Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

letstrywithme virus-redirect

Started by tonegeek , Jan 05 2011 05:38 PM

  • Please log in to reply

#1
tonegeek
Posted 05 January 2011 - 05:38 PM

tonegeek

    New Member

  • Member
  • Pip
  • 1 posts
Google searches get redirected to letstrywithme.com. This happens on only one of three accounts on my acer laptop (running Vista home basic). It is intermittent, but happens most of the time. I thought it was my HOSTS file but that has been reset to the default with only one entry and it still happens. I ran Malwarebytes to no avail. have not tried other tools yet.

I ran OTL from the account with the issue. heres my OTL log (EDIT::and the extra file):
OTL logfile created on: 1/5/2011 6:23:08 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Public\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.52 Gb Total Space | 22.39 Gb Free Space | 32.21% Space Free | Partition Type: NTFS
Drive D: | 69.52 Gb Total Space | 52.07 Gb Free Space | 74.89% Space Free | Partition Type: NTFS
Drive E: | 618.47 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MOON | User Name: Whit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/05 18:17:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Public\Downloads\OTL.exe
PRC - [2010/12/10 19:08:29 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 19:08:28 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2009/07/26 13:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/06/28 10:30:42 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Sarah\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/06/26 15:30:24 | 000,204,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Users\Whit\AppData\Local\Temp\RtkBtMnt.exe
PRC - [2009/05/19 17:39:44 | 000,136,544 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/21 14:41:40 | 003,922,072 | ---- | M] (Oberon Media Inc.) -- C:\Program Files\Acer GameZone\GameConsole\Acer Game Console.exe
PRC - [2008/07/02 22:27:12 | 006,266,880 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/20 21:33:00 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/12/06 19:15:28 | 000,110,592 | ---- | M] () -- C:\ACER\Mobility Center\MobilityService.exe
PRC - [2006/11/02 07:34:44 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe


========== Modules (SafeList) ==========

MOD - [2011/01/05 18:17:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Public\Downloads\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/18 15:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010/03/18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/11/28 09:56:06 | 000,024,576 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008/04/26 00:36:20 | 000,045,056 | ---- | M] (NewTech InfoSystems, Inc.) [Disabled | Stopped] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/26 00:36:02 | 000,131,072 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/03 16:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Disabled | Stopped] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2008/01/20 21:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/06 19:15:28 | 000,110,592 | ---- | M] () [Auto | Running] -- C:\Acer\Mobility Center\MobilityService.exe -- (MobilityService)
SRV - [2007/01/04 18:48:50 | 000,112,152 | ---- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/03/04 12:50:14 | 000,261,152 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/10 23:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2008/10/01 09:04:16 | 000,012,832 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\int15.sys -- (int15)
DRV - [2008/08/06 21:40:40 | 000,129,552 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2008/07/28 02:53:48 | 000,919,552 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/07/04 01:35:40 | 003,847,168 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/07/03 04:03:48 | 002,152,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/28 08:26:42 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008/02/21 22:50:48 | 000,198,064 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/30 04:52:06 | 000,014,848 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV - [2008/01/30 04:51:50 | 000,013,824 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\UBHelper.sys -- (UBHelper)
DRV - [2008/01/23 06:18:28 | 001,187,320 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BCMWL6.SYS -- (BCM43XX)
DRV - [2008/01/20 21:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 21:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 21:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 21:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 21:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 21:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 21:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 21:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 21:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 21:32:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2008/01/20 21:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 21:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 21:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 21:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 21:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 21:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 21:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 21:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 21:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 21:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 21:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 21:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/20 21:32:21 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/01/20 21:32:21 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/01/20 21:32:21 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/04/17 19:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/11/02 08:29:38 | 000,021,264 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DKbFltr.sys -- (DKbFltr)
DRV - [2006/11/02 08:27:36 | 000,020,112 | ---- | M] (Dritek System Inc.) [Kernel | System | Running] -- C:\Program Files\Launch Manager\DPortIO.sys -- (DritekPortIO)
DRV - [2006/11/02 04:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 04:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 04:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 04:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 04:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 04:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 04:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 04:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 04:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 04:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 04:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 03:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 03:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 03:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 03:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 03:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 03:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 02:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_5515
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...9&m=aspire_5515

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...9&m=aspire_5515
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///C:/Bookmark.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.startup.homepage: "file:///C:/bookmark.htm"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/25 08:21:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 08:21:10 | 000,000,000 | ---D | M]

[2010/02/14 20:28:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Whit\AppData\Roaming\Mozilla\Extensions
[2010/10/02 18:31:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Whit\AppData\Roaming\Mozilla\Firefox\Profiles\2zrcvv06.default\extensions
[2010/02/15 15:39:31 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Whit\AppData\Roaming\Mozilla\Firefox\Profiles\2zrcvv06.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/15 16:52:38 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Whit\AppData\Roaming\Mozilla\Firefox\Profiles\2zrcvv06.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/09/29 06:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/09/29 06:06:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2010/12/27 13:35:14 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O4 - HKLM..\Run: [Acer Product Registration] C:\Program Files\Acer\Acer Registration\ACE1.exe (Leader Technologies)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [eRecoveryService] File not found
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe (CANON INC.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: inmar.com ([webmail] https in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.152.128.23 205.152.37.23
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img23.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003/08/27 03:47:09 | 000,561,152 | R--- | M] (Electronic Arts Inc.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2003/08/27 03:23:35 | 001,736,704 | R--- | M] () - E:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2003/08/27 03:47:12 | 000,000,000 | ---D | M] - E:\autorun -- [ CDFS ]
O32 - AutoRun File - [2003/08/27 03:47:09 | 000,000,079 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{52fe680a-2939-11de-abc0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{52fe680a-2939-11de-abc0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2003/08/27 03:47:09 | 000,561,152 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/02 17:17:34 | 000,000,000 | ---D | C] -- C:\Users\Whit\Documents\SimCity 4
[2011/01/02 17:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis
[2011/01/02 17:07:39 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis
[2010/12/25 17:30:06 | 000,000,000 | ---D | C] -- C:\Users\Whit\AppData\Local\Apple Computer
[2010/12/25 17:15:39 | 000,000,000 | ---D | C] -- C:\Users\Whit\AppData\Roaming\Apple Computer
[2010/12/25 08:23:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2010/12/25 08:23:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010/12/25 08:22:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/12/25 08:22:35 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/12/25 08:22:35 | 000,000,000 | ---D | C] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/12/25 08:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2010/12/25 08:20:27 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/25 08:20:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/12/25 08:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/12/25 08:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2008/12/04 06:08:06 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll

========== Files - Modified Within 30 Days ==========

[2011/01/05 18:18:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/05 18:00:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 18:00:54 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 16:10:05 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/05 16:07:22 | 000,640,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/05 16:07:22 | 000,118,362 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/05 16:00:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/03 16:13:17 | 000,000,680 | ---- | M] () -- C:\Users\Whit\AppData\Local\d3d9caps.dat
[2011/01/03 10:22:52 | 000,015,360 | ---- | M] () -- C:\Users\Whit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/02 17:07:50 | 000,000,531 | ---- | M] () -- C:\Windows\eReg.dat
[2010/12/30 16:50:58 | 2950,676,480 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/27 13:35:14 | 000,000,761 | ---- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
[2010/12/27 07:31:52 | 000,000,512 | ---- | M] () -- C:\Windows\randseed.rnd
[2010/12/26 12:50:03 | 000,000,607 | ---- | M] () -- C:\Users\Public\Documents\More Public Docs.lnk
[2010/12/25 08:23:30 | 000,001,668 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/12/16 03:27:57 | 000,332,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

========== Files Created - No Company Name ==========

[2011/01/02 17:07:50 | 000,000,531 | ---- | C] () -- C:\Windows\eReg.dat
[2010/12/28 17:06:46 | 133,148,724 | ---- | C] () -- C:\Users\Public\Documents\NFSU.ipa
[2010/12/28 17:06:25 | 175,025,060 | ---- | C] () -- C:\Users\Public\Documents\Rock Band.ipa
[2010/12/26 12:50:03 | 000,000,607 | ---- | C] () -- C:\Users\Public\Documents\More Public Docs.lnk
[2010/12/25 08:23:30 | 000,001,668 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/07 13:34:56 | 000,027,503 | ---- | C] () -- C:\Users\Whit\AppData\Roaming\UserTile.png
[2010/08/27 16:20:37 | 000,003,890 | ---- | C] () -- C:\Windows\scad3.INI
[2010/08/21 10:23:53 | 000,000,783 | ---- | C] () -- C:\Windows\NTIWVEDT.INI
[2010/08/20 18:53:21 | 000,000,259 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/06/02 19:27:27 | 000,052,736 | -H-- | C] () -- C:\Windows\System32\dvdu_isv.dll
[2010/04/13 01:28:51 | 000,000,680 | ---- | C] () -- C:\Users\Whit\AppData\Local\d3d9caps.dat
[2010/01/25 13:50:59 | 000,087,552 | ---- | C] () -- C:\Windows\System32\cpwmon2k.dll
[2009/12/13 17:54:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/12/03 08:27:28 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/10/04 15:47:40 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/14 16:37:28 | 000,001,417 | ---- | C] () -- C:\Windows\QfnOnl.ini
[2009/09/14 16:37:27 | 000,000,052 | ---- | C] () -- C:\Windows\intuprof.ini
[2009/09/14 16:37:26 | 000,000,986 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2009/09/14 16:37:25 | 000,000,252 | ---- | C] () -- C:\Windows\ADDRBOOK.INI
[2009/09/14 16:37:22 | 000,207,872 | ---- | C] () -- C:\Windows\System32\RDMWIN32.DLL
[2009/09/14 16:37:22 | 000,000,038 | ---- | C] () -- C:\Windows\ACCWIZ.INI
[2009/09/14 16:37:21 | 000,000,362 | ---- | C] () -- C:\Windows\QDQICK.INI
[2009/09/14 16:37:16 | 000,000,054 | ---- | C] () -- C:\Windows\QFP.INI
[2009/09/14 16:37:16 | 000,000,054 | ---- | C] () -- C:\Windows\MFF.INI
[2009/07/09 20:51:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/28 16:16:01 | 000,015,360 | ---- | C] () -- C:\Users\Whit\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/06/26 15:32:13 | 000,487,424 | ---- | C] () -- C:\Windows\System32\INT15.dll
[2008/12/04 08:11:27 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/12/04 08:11:27 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/12/04 07:31:15 | 000,001,694 | ---- | C] () -- C:\Windows\RtDefLvl.ini
[2008/12/04 06:05:20 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008/12/04 06:05:09 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2004/01/24 19:24:10 | 000,032,768 | ---- | C] () -- C:\Program Files\counter.exe
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2010/08/25 17:29:37 | 000,000,000 | -HSD | M] -- C:\Users\Whit\AppData\Roaming\.#
[2009/06/26 15:30:30 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\Acer
[2008/12/04 07:57:50 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\Acer GameZone Console
[2010/10/26 18:45:18 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\Audacity
[2010/12/27 07:31:52 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\eMachineShop
[2009/06/26 16:36:11 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\InterVideo
[2009/06/26 15:30:18 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\Leadertech
[2010/11/07 13:34:56 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\PeerNetworking
[2010/04/16 18:43:16 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\PGP
[2010/06/26 09:58:54 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\Philipp Winterberg
[2010/03/05 19:40:02 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\Prish
[2010/01/19 16:09:03 | 000,000,000 | ---D | M] -- C:\Users\Whit\AppData\Roaming\SPORE
[2010/12/30 07:31:44 | 000,032,562 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\TEMP:AB689DEA
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:05113FB9
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:4D066AD2
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:73933431
@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:7CACEF61
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:C99F6ECA
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:F3176E45
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:F880DE59

< End of report >

OTL Extras logfile created on: 1/5/2011 6:23:08 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Public\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 51.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 69.52 Gb Total Space | 22.39 Gb Free Space | 32.21% Space Free | Partition Type: NTFS
Drive D: | 69.52 Gb Total Space | 52.07 Gb Free Space | 74.89% Space Free | Partition Type: NTFS
Drive E: | 618.47 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: MOON | User Name: Whit | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{073132DA-A776-468F-A8B7-152B2E132DF1}" = rport=138 | protocol=17 | dir=out | app=system |
"{269EDDC3-0659-4205-8112-4E8109942AD0}" = lport=445 | protocol=6 | dir=in | app=system |
"{318339EB-59BF-47A1-99B3-E034DD37D98C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{4CB87FF0-C823-4158-AD1C-C6556823E33C}" = rport=445 | protocol=6 | dir=out | app=system |
"{4DC9A37D-2086-4119-A53E-4FA124133E04}" = lport=139 | protocol=6 | dir=in | app=system |
"{62AFD4B1-3DD8-4E16-8BB5-7F2C60A1AB07}" = rport=137 | protocol=17 | dir=out | app=system |
"{64C4ACC5-1E93-4895-9613-EC07AE3469C7}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=c:\windows\system32\svchost.exe |
"{64FECEC0-C94D-4264-9097-F0A3619A7597}" = rport=139 | protocol=6 | dir=out | app=system |
"{676D698D-0679-4A79-BD1B-71DF0F30BEC1}" = lport=137 | protocol=17 | dir=in | app=system |
"{771C7525-46D3-4C8E-A5B7-22D7704145AA}" = lport=445 | protocol=6 | dir=in | app=system |
"{8FA70897-73BF-48AF-9A86-029116004318}" = lport=138 | protocol=17 | dir=in | app=system |
"{C42753C4-BBCF-47E8-A104-061E290B4D48}" = lport=445 | protocol=6 | dir=in | app=system |
"{C75E00C6-927D-4851-B019-2CED05A1AF80}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{CCD08C8A-495A-47E9-9304-7E19A79E075F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F56D4FF0-1FF3-495C-A450-B43A81D35ECB}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F21FA1-4BD1-4077-A06C-FBF32A08FFD6}" = protocol=1 | dir=out | [email protected],-28544 |
"{03D92D10-10A1-4C62-80C7-0491EECCC5E8}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{0DDE240D-FD2A-4050-AB17-AF76C247A3BE}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{24F43EA9-A6BE-4E8F-ADA6-D3FDB6BDFEE4}" = protocol=6 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{259F1611-C159-42C3-AFAF-5539853B7035}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{347B9D06-3B04-42B5-BCE2-052788AC0BA4}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{39BBC140-5EA9-497A-B9EC-B7B1C931E5FB}" = protocol=58 | dir=out | [email protected],-28546 |
"{5533EFBD-587E-4F6D-8CB1-9F6108E273C2}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{5A6A4999-D213-474E-9218-2C40DB4A4009}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{5F5E6067-EC42-4CF3-8A31-2D153A4B80E5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{7026D37A-3242-4A95-A1EB-1919F546EE1B}" = protocol=1 | dir=in | [email protected],-28543 |
"{93986BAE-5214-46DC-B318-141D2814B512}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A26F28B9-D840-4D6C-8600-01CF542B90BC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BCA0A6BF-F87E-4A4A-A63A-E80FD98B34F9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CFE4FE28-3EC5-4FA2-A6E5-C916CD1B584C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{D64DAAC3-3615-46D7-9676-E10679B9500C}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{DA8B1182-CEDA-46E1-8313-C91E91DD7275}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DD4D0CBA-3DA6-47CE-8A29-235A70466D56}" = protocol=17 | dir=in | app=c:\program files\ultravnc\vncviewer.exe |
"{FDAE876F-D3F3-4306-B663-020CB177AA89}" = protocol=58 | dir=in | [email protected],-28545 |
"TCP Query User{DFFAFA20-7447-4C79-96EB-2324E8123663}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2DA48B1C-CABF-4B72-B130-C9FEF103B679}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{071EA6A1-4189-3D9C-6B3F-0BE15495CE80}" = Catalyst Control Center Core Implementation
"{08137BF5-9879-EBDA-6462-79D3C6D113B2}" = Catalyst Control Center Localization Portuguese
"{09621381-D4B0-2D6A-AB14-E8CE4CD424D9}" = Catalyst Control Center Graphics Previews Vista
"{09D3675D-E1BB-1B3D-3F35-0338F7AAB0FD}" = Catalyst Control Center Localization Czech
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{11316260-6666-467B-AC34-183FCB5D4335}" = Acer Mobility Center Plug-In
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series" = Canon MP640 series MP Drivers
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{1DE63D16-8A5E-74AB-1A5F-6E1834234229}" = CCC Help Chinese Standard
"{1EAD84B8-0075-432A-BFFF-B197581265AF}" = Transparent Language System
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{254C0471-5FDF-D591-1219-112ABECED882}" = CCC Help German
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java™ 6 Update 21
"{285432CE-2033-7317-27FC-DFB027E24F33}" = Catalyst Control Center Localization French
"{29E1DB75-A926-D7A5-6773-E24477526D49}" = CCC Help Chinese Traditional
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2B82EEF1-A86E-CE6A-E7E6-ED114131E383}" = Catalyst Control Center Graphics Full New
"{2F3FC1A5-37B4-7685-7295-37FD1B3FE806}" = CCC Help Danish
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{32EBA2B9-23F8-82A8-E229-0F283EE902B0}" = CCC Help Portuguese
"{3A2536D9-53FF-CD79-F46C-9E3902D2EEBA}" = CCC Help English
"{3A6CE5E6-7416-37A1-1DA2-2BCB0A9CF444}" = Catalyst Control Center Localization Japanese
"{3A7D9B34-E8A9-A352-20C1-0607B1D5F8B6}" = Catalyst Control Center Localization Chinese Traditional
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F9544A3-63B0-E523-D212-5C010368E492}" = Catalyst Control Center Localization Spanish
"{41802C9A-1BF6-9A4E-D903-C6587560D758}" = Catalyst Control Center Localization Chinese Standard
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{505AFDC0-5E72-4928-8368-5DEA385E3647}" = CorelDRAW Graphics Suite 12
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58D9BD9C-C96F-F308-5D72-371A9D3CC939}" = CCC Help Dutch
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{6165BE73-8AC5-A2B6-8910-963387FE5B9B}" = Catalyst Control Center Localization Russian
"{67A8747E-0517-75EF-244F-9E219C440107}" = ATI Catalyst Install Manager
"{6A25BA91-82D1-0841-FC65-57CE27540922}" = Catalyst Control Center Localization Danish
"{6A41CE62-8379-2A4D-E690-AA5D4DA8A279}" = ccc-core-static
"{6BB99DE2-D79C-B223-8D4F-E3D80A478D0F}" = CCC Help Polish
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E52D2FB-5FB5-334E-86F9-4316EEDC2926}" = ccc-utility
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72BBB36F-D323-0746-4F92-083E4C5EAC52}" = CCC Help Czech
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7DDF474C-2AF9-4A3B-57E0-FBF31ED2C913}" = Catalyst Control Center Localization Polish
"{7E992D2F-5D9F-0A2A-302E-E4AC8FB79F47}" = Catalyst Control Center Graphics Full Existing
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FEFAD2B-CD9B-478F-8AD4-4A9B54FB786D}" = Prish Image Resizer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110082360}" = Alien Shooter
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110422467}" = Tiks Texas Hold em
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111940693}" = Bookworm Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112028410}" = Putt Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112548397}" = The Rise of Atlantis
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113848220}" = Agatha Christie Peril at End House
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113919217}" = Mythic Mahjong
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114072167}" = Go-Go Gourmet
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11408540}" = Magic Match Adventures
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114086870}" = Womens Murder Club
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114717227}" = Magic Farm
"{84DB8DAE-531B-FDA4-E683-8C82F0F81F26}" = Catalyst Control Center Localization Turkish
"{865A7423-1322-E68E-4604-BEB0EEBFB624}" = Catalyst Control Center Localization Norwegian
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B35344F-7FA4-B6BA-E64B-930A5BDB9585}" = Catalyst Control Center InstallProxy
"{9DF0196F-B6B8-4C3A-8790-DE42AA530101}" = SPORE™
"{9FFC6670-6711-387B-3566-7D0DA1808531}" = CCC Help Swedish
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A8176277-4272-EA16-CDAE-1E37C62E14B2}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9E38025-D8D8-FB5E-0DDB-12691243EF1F}" = CCC Help Norwegian
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AFE52E73-FADF-7AEC-9F2E-9C490C77AB61}" = Catalyst Control Center Localization German
"{B16469A5-D2FA-A0C8-D371-2F4C8D5707D4}" = CCC Help Finnish
"{B463846D-85B8-5B31-59BD-AA68307ECC69}" = CCC Help Spanish
"{B483D67F-8223-F1C5-1CBD-59B13676019E}" = CCC Help Greek
"{B7BA5747-159E-B1E7-B73D-E3B7575D783A}" = CCC Help Thai
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{BC4FBC02-B2B7-ACCA-C983-FFF31FC3C1C9}" = CCC Help Japanese
"{C08B098D-E9A6-649F-120D-9263C0527C2E}" = Catalyst Control Center Localization Swedish
"{C22EDAB3-B9C3-3189-6FE5-8DC4CFADED81}" = CCC Help Hungarian
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4FA4F86-63E8-9CD5-8CD3-25E4AC0E8861}" = Catalyst Control Center Localization Finnish
"{C63225DD-4956-D968-E563-30371AA23FD8}" = Skins
"{C7D5F833-4603-B3A3-4DB7-178022D73CC6}" = Catalyst Control Center Localization Dutch
"{CC4AD2ED-C8C8-6548-BAB0-59058B3FA658}" = Catalyst Control Center Localization Greek
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D04DA284-0680-277B-832E-B795D9302F8D}" = CCC Help Turkish
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D5B90069-DC5F-E482-D86A-B0CBBBD0E50E}" = CCC Help Russian
"{DF7A3C71-08FD-9154-BF1C-81BC491F4C2C}" = CCC Help French
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA78289C-35D1-10D4-CA0D-7C653B2E212A}" = Catalyst Control Center Localization Hungarian
"{EAE06CC6-8838-CA77-347C-BD3E9DEC6C93}" = Catalyst Control Center Localization Italian
"{EB18E9CE-A633-1192-BDF6-4EA15DA97785}" = Catalyst Control Center Graphics Light
"{ECA47E2A-51B0-2F2F-67D3-A2A0639092B1}" = Catalyst Control Center Localization Korean
"{ED5085E1-BA8E-1464-2E3D-400086526EDE}" = Catalyst Control Center Localization Thai
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2041
"{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}" = Byki
"{FFA58E6D-8053-18D7-C9BB-C76312C1E12C}" = CCC Help Korean
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Byki Standard" = Byki Standard
"Canon MP640 series User Registration" = Canon MP640 series User Registration
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DVDToMP3Ripper" = DVD To MP3 Ripper 2.1
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"eMachineShop_is1" = eMachineShop
"Estate Planner 2.0" = Estate Planner 2.0
"Family Lawyer 2000" = Family Lawyer 2000
"Free RAR Extract Frog" = Free RAR Extract Frog
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = InterVideo WinDVD 8
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Legal Search" = Legal Search
"LManager" = Launch Manager
"LTspice IV" = LTspice IV
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"Picasa 3" = Picasa 3
"Quicken 6 Deluxe" = Quicken 6 Deluxe
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Plain-Language Law Dictionary" = The Plain-Language Law Dictionary
"Transparent Language System" = Transparent Language System
"Ultravnc2_is1" = UltraVNC 1.0.5.6
"VLC media player" = VLC media player 1.1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/16/2010 5:59:24 PM | Computer Name = Moon | Source = WinMgmt | ID = 10
Description =

Error - 12/17/2010 4:49:50 PM | Computer Name = Moon | Source = WinMgmt | ID = 10
Description =

Error - 12/18/2010 8:58:49 AM | Computer Name = Moon | Source = EventSystem | ID = 4621
Description =

Error - 12/18/2010 9:24:12 AM | Computer Name = Moon | Source = EventSystem | ID = 4622
Description =

Error - 12/18/2010 9:24:12 AM | Computer Name = Moon | Source = EventSystem | ID = 4621
Description =

Error - 12/18/2010 2:53:17 PM | Computer Name = Moon | Source = EventSystem | ID = 4621
Description =

Error - 12/18/2010 4:09:06 PM | Computer Name = Moon | Source = EventSystem | ID = 4621
Description =

Error - 12/20/2010 1:26:15 PM | Computer Name = Moon | Source = EventSystem | ID = 4622
Description =

Error - 12/20/2010 1:26:15 PM | Computer Name = Moon | Source = EventSystem | ID = 4621
Description =

Error - 12/20/2010 7:20:45 PM | Computer Name = Moon | Source = EventSystem | ID = 4621
Description =

[ System Events ]
Error - 2/5/2010 4:21:42 PM | Computer Name = Moon | Source = DCOM | ID = 10016
Description =

Error - 2/6/2010 5:53:23 PM | Computer Name = Moon | Source = bowser | ID = 8003
Description =

Error - 2/8/2010 6:49:52 PM | Computer Name = Moon | Source = bowser | ID = 8003
Description =

Error - 2/10/2010 4:25:06 AM | Computer Name = Moon | Source = Service Control Manager | ID = 7000
Description =

Error - 2/10/2010 6:31:56 PM | Computer Name = Moon | Source = DCOM | ID = 10010
Description =

Error - 2/10/2010 6:31:56 PM | Computer Name = Moon | Source = DCOM | ID = 10010
Description =

Error - 2/10/2010 6:34:29 PM | Computer Name = Moon | Source = Service Control Manager | ID = 7000
Description =

Error - 2/12/2010 7:55:44 AM | Computer Name = Moon | Source = bowser | ID = 8003
Description =

Error - 2/12/2010 7:58:18 AM | Computer Name = Moon | Source = BROWSER | ID = 8032
Description =

Error - 2/13/2010 6:15:41 PM | Computer Name = Moon | Source = bowser | ID = 8003
Description =


< End of report >


i am a computer power user. any help is appreciated.

Edited by tonegeek, 07 January 2011 - 05:39 PM.

  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP