Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Win 7 virus I think


  • This topic is locked This topic is locked

#1
nativetexan2

nativetexan2

    Member

  • Member
  • PipPip
  • 57 posts
Extras Log File:

OTL Extras logfile created on: 4/6/2011 8:25:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Office Depot\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 36.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 48.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.29 Gb Total Space | 47.65 Gb Free Space | 33.02% Space Free | Partition Type: NTFS
Drive D: | 144.04 Gb Total Space | 143.91 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive F: | 698.64 Gb Total Space | 426.57 Gb Free Space | 61.06% Space Free | Partition Type: NTFS
Drive K: | 931.51 Gb Total Space | 876.52 Gb Free Space | 94.10% Space Free | Partition Type: NTFS

Computer Name: MAINCOMPUTER | User Name: Office Depot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07BFFA0E-FF08-4314-B0D0-2B0760273319}" = rport=138 | protocol=17 | dir=out | app=system |
"{0B5B0FA3-064B-47D6-9229-7F20F863CA76}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{25C3C7B9-4CD7-4C4D-8047-781CCA14A616}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3DB72460-C43D-4AC8-84C2-FB7E8AA4E5C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{40A2F936-7F88-4069-A026-BC5F333CD26E}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |
"{4852B9E7-DB7E-465B-BF81-FDFD2536C23A}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{489C675D-959E-4FEF-8D85-EB101B5957CF}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{4A2B5125-EC4F-401B-A22F-743E45A6EC28}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4BAC63C1-44E9-42F5-8094-9BD67A360D7D}" = rport=445 | protocol=6 | dir=out | app=system |
"{5CEFF725-CCD1-43AC-839D-CD056B3AAA14}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{73911CA6-D023-4731-A8C8-7D7F0578FB8A}" = rport=137 | protocol=17 | dir=out | app=system |
"{781D2AE0-0F97-47AC-B9CD-3F97AA771196}" = lport=137 | protocol=17 | dir=in | app=system |
"{8905094B-BAAE-470B-BCC3-B9F828F9A24C}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{8E83BF25-5DF3-4662-8DA5-25546BF2C258}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9175B8A7-93A6-4DD6-A7AE-45DBE67C9FC2}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{97DC5AF7-719D-4BF3-A58E-50EB87F8EB5B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9E37F318-0109-4CC7-A9AB-C5C4D197074F}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{A737CA55-36C3-40A9-9903-C91D8B108F0F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ABACE8EF-12E2-409E-B890-65D2BBC609CA}" = lport=445 | protocol=6 | dir=in | app=system |
"{AE2B74AC-91EA-4FF9-AE01-8B45BE9A9A32}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B0073C1D-1DF4-4F3B-98BC-EBC123CF3FD3}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B1905161-4067-46A7-BDFD-98E399D30AEE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{BCA65484-5C9F-4C68-81E9-C3688927815E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DCC75B5C-351A-49F8-8039-709C87C3C3B2}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DFF04D95-573E-4A25-BB3F-32749C81E493}" = lport=139 | protocol=6 | dir=in | app=system |
"{E2C7FE26-DB3F-4C14-8647-0EDB251AAC8D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E6C38520-2CB0-462C-BE38-D10666A77E76}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E9E5056A-0F82-4D24-96EC-3C9AF60911A6}" = lport=138 | protocol=17 | dir=in | app=system |
"{ECB1D5D4-1A62-4E4D-944F-67D9CA49540B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{036A3B73-D648-4D6A-BF70-19B86142F29D}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{05507238-EBAF-4B6C-B755-182D1581F47F}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{0B6ECD14-525E-422E-88D6-A43805EF18F1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{0F3241FD-55B5-4B80-A761-B0DE735BAD89}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{10559B3C-F5F1-4506-92CC-7966C2796F55}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{10DAFB14-8D9B-4B11-BB8D-0DC93F1163B4}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{13DC4E3E-79C6-4894-830E-2A4833B5A635}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{15CE96C6-BC1A-425A-81A3-F0843FBD6B7D}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{17AEDD11-6DE5-476F-9F57-C8595941B16A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{21AEE3D8-F5C0-4B82-B018-CEA347A98E5C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2424BBFC-DA74-4FA1-A988-DA7C7CD15A56}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{2842BE10-B2BE-49E7-A6A5-56EA08E4DF17}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2A9B4A7D-7681-48BA-AF34-3EAE5C2AB4D1}" = protocol=58 | dir=out | [email protected],-28546 |
"{2F93CBC3-8149-49C3-AF65-E9586C5E8E50}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{2FD796CD-827C-4BFA-87C2-391F171B5E62}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{3022A1BD-5906-40E6-8696-7888174E45A8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{34847FAE-9483-4EBB-8B49-D8372006F016}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{38729BA1-4378-44B3-9BDF-86B913719E00}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{3BE693F5-7130-4BC7-9A6C-4A6205845946}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{3BF92F22-92A6-4B04-8746-9F52460D36DC}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{3C4E973C-E4C0-4D22-8DF8-2223CE02C3F9}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{3E999AF6-D419-45F3-A291-51BD56A150A7}" = protocol=1 | dir=in | [email protected],-28543 |
"{3EBED986-5BD9-479C-9A1C-B1C24E10CE30}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{450BA434-C7CF-4CB5-82FF-FB98ACB9C057}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{475B3E77-EDDF-4BE8-9872-3EE2A2CCA3DC}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{4E5CB066-F571-4A4C-893E-522F9698D3E1}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{4EBBDE6D-C2C9-4899-A6F8-31C397CD5968}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{51FA69D6-BCAE-4ED8-B619-08DA81A49835}" = dir=in | app=e:\setup\hpznui01.exe |
"{52EAE075-BFC6-4499-B564-2A3179F01748}" = protocol=1 | dir=out | [email protected],-28544 |
"{53A279C9-94CB-4A8A-A6EE-DDEA81D23602}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{54DC87CE-21BD-4943-B7C3-8E63EBB4F7EC}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{56B857D5-7658-43F9-A74D-3DE17018B2A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57D22BF1-7D78-4154-8181-67CAD1FA3523}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5A3D4B71-67B2-4B63-A4DE-288968F276EE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5A8A8559-5669-4B81-B974-C8B3FBB6CFD7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{5EF7D966-ECAC-4E24-ABE7-3808F439347A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{630A577B-7FC1-4EE5-95E9-EE1CCF34F55C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1217564602\ee\aolsoftware.exe |
"{638AAEA9-E92F-475D-8609-DAD3C12661B1}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{6930726A-5771-4096-8C4A-E49A192530B9}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{702A97E0-F685-4D27-8BC2-8E2109319E1B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{71E5EBB0-7CBD-41B9-95E4-04EE99FF4A28}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1217564602\ee\aolsoftware.exe |
"{737FFFEE-FAD8-4D03-BA71-6E397860660D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73CC74D6-31D2-4A38-9EFF-3F227D54A531}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{74027377-7E08-40B5-9877-6232F2B5C24F}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{7495F16C-D43B-4EA1-9E0E-4DA369270A3D}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{7697B367-DF3F-4900-A385-5C52E7C34B61}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{77562CDA-B59F-4B91-8FDA-4A746014A916}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77B1F8FF-2DC4-4D63-A990-1C244E95EFC8}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{7821505B-EA7C-48DA-9DC9-B014164974E2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{784E97C5-D2C8-40FF-A3B5-DABDF263E990}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7890EA34-544C-4947-B410-B6ABD0CD3367}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{78C1C8B1-ED73-4492-8D72-44888598561A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7919EAE8-EB68-4ACE-A0DE-F8400BE4931F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{7C1A78EC-838F-43E5-BE92-053FA0CCF180}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{7D3A4FB9-06C1-439A-B1CA-864C960504C2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{7ED38501-5231-4781-91F0-500B2C93CB17}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{7F7AD478-03C4-4125-9F7D-ECF27D191B67}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{81F2CB2C-0D89-431B-9136-65592878CC70}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{82DE3839-7131-4E3C-B2E5-525AE4D60092}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{84CB691F-9518-4720-8540-A543118DB746}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{85A302DC-90FC-444F-9365-A265055611E6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{85B30592-2319-4109-8DA6-186FD76841D6}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{875F396C-6B61-472A-9BAA-3FEC923BB975}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{89CB2DFD-A4C5-46E5-A8CF-4BC9ED54D7B4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{8A373027-3787-4852-9F80-3AD87F8321A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{8FEEC1D1-4213-4FDE-BD8B-30AEFCF6F06F}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{937F3CCC-044F-40C2-9ADC-8681E0F31FDD}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{968871DE-8189-45BD-A9B4-9939E1B2BA14}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{97D3C119-531D-48BD-AEAE-24FE6880CFAD}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{9971AF25-27ED-4559-AEB1-EE1F34583A52}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{A198FD7E-A3D1-4317-A9C6-69B407593935}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{A2D351A8-2F25-46B6-B42C-3D38C95428C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3B67C9E-41D7-4610-A176-CEE5758E2622}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{A73F1BA0-F857-4C1A-A683-2543BDC41419}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{A9437DB6-06D7-4B60-A74D-4BBE322260C6}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{AB0A967B-C94B-4568-A625-A63B06710B56}" = protocol=58 | dir=in | [email protected],-28545 |
"{AD6D0236-0842-4C56-A1D0-D080BAEFEDA4}" = protocol=6 | dir=in | app=c:\windows\temp\~os6a86.tmp\rlvknlg.exe |
"{AE3FEE78-BF7E-4A6E-BBCF-592942DE9E9C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{B4345AD1-0D5B-4AE2-975D-7F59FA356C5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{B49D073F-FE72-4F7D-A349-952157574EDB}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{B4C40AD5-AB9E-415E-BC5C-8BAD37273E44}" = protocol=6 | dir=in | app=c:\program files\aim7\aim.exe |
"{B74A9B48-AE6A-476C-AB49-9CB3D4E074A1}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{BDE17F0C-915D-463B-9E8E-BFF22C6EE1AB}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{BF2F9F6D-9453-494D-9025-545C781E2C75}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{C08A6CAB-2C8B-42DB-A25C-E5F7A9C5EF2F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C15226BF-E8CB-4679-B62F-5C812569AAE3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{C17933F7-5BE0-470D-A802-54359459E77D}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{C6C39252-A23C-4802-AA01-F25E13C46392}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{CE47B956-C137-46AA-8EBD-8937F47CB507}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{D1741034-D663-49D3-AAC0-935DC87C194F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D5646571-1D27-4092-9EF1-1B270F38D329}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D5ABAF88-F22B-4EB1-9687-F3A9906D99F3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D94CDE77-7ADE-438D-ADCD-B8D481939752}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{DC673934-7E4D-4DBD-9D7E-479063E2BCE5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DDECFC1A-943C-475A-86AC-067A006AEF12}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E33715D5-3E44-4CC4-9F02-4ECBF1025D1B}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{E3EE33CC-B1E0-47C0-B55E-9DE87166D4E7}" = protocol=17 | dir=in | app=c:\program files\aim7\aim.exe |
"{E8106789-5E96-48B3-A380-679CD4739868}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{E813ACD2-3204-4713-913C-2B618C3DBDC9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E8BE82B0-DEEA-4B0F-9DCF-3F695F4FFE7A}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{E9A58426-59F6-4D48-8290-41AC89E55B90}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{EDFE95DC-538D-4A77-9F86-036EAF0F008C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{EF56780F-D30D-4E07-8394-0A2262537826}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{F04004BF-1DEA-4FFB-A01E-18365CADB035}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2BD437C-0766-4D3E-930B-0535E5515045}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F77C497B-598A-4494-B8B9-4074CE1DC9BF}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{F7E57563-B9B8-4643-8C2A-B1493F0459E7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{F857D19D-F60D-49C1-B06C-14BEE8FD1B12}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{F9562BEB-2510-4980-9475-D9AB88429A06}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FA7D414D-531B-407C-9896-FA31A462A639}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{FAC4D070-9E50-499A-8687-2635FD88149B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FB6CAB6D-A385-4FB2-A674-93DE80177B73}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{FBEEBDA8-BD89-48CB-B267-6A4A9B6C8BEF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FEED0C5F-2AA6-44D5-BB3B-DE291C36D0E7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{45E372E7-B944-4278-9AA7-1DE78FD98A40}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{67477B66-4A51-4321-B2F9-6E74C38D8814}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"TCP Query User{6AB77250-E3EA-4AD9-B61E-5A992BCAF68B}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{760C4DBB-8F45-4A62-B2B4-42F864970270}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"TCP Query User{E15E9940-6514-4A20-8616-03572C84A23A}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"TCP Query User{F9E126DF-AF8B-4F05-AF6C-F6D3FAE21D55}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7F22068E-42AF-4BDF-89A1-B76F599612BE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{984533E2-C571-4B58-870B-FF7B6D9BAA56}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"UDP Query User{9BD8F6BB-72C5-4AAC-B660-AA92C610271E}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"UDP Query User{CA567625-ED17-4DC0-AA2A-DE890B4F6D7C}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{CF22B85A-79D6-4ACB-8633-6E8FCBDD374D}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{F8F3B0A7-C1F7-47AB-898D-FD368D8518AF}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FB3E48-4459-4986-BBE5-945B063B1E58}" = Help 2.0
"{0478A597-5B05-5671-B594-27427A642AE5}" = CCC Help Chinese Traditional
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07760C24-3C41-4C64-9A1D-1CF8D281060A}" = PG583_install_V6_1_32_36_vista
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0856323C-4103-4658-C5A8-FB16ED3079F5}" = Catalyst Control Center Localization Greek
"{08AD32A8-D704-4FC8-DB04-CA90A373D9C3}" = Catalyst Control Center Localization Portuguese
"{08DEC21F-F7E5-46F9-81D1-3ED30BD3AEC9}" = CASIO USB Driver V1.2.2474.0623
"{0A23CBF1-CCB0-B411-6A7A-A177E376BF70}" = Catalyst Control Center Localization Danish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E92F644-6E11-8FE3-1BFC-5DB09A79F9B3}" = CCC Help Japanese
"{0ECD1EB9-CBB5-09BA-5947-74CBDA3011FC}" = CCC Help Spanish
"{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}" = Microsoft IntelliType Pro 7.1
"{12EDCFD1-E000-F4F2-A3E6-A6C15D0F8A63}" = Catalyst Control Center Graphics Previews Vista
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BDBEDD-5264-29E1-1BFB-6F64FD943596}" = CCC Help Czech
"{1AFA55D1-EA04-9E87-4537-929E66B60D69}" = CCC Help Russian
"{1C028265-E8D7-751F-246F-9FD52CD237A8}" = Catalyst Control Center Localization Hungarian
"{1CCB52B9-FB58-0729-5C26-E8F8B3162043}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FA97774-2351-8DF4-7853-BEB20C726DFB}" = Catalyst Control Center Localization Russian
"{1FB9A0D0-DC5C-B75A-36EE-414706846CC2}" = Catalyst Control Center Localization Italian
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20308457-CE7C-85A9-1B8F-6C521B2B4CCF}" = CCC Help Hungarian
"{213ABE23-10B9-F45F-DC87-63DACAD40C0D}" = Skins
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24C7254F-C2D5-22FC-7C7C-F17E4894530E}" = CCC Help Italian
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 23
"{28FD3796-5271-EF11-DA27-2939ACA62515}" = CCC Help Greek
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29456613-49DE-D48C-10E6-06AD36EEE3D7}" = CCC Help Norwegian
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{31C4615C-45C3-776C-AE54-9CE4B76E9DD1}" = CCC Help Korean
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3304276B-6134-44BD-8D87-F06A13AE2AFE}" = Music Oasis
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C1AC91-2D4A-59C1-6875-B3692D1E0365}" = Catalyst Control Center Localization Chinese Standard
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35B30E03-B947-49C8-9818-5820E249119D}" = MarMike5
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{38189804-0D18-4469-8BE6-CC16C4E1B2A5}" = WModem_Installer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EB351F3-CCFD-4BB4-90D2-FDE5A125C87B}" = My Old YearbookTM CD
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{416D1B47-451B-435A-8441-12A9F33AE860}" = Lotto Buster 2010
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Apricorn EZ Gig II
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4708942C-76A1-ECC8-5B3D-0D412D68DF24}" = Catalyst Control Center Localization Dutch
"{471BB1D9-6F59-4093-B46D-373772D5C111}" = Far Cry Demo
"{47247CC1-1221-9449-B4EF-8C9F6D02C1A0}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"{4E084313-093F-5947-CEB9-DE41FD24EF1B}" = Catalyst Control Center Localization Czech
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{4F78B943-3CE1-410F-BC3A-FC65C3EB1F89}" = YUAN PE585QA Driver
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{52F4AC33-36D4-78D2-E694-7AAC07CD6C5A}" = Catalyst Control Center Graphics Light
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59FD9D9B-29F9-7572-C2B1-30B65AB2BC29}" = Catalyst Control Center Localization Japanese
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{5D51C5DC-3604-4C3B-981B-309340755447}" = Pantech Handset Driver
"{5D976966-B187-E4D5-5AF1-23C54556E173}" = CCC Help German
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min
"{6AD90C4B-89D3-5961-F13F-835E73DA1082}" = ccc-utility
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}" = Microsoft IntelliPoint 7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8109E5E7-A23D-4B67-A26D-7DAC358D46A2}" = Soluto
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113644907}" = Gold Miner Vegas
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{856D0363-1C0A-1562-46E7-A9ECABC8DF78}" = CCC Help Polish
"{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CCFDB06-9B09-12D7-F1D4-1E22AC7583E0}" = Catalyst Control Center Localization Finnish
"{8D982E57-BF86-BEE7-3944-BD346EFE6A24}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FAE8DE8-A63C-F5DE-D9F7-E011BBD44C32}" = CCC Help Turkish
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90260409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Web Components
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0D21ABE-D004-5F89-4485-1BF4C7B3D66A}" = Catalyst Control Center Graphics Full Existing
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A37978CF-6E03-238A-6571-7EA53B8FAE1B}" = Catalyst Control Center Localization Norwegian
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A830CA28-932E-6081-EEAA-31A6173DCA23}" = CCC Help Finnish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A980B2A8-661F-35CD-4C3C-8EECE2F5F5D1}" = Catalyst Control Center Localization Korean
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ADD72094-D289-4714-A62E-70574478A2BC}" = System Requirements Lab for Intel
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF04309C-7CFC-C0F4-8A75-5135AF07FD1A}" = ccc-core-static
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B20A9F0F-9504-A107-E381-E956CE96EE86}" = Catalyst Control Center Localization Chinese Traditional
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{B2460671-BD25-4C1C-ACB7-FBD4967365FE}" = Samsung_I500 1.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3AEF776-7FFF-4C50-A402-9119E3849EE0}" = AVG 2011
"{B3BCCEC8-58B0-4B2A-0B25-2DF887F06E55}" = CCC Help Danish
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B5CCC9F7-3D21-B444-7EB4-235C1E0AC551}" = CCC Help Dutch
"{B64BC516-2406-43AE-A21A-1E387A2343B1}" = ContentManager
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BB51F026-06AC-4F5D-B18C-4E99ED18E477}" = BlackBerry_9330 1.0
"{BC24FA40-8A7A-42FF-0B9A-5FB02E2A5536}" = CCC Help Thai
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C7D86D8E-8C33-4A42-B401-3BABDB4E91C7}" = VCAST Media Manager Update 1.0.0.1
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCA08326-B1CA-A2A7-10A1-EA1978847514}" = Catalyst Control Center Localization German
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDD3ACE0-7C01-10C8-495D-831EB9375095}" = Catalyst Control Center Localization Thai
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{D6093905-1B7B-D236-2054-CC0B3E08B413}" = ATI Catalyst Install Manager
"{D7BFE046-4862-AF73-0FB9-E3723BDFDE40}" = CCC Help French
"{DBED8673-81E5-7763-F3E5-887E43F2E428}" = CCC Help English
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC9A7C58-A8A8-0B6D-F1FA-6A35DE82A8E7}" = CCC Help Chinese Standard
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3FECA8-82DD-B597-80EB-6236918FFABB}" = Catalyst Control Center Localization Polish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E16BEE5B-82E8-574E-786F-B21DC03E7091}" = Catalyst Control Center Localization Spanish
"{E32DF02F-0C8F-DE2F-9E76-4EA3960D7083}" = Catalyst Control Center Localization Turkish
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"{E7269FD6-34EA-4617-8752-6739AA384080}" = V CAST Media Manager
"{E8302B10-2762-1C24-596C-ED5FFBA1E041}" = Catalyst Control Center Localization French
"{E89D78B8-28F7-412F-8B26-C684739CBBDC}" = Palm Desktop
"{E940B035-8220-4C6B-C064-D6E4424553FC}" = Catalyst Control Center Graphics Full New
"{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FB068BA4-C6EA-4D47-A491-C40E23E77F89}" = Motorola Driver Installation 3.9.0
"{FDF64A37-4842-48CD-A424-2C38444D36FD}" = LG Android Drivers
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEA4C854-4B15-2FD3-BDE8-9654EC55AB72}" = Catalyst Control Center Localization Swedish
"7-Zip" = 7-Zip 4.57
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Agogo FLV to DVD Converter Free_is1" = Agogo FLV to DVD Converter Free 8.49
"AIM_7" = AIM 7
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Pictures" = AOL Pictures Tools (version 10.6.0.8)
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AVG" = AVG 2011
"Belarc Advisor" = Belarc Advisor 7.2
"BlackBerry_{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"Core FTP LE 2.1" = Core FTP LE 2.1
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"DB77CFA42983BD7D1CD0FB829CC6F71BEA49C472" = Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (08/19/2007 6.1.32.36)
"Debut" = Debut Video Capture Software
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0042)
"ESET Online Scanner" = ESET Online Scanner v3
"FlashLynx" = FlashLynx Video Download Software
"GoldenVideos" = Golden Videos
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HTC_WModemDriver" = WModem Driver Installer
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{471BB1D9-6F59-4093-B46D-373772D5C111}" = Far Cry Demo
"InstallShield_{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"InstallShield_{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"LimeWire" = LimeWire 5.5.16
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Ogg Codecs" = Ogg Codecs 0.81.15562
"Pixillion" = Pixillion Image Converter
"RealPlayer 12.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"support.com Support Connection" = support.com Support Connection
"ToolBox" = NCH Toolbox
"TurboTax 2010" = TurboTax 2010
"TVEpaDrv" = KWorld USB 2860 Device Driver
"VideoPad" = VideoPad Video Editor
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/10/2011 5:33:54 AM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2011 1:06:41 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application stxmenumgr.exe, version 4.7.0.10, time stamp
0x49fb68a3, faulting module MFC80U.DLL, version 8.0.50727.4053, time stamp 0x4a595928,
exception code 0xc0000005, fault offset 0x0003d148, process id 0x1048, application
start time 0x01cbc905af1bd9b0.

Error - 2/18/2011 2:06:16 PM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 2/19/2011 2:09:43 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module Flash10m.ocx, version 10.2.152.26, time stamp 0x4d4b5d09,
exception code 0xc0000005, fault offset 0x001785db, process id 0xaec, application
start time 0x01cbd05776f14898.

Error - 2/20/2011 10:13:38 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module mshtml.dll, version 8.0.6001.19019, time stamp 0x4d0c53b1,
exception code 0xc0000005, fault offset 0x000a0f31, process id 0xab4, application
start time 0x01cbd169abbe72b8.

Error - 2/26/2011 3:45:14 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 6.0.6002.18294, time stamp
0x4c6a9898, faulting module SNAGITPT.DLL_unloaded, version 0.0.0.0, time stamp
0x4ad73a43, exception code 0xc0000005, fault offset 0x0373c9dd, process id 0x4ac,
application start time 0x01cbcf966d60c8b0.

Error - 2/26/2011 4:12:03 PM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 3/6/2011 12:35:30 PM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 3/14/2011 1:03:06 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module mshtml.dll, version 8.0.6001.19019, time stamp 0x4d0c53b1,
exception code 0xc0000005, fault offset 0x000a0f31, process id 0x177c, application
start time 0x01cbe2675b185020.

Error - 3/16/2011 4:23:03 AM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 4/29/2009 11:33:51 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/6/2009 3:26:21 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/17/2010 9:07:14 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/1/2010 9:03:25 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 4/5/2011 12:50:17 AM | Computer Name = MainComputer | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:40:39 PM on 4/4/2011 was unexpected.

Error - 4/5/2011 12:51:00 AM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =

Error - 4/6/2011 1:37:42 AM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =

Error - 4/6/2011 8:42:07 AM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:08:10 AM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:24:37 AM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =

Error - 4/6/2011 10:26:23 AM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:17:00 PM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:22:02 PM | Computer Name = MainComputer | Source = Print | ID = 19
Description = The print spooler failed to share printer HP DeskJet820Cse with shared
resource name HP DeskJet 820Cse. Error 2114. The printer cannot be used by others
on the network.

Error - 4/6/2011 9:22:59 PM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

Advertisements


#2
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
See following post

Edited by nativetexan2, 07 April 2011 - 12:14 AM.

  • 0

#3
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
See Following Post

Edited by nativetexan2, 07 April 2011 - 12:16 AM.

  • 0

#4
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
See Following Post

Edited by nativetexan2, 07 April 2011 - 12:17 AM.

  • 0

#5
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
See Following Post

Edited by nativetexan2, 07 April 2011 - 12:18 AM.

  • 0

#6
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
See Following Post

Edited by nativetexan2, 07 April 2011 - 12:19 AM.

  • 0

#7
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
See Following Post

Edited by nativetexan2, 07 April 2011 - 12:21 AM.

  • 0

#8
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
OTL Log File

OTL logfile created on: 4/6/2011 8:25:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Office Depot\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 36.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 48.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.29 Gb Total Space | 47.65 Gb Free Space | 33.02% Space Free | Partition Type: NTFS
Drive D: | 144.04 Gb Total Space | 143.91 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive F: | 698.64 Gb Total Space | 426.57 Gb Free Space | 61.06% Space Free | Partition Type: NTFS
Drive K: | 931.51 Gb Total Space | 876.52 Gb Free Space | 94.10% Space Free | Partition Type: NTFS

Computer Name: MAINCOMPUTER | User Name: Office Depot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
PRC - [2011/03/06 11:53:05 | 000,234,656 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10n_ActiveX.exe
PRC - [2011/01/12 21:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2011/01/07 02:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 02:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 16:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 17:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 17:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/22 12:00:58 | 000,330,784 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/07/20 00:39:24 | 000,020,480 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
PRC - [2010/04/06 22:32:40 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/05/21 20:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/03 04:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2007/10/09 13:33:10 | 001,949,480 | ---- | M] (Apricorn) -- C:\Program Files\Apricorn\EZ Gig II\TimounterMonitor.exe
PRC - [2007/09/10 17:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/05/31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
PRC - [2007/03/15 18:16:42 | 000,454,784 | ---- | M] (Linksys, a Division of Cisco Systems, Inc.) -- C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe


========== Modules (SafeList) ==========

MOD - [2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/09/22 12:00:58 | 000,330,784 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/07/07 21:46:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/07/21 16:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [On_Demand | Stopped] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008/07/13 23:39:22 | 000,382,240 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/01/25 21:49:04 | 000,269,448 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008/01/03 04:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/12/19 21:09:22 | 000,024,576 | ---- | M] () [Disabled | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/10/17 13:38:20 | 000,028,672 | ---- | M] () [Disabled | Stopped] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007/10/09 13:24:32 | 000,410,856 | ---- | M] (Apricorn) [On_Demand | Stopped] -- C:\Program Files\Common Files\Apricorn\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/09/10 17:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/12/08 05:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 14:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/22 11:52:54 | 000,183,240 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\PCGenFAM.sys -- (PCGenFAM)
DRV - [2010/09/13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2009/11/05 15:35:25 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/04 17:48:48 | 000,400,560 | ---- | M] (Apricorn) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/07/04 17:48:48 | 000,039,376 | ---- | M] (Apricorn) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/07/04 17:48:46 | 000,120,688 | ---- | M] (Apricorn) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/08/30 06:58:16 | 003,929,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/11/06 12:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007/11/06 12:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007/07/03 12:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007/05/09 21:51:34 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/09 21:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007/05/09 21:46:48 | 000,014,112 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/05/03 13:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007/03/22 12:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 12:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2007/01/29 07:20:04 | 000,361,728 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/01/29 07:19:48 | 000,039,680 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 02:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/30 13:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2004/04/13 17:03:46 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://en.us.acer.yahoo.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E1 64 E2 E1 F6 1A CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {7A6B31EE-8F70-4549-93F5-B29CA7B3C093}:1.9.1
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209

FF - HKLM\software\mozilla\Firefox\Extensions\\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093}: C:\Users\Office Depot\AppData\Local\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093} [2011/03/26 01:17:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/31 09:41:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/17 02:44:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/21 23:34:11 | 000,000,000 | ---D | M]

[2010/12/16 09:02:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Office Depot\AppData\Roaming\mozilla\Extensions
[2009/04/25 18:29:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Office Depot\AppData\Roaming\mozilla\Extensions\[email protected]
[2010/12/27 21:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Office Depot\AppData\Roaming\mozilla\Firefox\Profiles\4532al2u.default\extensions
[2011/04/03 19:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/14 11:22:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/31 09:41:27 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/03/26 01:17:12 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\OFFICE DEPOT\APPDATA\LOCAL\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093}
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/03/26 01:40:21 | 000,000,296 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.8minutedating.com
O1 - Hosts: 127.0.0.1 whysohardx.com
O1 - Hosts: 127.0.0.1 protectyourpc-11.com
O1 - Hosts: 127.0.0.1 checkserverstatux.com
O1 - Hosts: 127.0.0.1 xinmin.cn
O1 - Hosts: 127.0.0.1 xy95.cn
O1 - Hosts: 127.0.0.1 koralda.com
O1 - Hosts: 127.0.0.1 weirden.com
O1 - Hosts: 127.0.0.1 nanocloudcontroller.com
O1 - Hosts: 127.0.0.1 coo0lnet.net
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - File not found
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Apricorn\EZ Gig II\TimounterMonitor.exe (Apricorn)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - Startup: C:\Users\Office Depot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: bikebarn.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: openmyeyeslord.net ([www] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} http://fpdownload2.m...ash/swflash.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail....NPUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {6BAB93B7-1917-4214-A7D2-874FA6DB4740} http://o.aolcdn.com/...ns.10.6.0.8.cab (AOL Newport Editor Ctrl)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...tel_4.3.1.0.cab (SysInfo Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail....NPUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Apricorn)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/04 01:10:33 | 000,000,055 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/11/02 22:47:20 | 000,000,067 | ---- | M] () - K:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{40844fa0-595a-11dd-b6a0-001c2587e739}\Shell\AutoRun\command - "" = M:\setupSNK.exe
O33 - MountPoints2\{40844fa3-595a-11dd-b6a0-001c2587e739}\Shell - "" = AutoRun
O33 - MountPoints2\{40844fa3-595a-11dd-b6a0-001c2587e739}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{733f7b79-9e60-11dd-8194-00038a000015}\Shell\AutoRun\command - "" = L:\LinksysConnectPC.exe
O33 - MountPoints2\{7cacc7a1-d574-11df-aeeb-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{7cacc7a1-d574-11df-aeeb-00038a000015}\Shell\AutoRun\command - "" = M:\TL-Bootstrap.exe
O33 - MountPoints2\{d0acd093-f998-11de-87bb-00038a000015}\Shell\AutoRun\command - "" = L:\Programs\nu2menu\nu2menu.exe
O33 - MountPoints2\{d40da054-ff30-11de-a8a3-00038a000015}\Shell\AutoRun\command - "" = L:\DmailerSync_v9_0_15109.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe - (Acer Inc.)
MsConfig - StartUpReg: Acer Assist Launcher - hkey= - key= - C:\Program Files\Acer Assist\launcher.exe ()
MsConfig - StartUpReg: Acer Empowering Technology Monitor - hkey= - key= - C:\Acer\Empowering Technology\SysMonitor.exe ()
MsConfig - StartUpReg: Acer Product Registration - hkey= - key= - C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: PCMMediaSharing - hkey= - key= - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WindowsWelcomeCenter - hkey= - key= - File not found
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: SolutoService - C:\Program Files\Soluto\SolutoService.exe (Soluto)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SolutoService - C:\Program Files\Soluto\SolutoService.exe (Soluto)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: SupportSoft RemoteAssist - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0739DE2-571F-11D2-A031-0060977F760C} - InterActual PCFriendly ActiveX Control
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel® Corporation)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yvu9 - C:\Windows\System32\Iyvu9_32.dll ()
Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.
  • 0

#9
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
OTL Log File

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/04/06 00:47:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
[2011/03/26 03:09:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/03/26 01:17:11 | 000,000,000 | ---D | C] -- C:\Users\Office Depot\AppData\Local\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093}
[2011/03/22 16:32:42 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/22 16:32:41 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/20 13:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/20 13:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/09 09:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2010
[2011/03/08 16:50:19 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/08 16:50:19 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/08 16:50:19 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/08 16:50:19 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2008/03/20 02:38:36 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[1 C:\Users\Office Depot\Desktop\*.tmp files -> C:\Users\Office Depot\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/06 20:28:16 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/06 20:28:16 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/06 20:23:48 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{778E61E6-1D2E-4282-8402-E15FD89B81C9}.job
[2011/04/06 20:22:02 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/06 20:22:02 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/06 20:22:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/06 20:21:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/06 20:21:31 | 1878,515,712 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/06 09:16:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/06 07:07:08 | 111,767,864 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
[2011/04/05 08:29:49 | 000,338,965 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/04/04 23:15:07 | 000,009,610 | -HS- | M] () -- C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
[2011/04/04 20:17:03 | 000,001,935 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/04/04 15:30:25 | 000,009,920 | -HS- | M] () -- C:\ProgramData\j638u7q3443b5j
[2011/04/04 13:27:12 | 000,009,892 | -HS- | M] () -- C:\Users\Office Depot\AppData\Local\j638u7q3443b5j
[2011/04/04 13:25:53 | 183,749,961 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/02 12:07:07 | 000,012,800 | ---- | M] () -- C:\Users\Office Depot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/01 20:51:55 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/04/01 20:48:33 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-3635493022-1987165414-2180967125-1000.job
[2011/03/31 19:36:52 | 000,000,120 | ---- | M] () -- C:\Users\Office Depot\AppData\Local\Lcabu.dat
[2011/03/31 19:36:52 | 000,000,000 | ---- | M] () -- C:\Users\Office Depot\AppData\Local\Dgehedi.bin
[2011/03/31 09:42:49 | 000,000,794 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/03/21 09:09:04 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Vid HD.lnk
[2011/03/20 13:46:51 | 000,001,628 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/16 03:22:17 | 000,398,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/03/09 22:05:23 | 000,002,483 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2010.lnk
[2011/03/07 23:23:38 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[1 C:\Users\Office Depot\Desktop\*.tmp files -> C:\Users\Office Depot\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/04 23:12:13 | 000,009,610 | -HS- | C] () -- C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
[2011/04/04 11:43:59 | 000,009,892 | -HS- | C] () -- C:\Users\Office Depot\AppData\Local\j638u7q3443b5j
[2011/04/03 23:00:58 | 000,009,920 | -HS- | C] () -- C:\ProgramData\j638u7q3443b5j
[2011/04/01 18:56:48 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-3635493022-1987165414-2180967125-1000.job
[2011/03/26 03:08:54 | 183,749,961 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/03/26 01:17:13 | 000,000,120 | ---- | C] () -- C:\Users\Office Depot\AppData\Local\Lcabu.dat
[2011/03/26 01:17:13 | 000,000,000 | ---- | C] () -- C:\Users\Office Depot\AppData\Local\Dgehedi.bin
[2011/03/20 13:46:51 | 000,001,628 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/09 09:15:17 | 000,002,483 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2010.lnk
[2010/10/24 20:37:53 | 000,012,800 | ---- | C] () -- C:\Users\Office Depot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/29 19:52:38 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/08/07 16:31:10 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/07/20 00:39:25 | 000,081,920 | R--- | C] () -- C:\Windows\bwUnin-6.1.4.68-8876480L.exe
[2010/02/26 09:27:22 | 000,000,088 | ---- | C] () -- C:\Users\Office Depot\AppData\Roaming\usb.inf
[2010/01/21 23:17:12 | 000,002,739 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/01/21 22:42:14 | 000,023,115 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/01/14 00:51:36 | 000,196,147 | ---- | C] () -- C:\Windows\hpoins41.dat
[2009/10/08 19:00:29 | 000,000,000 | ---- | C] () -- C:\Windows\PCFriend.INI
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/10/05 23:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/09/11 02:04:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 02:04:08 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/07 21:41:10 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/06/04 19:14:55 | 000,001,253 | ---- | C] () -- C:\Windows\hpomdl41.dat
[2009/04/25 17:48:49 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI
[2009/04/25 17:40:31 | 000,000,341 | ---- | C] () -- C:\Windows\PowerReg.dat
[2009/02/02 23:49:53 | 000,001,279 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
[2009/01/24 13:23:48 | 000,000,132 | ---- | C] () -- C:\Users\Office Depot\AppData\Roaming\wklnhst.dat
[2009/01/22 03:05:42 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/08/16 23:44:18 | 000,001,028 | ---- | C] () -- C:\Users\Office Depot\AppData\Roaming\WavCodec.wff
[2008/08/14 18:40:42 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/08/01 19:06:36 | 000,000,464 | ---- | C] () -- C:\Windows\REGENUNINS.INI
[2008/08/01 19:06:14 | 000,003,702 | ---- | C] () -- C:\Windows\REGENCALL.INI
[2008/07/31 23:11:20 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/07/31 22:34:10 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/26 13:57:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/03/20 02:39:41 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008/03/20 02:39:41 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008/03/20 02:38:36 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008/03/19 20:41:59 | 000,024,576 | ---- | C] () -- C:\Windows\NEWSETAPANEL.EXE
[2008/03/06 00:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/02/26 03:03:46 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/02/26 03:03:26 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/02/26 03:03:25 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/02/26 01:23:01 | 000,001,047 | ---- | C] () -- C:\Windows\generic.ini
[2008/02/26 01:23:01 | 000,000,128 | ---- | C] () -- C:\Windows\Alaunch.ini
[2008/02/26 01:22:58 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/02/26 01:22:58 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/12/28 02:22:04 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007/05/09 20:35:54 | 000,057,126 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,398,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004/09/28 07:38:30 | 000,114,688 | ---- | C] () -- C:\Windows\System32\wmatimer.dll
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\System32\indounin.dll
[1998/10/11 02:07:38 | 000,088,576 | ---- | C] () -- C:\Windows\System32\Iticheck.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/09/13 15:33:35 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/04/20 13:23:48 | 000,315,904 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70w.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2006/10/19 12:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Normal).scr
[2006/10/19 12:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Wide).scr
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 21:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/05/25 22:51:05 | 000,000,286 | -HS- | M] () -- C:\Users\Office Depot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
[1 C:\Users\Office Depot\Desktop\*.tmp files -> C:\Users\Office Depot\Desktop\*.tmp -> ]

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2010/07/19 11:41:22 | 001,063,320 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Office Depot\gotomypc_533.exe
[2011/02/25 09:02:44 | 001,062,984 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Office Depot\gotomypc_540.exe

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2009/09/14 00:02:12 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
[2009/09/14 00:01:42 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/03 14:35:07 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/03 14:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/03 14:35:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/03 14:35:08 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/04/20 12:35:29 | 000,000,402 | -HS- | M] () -- C:\Users\Office Depot\Favorites\desktop.ini
[2011/04/01 18:55:16 | 000,000,450 | ---- | M] () -- C:\Users\Office Depot\Favorites\NCH Audio and Telephony Software Page.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/04/04 23:15:07 | 000,009,610 | -HS- | M] () -- C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
[2010/01/21 22:42:52 | 000,001,581 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2011/04/04 15:30:25 | 000,009,920 | -HS- | M] () -- C:\ProgramData\j638u7q3443b5j
[2010/09/29 19:52:38 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/04/01 20:51:55 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010/12/18 01:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2009/04/11 01:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2010/12/31 08:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >
[2008/08/30 03:56:14 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2009/10/07 01:23:08 | 000,013,584 | ---- | M] () -- C:\Windows\System32\drivers\iKeyLFT2.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009/04/20 13:23:48 | 000,315,904 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70w.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/02/26 01:24:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/07/04 01:06:06 | 000,020,657 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/04/06 20:21:31 | 1878,515,712 | -HS- | M] () -- C:\hiberfil.sys
[2008/07/25 00:44:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/20 00:39:31 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log
[2007/06/28 03:44:50 | 000,000,512 | ---- | M] () -- C:\MDR.iss
[2008/07/25 00:44:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/04/06 20:21:30 | 2192,326,656 | -HS- | M] () -- C:\pagefile.sys
[2008/04/20 12:35:12 | 000,000,471 | ---- | M] () -- C:\RHDSetup.log
[2010/07/04 00:20:08 | 000,000,429 | ---- | M] () -- C:\rkill.log
[2009/01/22 01:41:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/01/22 01:41:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/01/22 01:41:13 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/01/22 01:41:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/01/22 01:41:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/01/22 01:43:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/01/22 01:43:55 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/01/22 01:44:36 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/01/22 01:44:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/01/22 01:44:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/01/22 01:45:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/01/22 01:46:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/01/22 01:48:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/01/22 01:50:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/01/22 01:40:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/01/22 01:40:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/01/22 01:40:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/01/22 01:40:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/01/22 01:41:02 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/01/22 01:41:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/01/22 01:41:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/01/22 01:41:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/01/22 01:41:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/01/22 01:41:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/01/22 01:41:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/01/22 01:43:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/01/22 01:43:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/01/22 01:44:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/01/22 01:44:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/01/22 01:44:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/01/22 01:45:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/01/22 01:46:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/01/22 01:48:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/01/22 01:50:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/01/22 01:40:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/01/22 01:40:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/01/22 01:40:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/01/22 01:40:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/01/22 01:41:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/01/22 01:41:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2008/07/25 23:20:52 | 000,000,152 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2010/01/21 22:59:22 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2008/02/26 03:10:23 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Arcade Live
[2008/03/20 02:33:06 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Assist
[2009/01/24 20:02:50 | 000,000,000 | ---D | M] -- C:\Program Files\Acer GameZone
[2008/03/20 02:39:39 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Inc
[2008/03/20 02:33:05 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Registration
[2008/02/26 02:56:14 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/10/11 15:30:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/09/18 23:01:42 | 000,000,000 | ---D | M] -- C:\Program Files\Agogo FLV to DVD Converter
[2008/07/31 23:04:31 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2008/08/01 00:33:16 | 000,000,000 | ---D | M] -- C:\Program Files\AIM+
[2010/08/01 09:38:58 | 000,000,000 | ---D | M] -- C:\Program Files\AIM7
[2008/08/01 20:36:27 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2008/07/31 23:25:47 | 000,000,000 | ---D | M] -- C:\Program Files\AOL 9.0
[2009/11/25 04:21:33 | 000,000,000 | ---D | M] -- C:\Program Files\AOL 9.1
[2008/07/25 00:25:33 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Pictures
[2011/01/06 01:14:00 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/07/04 17:48:21 | 000,000,000 | ---D | M] -- C:\Program Files\Apricorn
[2008/03/20 02:34:21 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2008/03/20 02:36:05 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2010/10/16 15:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/12/27 14:28:41 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2008/12/20 01:23:42 | 000,000,000 | ---D | M] -- C:\Program Files\Belarc
[2010/12/30 20:23:02 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/02/18 13:28:53 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/01/17 14:53:38 | 000,000,000 | ---D | M] -- C:\Program Files\Content Manager
[2009/06/13 15:48:59 | 000,000,000 | ---D | M] -- C:\Program Files\CoreFTP
[2009/05/05 23:14:47 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2009/02/03 00:13:15 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2008/03/20 02:37:13 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2010/01/02 20:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\dvdSanta
[2009/08/08 14:51:54 | 000,000,000 | ---D | M] -- C:\Program Files\Edge Computer Consulting, Inc
[2010/07/04 09:29:12 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2008/02/26 03:11:12 | 000,000,000 | ---D | M] -- C:\Program Files\eSobi
[2009/01/24 20:03:03 | 000,000,000 | ---D | M] -- C:\Program Files\GamesBar
[2010/12/15 23:02:35 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/04/16 20:21:25 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2008/08/15 20:36:39 | 000,000,000 | ---D | M] -- C:\Program Files\HTC
[2010/11/02 22:45:29 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/02/10 04:29:55 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/03/20 13:44:40 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/03/20 13:46:47 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/01/14 11:22:37 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/10/12 21:09:04 | 000,000,000 | ---D | M] -- C:\Program Files\LG Electronics
[2010/10/04 16:34:51 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2008/07/23 19:07:59 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys EasyLink Advisor
[2010/09/29 23:39:29 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/04/10 19:03:55 | 000,000,000 | ---D | M] -- C:\Program Files\Lotto Buster
[2011/04/01 16:05:05 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/09/20 14:38:53 | 000,000,000 | ---D | M] -- C:\Program Files\Maxtor
[2010/10/23 14:49:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2008/09/15 20:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/08/25 00:53:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2010/08/25 00:50:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliType Pro
[2009/01/07 22:35:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/03/16 03:21:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/07/26 13:41:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/10/15 03:02:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/25 03:02:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/03/20 02:28:35 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola
[2010/08/11 03:30:23 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/04/03 19:41:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/01/07 22:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2008/07/23 19:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2010/11/29 11:55:58 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2009/01/25 01:20:27 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2008/02/26 02:51:06 | 000,000,000 | ---D | M] -- C:\Program Files\NewTech Infosystems
[2010/10/12 21:28:11 | 000,000,000 | ---D | M] -- C:\Program Files\PANTECH
[2010/10/07 00:10:09 | 000,000,000 | ---D | M] -- C:\Program Files\PCFriendly
[2010/12/17 02:44:17 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/04/06 22:33:15 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2010/08/11 13:53:40 | 000,000,000 | ---D | M] -- C:\Program Files\RealArcade
[2008/04/20 12:34:08 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/10/12 20:58:24 | 000,000,000 | ---D | M] -- C:\Program Files\Research In Motion
[2010/10/12 21:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2010/11/02 22:45:16 | 000,000,000 | ---D | M] -- C:\Program Files\Seagate
[2011/02/18 13:28:53 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/02/10 22:38:09 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDVDCreatorPro
[2010/09/29 19:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\Soluto
[2008/07/22 15:40:05 | 000,000,000 | ---D | M] -- C:\Program Files\supportdotcom
[2010/10/20 08:54:29 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2009/11/18 00:49:47 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2011/03/09 09:12:47 | 000,000,000 | ---D | M] -- C:\Program Files\TurboTax
[2008/06/01 14:11:44 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/10/12 21:54:07 | 000,000,000 | ---D | M] -- C:\Program Files\V CAST Media Manager
[2010/11/04 23:32:04 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2009/09/13 23:52:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/09/13 23:52:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/09/13 23:52:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/09/13 23:52:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/10/23 14:28:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/02/10 04:29:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/17 08:41:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/09/13 23:52:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/17 04:21:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/09/13 23:52:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010/10/12 20:57:07 | 000,000,000 | ---D | M] -- C:\Program Files\Xiph.Org
[2008/07/25 23:20:43 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2008/03/20 02:37:24 | 000,000,000 | ---D | M] -- C:\Program Files\YUAN

< %appdata%\*.* >
[2010/07/21 16:17:39 | 000,106,776 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\GDIPFONTCACHEV1.DAT
[2010/02/26 09:27:22 | 000,000,088 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\usb.inf
[2008/08/16 23:44:18 | 000,001,028 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\WavCodec.wff
[2009/01/24 13:23:50 | 000,000,132 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/20 21:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/20 21:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 21:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 21:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/01/20 21:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_b9f18584\USBSTOR.SYS
[2008/01/20 21:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
[2009/04/10 23:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/04/10 23:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS
[2009/04/10 23:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_4a71c7c294f4e68f\USBSTOR.SYS
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-24 08:01:37

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:9AB56A06
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:131C0EE9

< End of report >
  • 0

#10
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Hi,

It has been a while do you still need help?

If you do, please do this:

Please download GooredFix from one of the locations below and save it to your Desktop
Download Mirror #1
Download Mirror #2
  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • GooredFix will check for infections, and then a log will appear. Please post the contents of that log in your next reply (it can also be found on your desktop, called GooredFix.txt).

Next,

Run OTL, click on quick scan and post the log it makes here.
  • 0

#11
nativetexan2

nativetexan2

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Thanks but it got to the point where all my C drive files were hidden and I could not do anything so I had windows reinstalled.
  • 0

#12
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
OK, thanks for letting me know. I will close this topic.
  • 0

#13
mitch8

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :D

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP