Windows Vista_is1" = Giggles Compudiversión Para el Bebé™ - Figuras Windows Vista
"Giggles-Figuras_is1" = Giggles Compudiversión Para el Bebé™ - Figuras
"Giggles-Mis Amigos Animales_is1" = Giggles Compudiversión Para el Bebé - Mis Amigos Animales
"Giggles-Nursery Rhymes_is1" = Giggles Computer Funtime For Baby™ - Nursery Rhymes
"HijackThis" = HijackThis 2.0.2
"InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"InstallShield_{4AB5EAF2-E5D8-4A2B-864B-D72B37A9DD51}" = PCmover
"InstallShield_{58E6A969-8215-4ABC-BD73-FCB25EA6F544}" = FormViewer
"InstallShield_{867DD3AD-D155-4035-AAB3-E74673AC8464}" = PC VGA [email protected] Plus
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{F6234880-85BE-4DCB-8A45-1FF85A1A8552}" = SmartSound Quicktracks for Premiere Elements
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MyPublisher" = MyPublisher
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Pdf995" = Pdf995
"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.
1" = Adobe Photoshop.com Inspiration Browser
"PremElem70" = Adobe Premiere Elements 7.0
"PremElem70Templates" = Adobe Premiere Elements 7.0 Templates
"Real Estate Transaction Viewer" = Real Estate Transaction Viewer
"SHARP AL-2030 2040CS Series MFP Driver" = SHARP AL-2020/2030/2040 Series MFP Driver
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"sp41121" = sp41121
"sp44626" = sp44626
"WinLiveSuite_Wave3" = Windows Live Essentials
"Wise Registry Cleaner_is1" = Wise Registry Cleaner Free 5.12
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/18/2009 12:10:21 PM | Computer Name = BBGDeskTop | Source = VSS | ID = 8194
Description =

Error - 12/18/2009 12:13:04 PM | Computer Name = BBGDeskTop | Source = MsiInstaller | ID = 11904
Description =

Error - 12/18/2009 12:26:20 PM | Computer Name = BBGDeskTop | Source = WinMgmt | ID = 10
Description =

Error - 12/20/2009 8:39:20 PM | Computer Name = BBGDeskTop | Source = WinMgmt | ID = 10
Description =

Error - 12/23/2009 6:59:41 PM | Computer Name = BBGDeskTop | Source = WinMgmt | ID = 10
Description =

Error - 12/27/2009 6:29:47 PM | Computer Name = BBGDeskTop | Source = WinMgmt | ID = 10
Description =

Error - 12/28/2009 11:12:20 AM | Computer Name = BBGDeskTop | Source = Google Update | ID = 20
Description =

Error - 12/28/2009 11:20:28 AM | Computer Name = BBGDeskTop | Source = WinMgmt | ID = 10
Description =

Error - 12/28/2009 11:33:05 AM | Computer Name = BBGDeskTop | Source = Application Error | ID = 1000
Description = Faulting application DesktopMgr.exe, version 5.0.1.18, time stamp
0x4a8f1751, faulting module Application_Loader.dll, version 5.0.1.18, time stamp
0x4a8f17dd, exception code 0xc000000d, fault offset 0x000c3caa, process id 0x1068,
application start time 0x01ca87d1d73370d0.

Error - 12/28/2009 1:21:25 PM | Computer Name = BBGDeskTop | Source = VSS | ID = 8194
Description =

[ Media Center Events ]
Error - 1/7/2009 5:10:08 AM | Computer Name = user-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 3/3/2009 4:37:25 PM | Computer Name = BBGDeskTop | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 10/19/2009 10:34:13 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 167
seconds with 0 seconds of active time. This session ended with a crash.

Error - 11/2/2009 11:04:48 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 137
seconds with 60 seconds of active time. This session ended with a crash.

Error - 12/9/2009 1:53:05 PM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/14/2009 12:26:59 PM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 144
seconds with 120 seconds of active time. This session ended with a crash.

Error - 12/15/2009 10:37:47 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 131
seconds with 120 seconds of active time. This session ended with a crash.

Error - 12/18/2009 11:17:13 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 260
seconds with 60 seconds of active time. This session ended with a crash.

Error - 1/6/2010 11:16:41 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 435
seconds with 180 seconds of active time. This session ended with a crash.

Error - 2/18/2010 10:00:01 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 131
seconds with 120 seconds of active time. This session ended with a crash.

Error - 2/23/2010 10:11:49 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1760
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/11/2010 10:09:09 AM | Computer Name = BBGDeskTop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 154
seconds with 120 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 6/13/2010 6:46:55 AM | Computer Name = BBGDeskTop | Source = DCOM | ID = 10016
Description =

Error - 6/13/2010 6:47:42 AM | Computer Name = BBGDeskTop | Source = Service Control Manager | ID = 7022
Description =

Error - 6/13/2010 12:01:17 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 6/13/2010 12:01:48 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 6/13/2010 12:02:18 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 6/13/2010 12:02:49 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 6/13/2010 12:03:19 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 6/13/2010 12:03:53 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 6/13/2010 12:04:23 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 6/13/2010 12:05:31 PM | Computer Name = BBGDeskTop | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =


< End of report >


ARK.TXT


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-13 20:42:38
Windows 6.0.6002 Service Pack 2
Running: gmer.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001a0e95e61a
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0[email protected] 0x9B 0x9B 0x30 0x86 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0[email protected] 0x70 0xCB 0xC0 0xD0 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\001a0e95e61a (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0[email protected] 0x9B 0x9B 0x30 0x86 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0[email protected] 0x70 0xCB 0xC0 0xD0 ...

---- Files - GMER 1.0.15 ----

File C:\Users\user\AppData\Local\Temp\C2A.tmp 1355776 bytes

---- EOF - GMER 1.0.15 ----



MBAM LOG


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4070

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

5/6/2010 5:42:52 AM
mbam-log-2010-05-06 (05-42-52).txt

Scan type: Quick scan
Objects scanned: 127833
Time elapsed: 4 minute(s), 46 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP