Hi, thank you for replying.
Right now the computer is still slow and constantly getting the "Not Responding" message on Firefox and occasionally on the desktop.
Ran the scans, however, the Extras log appears to be from the original scan that I ran a few days ago. Will post both logs now
OTL logfile created on: 18/05/2011 3:13:51 PM - Run 2
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Neha\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
958.00 Mb Total Physical Memory | 267.00 Mb Available Physical Memory | 28.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 58.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 64.76 Gb Free Space | 46.60% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.95 Gb Free Space | 49.48% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 885.97 Gb Free Space | 95.11% Space Free | Partition Type: NTFS
Computer Name: NEHA-PC | User Name: Neha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/05/16 12:05:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Neha\Desktop\OTL.exe
PRC - [2011/05/10 08:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2011/04/29 11:55:51 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Users\Neha\AppData\Local\Google\Update\1.3.21.53\GoogleCrashHandler.exe
PRC - [2011/01/13 14:54:26 | 000,464,856 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
PRC - [2011/01/13 14:42:12 | 003,811,648 | ---- | M] (SoftThinks - Dell) -- C:\Program Files\Dell DataSafe Local Backup\Toaster.exe
PRC - [2011/01/13 14:39:32 | 000,783,680 | ---- | M] () -- C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
PRC - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) -- C:\Program Files\Dell DataSafe Local Backup\SftService.exe
PRC - [2011/01/13 07:20:00 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\waol.exe
PRC - [2011/01/13 07:19:58 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6\shellmon.exe
PRC - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1200518764\ee\aolsoftware.exe
PRC - [2009/09/03 10:50:06 | 003,327,488 | ---- | M] (FNet Co., Ltd.) -- C:\Program Files\TurboHddUsb\TurboHddUsb.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 02:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/01/17 08:22:20 | 004,907,008 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTSrv.exe
PRC - [2007/05/03 04:48:52 | 000,537,520 | ---- | M] ( ) -- C:\Windows\System32\lxbtcoms.exe
PRC - [2007/03/12 10:11:26 | 000,232,184 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
PRC - [2007/03/12 10:11:22 | 000,017,656 | ---- | M] (Sonic Solutions) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\aol\acs\AOLacsd.exe
========== Modules (SafeList) ========== MOD - [2011/05/16 12:05:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Neha\Desktop\OTL.exe
MOD - [2011/05/10 08:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)
SRV - [2010/06/11 18:14:22 | 000,312,152 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Security 360\is360srv.exe -- (IS360service)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/05 07:17:24 | 000,077,824 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AERTSrv.exe -- (AERTFilters)
SRV - [2007/05/31 11:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 11:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/03 04:48:52 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\lxbtcoms.exe -- (lxbt_device)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ========== DRV - [2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/05/10 07:59:44 | 000,053,592 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/04/24 18:14:38 | 000,225,856 | ---- | M] (QFX Software Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\keyscrambler.sys -- (KeyScrambler)
DRV - [2010/11/17 20:36:02 | 000,021,744 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\Dell Support Center\pcdsrvc.pkms -- (PCDSRVC{E9D79540-57D5953E-06020101}_0)
DRV - [2010/02/04 11:53:02 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/09/03 10:50:10 | 000,007,040 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\FNETURPX.SYS -- (FNETURPX)
DRV - [2009/09/03 10:50:06 | 000,017,792 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FNETTBOH.SYS -- (FNETTBOH)
DRV - [2009/07/14 18:54:00 | 009,557,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/10/29 05:40:28 | 001,062,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/04/19 14:12:58 | 000,102,696 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
DRV - [2006/11/29 18:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 03:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/11/02 03:30:55 | 000,200,704 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2006/11/01 19:50:00 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2005/06/24 17:36:16 | 000,039,036 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2005/05/26 10:01:36 | 000,038,144 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2005/05/26 10:01:18 | 000,021,344 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ca.yahoo.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ca.yahoo.com IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.aol.comIE - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://ca.msn.com/?l...en-ca&OCID=iehpIE - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "
http://search.live.c...?FORM=IEFM1&q="FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.ca"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "
http://www.google.co...ient&gfns=1&q=" FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/08 13:37:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/08 13:37:06 | 000,000,000 | ---D | M]
[2008/06/19 19:42:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neha\AppData\Roaming\Mozilla\Extensions
[2011/05/15 21:47:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions
[2010/04/27 11:46:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/05/09 12:07:29 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/03/24 18:46:35 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2011/03/24 18:46:19 | 000,000,000 | ---D | M] (LiveClick) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\{d166ee2a-36bb-4f33-aff7-e85f912df509}
[2011/05/15 21:47:02 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\extensions\
[email protected][2009/09/05 05:24:50 | 000,002,255 | ---- | M] () -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\searchplugins\askcom.xml
[2009/03/13 18:47:14 | 000,001,632 | ---- | M] () -- C:\Users\Neha\AppData\Roaming\Mozilla\Firefox\Profiles\pj9ftycq.default\searchplugins\live-search.xml
[2011/05/17 14:39:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/15 21:34:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/11/06 14:25:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/01/06 08:55:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/17 14:39:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\NEHA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PJ9FTYCQ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/05/08 13:36:56 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2011/05/17 14:39:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2011/05/08 13:37:00 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1200518764\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [LXBTCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXBTtime.DLL ()
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [TurboHddUsb] C:\Program Files\TurboHddUsb\TurboHddUsb.exe (FNet Co., Ltd.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1498405510-89246633-4172258590-1000..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6\AOL.EXE (AOL Inc.)
O4 - HKLM..\RunOnce: [Launcher] C:\Program Files\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1498405510-89246633-4172258590-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_25)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.188.146.145
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img16.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 18:01:00 | 000,000,053 | -HS- | M] () - D:\AUTORUN.INF -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/05/16 12:05:13 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Neha\Desktop\OTL.exe
[2011/05/15 21:47:18 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Roaming\QFX Software
[2011/05/15 21:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\QFX Software
[2011/05/15 21:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
[2011/05/15 21:45:02 | 000,225,856 | ---- | C] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2011/05/15 21:44:53 | 000,000,000 | ---D | C] -- C:\Program Files\KeyScrambler
[2011/05/15 21:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/05/15 21:31:37 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/05/15 21:31:31 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/05/15 21:31:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/05/02 21:56:53 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Roaming\Yahoo!
[2011/04/29 15:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/04/29 15:01:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/04/29 15:01:46 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/04/29 14:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/04/19 22:00:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Security 360
[2011/04/19 22:00:46 | 000,000,000 | ---D | C] -- C:\Users\Neha\AppData\Roaming\IObit
[2011/04/19 22:00:44 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011/04/19 22:00:41 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2011/04/19 21:12:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/04/19 21:04:04 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2008/01/16 18:13:22 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxbtusb1.dll
[2008/01/16 18:13:22 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxbtinpa.dll
[2008/01/16 18:13:22 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxbtiesc.dll
[2008/01/16 18:13:22 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxbthcp.dll
[2008/01/16 18:13:21 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxbtserv.dll
[2008/01/16 18:13:21 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxbtpmui.dll
[2008/01/16 18:13:21 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxbtprox.dll
[2008/01/16 18:13:21 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxbtpplc.dll
[2008/01/16 18:13:20 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxbtlmpm.dll
[2008/01/16 18:13:20 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxbtih.exe
[2008/01/16 18:13:19 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxbthbn3.dll
[2008/01/16 18:13:18 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxbtcoms.exe
[2008/01/16 18:13:17 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomc.dll
[2008/01/16 18:13:17 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxbtcomm.dll
[2008/01/16 18:13:16 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxbtcfg.exe
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/05/18 15:01:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1498405510-89246633-4172258590-1000UA.job
[2011/05/18 14:37:36 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/05/18 14:37:36 | 000,003,680 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/05/18 14:37:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/18 14:37:14 | 1005,051,904 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/18 12:50:29 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/05/18 12:01:03 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1498405510-89246633-4172258590-1000Core.job
[2011/05/17 16:03:26 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2011/05/16 12:05:34 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Neha\Desktop\OTL.exe
[2011/05/15 22:12:54 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/05/15 21:31:38 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/14 20:30:35 | 000,002,039 | ---- | M] () -- C:\Users\Neha\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/12 12:10:10 | 000,030,034 | ---- | M] () -- C:\Users\Neha\AppData\Roaming\wklnhst.dat
[2011/05/12 11:53:40 | 000,611,664 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/05/12 11:53:40 | 000,109,112 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/11 13:43:16 | 000,001,704 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2011/05/10 08:10:59 | 000,040,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/05/10 08:10:55 | 000,199,304 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/05/10 08:03:54 | 000,441,176 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/05/10 08:03:44 | 000,307,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/05/10 08:02:37 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/05/10 07:59:56 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/05/10 07:59:44 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/05/10 07:59:35 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/05/02 11:40:01 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[2011/04/29 15:03:40 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/24 18:14:38 | 000,225,856 | ---- | M] (QFX Software Corporation) -- C:\Windows\System32\drivers\keyscrambler.sys
[2011/04/23 12:01:12 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/19 22:00:48 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\IObit Security 360.lnk
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/05/15 21:31:38 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/05/14 20:30:35 | 000,002,039 | ---- | C] () -- C:\Users\Neha\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/05/08 13:37:14 | 000,000,860 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/04/29 15:03:40 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/04/19 22:00:48 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\IObit Security 360.lnk
[2011/04/19 21:14:04 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/04/19 21:14:03 | 000,002,425 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2010/01/17 12:14:06 | 000,000,680 | ---- | C] () -- C:\Users\Neha\AppData\Local\d3d9caps.dat
[2009/11/04 12:58:41 | 000,217,088 | ---- | C] () -- C:\Windows\System32\avformat-50.dll
[2009/11/04 12:58:41 | 000,018,432 | ---- | C] () -- C:\Windows\System32\avutil-49.dll
[2009/11/04 12:58:40 | 001,984,512 | ---- | C] () -- C:\Windows\System32\avcodec-51.dll
[2009/09/24 07:53:14 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 07:53:14 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/02 16:10:18 | 000,000,029 | ---- | C] () -- C:\Windows\atid.ini
[2009/03/17 19:31:57 | 000,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2008/09/17 10:25:51 | 000,000,137 | -H-- | C] () -- C:\Users\Neha\AppData\Roaming\lakerda1967.sys
[2008/09/17 10:25:29 | 000,010,568 | ---- | C] () -- C:\Users\Neha\AppData\Roaming\docXConverter (3).ini
[2008/08/12 10:44:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/04/05 20:30:02 | 000,017,499 | ---- | C] () -- C:\Windows\System32\MSSDTMGTX61.DLL
[2008/01/16 18:49:09 | 000,030,034 | ---- | C] () -- C:\Users\Neha\AppData\Roaming\wklnhst.dat
[2008/01/16 18:13:22 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxbtinst.dll
[2008/01/16 17:25:15 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/01/16 17:22:44 | 000,083,456 | ---- | C] () -- C:\Users\Neha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/11 15:08:43 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007/03/19 07:04:58 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResES.dll
[2007/03/19 07:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResIT.dll
[2007/03/19 07:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResFR.dll
[2007/03/19 07:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResENG.dll
[2007/03/19 07:04:58 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResDE.dll
[2007/03/19 07:04:56 | 000,003,584 | ---- | C] () -- C:\Windows\System32\namResPTB.dll
[2007/03/19 07:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHC.dll
[2007/03/19 07:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResKO.dll
[2007/03/19 07:04:56 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResJA.dll
[2007/03/19 07:04:54 | 000,022,016 | ---- | C] () -- C:\Windows\System32\nam_page.dll
[2007/03/19 07:04:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\namResZHT.dll
[2007/02/22 19:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxbtcoin.dll
[2006/11/10 18:02:53 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006/11/07 15:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 08:53:49 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:44:53 | 000,430,744 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 06:33:01 | 000,611,664 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,109,112 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/17 01:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 01:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2005/08/18 07:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxbtvs.dll
[2005/05/25 10:07:26 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxbtcnv4.dll
[2004/03/08 18:40:12 | 000,210,944 | ---- | C] () -- C:\Windows\Msvcrt10.dll
[2004/03/08 18:40:12 | 000,057,344 | ---- | C] () -- C:\Windows\icmfilter.dll
========== LOP Check ========== [2010/06/21 12:10:55 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Facebook
[2009/03/20 14:56:49 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\gtk-2.0
[2011/04/19 22:01:46 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\IObit
[2009/03/20 16:56:38 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Jasc
[2010/12/11 17:47:52 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\PCDr
[2011/05/15 21:47:18 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\QFX Software
[2008/11/11 14:09:03 | 000,000,000 | ---D | M] -- C:\Users\Neha\AppData\Roaming\Template
[2011/03/31 08:55:00 | 000,000,370 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011/05/02 11:40:01 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2011/05/18 14:35:58 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/05/17 16:03:26 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/01/16 18:25:59 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/01/16 18:25:58 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 03:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 03:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 03:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 03:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: \accdef.exe -rb
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: \accdef.exe -hb
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: \accdef.exe -sb
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: \aol.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/08 13:37:01 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/08 13:37:01 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/08 13:37:01 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/08 13:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/08 13:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/08 13:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/02/22 00:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/02/22 00:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/02/22 00:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/02/22 02:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/02/22 02:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: \accdef.exe -rb
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: \accdef.exe -hb
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: \accdef.exe -sb
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: \aol.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/05/08 13:37:01 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/05/08 13:37:01 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/05/08 13:37:01 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/05/08 13:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/05/08 13:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/05/08 13:36:57 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/02/22 00:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/02/22 00:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/02/22 00:43:42 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/02/22 02:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/02/22 02:21:12 | 000,638,232 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ========== @Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\School:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\Other:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\OneNote Notebooks:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\My Received Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\My PSP8 Files:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\Goldie's Folder:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Neha\Desktop\Goldie Pics:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\My Downloads List1.ISO:Roxio EMC Stream
@Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:3AEA6AF9
< End of report >
OTL Extras logfile created on: 16/05/2011 12:08:14 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Neha\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19048)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
958.00 Mb Total Physical Memory | 183.00 Mb Available Physical Memory | 19.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 41.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.96 Gb Total Space | 65.06 Gb Free Space | 46.82% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.93 Gb Free Space | 49.27% Space Free | Partition Type: NTFS
Drive F: | 931.51 Gb Total Space | 885.97 Gb Free Space | 95.11% Space Free | Partition Type: NTFS
Computer Name: NEHA-PC | User Name: Neha | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- Reg Error: Value error.
https [open] -- Reg Error: Value error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{069746CE-D36E-4B61-A674-F2688ACC1B66}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{075F1FBE-9FAA-4DD4-96F7-BB2E90F9904C}" = rport=138 | protocol=17 | dir=out | app=system |
"{1B51E66A-0458-4934-8900-CEACC86DE2D2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1CA63133-92B8-4486-A991-81BF1091EB48}" = rport=445 | protocol=6 | dir=out | app=system |
"{2ECC9A63-CBB6-4639-8607-50D432B655C8}" = lport=138 | protocol=17 | dir=in | app=system |
"{2F687070-DFB7-4093-B63D-BD9EC48991AB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{454134CC-B163-428D-B973-87B71C45CB47}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5AD63E72-829F-4498-9EE3-E1137668AC90}" = lport=139 | protocol=6 | dir=in | app=system |
"{678AA400-7EEC-46C5-853F-ED5C776CE83F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{7276EA81-EE13-4BD2-A169-4AE36FC3402E}" = lport=445 | protocol=6 | dir=in | app=system |
"{7A09B8FC-D247-41CA-AA06-1891936D2205}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{8EB88943-43DE-492B-94B6-057CC742245D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{91095EED-1CC5-4FCB-BC5B-3AB017BFA571}" = lport=137 | protocol=17 | dir=in | app=system |
"{9261AC15-BFE7-4C94-80F5-53400B7C4608}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{93E38172-A2B1-421A-8501-026CED3D6878}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9546AD8B-2B48-40AC-AF25-CAD72682F3F7}" = rport=137 | protocol=17 | dir=out | app=system |
"{996E24C1-C62D-4E34-B680-5809E4FEB274}" = rport=139 | protocol=6 | dir=out | app=system |
"{BB35D350-9F58-43A2-85C3-E3F105C23612}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BCE65467-AAA4-4BF5-BDD8-7DCD10AAB948}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BE0974FA-1E6F-4467-9E67-80F5AE1C6825}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFC47231-7A8D-44DA-A2A9-06DC47249198}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CFA9223A-A170-4AE4-A160-B097DF93B1B9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001CB2D4-9CE3-44E6-8F71-2644167AF459}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{014CA6FD-6243-4AA1-AE64-66ECCA960B7E}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{0249DC5B-7A34-4C5A-8F2A-2AF797AAFA48}" = protocol=6 | dir=in | app=c:\windows\system32\lxbtcoms.exe |
"{04423A9C-A757-4237-86B9-BDCB9FEAA876}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbtpswx.exe |
"{06F7B525-BB49-43E0-921E-E820F35FA756}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{0C661D5F-D4BC-4D97-BA17-939904E0B6B2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{15B65404-FEB1-4FB1-BDE9-2FAC3C006FE4}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{15F08CE5-4B41-461C-A0AB-CBC936F61341}" = protocol=58 | dir=out |
[email protected],-28546 |
"{1F55333F-298D-4A7C-95A2-BBA4AE8C3CF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F8B7BA6-D6FB-4492-82CF-8572BDFF503F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{22B935CA-F12C-4DBA-A07A-AEF6E1AF7841}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3196F17B-CE8E-420A-9592-010031DA14C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3529D5D3-63BA-481A-89A6-1CA80E91892B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{37041720-4B58-4B3A-8ABD-FA3E613448BA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3AC23F75-8989-454B-8C8C-EE691CED0D3C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{40A11FCB-CD30-4010-9785-AEC62B620C23}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{413516A1-276A-4212-A9E6-79B7061B4456}" = protocol=58 | dir=in |
[email protected],-28545 |
"{4BA48928-AE38-4FD7-88DA-D46E7A0D11ED}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{4C90023C-151D-442A-AD2E-A89051B4FB7E}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{4DA37EF0-C3F6-48D1-814B-CB0CC8769D85}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\aol.exe |
"{5033E463-7DE3-4D63-A9A0-69F4F796C959}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{54066253-014C-46AA-81A7-3F30D13AE8D5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5982BE8E-7038-4726-B74B-828668FAB9D0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{6208BF4A-0001-4320-A755-D0BAA2879331}" = protocol=1 | dir=in |
[email protected],-28543 |
"{6662909E-BCDD-4B02-9202-9152088657DA}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{6A01FEBA-47F5-47CA-805F-C2C6CB63D7EF}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{6A803F42-0B00-48CE-BFBF-28A67746563B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{6C389A6E-521E-4614-8BB5-1A1472785979}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\aol.exe |
"{6C766B62-F96D-484A-8583-E5879D03760C}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{8124FE54-4AAC-4699-B2BE-ADF54927D983}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxbtpswx.exe |
"{834B0A11-EBDA-483D-BF57-CA2C240139A9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{858A487F-D6A6-4B9B-9412-31273428747A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{87027BF9-4389-4914-AE6D-5CD15CB3EC43}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{876BBDF7-B6BD-4B15-A9B1-9BB1B8700895}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{8E670B63-5A6B-4CCB-9E2A-7B9D6F801C3F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{919BC780-5BBB-4EC9-B2FB-78E500AE529C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{9351194E-CC12-4CB3-87BA-0BA472DE5129}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{936908FD-F7A2-4DCA-9F2D-7D321E473DF3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{97F2731B-A0A3-493A-A55F-78BD5008A37F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9C79286E-86D2-4D68-966A-477CA284098C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{9FD10955-CFDB-4855-8430-445BA5DC60AB}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{A2626517-22D9-487F-8D99-AAE95F2E9A64}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{A527F0FD-5692-40FC-BC7F-A12DD0CFBEFF}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{A8326F3A-1118-468B-B20A-CE147BEBA25A}" = protocol=17 | dir=in | app=c:\windows\system32\lxbtcoms.exe |
"{AC1CE5B8-3901-4174-BB20-C2A47B10B65E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B4FC0C8D-A41F-42DA-BB5B-E2EA7F953A89}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{B6C12BA8-8AA8-47BC-8B03-E7785CA52395}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{B85DC8D9-B4D2-4495-B6E9-2022E1ECF430}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B927303E-99CA-450B-9B50-0AAC2278642E}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{BDCCA442-1A39-42D3-BC85-C8DEF1538ABC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BE10D116-24B0-4948-9916-5F539FA4FB16}" = protocol=6 | dir=out | app=system |
"{C28711CC-9707-4CEC-AA67-20D0C273E300}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{C36781E0-B348-4FD3-A6D5-62258904FF93}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C750639F-5539-4B05-A9C8-0880784B6962}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{CA9CA292-597E-429F-AAF3-59D9DE214F69}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{CC87F0C9-6509-4BDA-87C4-668BA6DAFF16}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CE24841B-142D-43D5-A9F6-DACA58437065}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{D378417E-A0BE-48FD-AAE7-DD8CA455E17C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{D7811609-C693-4169-85E4-B5F4D08288BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D937CF42-573A-478E-9EAF-2F84E39E21EE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E1EDE59C-D190-4AFD-B88C-CDB815CDACD2}" = protocol=1 | dir=out |
[email protected],-28544 |
"{E3E984DF-EC7D-448D-8906-BE43962AB9BD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E711F05D-1004-4607-B383-2BB0DA7F07F8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{EAA87DF1-D6C2-4FFE-B7EA-B91CB0CA6A4D}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{ED2035C2-D39A-4243-B2EE-4ED2BEE98200}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{ED43E924-A0DA-4ED4-A54E-BB63D4176380}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{ED7EF7D4-C040-458D-A861-A1CA8F0B4835}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1200518764\ee\aolsoftware.exe |
"{F29FDCB8-B91C-473C-9E19-3A2128B64608}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{F3AEC9EF-45FE-4FE0-9D8A-07B84376AB69}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{F4A87CAC-CFB2-4213-BB3F-26C257313286}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{F7164D59-155C-46C2-B280-CC0FE80070ED}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{5690858B-0A76-4DA7-BAE1-BC588FAD7472}C:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe" = protocol=6 | dir=in | app=c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe |
"TCP Query User{667EA162-E872-4EED-B37F-4FA2AF046005}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{6DCCEE70-2BA6-4423-906E-42AB23441A2B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{896F6545-F813-4058-9DFE-E37F4772C6F6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9DD42084-8FB2-46EA-B2B6-88A092E8933F}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{D77A8250-E6F6-48A5-B9D6-BDA0611DC9FF}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{08FAED95-E56A-41F5-8CDC-4AEC83D60C0E}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{11C0B9A1-C983-42D8-951D-8B0CA595B72D}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{2E8631C5-D57D-4EA5-9A2E-EF3A1206F10A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4FD25C15-C092-411A-A6B6-5B5510FD977C}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{5EB18FA0-CCF4-45ED-8D3C-63299753ACAE}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{DED05C0E-D6C9-4980-AF10-85834EE56D53}C:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe" = protocol=17 | dir=in | app=c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{174D5678-D941-433C-BD23-58A5C7B0D36D}" = Jasc Animation Shop 3
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java 6 Update 24
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{353FE16B-30FE-469A-BF55-B978F4218003}" = iTunes
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}" = Dell DataSafe Online
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81A34902-9D0B-4920-A25C-4CDC5D14B328}" = Jasc Paint Shop Pro 8
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{A9FE08B0-7804-43FF-8B90-04EEC285FFF6}" = Microsoft Office Live Add-in Patches
"{AA027AE9-DD20-4677-AA72-D760A358320B}" = Microsoft VC9 runtime libraries
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.4
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF6F70D0-C242-4047-946B-98EA8208481A}" = ArcSoft TotalMedia Backup & Record
"{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AMDAway INF" = AMDAway INF
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"Ares" = Ares 2.1.0
"avast" = avast! Free Antivirus
"CCleaner" = CCleaner
"Defraggler" = Defraggler
"Dell Support Center" = Dell Support Center
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Eye Candy 4000" = Eye Candy 4000
"FileHippo.com" = FileHippo.com Update Checker
"InstallShield_{EFAD4066-CAF3-4B27-9669-12EED352C376}" = NVIDIANetworkDiagnostic
"IObit Security 360_is1" = IObit Security 360
"KeyScrambler" = KeyScrambler
"Lexmark 5200 Series" = Lexmark 5200 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"NVIDIA Drivers" = NVIDIA Drivers
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"TurboHddUsb" = TurboHddUsb
"ViewpointMediaPlayer" = Viewpoint Media Player
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.5.0.457
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 24/03/2008 10:03:33 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 05/04/2008 11:02:05 AM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:03 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:04 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:09 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:16 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 10/10/2009 4:37:20 PM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
Error - 07/01/2010 8:25:47 AM | Computer Name = Neha-PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 21/10/2009 4:01:52 PM | Computer Name = Neha-PC | Source = RasClient | ID = 20227
Description =
Error - 21/10/2009 4:03:13 PM | Computer Name = Neha-PC | Source = RasClient | ID = 20227
Description =
Error - 26/10/2009 8:29:31 PM | Computer Name = Neha-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 4a4 Start Time: 01ca563c18b34100 Termination Time: 7951
Error - 28/10/2009 12:59:09 PM | Computer Name = Neha-PC | Source = ESENT | ID = 215
Description = WinMail (3244) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 28/10/2009 11:27:44 PM | Computer Name = Neha-PC | Source = Application Hang | ID = 1002
Description = The program waol.exe version 9.5.0.1 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Problem Reports and Solutions control panel. Process
ID: ea8 Start Time: 01ca58356ecce850 Termination Time: 983
Error - 30/10/2009 12:11:14 PM | Computer Name = Neha-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.1.3576 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1520 Start Time: 01ca597958c6c089 Termination Time: 207
Error - 30/10/2009 12:12:49 PM | Computer Name = Neha-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.1.3576 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1794 Start Time: 01ca597b9c770549 Termination Time: 31
Error - 01/11/2009 12:17:13 PM | Computer Name = Neha-PC | Source = Application Hang | ID = 1002
Description = The program wmplayer.exe version 11.0.6002.18111 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 154c Start Time: 01ca5b0eafec18d0 Termination Time: 30
Error - 10/11/2009 9:24:34 PM | Computer Name = Neha-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.1.3593 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1394 Start Time: 01ca626d78a541f0 Termination Time: 27
Error - 10/11/2009 11:43:48 PM | Computer Name = Neha-PC | Source = Application Hang | ID = 1002
Description = The program WINWORD.EXE version 12.0.6504.5000 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1254 Start Time: 01ca62646c66b350 Termination Time: 0
[ Dell Events ]
Error - 13/12/2010 12:36:47 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/01/2011 4:20:10 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/01/2011 4:20:10 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 13/01/2011 6:46:27 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 13/01/2011 6:46:27 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 20/02/2011 1:11:39 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 20/02/2011 1:11:39 AM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/03/2011 5:55:14 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/03/2011 5:55:15 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 15/05/2011 4:29:07 PM | Computer Name = Neha-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ OSession Events ]
Error - 01/12/2010 1:08:57 AM | Computer Name = Neha-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 15/05/2011 12:59:08 PM | Computer Name = Neha-PC | Source = DCOM | ID = 10016
Description =
Error - 15/05/2011 4:08:10 PM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 15/05/2011 4:12:48 PM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7022
Description =
Error - 15/05/2011 7:50:59 PM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 15/05/2011 9:12:25 PM | Computer Name = Neha-PC | Source = volsnap | ID = 393225
Description = The flush and hold writes operation on volume C: timed out while waiting
for file system cleanup.
Error - 15/05/2011 9:13:54 PM | Computer Name = Neha-PC | Source = volsnap | ID = 393225
Description = The flush and hold writes operation on volume C: timed out while waiting
for file system cleanup.
Error - 15/05/2011 9:15:17 PM | Computer Name = Neha-PC | Source = volsnap | ID = 393225
Description = The flush and hold writes operation on volume C: timed out while waiting
for file system cleanup.
Error - 15/05/2011 9:16:37 PM | Computer Name = Neha-PC | Source = volsnap | ID = 393225
Description = The flush and hold writes operation on volume C: timed out while waiting
for file system cleanup.
Error - 15/05/2011 9:17:56 PM | Computer Name = Neha-PC | Source = volsnap | ID = 393225
Description = The flush and hold writes operation on volume C: timed out while waiting
for file system cleanup.
Error - 16/05/2011 11:43:18 AM | Computer Name = Neha-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >