Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Not sure what is going on......possible malware

Started by ttsstr5 , Sep 16 2010 02:40 PM

  • Please log in to reply

#1
ttsstr5
Posted 16 September 2010 - 02:40 PM

ttsstr5

    Member

  • Member
  • PipPip
  • 40 posts
My computer was working fine last night. When I turned it on today every page I tried to load told me it was unavailable. I did a system restore and now I can load new web pages but I am wanting to find out if I have been infected with malware or spyware. I did run HijackThis.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:46:14 PM, on 9/16/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Free Ride Games\GPlayer.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\Desktop\Printkey2000.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Valued Customer\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pogo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LastPass Browser Helper Object - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll
O3 - Toolbar: Zynga Toolbar - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [MSSE] "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Clearwire Connection Manager] "C:\Program Files\Clearwire\Connection Manager\ClearwireCM.exe" -a
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\boostspeed.exe
O4 - HKCU\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup
O4 - HKCU\..\RunServices: [zmojerix] C:\Users\Valued Customer\AppData\Local\Temp\zmojerix.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: LastPass - file://C:\Program Files\LastPass\context.html?cmd=lastpass
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Program Files\LastPass\context.html?cmd=fillforms
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Clearwire Con App Svc (CACLEARWIRE) - SmithMicro Inc. - C:\Program Files\Clearwire\Connection Manager\ConAppsSvc.exe
O23 - Service: Clearwire Device Diagnostics Service (clearwireDeviceDiagnosticsService) - Unknown owner - C:\Program Files\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe
O23 - Service: Clearwire RcAppSvc (CLEARWIRERcAppSvc) - SmithMicro Inc. - C:\Program Files\Clearwire\Connection Manager\RcAppSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Clearwire Device Launch Service (SMSI Device Launch Service) - Unknown owner - C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10358 bytes

Edited by ttsstr5, 16 September 2010 - 02:50 PM.

  • 0

Advertisements

#2
ttsstr5
Posted 16 September 2010 - 05:20 PM

ttsstr5

    Member

  • Topic Starter
  • Member
  • PipPip
  • 40 posts
Okay so I read some on the forum now seems I posted the wrong thing. So I will post what needs posted here.


Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4631

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

9/16/2010 3:17:34 PM
mbam-log-2010-09-16 (15-17-34).txt

Scan type: Quick scan
Objects scanned: 157375
Time elapsed: 14 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-09-16 15:35:22
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\VALUED~1\AppData\Local\Temp\pwkyypow.sys


---- System - GMER 1.0.15 ----

INT 0x62 ? 8614BF00
INT 0x72 ? 8614BF00
INT 0x92 ? 848D4BF8
INT 0xA2 ? 848D4BF8
INT 0xB2 ? 848D4BF8

---- Kernel code sections - GMER 1.0.15 ----

? System32\Drivers\sphr.sys The system cannot find the path specified. !
.text USBPORT.SYS!DllUnload 8C63E41B 5 Bytes JMP 8614B4E0
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8CC0F340, 0x3EA427, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe[3388] kernel32.dll!CreateThread + 1A 75FFC928 4 Bytes CALL 5983D95D C:\Program Files\Auslogics\Auslogics BoostSpeed\madExcept_.bpl

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 8528A1F8

AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)

Device \Driver\volmgr \Device\VolMgrControl 852661F8
Device \Driver\usbohci \Device\USBPDO-0 861EB1F8
Device \Driver\usbehci \Device\USBPDO-1 861ED1F8
Device \Driver\usbohci \Device\USBPDO-2 861EB1F8
Device \Driver\usbehci \Device\USBPDO-3 861ED1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{7B5F573B-3627-44E8-A73D-15283A53E0D2} 8738E500
Device \Driver\volmgr \Device\HarddiskVolume1 852661F8
Device \Driver\volmgr \Device\HarddiskVolume2 852661F8
Device \Driver\cdrom \Device\CdRom0 861E71F8
Device \Driver\cdrom \Device\CdRom1 861E71F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-4 852691F8
Device \Driver\atapi \Device\Ide\IdePort0 852691F8
Device \Driver\atapi \Device\Ide\IdePort1 852691F8
Device \Driver\atapi \Device\Ide\IdePort2 852691F8
Device \Driver\atapi \Device\Ide\IdePort3 852691F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-5 852691F8
Device \Driver\netbt \Device\NetBt_Wins_Export 8738E500
Device \Driver\Smb \Device\NetbiosSmb 8751D1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{B7B48673-92E2-497E-9E16-8E92869CC216} 8738E500
Device \Driver\iScsiPrt \Device\RaidPort0 862461F8
Device \Driver\usbohci \Device\USBFDO-0 861EB1F8
Device \Driver\usbehci \Device\USBFDO-1 861ED1F8
Device \Driver\usbohci \Device\USBFDO-2 861EB1F8
Device \Driver\usbehci \Device\USBFDO-3 861ED1F8
Device \FileSystem\cdfs \Cdfs 84B5E1F8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792

---- EOF - GMER 1.0.15 ----




OTL logfile created on: 9/16/2010 3:53:08 PM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Valued Customer\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.71 Gb Total Space | 15.47 Gb Free Space | 11.15% Space Free | Partition Type: NTFS
Drive D: | 10.33 Gb Total Space | 1.71 Gb Free Space | 16.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VALUEDCUSTOM-PC
Current User Name: Valued Customer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/09/16 15:20:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
PRC - [2010/07/18 11:54:40 | 001,774,080 | ---- | M] (Exent Technologies Ltd.) -- C:\Program Files\Free Ride Games\GPlayer.exe
PRC - [2010/06/09 14:37:24 | 000,107,856 | ---- | M] () -- C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/09/14 14:16:58 | 000,480,368 | ---- | M] (Auslogics) -- C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/09 07:58:56 | 000,075,008 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe


========== Modules (SafeList) ==========

MOD - [2010/09/16 15:20:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 19:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2010/06/09 14:40:04 | 000,120,144 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\RcAppSvc.exe -- (CLEARWIRERcAppSvc)
SRV - [2010/06/09 14:37:24 | 000,124,240 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\ConAppsSvc.exe -- (CACLEARWIRE)
SRV - [2010/06/09 14:37:24 | 000,107,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe -- (SMSI Device Launch Service)
SRV - [2010/04/19 15:06:06 | 000,399,872 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe -- (clearwireDeviceDiagnosticsService)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 19:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/09/13 02:13:36 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2010/09/13 02:13:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2010/09/13 02:13:32 | 000,319,488 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drxvi314.sys -- (bcm)
DRV - [2010/06/09 14:30:26 | 000,030,080 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swvspser.sys -- (swvspser)
DRV - [2010/06/09 11:34:14 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2010/05/25 21:48:12 | 000,203,008 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2010/05/25 21:48:12 | 000,157,440 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmx00.sys -- (swmx00) Sierra Wireless USB MUX Driver (#00)
DRV - [2010/05/25 21:48:08 | 000,037,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2010/04/10 19:58:12 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/03/26 21:04:24 | 000,051,456 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BcmBusCtr.sys -- (bcmbusctr)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/03/16 14:34:36 | 000,042,880 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvdfab.sys -- (dvdfab)
DRV - [2010/03/10 21:02:38 | 000,056,352 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\Free Ride Games\X4HSEx.sys -- (X4HSEx)
DRV - [2009/11/08 20:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/04/23 12:33:34 | 000,064,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2009/04/10 21:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/10/22 23:04:58 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/10/22 23:04:58 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/10/22 23:04:58 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/10/03 04:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/07/11 11:31:00 | 007,530,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/27 12:31:24 | 000,093,544 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008/05/09 12:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/04/27 12:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/24 15:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/04/17 11:05:16 | 000,199,344 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/29 06:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 19:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 19:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/19 00:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/10/31 18:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/10/31 18:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/17 16:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2001/05/07 03:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...resario&pf=cnnb
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...resario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.pogo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/...2DF&PC=DCF2&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=135963"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.pogo.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.8
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.8
FF - prefs.js..extensions.enabledItems: {7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}:5.2.4.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:1.69.1
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.306
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: afom@idevfh:2.0
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.8
FF - prefs.js..keyword.URL: "http://ws.infospace...._id=60531&qkw="

FF - HKLM\software\mozilla\Flock 2.5.6\extensions\\Components: C:\Program Files\Flock\components
FF - HKLM\software\mozilla\Flock 2.5.6\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files\Flock\components
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/16 14:07:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/16 14:07:59 | 000,000,000 | ---D | M]

[2010/03/07 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Extensions
[2010/03/07 22:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2010/09/16 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions
[2010/08/19 19:45:14 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/05/15 10:11:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/19 19:45:10 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/03/26 20:31:21 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2010/07/30 00:32:58 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010/03/21 09:57:33 | 000,000,000 | ---D | M] (ImageShack® Toolbar) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}
[2010/08/31 11:29:03 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/09/16 14:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}
[2010/09/15 14:13:11 | 000,000,000 | ---D | M] (Gamers Unite! Snag Bar) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}(53)
[2010/04/14 13:22:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/08/28 13:06:17 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\afom@idevfh
[2010/09/12 21:02:48 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\[email protected]
[2010/02/21 17:44:12 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\[email protected]
[2010/07/30 00:33:10 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\[email protected]
[2010/05/17 16:59:21 | 000,001,832 | ---- | M] () -- C:\Users\Valued Customer\AppData\Roaming\Mozilla\FireFox\Profiles\o0lwndie.default\searchplugins\bing.xml
[2010/08/14 14:06:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/01 13:22:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/01 13:16:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/13 00:30:53 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
[2010/05/16 15:00:38 | 000,002,191 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Clearwire Connection Manager] C:\Program Files\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Auslogics)
O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\RunServices: [zmojerix] C:\Users\Valued Customer\AppData\Local\Temp\zmojerix.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DriveConfiguration = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LegacyDrive = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{952451bc-675e-11df-aecf-001f1671332f}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
O33 - MountPoints2\{b76a23e1-514a-11df-8386-001f1671332f}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O33 - MountPoints2\{c27299ac-b768-11df-847c-001f1671332f}\Shell - "" = AutoRun
O33 - MountPoints2\{c27299ac-b768-11df-847c-001f1671332f}\Shell\AutoRun\command - "" = G:\WIN\setup.exe -- File not found
O33 - MountPoints2\{feade38a-18c6-11df-a719-001e737e17da}\Shell - "" = AutoRun
O33 - MountPoints2\{feade38a-18c6-11df-a719-001e737e17da}\Shell\AutoRun\command - "" = G:\VideoConvert.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010/09/16 15:20:13 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
[2010/09/16 15:00:33 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Malwarebytes
[2010/09/16 15:00:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/09/16 15:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/16 15:00:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/09/16 15:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/16 14:40:23 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/09/16 14:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/16 13:57:03 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Valued Customer\Desktop\mbam-setup.exe
[2010/09/16 13:51:49 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\TFC.exe
[2010/09/16 12:41:43 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/09/16 00:42:03 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Real
[2010/09/14 01:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2010/09/14 01:08:51 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Local\Oberon Media
[2010/09/14 00:56:30 | 000,000,000 | ---D | C] -- C:\games
[2010/09/13 15:43:51 | 000,053,314 | ---- | C] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2010/09/13 15:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Free Ride Games
[2010/09/13 15:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Diner Dash Family Style
[2010/09/13 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Pogo Games
[2010/09/12 22:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2010/09/08 13:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\vLite
[2010/09/08 13:12:58 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Documents\AceBackup 3
[2010/09/08 13:12:40 | 000,937,800 | ---- | C] (AceBIT GmbH) -- C:\Windows\System32\acebitaw.dll
[2010/09/08 13:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\AceBIT
[2010/09/05 09:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PctelEapPeer Authentication
[2010/09/03 11:02:50 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra Wireless Inc
[2010/09/03 11:02:50 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Sierra Wireless
[2010/08/28 13:06:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\IDEVFH
[2010/08/27 10:14:10 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Facebook
[2010/08/26 09:46:18 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/08/24 13:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\WallpaperToy
[2010/08/15 12:55:56 | 000,000,000 | ---D | C] -- C:\Remote Programs
[2010/08/15 12:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Ride Games
[2010/08/15 12:02:30 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Games
[2010/08/03 16:55:16 | 000,000,000 | R--D | C] -- C:\Users\Valued Customer\Desktop\UCC FORMS
[2010/07/30 00:57:14 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Toadies
[2010/07/28 15:12:41 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/07/26 22:43:37 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\OpenOffice.org
[2010/07/26 22:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/07/26 22:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/07/26 22:33:47 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\OpenOffice.org 3.2 (en-US) Installation Files
[2010/07/26 00:57:39 | 000,000,000 | ---D | C] -- C:\Plugins
[2010/07/25 22:50:42 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/07/25 22:50:37 | 000,000,000 | ---D | C] -- C:\Windows\Splash Screens
[2010/07/25 22:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\DreamSuite Bonus
[2010/07/22 14:39:06 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Jasc
[2010/07/16 21:13:53 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Local\MigWiz
[2010/07/15 14:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010/07/14 23:00:13 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Automatic Mouse Clicker
[2010/07/09 18:15:47 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\FOLDERS
[2010/07/05 10:07:04 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Badgewinners
[2010/06/27 15:39:39 | 000,090,112 | ---- | C] (http://www.mvps.org/vb) -- C:\Windows\System32\ccrpTmr6.dll
[2010/06/27 15:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Cool Timer
[2010/06/27 01:18:15 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Local\Microsoft_Corporation
[2010/06/26 13:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MySQL
[2010/06/26 12:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2010/06/26 12:51:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/06/26 12:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/06/26 12:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2010/06/26 12:04:54 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Documents\Visual Studio 2010
[2010/06/26 12:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2010/06/26 12:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010/06/26 12:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2010/06/25 11:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\YASADVDRipperPlatinum
[2010/05/29 13:55:59 | 007,839,944 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2010/03/28 13:58:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.sys
[2007/05/22 16:20:54 | 001,059,840 | ---- | C] (Auto FX Software) -- C:\Program Files\DS_Bonus_Plugin.8bf

========== Files - Modified Within 90 Days ==========

[2010/09/16 15:53:36 | 003,670,016 | ---- | M] () -- C:\Users\Valued Customer\ntuser.dat
[2010/09/16 15:49:18 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/16 15:49:18 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/16 15:49:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/16 15:48:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/16 15:48:42 | 224,913,990 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/09/16 15:20:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
[2010/09/16 15:07:01 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2499751553-1250953643-248992182-1000UA.job
[2010/09/16 15:00:20 | 000,000,842 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/09/16 14:55:53 | 000,524,288 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{1b2d5403-35cc-11df-9cd7-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/09/16 14:55:53 | 000,065,536 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{1b2d5403-35cc-11df-9cd7-806e6f6e6963}.TM.blf
[2010/09/16 14:39:52 | 000,000,733 | ---- | M] () -- C:\Users\Valued Customer\Desktop\NTREGOPT.lnk
[2010/09/16 14:39:52 | 000,000,714 | ---- | M] () -- C:\Users\Valued Customer\Desktop\ERUNT.lnk
[2010/09/16 13:57:21 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Valued Customer\Desktop\mbam-setup.exe
[2010/09/16 13:51:53 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\TFC.exe
[2010/09/16 12:04:24 | 000,032,821 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/16 12:02:31 | 000,032,821 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/15 23:17:38 | 000,008,484 | ---- | M] () -- C:\Users\Valued Customer\AppData\Local\d3d9caps.dat
[2010/09/14 13:07:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2499751553-1250953643-248992182-1000Core.job
[2010/09/14 08:59:27 | 000,738,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/09/14 08:44:48 | 000,756,090 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/09/14 08:44:48 | 000,640,604 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/14 08:44:48 | 000,118,534 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/14 01:22:05 | 000,001,936 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Diner Dash 5 BOOM.lnk
[2010/09/14 01:22:05 | 000,001,108 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Pogo Games.lnk
[2010/09/13 15:44:23 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\Play My Games.lnk
[2010/09/13 15:44:22 | 000,000,145 | ---- | M] () -- C:\Users\Public\Desktop\More FREE games.url
[2010/09/13 15:44:17 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2010/09/13 02:16:15 | 000,090,112 | ---- | M] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/09/13 02:16:14 | 000,348,160 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\WMAFile.dll
[2010/09/13 02:15:51 | 001,003,520 | ---- | M] (Gabest) -- C:\Windows\System32\vsfilter.dll
[2010/09/13 02:15:50 | 000,491,520 | ---- | M] (vbAccelerator) -- C:\Windows\System32\vbalSGrid6.ocx
[2010/09/13 02:15:50 | 000,200,704 | ---- | M] (vbAccelerator) -- C:\Windows\System32\vbalExpBar6.ocx
[2010/09/13 02:15:50 | 000,061,440 | ---- | M] (vbaccelerator) -- C:\Windows\System32\vbalTab6.ocx
[2010/09/13 02:15:48 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2010/09/13 02:15:42 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll
[2010/09/13 02:15:41 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[2010/09/13 02:15:41 | 000,040,960 | ---- | M] (vbAccelerator) -- C:\Windows\System32\SSubTmr6.dll
[2010/09/13 02:15:34 | 000,376,832 | ---- | M] (Atheros) -- C:\Windows\System32\S64CPA.exe
[2010/09/13 02:15:31 | 001,314,816 | R--- | M] (SONY Deutschland GmbH - Stuttgart Technology Center) -- C:\Windows\System32\PVSonyDll.dll
[2010/09/13 02:15:30 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/09/13 02:14:58 | 000,057,344 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\nvapo32v.dll
[2010/09/13 02:14:49 | 000,016,384 | ---- | M] () -- C:\Windows\System32\msdrve.dll
[2010/09/13 02:14:47 | 000,434,176 | ---- | M] (Gabest) -- C:\Windows\System32\Mpeg2DecFilter.ax
[2010/09/13 02:13:32 | 000,319,488 | ---- | M] (Beceem communications pvt ltd.) -- C:\Windows\System32\drivers\drxvi314.sys
[2010/09/13 02:13:25 | 000,045,056 | ---- | M] (FredJustSoft) -- C:\Windows\System32\Cursor.ocx
[2010/09/13 02:13:07 | 000,049,152 | ---- | M] (Fred Just Soft) -- C:\Windows\System32\ColorBar.ocx
[2010/09/13 02:13:06 | 000,028,672 | ---- | M] (Cyberlink) -- C:\Windows\System32\CLQTSrc.ax
[2010/09/13 02:13:05 | 000,090,112 | ---- | M] (http://www.mvps.org/vb) -- C:\Windows\System32\ccrpTmr6.dll
[2010/09/13 02:10:58 | 001,986,560 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll
[2010/09/13 02:10:58 | 001,212,416 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll
[2010/09/13 02:10:57 | 000,114,688 | ---- | M] (Fred Just Soft) -- C:\Windows\System32\AnyBouton.ocx
[2010/09/13 02:10:57 | 000,053,248 | ---- | M] (Atheros) -- C:\Windows\System32\athihvui.dll
[2010/09/13 01:51:02 | 000,524,288 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2010/09/13 01:51:02 | 000,524,288 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/09/13 01:51:02 | 000,065,536 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/09/12 20:59:00 | 000,002,013 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Diner Dash Family Style.lnk
[2010/09/10 15:54:35 | 000,002,659 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Jasc Paint Shop Pro 9.lnk
[2010/09/06 03:15:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[2010/09/06 03:15:51 | 000,163,840 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[2010/09/05 22:37:23 | 000,001,056 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.9.lnk
[2010/09/05 22:37:22 | 000,001,032 | ---- | M] () -- C:\Users\Valued Customer\Desktop\FrostWire 4.20.9.lnk
[2010/09/05 09:28:39 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/08/31 10:26:50 | 000,000,790 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\ColorMania.lnk
[2010/08/30 18:17:34 | 000,000,246 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/08/29 10:09:58 | 000,000,966 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/29 09:50:52 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2010/08/27 00:27:47 | 000,000,632 | RHS- | M] () -- C:\Users\Valued Customer\ntuser.pol
[2010/08/24 15:57:36 | 004,196,406 | -H-- | M] () -- C:\Windows\System32\toyhide.bmp
[2010/08/19 16:21:48 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/15 12:56:13 | 000,001,855 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Play My Games.lnk
[2010/08/14 09:27:48 | 000,281,192 | ---- | M] () -- C:\Users\Valued Customer\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/13 09:49:41 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\The Weather Channel Desktop .lnk
[2010/07/29 18:52:10 | 000,001,636 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Loader.lnk
[2010/07/26 22:53:29 | 000,002,611 | ---- | M] () -- C:\Users\Valued Customer\Documents\Yahtzee Party.odb
[2010/07/19 09:28:16 | 000,010,816 | ---- | M] () -- C:\Windows\vmoptver.dll
[2010/07/18 11:34:12 | 000,053,314 | ---- | M] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2010/07/07 14:01:22 | 000,017,542 | ---- | M] () -- C:\Windows\FRGN.ico
[2010/06/29 09:07:02 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk

========== Files Created - No Company Name ==========

[2010/09/16 15:00:20 | 000,000,842 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/09/16 14:46:53 | 224,913,990 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/09/16 14:42:04 | 000,293,376 | ---- | C] () -- C:\Users\Valued Customer\Desktop\gmer.exe
[2010/09/16 14:39:52 | 000,000,733 | ---- | C] () -- C:\Users\Valued Customer\Desktop\NTREGOPT.lnk
[2010/09/16 14:39:52 | 000,000,714 | ---- | C] () -- C:\Users\Valued Customer\Desktop\ERUNT.lnk
[2010/09/14 01:22:05 | 000,001,936 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Diner Dash 5 BOOM.lnk
[2010/09/13 15:44:23 | 000,001,855 | ---- | C] () -- C:\Users\Public\Desktop\Play My Games.lnk
[2010/09/13 15:44:22 | 000,000,145 | ---- | C] () -- C:\Users\Public\Desktop\More FREE games.url
[2010/09/12 20:59:00 | 000,001,108 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Pogo Games.lnk
[2010/09/12 20:58:59 | 000,002,013 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Diner Dash Family Style.lnk
[2010/09/05 22:37:23 | 000,001,056 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.9.lnk
[2010/09/05 22:37:22 | 000,001,032 | ---- | C] () -- C:\Users\Valued Customer\Desktop\FrostWire 4.20.9.lnk
[2010/09/05 09:28:39 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/08/31 10:26:50 | 000,000,790 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\ColorMania.lnk
[2010/08/29 10:09:58 | 000,000,966 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/29 09:50:52 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2010/08/24 13:07:25 | 004,196,406 | -H-- | C] () -- C:\Windows\System32\toyhide.bmp
[2010/08/15 12:56:13 | 000,001,855 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Play My Games.lnk
[2010/08/15 12:56:06 | 000,017,542 | ---- | C] () -- C:\Windows\FRGN.ico
[2010/08/15 12:56:06 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2010/07/29 18:52:10 | 000,001,636 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Loader.lnk
[2010/07/26 22:51:25 | 000,002,611 | ---- | C] () -- C:\Users\Valued Customer\Documents\Yahtzee Party.odb
[2010/07/25 22:56:02 | 000,210,944 | ---- | C] () -- C:\Windows\System\MSVCRT10.DLL
[2010/07/24 01:00:41 | 000,000,632 | RHS- | C] () -- C:\Users\Valued Customer\ntuser.pol
[2010/07/19 09:28:16 | 000,016,384 | ---- | C] () -- C:\Windows\System32\msdrve.dll
[2010/07/19 09:28:16 | 000,010,816 | ---- | C] () -- C:\Windows\vmoptver.dll
[2010/06/29 09:07:02 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/26 13:07:00 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/06/26 13:07:00 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/06/26 13:07:00 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/05/25 21:48:08 | 000,037,248 | ---- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2010/04/29 18:50:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/10 19:58:11 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/03/28 14:00:15 | 000,000,034 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.log
[2010/03/28 13:58:19 | 000,087,608 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\inst.exe
[2010/03/28 13:58:19 | 000,007,887 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.cat
[2010/03/28 13:58:19 | 000,001,144 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.inf
[2010/03/19 14:32:20 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/02/13 17:40:49 | 000,030,208 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/08 12:15:07 | 000,000,342 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\settings.dat
[2010/02/07 22:35:28 | 000,000,021 | ---- | C] () -- C:\ProgramData\hpqp.txt
[2010/02/07 15:21:04 | 000,000,056 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/05 11:30:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/02/04 11:35:28 | 000,008,484 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\d3d9caps.dat
[2010/01/29 17:39:30 | 000,032,821 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/29 17:07:35 | 000,032,821 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/28 10:25:47 | 000,000,000 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\QSwitch.txt
[2010/01/28 10:25:47 | 000,000,000 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\DSwitch.txt
[2010/01/28 10:25:47 | 000,000,000 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\AtStart.txt
[2010/01/28 09:42:06 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/01/28 09:41:55 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/01/28 09:41:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/01/28 09:40:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/01/28 09:39:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/01/28 09:38:39 | 000,000,246 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/08 02:08:44 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/11/04 11:28:18 | 000,023,104 | ---- | C] () -- C:\Windows\System32\svcprmpt.dll
[2008/11/04 11:28:14 | 000,030,976 | ---- | C] () -- C:\Windows\rascntrl.dll
[2008/10/22 23:58:59 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2008/10/22 23:53:18 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2008/10/22 23:51:20 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2008/10/22 23:49:59 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2007/06/23 12:50:44 | 000,001,577 | ---- | C] () -- C:\Windows\WSYS049.SYS
[2007/06/23 12:50:44 | 000,000,008 | ---- | C] () -- C:\Windows\Modemx.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2010/06/05 00:57:29 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Auslogics
[2010/08/02 16:11:15 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\AweSEM
[2010/03/11 14:18:13 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\BestOn
[2010/02/13 15:57:59 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Canneverbe Limited
[2010/03/30 15:42:04 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Facebook
[2010/08/29 09:52:46 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Flock
[2010/03/01 14:36:12 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FloodLightGames
[2010/02/19 17:04:22 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FreeBurner
[2010/05/29 20:19:26 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FreeVideoConverter
[2010/05/26 15:33:47 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\freshgames
[2010/09/14 00:49:00 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FrostWire
[2010/07/22 14:39:06 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Jasc
[2010/03/14 17:28:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Merscom
[2010/03/16 13:48:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\muvee Technologies
[2010/07/26 22:43:37 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\OpenOffice.org
[2010/09/13 15:19:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\PlayFirst
[2010/09/13 15:19:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Pogo Games
[2010/09/03 11:02:50 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Sierra Wireless
[2010/02/07 15:22:50 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\SPORE Creature Creator
[2010/03/07 21:45:27 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\uTorrent
[2010/06/25 14:45:29 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Vso
[2010/05/26 17:18:02 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\WhiteSmokeTranslator
[2010/01/29 17:06:56 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\WildTangent
[2010/09/16 14:01:55 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/07/10 10:35:27 | 000,209,749 | ---- | M] () -- C:\drivers.log
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2010/08/29 09:50:52 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/05/30 14:03:54 | 000,000,932 | ---- | M] () -- C:\nsinst.log
[2010/09/16 15:48:42 | 2191,200,256 | -HS- | M] () -- C:\pagefile.sys
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2010/09/13 02:13:07 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2010/09/13 02:13:08 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2010/09/13 02:13:10 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2010/09/13 02:13:10 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2010/09/13 02:13:10 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-03 21:21:26

========== Alternate Data Streams ==========

@Alternate Data Stream - 176 bytes -> C:\ProgramData\Temp:C8E29393
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:679ABA25
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:A88A1788
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:7814339A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:593E515D
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:84ABACE9
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:CD2D00F8
< End of report >


OTL Extras logfile created on: 9/16/2010 3:53:08 PM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Valued Customer\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.71 Gb Total Space | 15.47 Gb Free Space | 11.15% Space Free | Partition Type: NTFS
Drive D: | 10.33 Gb Total Space | 1.71 Gb Free Space | 16.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: VALUEDCUSTOM-PC
Current User Name: Valued Customer
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AceBackup] -- "C:\Program Files\AceBIT\AceBackup 3\AceBackup.exe" -as "%1" (AceBIT)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{039968E2-B1D4-4C6F-9A49-8B721CBCEE69}" = lport=137 | protocol=17 | dir=in | app=system |
"{18F9A032-835F-4286-80C8-BEB3F37CD7E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A3CCBAD-7C74-48BB-82CF-A1ACC50BAD08}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{211AD7C5-6718-4206-95F2-D6466A1273D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{38BFF1F3-9A0B-4C2A-9B10-159376136561}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B9740F6-CA9C-4AA6-9506-A912B6D1968E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{430BDAD6-7C28-43F2-9902-EE603E8D1292}" = lport=2869 | protocol=6 | dir=in | app=system |
"{465E1B4C-2D86-4478-86E2-BB4830D8B55C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4D1ABE3B-7284-45B6-BC58-0D05086B79B4}" = lport=138 | protocol=17 | dir=in | app=system |
"{5097A81D-D611-4F5B-ADCE-58D6C937EA3A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5318421A-E2BE-4757-8418-B3D012030834}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5744B32B-E065-421E-87EF-14146C32FB0E}" = lport=445 | protocol=6 | dir=in | app=system |
"{5973A2B9-4FBA-45E7-B7DF-8E7888F2788E}" = lport=3306 | protocol=6 | dir=in | name=mysql server |
"{65B31E98-D9B2-4594-B9D2-0343812CA94D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6A8945CA-242E-4E0A-BC0A-2C8AF179C8EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E0EA9DD-7813-4B6A-917F-FA9E45FB9F66}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7FCA202D-7380-4A1D-9584-6B7FB939EEE3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{874D0E6B-AE22-43D5-961E-D6C014696D0D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{A2952765-22EF-4644-A32C-10B99344F510}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D0F8BAE2-5E52-4F91-BEA7-97B3F8A8A384}" = rport=445 | protocol=6 | dir=out | app=system |
"{D9798A75-B597-4029-AE83-23F41BCBCA0B}" = rport=138 | protocol=17 | dir=out | app=system |
"{DA3342F6-1573-46EB-8F57-AC5295BD09A3}" = rport=137 | protocol=17 | dir=out | app=system |
"{DB66657C-F502-4E75-855E-667A5770F421}" = rport=139 | protocol=6 | dir=out | app=system |
"{E6A7587F-DA42-4962-9906-FD27CD62316B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E9685B10-EB71-4543-A5B9-C273ACDB6059}" = lport=139 | protocol=6 | dir=in | app=system |
"{ED89FD12-D8FA-4ABB-9161-953306BD5EDA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFABA0AD-1A33-426D-A324-6FE774D2EA5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFF220FC-3BC2-4176-8D57-9FD440541F7E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2792317C-62C3-4AD4-A69C-290A7F6E259A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{291F0A84-2ECF-4734-8454-11E5CE7EABC9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{35343106-0985-4197-ADE2-ADD0CDDEA440}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4C87E8B6-65E7-46D2-8144-E187DFFFA497}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{52C64911-4286-46E4-BAF9-B1E40AF89A8F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5521E194-28D7-46B3-BC03-23BE504695A4}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{5613BDFE-509B-4D4E-A90F-77BD3EE9BA34}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{677BCD5F-C497-4E5C-A0E3-C2473B494445}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6B50D6EC-CA9E-406B-AA42-CF55246CE426}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C62D088-8FC2-4875-A0AD-67A7B60B43CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{72BDFE94-A785-46AC-B7F6-69A2FCC84F3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{736D7836-7207-4775-B903-7BC56ABFF29F}" = protocol=58 | dir=in | [email protected],-28545 |
"{76E8C450-7469-439E-A325-41DAF991CF57}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{78BF51F2-FCAC-4751-AF37-685E5A8C69A1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D6B4613-AE4C-40E2-9BA4-E67B26F7CAD4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FC88A60-4F07-4CD7-A86A-08E2FF6D2DE4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DB48BEC-621C-42B3-AAED-762AEA3EC33D}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{A4FD90B8-0AF8-4D1F-BA61-84A7950065D2}" = protocol=6 | dir=out | app=system |
"{A6642951-C1DC-40CB-9DFA-6A1AEF0230DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AA3247AC-050B-43F1-AB8B-1C50F39141B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AD9700C8-86B2-4F72-B8D5-EDD8CBF44C99}" = protocol=1 | dir=out | [email protected],-28544 |
"{AFFB7931-80F4-4C89-8282-87596D80D9BB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{B3A23BEA-36CD-45A4-9447-9A738754DED4}" = protocol=58 | dir=out | [email protected],-28546 |
"{CFBA5F48-18A8-4FD5-8B53-8402FA0421CA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E7E2B4D8-76A0-4EDF-92E4-BB3463CD0C9C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{EDF73E9F-7266-46AB-98B5-A9FF57B0C728}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB88B599-DC0E-45FF-9ED8-185FF4131061}" = protocol=1 | dir=in | [email protected],-28543 |
"TCP Query User{17EF4BDC-7955-4694-8056-4D32E6F43297}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{89FE3128-8BFC-428D-8387-77D71A30087C}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{D6E004F0-94BD-45F4-96B6-6518F3AA609D}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DA4F6320-3C08-4580-94F0-B255088A5294}C:\users\valued customer\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\valued customer\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{EC17CB1F-CB08-467D-AA26-9C8126C87431}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{F12A593C-2F46-4E1D-A466-51AF3321AB4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{181425BE-FCD8-40B5-BA19-C2A485B132E8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2969F98A-C191-491E-904D-BCAC84DB87F8}C:\users\valued customer\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\valued customer\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{764FC816-21E3-403F-A190-3DB91414816E}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{7671D3C0-BD8E-4B57-ADCD-19B937E8E71E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{974B5AF8-6843-4ED9-8E80-B79C82D47183}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{ECE86235-E6B4-4F4D-AF25-B90C65DD00F7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{364EA847-D026-4DC1-8FC6-BC2307697A90}" = Dinner Timer Lite
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E029F9D-A709-4B0A-89C9-D56AA4B1254B}" = WebCam Suite 2.0
"{506BC11F-B54E-4C7A-9194-CF672F1D2191}" = CLEAR Connection Manager
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 5.2.5
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551167}" = Diner Dash Family Style
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118793300}" = Ranch Rush 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119241170}" = Diner Dash 5 BOOM
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
"{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}" = AceBackup 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D1087411-3382-4298-8B1B-215A7F02E086}" = MySQL Server 5.1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"ColorMania_is1" = ColorMania 3.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool Timer_is1" = Cool Timer 3.6
"Dinner Timer Lite" = Dinner Timer Lite
"DreamSuite Bonus" = Uninstall DreamSuite Bonus
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 7_is1" = DVDFab 7.0.3.0 (26/03/2010)
"DVDFab Passkey 7_is1" = DVDFab Passkey 7.0.1.0 Beta (20/03/2010)
"ERUNT_is1" = ERUNT 1.1j
"FrostWire" = FrostWire 4.20.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Standard)
"Loader-Full_ 2.0.0" = Loader-Full_ 2.0.0
"Loki ActiveX Control" = Loki ActiveX Control
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"RADVideo" = RAD Video Tools
"RealAlt_is1" = Real Alternative 2.0.2
"ShortKeys 2" = ShortKeys 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Veetle TV" = Veetle TV 0.9.17
"vLite_is1" = vLite
"WallpaperToy" = Wallpaper Changer for Windows XPntVersion\Uninstall\vLite_is1
"WildTangent hp Master Uninstall" = My HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
"YASA DVD Ripper Platinum v2.8 (build 037)" = YASA DVD Ripper Platinum v2.8 (build 037)
"Zynga Toolbar" = Zynga Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"LastPass" = LastPass (uninstall only)

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/16/2010 5:05:07 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/16/2010 5:48:20 PM | Computer Name = ValuedCustom-PC | Source = EventSystem | ID = 4609
Description =

Error - 9/16/2010 5:49:00 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/16/2010 5:52:48 PM | Computer Name = ValuedCustom-PC | Source = Perflib | ID = 1008
Description =

Error - 9/16/2010 5:52:48 PM | Computer Name = ValuedCustom-PC | Source = Perflib | ID = 1010
Description =

Error - 9/16/2010 5:52:49 PM | Computer Name = ValuedCustom-PC | Source = PerfNet | ID = 2004
Description =

Error - 9/16/2010 5:58:58 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/16/2010 6:20:55 PM | Computer Name = ValuedCustom-PC | Source = Application Error | ID = 1000
Description = Faulting application gmer.exe, version 1.0.15.15281, time stamp 0x4b2763f0,
faulting module gmer.exe, version 1.0.15.15281, time stamp 0x4b2763f0, exception
code 0xc0000005, fault offset 0x0000c4b1, process id 0x8b8, application start time
0x01cb55ed245cd990.

Error - 9/16/2010 6:24:40 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =

Error - 9/16/2010 6:50:28 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 9/16/2010 5:58:59 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/16/2010 5:58:59 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/16/2010 6:22:42 PM | Computer Name = ValuedCustom-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:21:14 PM on 9/16/2010 was unexpected.

Error - 9/16/2010 6:24:41 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/16/2010 6:24:41 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/16/2010 6:24:41 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 9/16/2010 6:48:55 PM | Computer Name = ValuedCustom-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:39:34 PM on 9/16/2010 was unexpected.

Error - 9/16/2010 6:50:30 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/16/2010 6:50:30 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/16/2010 6:50:30 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP