Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

ClickPotatoLite headache

Started by astro61200 , Oct 15 2010 04:39 AM

  • Please log in to reply

#1
astro61200
Posted 15 October 2010 - 04:39 AM

astro61200

    New Member

  • Member
  • Pip
  • 2 posts
I let my roommate use my computer on Wednesday night, and he downloaded ClickPotatoLite disguised DivX codec to allow him to watch free movies

I did do a search of the board and came across: http://www.geekstogo...nd-got-a-virus/

Unfortunately, I can't do too much more indepth searching or I may just break my computer in half

It started out as just the annoying pop ups, over and over again.. 67% of the time I clicked on search results from google it would send me to an advertisement instead

I then tried hijackthis, rebooted and, of course, they came right back.. I used Advanced SystemCare 3 to clean up a little bit, then followed that with ComboFix overnight.. That stopped the advertisements, but now if I try to load a page it comes up with "Server not found" or "Connection reset" about 75% of the time.. It is only the browsers tho, I also attempted it on Google Chrome with a 100% failure rate. If I load an instant messenger it connects and stays connected fine, so it is not my internet connection

Since ComboFix I've also ran: Malwarebyte's (updated, it removed 31 problems but it has only gotten worse), rkill, rubotted, trend micro housecall, regcure, OTL

Uninstalled rubotted and regcure after, since they are of no help at all.. I tried using the directions from the link I provided before, I uninstalled Java and installed the new update, rebooted, ran OTL with the perimeters listed, but it told me it didnt understand them, then rebooted and did nothing else

I tried running the virus scan provided (Kaspersky) however since it has to download things from a website, there is absolutely no chance it is going to be able to maintain a connection the entire time it does this.. I have tried it 5 times and only twice actually made it to it was able to download any information, and the longest it went before losing connection was about 6 minutes

If anyone could help it would be greatly appreciated, normally I can fix these things relatively easily but this one is a massive pain

I'll provide my Malwarebyte's log from earlier in another post
  • 0

Advertisements

#2
astro61200
Posted 15 October 2010 - 04:45 AM

astro61200

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
I can't find my Malwarebyte's log, but here is an OTL log from just running a scan:

OTL logfile created on: 10/15/2010 5:34:35 AM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Scott\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 173.81 Gb Free Space | 60.88% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.73 Gb Free Space | 57.29% Space Free | Partition Type: NTFS

Computer Name: LAPTOP_II | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/10/15 04:36:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Downloads\OTL.exe
PRC - [2010/08/13 13:02:16 | 000,033,056 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/08/10 00:00:42 | 000,013,088 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
PRC - [2010/04/03 13:00:11 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/07/27 20:19:10 | 000,199,184 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2008/01/02 00:37:16 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2008/01/02 00:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/12/21 11:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe
PRC - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSK\msksrver.exe
PRC - [2007/11/01 20:12:38 | 000,582,992 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2007/11/01 20:12:38 | 000,265,040 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcuimgr.exe
PRC - [2007/09/24 05:27:38 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/24 05:27:30 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/24 05:27:28 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/24 05:27:28 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/07/25 17:41:42 | 000,647,168 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
PRC - [2007/07/25 17:22:44 | 000,327,680 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
PRC - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2006/11/27 10:14:52 | 000,180,224 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe
PRC - [2006/11/03 19:02:14 | 000,050,688 | ---- | M] (Avanquest Software ) -- C:\Program Files\Digital Line Detect\DLG.exe


========== Modules (SafeList) ==========

MOD - [2010/10/15 04:36:36 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Scott\Downloads\OTL.exe
MOD - [2008/01/20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2008/01/20 22:23:44 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2010/08/13 12:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/03 12:18:29 | 000,072,704 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe -- (Creative Labs Licensing Service)
SRV - [2008/01/25 02:38:12 | 002,458,128 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/09 17:50:22 | 000,767,976 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2008/01/02 00:37:08 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/12/11 13:33:42 | 000,358,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2007/12/05 11:04:10 | 000,695,624 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2007/11/26 11:46:14 | 000,023,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2007/11/07 10:35:40 | 000,378,184 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2007/07/25 17:41:42 | 000,647,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng) Intel®
SRV - [2007/07/25 17:22:44 | 000,327,680 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc) Intel®
SRV - [2007/07/24 13:02:14 | 000,144,704 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2007/07/18 16:54:42 | 000,856,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\TMPassthru.sys -- (TMPassthruMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Scott\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2010/02/24 14:11:40 | 000,023,920 | ---- | M] (MediaMall Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\povrtdev.sys -- (msvad_simple)
DRV - [2008/01/20 22:23:49 | 000,007,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\umpass.sys -- (UMPass)
DRV - [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/01/20 22:23:00 | 000,000,000 | ---- | M] () [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\errdev.sys -- (ErrDev)
DRV - [2008/01/14 06:06:32 | 000,021,632 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ManyCam.sys -- (ManyCam)
DRV - [2008/01/02 00:37:18 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/12/03 01:59:06 | 000,007,424 | ---- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Vfx.sys -- (OEM02Vfx)
DRV - [2007/12/03 01:58:50 | 000,235,648 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OEM02Dev.sys -- (OEM02Dev)
DRV - [2007/12/02 13:51:42 | 000,040,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2007/11/22 07:44:08 | 000,201,320 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2007/11/22 07:44:08 | 000,079,304 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2007/11/22 07:44:08 | 000,035,240 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2007/11/22 07:44:04 | 000,033,832 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/09/24 05:27:26 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/08/13 05:44:26 | 002,226,688 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/07/13 07:21:12 | 000,125,728 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Mpfp.sys -- (MPFP)
DRV - [2007/06/25 05:13:14 | 007,110,880 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/02/12 17:36:54 | 000,277,784 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastor.sys -- (iaStor)
DRV - [2006/11/27 03:48:46 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2006/11/27 03:48:44 | 000,043,520 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/27 03:48:44 | 000,032,256 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/11/21 08:25:44 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2006/11/02 22:43:30 | 000,986,624 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2006/11/02 22:42:18 | 000,206,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2006/11/02 22:42:08 | 000,659,968 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/04 20:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2005/05/26 11:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6092

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaulturl: "http://www.dymasearc...rc=tops&#38;q="
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google.com (in English)"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.facebook.com/"
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: [email protected]:2.21.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.5.3
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..keyword.URL: "http://www.dymasearc...rc=tops&#38;q="


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\ClickPotatoLite\bin\10.0.530.0\firefox\extensions
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/06 02:34:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/15 04:43:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2010/10/06 02:34:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 2.0.0.24\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins [2010/10/06 02:34:10 | 000,000,000 | ---D | M]

[2010/09/26 16:38:30 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions
[2010/09/26 16:38:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/03/26 00:29:25 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/10/15 05:34:11 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions
[2009/09/18 05:26:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010/08/08 03:41:50 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/08 03:41:58 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/03 20:39:43 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions\[email protected]
[2010/08/08 03:41:49 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions\[email protected]
[2010/08/08 03:41:51 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions\[email protected]
[2010/05/09 09:20:13 | 000,000,000 | ---D | M] -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\extensions\[email protected]
[2009/09/26 21:10:25 | 000,004,385 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\searchplugins\espn-search.xml
[2010/09/24 20:27:13 | 000,000,744 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\searchplugins\facebook.xml
[2010/08/31 10:39:12 | 000,005,475 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\searchplugins\googlecom-in-english.xml
[2008/07/08 21:26:22 | 000,001,632 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\searchplugins\weathercom.xml
[2008/07/22 23:10:58 | 000,002,105 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Profiles\qjh2xn8d.default\searchplugins\youtube-video-search.xml
[2010/10/15 05:34:11 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/16 01:23:33 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010/10/15 04:43:18 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/10/15 04:42:43 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/10/07 12:06:22 | 000,002,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google_search.xml

O1 HOSTS File: ([2010/10/15 00:33:07 | 000,000,734 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\SBAudigy\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 74.128.19.102 74.128.17.114
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Scott\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/10/15 05:13:10 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/10/15 04:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2010/10/15 04:43:07 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/10/15 04:43:07 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/15 04:43:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/15 04:43:07 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/15 04:33:01 | 000,000,000 | ---D | C] -- C:\Windows\TEMP
[2010/10/15 01:25:21 | 000,000,000 | --SD | C] -- C:\CFSsys
[2010/10/15 01:23:49 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2010/10/15 01:14:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2010/10/15 00:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/10/14 20:22:50 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Scott\Desktop\Explorer.exe.exe
[2010/10/14 15:45:40 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\temp
[2010/10/14 03:40:47 | 000,000,000 | -H-D | C] -- C:\Users\Public\Documents\Server
[2010/10/12 17:55:26 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Local\WinZip
[2010/10/06 02:36:25 | 000,000,000 | ---D | C] -- C:\Users\Scott\AppData\Roaming\Apple Computer
[2010/10/06 02:36:13 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\System32\GEARAspi.dll
[2010/10/06 02:35:05 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/10/06 02:34:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/10/06 02:33:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/10/06 02:30:57 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/10/06 02:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2010/10/06 02:28:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/10/15 05:43:31 | 000,841,216 | ---- | M] () -- C:\Windows\System32\drivers\crbtoz.sys
[2010/10/15 05:33:07 | 000,007,931 | ---- | M] () -- C:\Windows\System32\Config.MPF
[2010/10/15 05:31:47 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job
[2010/10/15 05:30:44 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/15 05:30:42 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/15 04:42:41 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010/10/15 04:42:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010/10/15 04:42:40 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010/10/15 04:42:39 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010/10/15 03:12:35 | 000,023,815 | ---- | M] () -- C:\Users\Scott\Desktop\jest.jpg
[2010/10/15 03:01:24 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4173546871-34337042-302931240-1000UA.job
[2010/10/15 01:54:36 | 000,027,858 | ---- | M] () -- C:\Users\Scott\Desktop\ObamaTayyip420.jpg
[2010/10/15 01:23:16 | 003,878,092 | R--- | M] () -- C:\Users\Scott\Desktop\CFSsys.exe
[2010/10/15 00:59:59 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\McDefragTask.job
[2010/10/15 00:33:07 | 000,000,734 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010/10/15 00:09:19 | 000,000,134 | ---- | M] () -- C:\Users\Scott\Desktop\hostsperm.bat
[2010/10/14 20:23:01 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Scott\Desktop\Explorer.exe.exe
[2010/10/14 17:01:01 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4173546871-34337042-302931240-1000Core.job
[2010/10/14 16:57:56 | 000,002,085 | ---- | M] () -- C:\Users\Scott\Desktop\Google Chrome.lnk
[2010/10/14 16:57:56 | 000,002,047 | ---- | M] () -- C:\Users\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/14 15:36:17 | 000,027,335 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\nvModes.001
[2010/10/14 03:43:23 | 000,000,120 | ---- | M] () -- C:\Users\Scott\AppData\Local\Wbevilahetil.dat
[2010/10/14 03:43:23 | 000,000,000 | ---- | M] () -- C:\Users\Scott\AppData\Local\Wtoyimayobiquyep.bin
[2010/10/14 03:34:55 | 000,001,437 | ---- | M] () -- C:\Users\Scott\Desktop\DivX Movies.lnk
[2010/10/13 16:39:24 | 000,000,474 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Scott.job
[2010/10/07 14:35:25 | 000,007,949 | ---- | M] () -- C:\Users\Scott\Desktop\pad.jpg
[2010/10/06 19:11:24 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/10/06 09:38:12 | 000,000,133 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\asdsada.bat
[2010/10/06 02:34:02 | 000,001,688 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/04 05:55:00 | 002,203,085 | ---- | M] () -- C:\Users\Scott\Desktop\lg.jpg.psd
[2010/10/04 05:54:52 | 000,616,427 | ---- | M] () -- C:\Users\Scott\Desktop\lg.jpg
[2010/10/01 12:49:46 | 000,000,680 | ---- | M] () -- C:\Users\Scott\AppData\Local\d3d9caps.dat
[2010/09/30 13:33:48 | 000,027,335 | ---- | M] () -- C:\Users\Scott\AppData\Roaming\nvModes.dat
[2010/09/15 15:11:35 | 000,424,208 | ---- | M] () -- C:\Users\Scott\Desktop\sacha.jpg
[2010/09/15 15:05:55 | 042,030,249 | ---- | M] () -- C:\Users\Scott\Desktop\sacha.rtf
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/10/15 03:12:34 | 000,023,815 | ---- | C] () -- C:\Users\Scott\Desktop\jest.jpg
[2010/10/15 01:54:34 | 000,027,858 | ---- | C] () -- C:\Users\Scott\Desktop\ObamaTayyip420.jpg
[2010/10/15 01:22:53 | 003,878,092 | R--- | C] () -- C:\Users\Scott\Desktop\CFSsys.exe
[2010/10/15 00:09:21 | 000,000,134 | ---- | C] () -- C:\Users\Scott\Desktop\hostsperm.bat
[2010/10/14 16:57:56 | 000,002,085 | ---- | C] () -- C:\Users\Scott\Desktop\Google Chrome.lnk
[2010/10/14 16:57:56 | 000,002,047 | ---- | C] () -- C:\Users\Scott\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2010/10/14 16:56:07 | 000,000,908 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4173546871-34337042-302931240-1000UA.job
[2010/10/14 16:56:06 | 000,000,856 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4173546871-34337042-302931240-1000Core.job
[2010/10/14 06:36:01 | 000,007,931 | ---- | C] () -- C:\Windows\System32\Config.MPF
[2010/10/14 03:43:23 | 000,000,120 | ---- | C] () -- C:\Users\Scott\AppData\Local\Wbevilahetil.dat
[2010/10/14 03:43:23 | 000,000,000 | ---- | C] () -- C:\Users\Scott\AppData\Local\Wtoyimayobiquyep.bin
[2010/10/14 03:42:41 | 000,841,216 | ---- | C] () -- C:\Windows\System32\drivers\crbtoz.sys
[2010/10/14 03:34:55 | 000,001,437 | ---- | C] () -- C:\Users\Scott\Desktop\DivX Movies.lnk
[2010/10/07 14:35:25 | 000,007,949 | ---- | C] () -- C:\Users\Scott\Desktop\pad.jpg
[2010/10/06 09:38:12 | 000,000,133 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\asdsada.bat
[2010/10/06 02:36:18 | 000,002,191 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/10/06 02:34:02 | 000,001,688 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/10/04 05:55:00 | 002,203,085 | ---- | C] () -- C:\Users\Scott\Desktop\lg.jpg.psd
[2010/10/04 05:54:50 | 000,616,427 | ---- | C] () -- C:\Users\Scott\Desktop\lg.jpg
[2010/09/15 15:11:33 | 000,424,208 | ---- | C] () -- C:\Users\Scott\Desktop\sacha.jpg
[2010/09/15 15:04:51 | 042,030,249 | ---- | C] () -- C:\Users\Scott\Desktop\sacha.rtf
[2010/07/28 22:29:41 | 000,192,512 | ---- | C] () -- C:\Windows\System32\ssresources.dll
[2010/07/28 22:29:41 | 000,020,481 | ---- | C] () -- C:\Windows\System32\SystemsHook.dll
[2010/06/04 18:47:02 | 000,000,036 | ---- | C] () -- C:\Users\Scott\AppData\Local\housecall.guid.cache
[2009/11/18 01:13:18 | 008,673,792 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/07/22 01:20:32 | 000,000,680 | ---- | C] () -- C:\Users\Scott\AppData\Local\d3d9caps.dat
[2009/06/11 23:38:23 | 000,004,987 | ---- | C] () -- C:\ProgramData\ojvzdisj.xda
[2009/05/28 01:18:10 | 000,815,104 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/05/28 01:18:10 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/05/13 02:35:28 | 000,023,888 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\UserTile.png
[2008/09/20 06:18:30 | 000,001,406 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\wklnhst.dat
[2008/08/03 15:55:37 | 000,107,520 | ---- | C] () -- C:\Users\Scott\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/10 07:26:16 | 000,027,335 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\nvModes.001
[2008/07/09 21:43:43 | 000,027,335 | ---- | C] () -- C:\Users\Scott\AppData\Roaming\nvModes.dat
[2008/07/03 14:56:20 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/07/03 12:19:03 | 000,101,376 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2008/07/03 12:19:03 | 000,066,560 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2008/07/03 12:19:03 | 000,000,628 | ---- | C] () -- C:\Windows\System32\PCI_VEN_1102&DEV_FF05&SUBSYS_00001102.ini
[2008/01/20 23:13:20 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\errdev.sys
[2008/01/20 22:24:49 | 000,022,016 | ---- | C] () -- C:\Windows\System32\mtxdm.dll
[2008/01/20 22:24:43 | 000,027,136 | ---- | C] () -- C:\Windows\System32\mtxlegih.dll
[2007/07/25 17:40:02 | 000,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 04:59:02 | 000,011,264 | ---- | C] () -- C:\Windows\System32\nlmsprep.dll
[2006/11/02 04:57:24 | 000,042,496 | ---- | C] () -- C:\Windows\System32\ndishc.dll
[2006/11/02 04:47:56 | 000,016,896 | ---- | C] () -- C:\Windows\System32\msswch.dll
[2006/11/02 04:38:09 | 000,007,680 | ---- | C] () -- C:\Windows\System32\KBDYCL.DLL
[2006/11/02 04:38:09 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDYCC.DLL
[2006/11/02 04:38:09 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDYAK.DLL
[2006/11/02 04:38:08 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDUSX.DLL
[2006/11/02 04:38:08 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDUZB.DLL
[2006/11/02 04:38:08 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDUSR.DLL
[2006/11/02 04:38:08 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDUSL.DLL
[2006/11/02 04:38:08 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDUSA.DLL
[2006/11/02 04:38:08 | 000,000,000 | ---- | C] () -- C:\Windows\System32\KBDVNTC.DLL
[2006/11/02 04:38:07 | 000,007,168 | ---- | C] () -- C:\Windows\System32\KBDUKX.DLL
[2006/11/02 04:38:06 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDTIPRC.DLL
[2006/11/02 04:38:06 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDUGHR.DLL
[2006/11/02 04:38:05 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDTH0.DLL
[2006/11/02 04:38:05 | 000,006,144 | ---- | C] () -- C:\Windows\System32\KBDTAT.DLL
[2006/11/02 04:38:03 | 000,007,168 | ---- | C] () -- C:\Windows\System32\KBDSL1.DLL
[2006/11/02 04:38:02 | 000,006,656 | ---- | C] () -- C:\Windows\System32\KBDSF.DLL
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:B0A96209

< End of report >

OTL Extras logfile created on: 10/15/2010 5:34:35 AM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Scott\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 72.00% Memory free
7.00 Gb Paging File | 6.00 Gb Available in Paging File | 87.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.50 Gb Total Space | 173.81 Gb Free Space | 60.88% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.73 Gb Free Space | 57.29% Space Free | Partition Type: NTFS

Computer Name: LAPTOP_II | User Name: Scott | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- C:\Users\Scott\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Value error.
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" File not found
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{073394B3-94A2-4775-BD4E-9A5F039C6125}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{0F571620-6312-4757-88F2-B417B94F0059}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{20273D46-3F79-4EB3-A328-509E349225DE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2E63640E-BCE1-418F-985C-7238F4F6F4C4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3118C7B2-1FE0-44E1-8A1B-E1397035D9AC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32B1B07E-1F23-4FE0-82D8-B67A2A414708}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{32EBA715-7FCE-4C4F-8B42-E9688CF2641C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{394B8D6C-3A19-4ABB-8E0A-AB83891D34BE}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{46C136F9-98DE-4D9E-9798-3673D65FB191}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{51A77B76-7B4F-435B-9F1C-352E4CEF5F12}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5274463A-88BD-46DE-8767-7DD09BE190EF}" = rport=10244 | protocol=6 | dir=out | app=system |
"{53BD9D14-687A-4A1A-A161-1EDA9E05E823}" = lport=3390 | protocol=6 | dir=in | app=system |
"{5E0C792A-CFB5-43FB-B3EB-DB528ADD9427}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6314F379-2668-40DA-ACAD-832F1A860A5E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{641B9DB4-8B00-45A9-A28A-18FEB2F96D05}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{676640BC-9CBE-4430-8A4A-EBC2982C2685}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{682B535F-80A7-4345-BD52-6393F7D6EA22}" = lport=139 | protocol=6 | dir=in | app=system |
"{69082A88-8243-4537-93FC-E3D6CD47A18E}" = rport=10244 | protocol=6 | dir=out | app=system |
"{6992F177-6190-456D-AF31-61D9F04786E5}" = lport=445 | protocol=6 | dir=in | app=system |
"{7316BECA-821C-4374-8443-175D02D90A88}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78A80B3C-BBC4-484D-BD28-058970681409}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E495B75-A47D-4B8F-BE7A-84F8B5E237B3}" = lport=137 | protocol=17 | dir=in | app=system |
"{8E36B612-2A17-49EC-B644-E224FC932745}" = lport=3390 | protocol=6 | dir=in | app=system |
"{997D981A-F62A-4645-9CFD-BCA53C6F495C}" = lport=10244 | protocol=6 | dir=in | app=system |
"{A3A688B1-6B59-49C3-848F-1D0DCD2F3F16}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD9F3CA6-C29C-40F5-9C40-0338624C5D23}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{B3118B72-43A9-4580-9769-EAD2A1F4D5D6}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B385190D-A65A-4F71-B35A-BDF2284C30DD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{B4FFAF46-C8E8-4F7C-A6A0-E34D0A803373}" = rport=138 | protocol=17 | dir=out | app=system |
"{B70CBC18-D132-4899-8B8D-27E0AF8366BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA6E1825-8157-4CAF-B8B4-A24C4188F7B6}" = lport=10244 | protocol=6 | dir=in | app=system |
"{C19E6B7A-8F81-40EA-8540-CCE6072D4238}" = rport=139 | protocol=6 | dir=out | app=system |
"{C3FC2880-67CD-4640-BE0A-14B1892D231B}" = rport=445 | protocol=6 | dir=out | app=system |
"{C6FEE63E-F220-4313-8F87-BA3B612BA817}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CBDD45F1-CECC-44BA-8287-71EC59635C52}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D07EAA06-09E9-4307-BE75-1B6F9B5A0102}" = lport=138 | protocol=17 | dir=in | app=system |
"{D1E513FB-E5AE-484E-BC5A-3F02DC40DC2D}" = rport=137 | protocol=17 | dir=out | app=system |
"{D5D48E83-5473-40D1-AB6D-54FA47E7C6C2}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{DD0840BF-19D6-46BD-8067-7809DBE2C36C}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{EC73C1A6-BD10-420E-A33C-6FBE80590BEF}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{F3992D99-BE47-4A4D-AE8C-FA18DB188362}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEE3ED70-E880-43AF-8CB3-CFB531D4C80D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05092DDB-C15C-41F2-8CCF-CBD82D1AC4E2}" = protocol=6 | dir=in | app=c:\program files\tversity\media server\mediaserver.exe |
"{0F548CD6-DA26-46DF-95EF-987BA67EF26E}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{11BBF6A6-C365-4A1B-9979-9C7C69BCBA6D}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{1F64B4D6-D859-4843-9DD9-89F0C340B501}" = protocol=6 | dir=in | app=c:\windows\system32\spoolsv.exe |
"{237C7EF2-51DA-419F-9F8A-4D1587EDDA01}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{29E6B17A-EBE1-4E57-B0B3-8E36DCC70070}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{2BA53A37-2553-48FE-8842-12B83B2713D1}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{2C78921E-B5EE-4E3D-9A2B-887982685013}" = protocol=17 | dir=in | app=c:\program files\tversity\media server\mediaserver.exe |
"{32EB439C-49F1-4E1B-96B2-03EA7523F3EF}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{36F1F076-8294-469E-B454-D487387872E2}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{394D811E-B3F0-4575-8875-FDD9FF5173E5}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{399DF00F-8903-4108-BD92-83F26042883F}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{434A516B-2B2C-43CB-8248-568E607AF0F0}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{436A9012-59EC-45DD-B71B-0D1F5C75E94C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{44CABE0B-5BA2-4157-AC4D-8160DB3222BA}" = protocol=17 | dir=in | app=c:\program files\mediamall\mediamallserver.exe |
"{4A7987EA-0AAD-4BC3-A929-27CC0ED8DE50}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{4DC5DEB9-63F7-4591-BEF9-202E6E561F89}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4E3CFC53-2A6D-4306-960A-66DAF6B1A712}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{53536AF8-A4BC-4AD7-B894-589AE43E9F77}" = protocol=6 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{60E6A6B3-E83C-49A1-9236-0C2D53CEBCF5}" = protocol=6 | dir=in | app=c:\program files\mediamall\mediamallserver.exe |
"{630E1DF4-D1AA-40BA-B8FC-9E80D848CD8B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73A2B540-EC6E-4949-B34C-7558ABAFF74A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7440389E-0434-4416-808B-784BF37B783B}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"{7603248D-B850-478C-B153-374B06BD35DA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{76A5736B-5F58-454D-B6F2-3015D323991F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{78DD84E2-C817-40E2-91FD-51915A62FDCC}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{7954C34D-17C4-47AC-9B32-937D57E96F89}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{82CBF538-3C4E-4E97-B1E1-82D8932FDF1E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{8A6075A7-466F-4C5B-8ABE-49208E8D18AD}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{8C22084D-2AE2-4B86-B19D-7FA3AA5A03B9}" = protocol=17 | dir=in | app=c:\windows\system32\spoolsv.exe |
"{9A3D1323-5FB7-48AC-A2BE-F5A7A9E45A2C}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{9A5B118B-3209-44AE-8281-70C54EBFC76A}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{A0AEAB75-5AD7-4CBB-AFA0-93D0EC7B4268}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A446D288-7F29-4647-B876-CBD09F530267}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AA5FF2D1-2B74-47EA-9711-21BF4285C485}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{AF3F9B2A-0D81-4A17-9AF6-1D370BC5AB0E}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{B13D4FD7-040C-4CB1-8C43-EDC585F78B8E}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{B6C93A80-357A-4462-B2AF-80FD3208A220}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{B6DAD6FB-37A4-4ED1-8462-7FEB880786D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6F5F14B-F814-4BD9-AE79-32240317F484}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{B7983E65-ECBD-4DA3-9EE9-60DAFFEC327B}" = protocol=17 | dir=in | app=c:\program files\common files\pure networks shared\platform\nmsrvc.exe |
"{B7EE40A1-D335-4272-ADC9-BAE76EC39F1C}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{BA420AC8-4943-4420-881B-FE563DD70CBF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C78BB18A-BC6A-4189-8ABA-3877A5ABE296}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{D2ADBF2E-436C-4117-A8B0-35AED2197C3B}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{D3EAE170-D0FB-4537-9358-E371CFCDA620}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD2B5FD8-5344-4DAA-B858-9840612A00B7}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{E41DEA49-DAFF-4393-AE87-59A5A685F286}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{E48FA662-091F-4969-910A-AEE7EC2EB7DB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E9677C08-1624-48D8-8106-51D1B22A9341}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{ED1F2F28-114B-43E7-8D97-2F1F6C150A62}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{EE9EEECE-2DC1-4F0B-9F6E-DF21069C7A9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F0B9C89E-3123-47F2-A091-B6DF9301CEB0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F90E2992-5CE8-4137-9E3B-39E4D6A2B093}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FE07C896-72CB-4997-AFA8-859E3C1F3101}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"TCP Query User{3AE6B122-C596-42ED-A80F-0D2524D60470}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{45AED4C9-C644-4390-956C-06D520AA9498}C:\program files\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files\mirc\mirc.exe |
"TCP Query User{56858503-C511-401D-A9F6-18F9BD8FBF71}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{788B2C65-ADA3-4CAA-B0FC-FA9DD98D010B}C:\program files\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files\mirc\mirc.exe |
"UDP Query User{EEA3DFF6-5140-44B6-9E56-7D7B81B9DFC3}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{F74EF6B8-5B9E-4A65-AE36-5F8484502E34}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java™ 6 Update 22
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{53C6D09E-EAB6-49E5-BA4C-BA7FF13830FB}" = Sound Blaster Audigy ADVANCED MB
"{53FA9A9F-3C19-4D43-AD6B-DEF365D469BA}" = Camtasia Studio 7
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8CA199A8-574E-432F-A98F-A55741E233D1}_is1" = 3GP Player 2010
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90840409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Excel Viewer 2003
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9DF0BE48-16F0-4E36-814D-9B4FDFFAF25F}" = PayPal Plug-In
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"7-Zip" = 7-Zip 9.10 beta
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced SystemCare 3_is1" = Advanced SystemCare 3
"Advanced Video FX Engine" = Advanced Video FX Engine
"AIM_7" = AIM 7
"CCleaner" = CCleaner (remove only)
"ClickPotatoLiteSA" = ClickPotato
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"ESET Online Scanner" = ESET Online Scanner v3
"Graboid Video" = Graboid Video 1.73
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"LimeWire" = LimeWire PRO 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"ManyCam" = ManyCam 2.4 (remove only)
"McAfee Security Scan" = McAfee Security Scan
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"mIRC" = mIRC
"Mozilla ActiveX Control v1.7.12" = Mozilla ActiveX Control v1.7.12
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Mozilla Thunderbird (2.0.0.24)" = Mozilla Thunderbird (2.0.0.24)
"MSC" = McAfee SecurityCenter
"NSS" = Norton Security Scan
"NVIDIA Drivers" = NVIDIA Drivers
"Poker Tracker Version 2.17.03j_is1" = Poker Tracker Version 2.17.03j
"PokerAce Hud" = PokerAce Hud (remove only)
"PokerStars" = PokerStars
"ProInst" = Intel® PROSet/Wireless Software
"Security Task Manager" = Security Task Manager 1.7h
"ShortKeys Lite" = ShortKeys Lite
"Smart Defrag_is1" = Smart Defrag 1.20
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"System Explorer_is1" = System Explorer 2.3.4
"uTorrent" = µTorrent
"Veetle TV" = Veetle TV 0.9.17
"WinAVI Video Converter_is1" = WinAVI Video Converter
"WinRAR archiver" = WinRAR archiver
"WinZip Self-Extractor" = WinZip Self-Extractor
"Xvid_is1" = Xvid 1.2.1 final uninstall
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/14/2010 5:26:34 AM | Computer Name = Laptop_II | Source = EventSystem | ID = 4609
Description =

Error - 10/14/2010 5:27:25 AM | Computer Name = Laptop_II | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2010 5:39:17 AM | Computer Name = Laptop_II | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2010 5:40:57 AM | Computer Name = Laptop_II | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 10/14/2010 6:38:19 AM | Computer Name = Laptop_II | Source = EventSystem | ID = 4609
Description =

Error - 10/14/2010 6:39:15 AM | Computer Name = Laptop_II | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2010 6:53:04 AM | Computer Name = Laptop_II | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2010 3:32:29 PM | Computer Name = Laptop_II | Source = WinMgmt | ID = 10
Description =

Error - 10/14/2010 3:39:20 PM | Computer Name = Laptop_II | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6001.18164 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: b20 Start Time: 01cb6bd66b9339f2 Termination Time: 140

Error - 10/14/2010 3:40:48 PM | Computer Name = Laptop_II | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

[ Media Center Events ]
Error - 10/6/2008 12:35:28 PM | Computer Name = Laptop_II | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.

Error - 11/18/2009 6:54:45 AM | Computer Name = Laptop_II | Source = Mcx2Dvcs | ID = 405
Description =

Error - 11/18/2009 7:13:25 AM | Computer Name = Laptop_II | Source = Mcx2Prov | ID = 505
Description =

Error - 11/18/2009 7:13:25 AM | Computer Name = Laptop_II | Source = Mcx2Dvcs | ID = 405
Description =

Error - 11/18/2009 7:13:26 AM | Computer Name = Laptop_II | Source = Mcx2Svc | ID = 301
Description =

Error - 5/20/2010 8:44:13 PM | Computer Name = Laptop_II | Source = McrMgr | ID = 109
Description =

Error - 5/20/2010 8:47:31 PM | Computer Name = Laptop_II | Source = McrMgr | ID = 109
Description =

Error - 5/22/2010 1:51:12 PM | Computer Name = Laptop_II | Source = McrMgr | ID = 109
Description =

Error - 5/22/2010 1:58:10 PM | Computer Name = Laptop_II | Source = McrMgr | ID = 109
Description =

Error - 5/22/2010 11:01:17 PM | Computer Name = Laptop_II | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 10/19/2009 4:20:25 AM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/19/2009 4:20:25 AM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 6:31:03 PM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 6:31:03 PM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 6:31:03 PM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 6:31:03 PM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 6:31:03 PM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 6:31:03 PM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 6:31:03 PM | Computer Name = Laptop_II | Source = DCOM | ID = 10016
Description =

Error - 10/20/2009 8:22:52 PM | Computer Name = Laptop_II | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:21:52 PM on 10/20/2009 was unexpected.


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP