Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer is slow and choppy [Closed]


  • This topic is locked This topic is locked

#1
HSBigDaddy

HSBigDaddy

    Member

  • Member
  • PipPip
  • 14 posts
Hi. My computer has been very slow and choppy for quite a while. I was wondering if anyone can help me to find out and fix whatever might be causing this. Windows XP.
  • 0

Advertisements


#2
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hello HSBigDaddy and welcome to GeeksToGo :)

My nickname is WhiteHat and I'm going to help you fix your problem.

  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please do not try to fix anything without being asked
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
  • Do not put your logs inside <Quote> and/or <Code> *important*
  • Please do not use the Attachment feature for any log file. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • The fixes are specific to your problem and should only be used for this issue on this machine!
  • Lastly, Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. Some infections are so severe that we might encounter situations where the only recourse is to re-format and re-install your operating system. Don't worry, this only happens in severe cases, but, sadly, it does happen.
    In light of this be prepared to back up your data. Have means of backing up your data available.

In order to be notified when your topic has been replied to:

Click My Settings at the top of the page. An Option page will open. In the left hand column click Notification Options. On the new page that opens under the Notification Preferences section click Watch every topic I reply to and set the notification type to Immediate Notification.


  • 0

#3
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • In Extra Registry, select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    msconfig
    drives
    %SYSTEMDRIVE%\*.*
    %systemdrive%\drivers\*.exe
    %systemroot%\system32\drivers\*.* /90
    %PROGRAMFILES%\*.*
    HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs
    HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

NEXT:

Download aswMBR.exe ( 4.8mb ) to your desktop.

Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#4
HSBigDaddy

HSBigDaddy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
OTL logfile created on: 9/2/2012 2:14:12 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Daddy\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 44.78% Memory free
4.40 Gb Paging File | 2.26 Gb Available in Paging File | 51.33% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.19 Gb Total Space | 5.93 Gb Free Space | 8.00% Space Free | Partition Type: NTFS
Drive D: | 200.23 Gb Total Space | 12.19 Gb Free Space | 6.09% Space Free | Partition Type: NTFS
Drive E: | 98.19 Gb Total Space | 9.00 Gb Free Space | 9.17% Space Free | Partition Type: NTFS
Drive I: | 465.76 Gb Total Space | 19.12 Gb Free Space | 4.10% Space Free | Partition Type: NTFS

Computer Name: ANTEC-20AE6726E | User Name: Daddy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/02 14:12:47 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daddy\Desktop\OTL.exe
PRC - [2012/07/24 09:27:12 | 004,777,856 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Safari.exe
PRC - [2012/03/22 11:40:42 | 000,014,184 | ---- | M] (Apple Inc.) -- C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2012/01/18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
PRC - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/08/17 13:22:19 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2011/08/05 12:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2011/08/05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneBusEnum.exe
PRC - [2011/08/05 10:59:56 | 001,382,912 | ---- | M] (Crystal Rich Ltd) -- C:\Program Files\USB Safely Remove\USBSafelyRemove.exe
PRC - [2011/08/04 14:25:20 | 000,257,880 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSRService.exe
PRC - [2011/02/07 16:42:10 | 000,477,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MSC\McUICnt.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/12/14 07:31:12 | 000,184,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSM\McSmtFwk.exe
PRC - [2010/09/30 15:56:16 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/04/12 10:13:08 | 000,142,336 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2009/07/08 02:53:36 | 000,472,112 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Pure Networks\Network Magic\nmapp.exe
PRC - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
PRC - [2008/12/18 12:05:40 | 000,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2008/12/18 12:05:40 | 000,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/05/07 18:30:15 | 000,607,576 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/01/23 19:35:50 | 002,578,024 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe
PRC - [2007/01/18 20:04:04 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/12/28 22:18:16 | 000,122,512 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2006/10/23 02:48:38 | 000,345,712 | ---- | M] (Adobe Systems Incorporated) -- D:\Program Files\Adobe\Reader\AcroRd32.exe
PRC - [2006/08/11 12:15:36 | 000,200,704 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2006/07/17 15:21:56 | 000,184,320 | ---- | M] () -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
PRC - [2006/02/07 16:10:14 | 000,106,496 | ---- | M] ( ) -- C:\Program Files\Maxtor\Utils\SyncServices.exe
PRC - [2004/10/15 16:54:14 | 000,100,016 | ---- | M] (America Online, Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
PRC - [2004/10/15 16:54:12 | 000,046,768 | ---- | M] (America Online Inc) -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
PRC - [2004/08/02 17:46:28 | 004,505,088 | ---- | M] (eCosm) -- C:\Program Files\FireTrust\MailWasher Pro\MailWasher.exe
PRC - [2002/07/11 08:06:23 | 000,372,736 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstc06.exe
PRC - [2002/07/11 08:06:23 | 000,188,416 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
PRC - [2002/07/11 08:06:23 | 000,172,032 | ---- | M] (HP) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstw06.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/25 15:59:59 | 000,065,024 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/08/25 15:59:59 | 000,052,736 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/08/14 17:41:19 | 009,465,032 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012/06/12 21:25:34 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2516a49d10f4418f72e1c25f691815a8\System.ServiceProcess.ni.dll
MOD - [2012/06/12 21:17:19 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b84bb74d7724e147a642a1d5358feb7\System.ServiceProcess.ni.dll
MOD - [2012/06/12 21:17:17 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012/06/12 21:14:05 | 003,186,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/06/12 21:14:04 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012/06/12 21:14:04 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012/06/12 21:14:01 | 000,630,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/06/12 21:14:01 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012/06/12 21:14:01 | 000,258,048 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
MOD - [2012/06/12 21:14:00 | 002,048,000 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012/06/12 21:14:00 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012/06/12 21:13:58 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012/06/12 21:13:56 | 005,025,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/06/12 21:12:14 | 013,197,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\54d61af44b1dedee6aea0d1bbc46b13a\System.Windows.Forms.ni.dll
MOD - [2012/06/12 21:02:31 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\4a668799513e369a54fdab8b3f74de92\System.Drawing.ni.dll
MOD - [2012/05/12 03:47:26 | 000,762,368 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\0f9d7198d2c0a3953fb59b1aca0d35f7\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 03:47:23 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061618887d629a9f7072970ffb85\System.EnterpriseServices.ni.dll
MOD - [2012/05/12 03:47:21 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\ce2aa3a5e89c326055ac8e2a309232f7\System.Transactions.ni.dll
MOD - [2012/05/12 03:43:07 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\a644ec04e18202b60f9d828bc207972b\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2012/05/12 03:42:52 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\92d58f840f549f9bd880783d43db7e3c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/12 03:42:42 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/12 03:37:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/12 03:32:44 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/12 03:32:18 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/05/12 03:10:16 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\9f5111b0b58258c3a4bbcfb8bf27374c\System.Data.ni.dll
MOD - [2012/05/12 03:10:06 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cdbff6e1c299574fe\System.Xml.ni.dll
MOD - [2012/05/12 03:09:58 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\0c8e950df17a0abec10888e8ad966cbe\System.Configuration.ni.dll
MOD - [2012/05/12 03:09:18 | 007,052,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9579ed3d3e10b30c1\System.Core.ni.dll
MOD - [2012/05/12 03:09:02 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141ccdb7f39d16\System.ni.dll
MOD - [2012/05/12 03:08:45 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/03/22 11:40:50 | 000,087,912 | ---- | M] () -- C:\Program Files\Safari\Apple Application Support\zlib1.dll
MOD - [2012/03/22 11:40:28 | 001,242,472 | ---- | M] () -- C:\Program Files\Safari\Apple Application Support\libxml2.dll
MOD - [2011/11/03 11:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2011/11/03 11:28:36 | 000,386,048 | ---- | M] () -- C:\WINDOWS\system32\qdvd.dll
MOD - [2011/10/25 21:00:58 | 000,117,760 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2011/10/25 21:00:58 | 000,052,224 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2011/08/04 14:25:20 | 000,257,880 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSRService.exe
MOD - [2011/07/01 12:06:44 | 000,002,560 | ---- | M] () -- C:\Program Files\USB Safely Remove\USBSafelyRemove.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/01/07 21:00:53 | 000,476,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2011/01/07 21:00:53 | 000,409,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.136.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2011/01/07 21:00:51 | 000,421,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2011/01/07 21:00:51 | 000,046,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2011/01/07 21:00:51 | 000,023,912 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll
MOD - [2011/01/07 21:00:51 | 000,018,792 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2011/01/07 21:00:51 | 000,012,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll
MOD - [2011/01/07 21:00:50 | 000,269,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\3.1.26.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2011/01/07 21:00:50 | 000,121,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2011/01/07 21:00:50 | 000,120,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2011/01/07 21:00:50 | 000,070,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.1.31.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/01/22 22:55:37 | 000,854,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.61.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2010/01/22 22:55:37 | 000,403,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2010/01/22 22:55:36 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\5.0.104.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2010/01/22 22:55:35 | 000,419,616 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2010/01/22 22:55:35 | 000,270,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.445.0__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2010/01/22 22:55:35 | 000,121,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2010/01/22 22:55:35 | 000,120,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2010/01/22 22:55:35 | 000,070,432 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2010/01/22 22:55:35 | 000,046,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2010/01/22 22:55:35 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\3.0.335.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
MOD - [2009/03/28 16:28:25 | 000,047,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll
MOD - [2009/03/28 16:28:25 | 000,018,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll
MOD - [2009/03/28 16:28:24 | 000,402,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll
MOD - [2009/03/28 16:28:24 | 000,120,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll
MOD - [2009/03/28 16:28:23 | 000,130,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll
MOD - [2009/03/28 16:28:23 | 000,072,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll
MOD - [2009/02/27 20:11:01 | 000,238,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll
MOD - [2009/01/20 20:37:16 | 001,058,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll
MOD - [2009/01/20 20:37:16 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll
MOD - [2009/01/20 20:34:36 | 000,755,712 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll
MOD - [2009/01/20 20:34:36 | 000,270,336 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\log4net\1.2.10.0__1b44e1d426115821\log4net.dll
MOD - [2009/01/20 20:34:34 | 000,458,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll
MOD - [2009/01/20 20:34:34 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll
MOD - [2009/01/20 20:34:34 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll
MOD - [2009/01/20 20:34:34 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll
MOD - [2008/12/18 12:05:40 | 000,457,248 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
MOD - [2008/12/18 12:05:40 | 000,191,008 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
MOD - [2008/12/18 12:04:44 | 000,109,088 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll
MOD - [2008/04/13 20:12:03 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\qcap.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/12/05 01:41:00 | 000,466,944 | ---- | M] () -- C:\WINDOWS\system32\nvshell.dll
MOD - [2007/05/22 10:59:22 | 000,128,512 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007/05/10 23:25:20 | 002,469,888 | ---- | M] () -- D:\Program Files\Adobe\Acrobat 8.0\PDFMaker\Common\AdobePDFMakerX.dll
MOD - [2007/01/23 19:36:58 | 002,942,568 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\VProRecovery\VProObj.dll
MOD - [2007/01/23 19:35:46 | 001,668,720 | ---- | M] () -- C:\Program Files\Common Files\Symantec Shared\VProRecovery\EventMonitors.dll
MOD - [2006/07/17 15:21:56 | 000,184,320 | ---- | M] () -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
MOD - [2003/07/14 22:44:34 | 000,102,968 | ---- | M] () -- C:\Program Files\Microsoft Office\OFFICE11\OUTLCTL.DLL
MOD - [2003/05/23 14:15:48 | 000,024,621 | ---- | M] () -- C:\Program Files\WS_FTP Pro\nsftpch.dll
MOD - [2003/05/23 14:02:34 | 000,135,214 | ---- | M] () -- C:\Program Files\WS_FTP Pro\wsftplib.dll
MOD - [2003/05/23 14:01:42 | 000,049,197 | ---- | M] () -- C:\Program Files\WS_FTP Pro\wshosts.dll
MOD - [2003/03/20 10:01:32 | 000,839,680 | ---- | M] () -- C:\Program Files\WS_FTP Pro\libeay32.dll
MOD - [2003/03/20 10:01:32 | 000,159,744 | ---- | M] () -- C:\Program Files\WS_FTP Pro\ssleay32.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\SoundTaxi Media Suite\STSService.exe -- (STSService)
SRV - File not found [On_Demand | Stopped] -- F:\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe -- (SandraTheSrv)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012/08/23 11:55:10 | 000,362,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/08/17 20:46:26 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/25 18:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/08/17 13:22:19 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2011/08/05 12:29:56 | 000,057,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Zune\ZuneBusEnum.exe -- (ZuneBusEnum)
SRV - [2011/08/04 14:25:20 | 000,257,880 | ---- | M] () [Auto | Running] -- C:\Program Files\USB Safely Remove\USBSRService.exe -- (USBSafelyRemoveService)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/04/12 10:13:08 | 000,142,336 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2010/02/19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/28 17:13:04 | 000,335,872 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\RadioGet\RGService.exe -- (RGService)
SRV - [2009/07/07 14:48:44 | 000,647,216 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2009/06/17 13:49:44 | 000,616,408 | ---- | M] () [Auto | Running] -- C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe -- (AntiSpywareService)
SRV - [2008/12/18 12:05:40 | 000,457,248 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2008/12/18 12:05:40 | 000,191,008 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/05/07 18:30:15 | 000,607,576 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe -- (aawservice)
SRV - [2008/01/05 19:56:51 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2007/12/03 21:33:49 | 000,072,704 | ---- | M] (Macrovision ) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service)
SRV - [2007/03/20 17:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2007/01/23 19:35:50 | 002,578,024 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Ghost\Agent\VProSvc.exe -- (Norton Ghost)
SRV - [2007/01/18 20:04:04 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/28 22:18:16 | 000,122,512 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2006/08/11 12:15:36 | 000,200,704 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2006/07/17 15:21:56 | 000,184,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe -- (MaxBackServiceInt)
SRV - [2006/02/07 16:10:14 | 000,106,496 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Maxtor\Utils\SyncServices.exe -- (NTService1)
SRV - [2004/10/15 16:54:14 | 000,100,016 | ---- | M] (America Online, Inc) [Auto | Running] -- C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe -- (AOL TopSpeedMonitor)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\VcommMgr.sys -- (VcommMgr)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\VComm.sys -- (VComm)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\TEMP\SANDRA.sys -- (SANDRA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Daddy\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - File not found [Kernel | Boot | Stopped] -- System32\Drivers\vbtenum.sys -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\btcusb.sys -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\btnetdrv.sys -- (BT)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\blueletaudio.sys -- (BlueletAudio)
DRV - [2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/08/09 07:38:02 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/08/09 07:38:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2010/09/14 09:16:06 | 000,108,480 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2010/08/31 19:41:52 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2010/08/31 19:41:52 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2010/02/23 07:20:41 | 000,012,872 | ---- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2010/02/17 16:52:10 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2010/01/26 22:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/12/02 06:12:06 | 000,385,544 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2009/12/02 06:12:06 | 000,040,560 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hotcore3.sys -- (hotcore3)
DRV - [2009/12/02 06:12:06 | 000,034,392 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2009/07/07 14:48:44 | 000,026,672 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\purendis.sys -- (purendis)
DRV - [2009/07/07 14:48:44 | 000,025,392 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/11/12 16:58:38 | 000,145,952 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008/08/01 10:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 10:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/06/22 21:39:46 | 000,035,363 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\windrvNT.sys -- (windrvNT)
DRV - [2008/04/13 14:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008/04/13 14:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/03/06 11:51:14 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2007/12/11 09:52:12 | 000,026,784 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2007/12/04 21:04:19 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi)
DRV - [2007/11/16 22:59:49 | 000,008,552 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2007/10/29 21:43:59 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2007/01/23 19:45:10 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/01/23 19:06:36 | 000,131,944 | ---- | M] (StorageCraft) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\symsnap.sys -- (symsnap)
DRV - [2007/01/23 19:06:34 | 000,037,864 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\v2imount.sys -- (v2imount)
DRV - [2007/01/23 19:03:46 | 000,014,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vproeventmonitor.sys -- (VProEventMonitor)
DRV - [2007/01/20 03:11:07 | 000,031,644 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2006/12/13 19:02:22 | 000,513,152 | ---- | M] (Windows ® 2000/XP) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SndTDriverV32.sys -- (SndTDriverV32)
DRV - [2006/11/22 10:01:48 | 000,693,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)
DRV - [2006/11/03 17:13:50 | 000,226,816 | ---- | M] (Pinnacle Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wisgostrm.sys -- (WISTechVIDCAP)
DRV - [2006/11/02 08:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/09/28 13:01:00 | 000,500,480 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0230VID.sys -- (V0230VID)
DRV - [2006/09/21 16:39:16 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2006/09/12 22:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006/04/05 05:46:30 | 000,163,840 | R--- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\V0250Dev.sys -- (V0250Dev)
DRV - [2006/03/23 13:00:00 | 000,006,272 | R--- | M] (EyePower Games Pte. Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\V0230Vfx.sys -- (V0230Vfx)
DRV - [2005/04/24 22:43:58 | 000,013,225 | ---- | M] (Razer (Asia-Pacific) Pte Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\DB3G.sys -- (Razerlow)
DRV - [2005/04/06 15:05:24 | 000,015,360 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2004/05/05 21:48:40 | 000,004,228 | ---- | M] (PowerQuest Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\PQNTDRV.sys -- (PQNTDrv)
DRV - [2004/02/04 10:27:56 | 000,049,536 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tiehdusb.sys -- (TIEHDUSB)
DRV - [2003/07/10 10:09:56 | 000,096,256 | ---- | M] (The Linksys Group, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LSIPNDS.sys -- (IPN2120)
DRV - [2003/01/10 17:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)
DRV - [2002/08/14 15:03:36 | 000,017,005 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2001/08/17 14:06:20 | 000,100,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Icam5USB.sys -- (ICAM5USB)
DRV - [2001/08/17 13:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman)
DRV - [2001/08/17 13:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1)
DRV - [2001/08/17 13:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k)
DRV - [2001/08/17 13:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2001/08/17 12:19:58 | 000,072,192 | ---- | M] (ESS Technology Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1969.sys -- (es1969)
DRV - [1999/12/17 02:00:00 | 000,006,752 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0B4A10D1-FBD6-451d-BFDA-F03252B05984}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=12-09-2011
IE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}
IE - HKU\.DEFAULT\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}
IE - HKU\S-1-5-18\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}
IE - HKU\S-1-5-19\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}
IE - HKU\S-1-5-20\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" = http://search.yahoo....ei=utf-8&fr=ysp

IE - HKU\S-1-5-21-1390067357-823518204-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1390067357-823518204-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\S-1-5-21-1390067357-823518204-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1390067357-823518204-839522115-1003\..\SearchScopes,DefaultScope = {DD721529-F9CC-420C-84FC-935094CEB079}
IE - HKU\S-1-5-21-1390067357-823518204-839522115-1003\..\SearchScopes\{DD721529-F9CC-420C-84FC-935094CEB079}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1390067357-823518204-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1390067357-823518204-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.ao...rud=01-05-2010"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}:1.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..keyword.URL: "http://www.google.co...ient&gfns=1&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Documents and Settings\Daddy\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/25 17:15:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/06/16 16:19:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2012/05/23 07:08:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/06/16 16:19:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Components: C:\Program Files\Netscape\Netscape\Components [2012/05/23 07:08:44 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Netscape 7.1\Extensions\\Plugins: C:\Program Files\Netscape\Netscape\Plugins [2012/06/16 16:19:42 | 000,000,000 | ---D | M]

[2008/11/02 19:47:51 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Extensions
[2012/08/30 19:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\extensions
[2011/12/26 19:31:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/04 22:31:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\extensions\[email protected]
[2010/05/01 12:12:52 | 000,001,490 | ---- | M] () -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\searchplugins\AIM Search.xml
[2010/02/12 08:21:14 | 000,004,546 | ---- | M] () -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\searchplugins\aim-search.xml
[2010/05/01 12:18:30 | 000,002,343 | ---- | M] () -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\searchplugins\aol-search.xml
[2010/02/02 09:56:46 | 000,000,003 | ---- | M] () -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\searchplugins\GoogleFeed.xml
[2008/07/23 22:16:34 | 000,002,386 | ---- | M] () -- C:\Documents and Settings\Daddy\Application Data\Mozilla\Firefox\Profiles\o15tdx4g.default\searchplugins\siteadvisor.xml
[2012/08/30 19:21:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/06/16 22:20:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/12/23 17:43:04 | 000,000,000 | ---D | M] (VideoGet FireFox extension) -- C:\Program Files\Mozilla Firefox\extensions\{85E85FF9-E50C-42DE-8A3D-61485FD6C8DB}
[2010/04/29 20:24:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/25 11:29:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/25 20:56:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/12/25 21:00:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/04 16:32:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/27 21:01:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012/06/16 16:19:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012/06/16 16:19:25 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/04/14 15:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2009/05/05 10:21:18 | 000,284,000 | ---- | M] (Musicnotes, Inc.) -- C:\Program Files\mozilla firefox\plugins\npmusicn.dll
[2007/04/16 13:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll

O1 HOSTS File: ([2007/10/24 15:25:01 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll ()
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120627094802.dll (McAfee, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Updater For XFIN_PORTAL) - {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} - C:\Program Files\xfin_portal\auxi\comcastAu.dll (Visicom Media)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (XFINITY Toolbar) - {4b9bcce8-a70b-402a-a7e1-db96831ee26f} - C:\Program Files\xfin_portal\comcastdx.dll ()
O3 - HKU\S-1-5-21-1390067357-823518204-839522115-1003\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [EPSON Stylus CX3800 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe (HP)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [USB Safely Remove] C:\Program Files\USB Safely Remove\USBSafelyRemove.exe (Crystal Rich Ltd)
O4 - HKLM..\Run: [V0230Cfg.exe] C:\WINDOWS\V0230Cfg.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1390067357-823518204-839522115-1003..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1390067357-823518204-839522115-1003..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\FlashUtil32_11_3_300_271_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-1390067357-823518204-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1390067357-823518204-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O9 - Extra Button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra 'Tools' menuitem : Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - D:\Program Files\Nuclear Coffee\VideoGet\Plugins\VideoGet_IE.dll (Nuclear Coffee Software)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Yahoo! Search Protection - {BBF74FB9-ABCD-4678-880A-2511DAABB5E1} - C:\Program Files\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1324874747296 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} Reg Error: Key error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93161D92-7674-4CD8-B770-5EAE7E1B282C}: DhcpNameServer = 192.168.1.1 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - AppInit_DLLs: (wzqoiz.dll) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\VITELIO.BMP
O24 - Desktop BackupWallPaper: C:\WINDOWS\VITELIO.BMP
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\byXQKaYr) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/07/03 14:29:12 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{07f16080-7c51-11dd-a0b4-00044b02c797}\Shell\AutoRun\command - "" = J:\AUTORUN.EXE
O33 - MountPoints2\{41b90be1-1703-11e1-9faf-00044b02c796}\Shell\AutoRun\command - "" = J:\Setup.exe
O33 - MountPoints2\{41b90be1-1703-11e1-9faf-00044b02c796}\Shell\Install\command - "" = J:\Setup.exe
O33 - MountPoints2\{84b39a78-fb13-11db-a5b8-00044b02c796}\Shell - "" = AutoRun
O33 - MountPoints2\{84b39a78-fb13-11db-a5b8-00044b02c796}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{84b39a78-fb13-11db-a5b8-00044b02c796}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL CAAV/CAInstallationMenu.html
O33 - MountPoints2\{9067dd05-4389-11de-b25d-00044b02c796}\Shell - "" = AutoRun
O33 - MountPoints2\{9067dd05-4389-11de-b25d-00044b02c796}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{9067dd05-4389-11de-b25d-00044b02c796}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{98166033-debb-11e0-b2d5-00044b02c796}\Shell\AutoRun\command - "" = J:\urDrive.exe
O33 - MountPoints2\{aa61b113-fdb4-11db-a5c7-001217bd8b52}\Shell - "" = AutoRun
O33 - MountPoints2\{aa61b113-fdb4-11db-a5c7-001217bd8b52}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{aa61b113-fdb4-11db-a5c7-001217bd8b52}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O33 - MountPoints2\{d1398009-2d5c-11e0-a8e2-00044b02c796}\Shell - "" = AutoRun
O33 - MountPoints2\{d1398009-2d5c-11e0-a8e2-00044b02c796}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d1398009-2d5c-11e0-a8e2-00044b02c796}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\{de503c2c-3f9f-11de-b3dc-00044b02c796}\Shell\AutoRun\command - "" = J:\Info.exe folder.htt 480 480
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000003}\_SC_Acrobat.exe - ()
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Reader\reader_sl.exe - (Adobe Systems Incorporated)
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk - D:\Program Files\Adobe\Reader\AdobeCollabSync.exe - ()
MsConfig - StartUpFolder: C:^Documents and Settings^Daddy^Start Menu^Programs^Startup^Dropbox.lnk - - File not found
MsConfig - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - File not found
MsConfig - StartUpReg: AcronisTimounterMonitor - hkey= - key= - File not found
MsConfig - StartUpReg: Adobe_ID0EYTHM - hkey= - key= - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Aim6 - hkey= - key= - File not found
MsConfig - StartUpReg: Alcmtr - hkey= - key= - C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: ALUAlert - hkey= - key= - File not found
MsConfig - StartUpReg: AnyDVD - hkey= - key= - C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
MsConfig - StartUpReg: AOL Fast Start - hkey= - key= - C:\Program Files\America Online 9.0\AOL.EXE (America Online, Inc.)
MsConfig - StartUpReg: AOLDialer - hkey= - key= - C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (AOL LLC)
MsConfig - StartUpReg: AP Sharing Switch - hkey= - key= - C:\Program Files\IOGEAR Auto Printer Sharing Switch\AutoPrt.exe ()
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: Auction Auto Bidder - hkey= - key= - File not found
MsConfig - StartUpReg: AVFX Engine - hkey= - key= - C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
MsConfig - StartUpReg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - hkey= - key= - File not found
MsConfig - StartUpReg: CloneCDTray - hkey= - key= - File not found
MsConfig - StartUpReg: ComcastAntispyClient - hkey= - key= - C:\Program Files\comcasttb\ComcastSpywareScan\ComcastAntispy.exe ()
MsConfig - StartUpReg: Creative Launcher - hkey= - key= - C:\Program Files\Creative\SBLive2k\Launcher\CTLauncher.exe (Creative Technology Ltd)
MsConfig - StartUpReg: Creative Live! Cam Manager - hkey= - key= - C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe (Creative Technology Ltd.)
MsConfig - StartUpReg: DAEMON Tools - hkey= - key= - C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
MsConfig - StartUpReg: Diamondback - hkey= - key= - C:\Program Files\Razer\Diamondback 3G\razerhid.exe ()
MsConfig - StartUpReg: DropBoxUtility - hkey= - key= - File not found
MsConfig - StartUpReg: EPSON Stylus CX3800 Series - hkey= - key= - File not found
MsConfig - StartUpReg: FileZilla Server Interface - hkey= - key= - File not found
MsConfig - StartUpReg: HostManager - hkey= - key= - C:\Program Files\Common Files\AOL\1179538878\EE\aolsoftware.exe (AOL LLC)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Development Company, L.P.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: MaxtorOneTouch - hkey= - key= - C:\Program Files\Maxtor\ManagerApp\OneTouch.exe (Maxtor Corporation)
MsConfig - StartUpReg: Monitor.exe - hkey= - key= - File not found
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: mxomssmenu - hkey= - key= - C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
MsConfig - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
MsConfig - StartUpReg: NeroFilterCheck - hkey= - key= - C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
MsConfig - StartUpReg: NewsUpd - hkey= - key= - C:\Program Files\Creative\News\NewsUpd.EXE (Creative Technology Ltd.)
MsConfig - StartUpReg: nmapp - hkey= - key= - C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Cisco Systems, Inc.)
MsConfig - StartUpReg: nmctxth - hkey= - key= - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
MsConfig - StartUpReg: Norton Ghost 12.0 - hkey= - key= - C:\Program Files\Norton Ghost\Agent\VProTray.exe (Symantec Corporation)
MsConfig - StartUpReg: PPWebCap - hkey= - key= - D:\Program Files\ScanSoft\PaperPort\PPWEBCAP.EXE (Scansoft Inc.)
MsConfig - StartUpReg: PWRISOVM.EXE - hkey= - key= - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RealTray - hkey= - key= - C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Recorder.exe - hkey= - key= - File not found
MsConfig - StartUpReg: RelevantKnowledge - hkey= - key= - File not found
MsConfig - StartUpReg: RogueMonitor - hkey= - key= - File not found
MsConfig - StartUpReg: RTHDCPL - hkey= - key= - C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: Search Protection - hkey= - key= - File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: SkyTel - hkey= - key= - C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.)
MsConfig - StartUpReg: SpybotSD TeaTimer - hkey= - key= - File not found
MsConfig - StartUpReg: Steam - hkey= - key= - c:\program files\steam\steam.exe (Valve Corporation)
MsConfig - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: ToolboxFX - hkey= - key= - C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: TrueImageMonitor.exe - hkey= - key= - File not found
MsConfig - StartUpReg: Tunebite - hkey= - key= - File not found
MsConfig - StartUpReg: Typing Assistant (English) - hkey= - key= - File not found
MsConfig - StartUpReg: updateMgr - hkey= - key= - File not found
MsConfig - StartUpReg: V0230Mon.exe - hkey= - key= - C:\WINDOWS\V0230Mon.exe (Creative Technology Ltd.)
MsConfig - StartUpReg: Yahoo! Pager - hkey= - key= - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: YSearchProtection - hkey= - key= - File not found
MsConfig - StartUpReg: Zune Launcher - hkey= - key= - C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/09/02 14:12:46 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Daddy\Desktop\OTL.exe
[2012/09/01 20:32:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2007/07/09 18:18:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Daddy\Application Data\pcouffin.sys
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/09/02 14:41:01 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/09/02 14:30:09 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012/09/02 14:12:47 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Daddy\Desktop\OTL.exe
[2012/09/02 13:10:06 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012/09/02 12:04:11 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2012/09/02 10:15:24 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012/09/02 08:34:01 | 000,002,187 | ---- | M] () -- C:\Documents and Settings\Daddy\Desktop\Safari.lnk
[2012/09/01 20:45:11 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012/09/01 07:07:56 | 000,244,918 | ---- | M] () -- C:\Documents and Settings\Daddy\My Documents\FELLOWSHIP CHAPEL LOGO WITH WORDS.jpg
[2012/09/01 07:07:42 | 000,244,918 | ---- | M] () -- C:\Documents and Settings\Daddy\My Documents\FELLOWSHIP CHAPEL LOGO WITH WORDS-1.jpg
[2012/08/31 21:17:12 | 000,018,944 | ---- | M] () -- C:\Documents and Settings\Daddy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/08/31 21:09:53 | 004,084,913 | ---- | M] () -- C:\Documents and Settings\Daddy\My Documents\Madeon - Pop Culture (live mashup).mp3
[2012/08/31 18:00:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\vjuztgir.job
[2012/08/31 08:41:07 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\Daddy\Desktop\Microsoft Office Word 2003.lnk
[2012/08/29 07:50:33 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2012/08/27 09:24:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/08/25 16:10:10 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\WGASetup.job
[2012/08/25 15:59:43 | 000,245,979 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2012/08/25 15:59:36 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/08/25 15:53:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/08/25 13:42:04 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\videopadShakeIcon.job
[2012/08/24 13:54:29 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\videopadDowngrade.job
[2012/08/21 16:45:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[2012/08/17 20:46:24 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/08/17 20:46:24 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/08/16 03:17:27 | 001,547,912 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/08/15 21:41:42 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/08/14 22:50:17 | 000,000,083 | ---- | M] () -- C:\WINDOWS\System32\gpupdate.bin
[14 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/09/01 07:07:56 | 000,244,918 | ---- | C] () -- C:\Documents and Settings\Daddy\My Documents\FELLOWSHIP CHAPEL LOGO WITH WORDS.jpg
[2012/09/01 07:07:41 | 000,244,918 | ---- | C] () -- C:\Documents and Settings\Daddy\My Documents\FELLOWSHIP CHAPEL LOGO WITH WORDS-1.jpg
[2012/08/31 21:09:39 | 004,084,913 | ---- | C] () -- C:\Documents and Settings\Daddy\My Documents\Madeon - Pop Culture (live mashup).mp3
[2012/08/29 07:50:32 | 000,000,268 | ---- | C] () -- C:\WINDOWS\tasks\prismShakeIcon.job
[2012/08/10 13:42:11 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\videopadDowngrade.job
[2012/08/03 16:43:01 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\pixillionShakeIcon.job
[2012/05/13 19:41:54 | 000,001,057 | ---- | C] () -- C:\Documents and Settings\Daddy\Application Data\vso_ts_preview.xml
[2012/02/16 16:43:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/20 23:13:02 | 002,890,721 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1390067357-823518204-839522115-1003-0.dat
[2012/01/20 23:13:00 | 000,273,622 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/12/28 12:12:04 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2011/12/19 22:59:06 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2011/11/29 10:03:49 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011/11/22 17:28:11 | 000,158,720 | ---- | C] () -- C:\WINDOWS\System32\WS_VideoConverterContextMenu.dll
[2011/11/02 19:38:35 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2011/10/17 18:46:42 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Daddy\Local Settings\Application Data\HamsterVideoConverterSettings.cfg
[2011/09/09 21:51:44 | 000,383,238 | ---- | C] () -- C:\WINDOWS\System32\libmp3lame-0.dll
[2011/08/16 10:44:44 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Daddy\.rnd
[2011/04/01 20:22:35 | 000,000,287 | ---- | C] () -- C:\WINDOWS\game.ini
[2010/12/24 10:57:37 | 000,000,026 | ---- | C] () -- C:\WINDOWS\dvdSanta.INI
[2010/12/24 09:43:41 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2010/12/24 09:43:41 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2010/12/24 09:43:41 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2010/12/24 09:43:41 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ogg.dll
[2010/12/20 20:33:14 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2010/12/01 14:09:36 | 000,000,608 | -HS- | C] () -- C:\WINDOWS\System32\winzvprt5.sys
[2010/12/01 14:09:36 | 000,000,250 | ---- | C] () -- C:\WINDOWS\System32\hppfaxprinter5.ini
[2010/11/07 17:44:28 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Daddy\Local Settings\Application Data\47599-22037-39462-09QV6-33854
[2010/09/15 10:03:04 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2010/03/14 13:45:14 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Daddy\jagex_runescape_preferences2.dat
[2008/11/17 22:22:24 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Daddy\Application Data\PnkBstrK.sys
[2008/11/02 21:37:20 | 000,000,041 | ---- | C] () -- C:\Documents and Settings\Daddy\jagex_runescape_preferences.dat
[2008/02/11 20:40:27 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Daddy\Local Settings\Application Data\fusioncache.dat
[2008/02/08 17:58:00 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ezsid.dat
[2007/10/22 22:30:59 | 000,000,072 | ---- | C] () -- C:\Documents and Settings\Daddy\Local Settings\Application Data\37562-11537-09847-00QV1-78241
[2007/10/02 20:29:02 | 000,003,325 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/07/31 15:53:43 | 032,070,881 | ---- | C] () -- C:\Documents and Settings\Daddy\1.dem
[2007/07/09 18:18:24 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Daddy\Application Data\ezpinst.exe
[2007/07/09 18:18:24 | 000,007,824 | ---- | C] () -- C:\Documents and Settings\Daddy\Application Data\pcouffin.cat
[2007/07/09 18:18:24 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Daddy\Application Data\pcouffin.inf
[2007/06/10 18:44:56 | 000,000,040 | -HS- | C] () -- C:\Documents and Settings\Daddy\Application Data\.zreglib
[2007/06/05 14:46:25 | 000,000,711 | ---- | C] () -- C:\Documents and Settings\Daddy\.plugin141_02.trace
[2007/06/02 22:51:04 | 000,000,112 | ---- | C] () -- C:\Documents and Settings\Daddy\default.pls
[2007/06/02 22:38:18 | 000,018,944 | ---- | C] () -- C:\Documents and Settings\Daddy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== Custom Scans ==========

========== Drive Information ==========

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST340062 0AS SCSI Disk Device
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: MAXTOR S TM3500630AS SCSI Disk Device
Partitions: 1
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 74.00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 298.00GB
Starting Offset: 79661836800
Hidden sectors: 0


DeviceID: Disk #1, Partition #0
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 466.00GB
Starting Offset: 32256
Hidden sectors: 0


< %SYSTEMDRIVE%\*.* >
[2007/09/10 19:14:08 | 000,010,920 | ---- | M] () -- C:\aolconnfix.exe
[2007/09/10 19:14:08 | 000,001,039 | ---- | M] () -- C:\aolconnfix.txt
[2007/07/03 14:29:12 | 000,000,050 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012/04/30 17:04:17 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2007/09/22 15:13:26 | 000,000,211 | -HS- | M] () -- C:\boot.ini.cf
[2007/05/04 22:29:29 | 000,034,141 | ---- | M] () -- C:\caavsetupLog.txt
[2008/04/30 09:35:09 | 000,011,496 | ---- | M] () -- C:\caisslog.txt
[2007/10/24 15:24:14 | 000,029,610 | ---- | M] () -- C:\check_LSA7.txt
[2007/05/05 05:24:28 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2008/12/15 22:02:50 | 000,007,893 | ---- | M] () -- C:\Cucu_Video_log.txt
[2008/08/15 19:03:56 | 000,001,178 | ---- | M] () -- C:\hook.log
[2012/08/15 18:53:00 | 000,255,240 | ---- | M] () -- C:\hpfr5550.log
[2007/05/05 05:24:28 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/01/17 07:31:50 | 000,000,395 | -H-- | M] () -- C:\IPH.PH
[2007/05/05 05:24:28 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2011/12/27 09:58:28 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2012/08/31 16:12:24 | 2744,123,392 | -HS- | M] () -- C:\pagefile.sys
[2007/05/18 21:40:45 | 000,000,288 | -H-- | M] () -- C:\T4Metrics.log
[2009/01/09 16:01:28 | 000,052,718 | ---- | M] () -- C:\VETlog.dmp
[2009/01/09 16:01:28 | 006,469,873 | ---- | M] () -- C:\VETlog.txt
[2008/08/21 22:39:49 | 000,004,096 | -HS- | M] () -- C:\VSNAP.IDX
[2011/09/08 22:20:15 | 005,177,584 | ---- | M] () -- C:\YouTubeDownloaderSetup33.exe
[2007/09/21 19:56:46 | 000,000,146 | ---- | M] () -- C:\YServer.txt

< %systemdrive%\drivers\*.exe >

< %systemroot%\system32\drivers\*.* /90 >
[2012/07/03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\system32\drivers\mbam.sys
[2012/06/08 20:23:37 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2012/06/08 20:40:04 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_user_01_09_00.Wdf
[2012/06/08 20:41:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2012/06/08 20:23:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_zumbus_01009.Wdf
[2012/06/08 20:41:35 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2012/07/04 10:05:18 | 000,139,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\rdpwd.sys

< %PROGRAMFILES%\*.* >

< HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2004/11/19 13:54:25 | 000,016,984 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2004/11/19 13:54:25 | 000,016,984 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2004/11/19 13:54:25 | 000,016,984 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2005/07/12 06:17:44 | 000,050,776 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/09/30 15:56:24 | 000,509,512 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/09/30 15:56:24 | 000,509,512 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/09/30 15:56:24 | 000,509,512 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/09/30 15:56:16 | 000,307,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/09/30 15:56:16 | 000,307,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/09/30 15:56:16 | 000,307,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/07/03 08:18:22 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/07/03 08:18:22 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/07/03 08:18:22 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/07/03 06:57:55 | 000,634,488 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.1b1 (en)" /hs browser [2007/05/17 06:16:20 | 000,095,440 | ---- | M] ()
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape\Netscp.exe" -silent -nosplash -setDefaultBrowser [2003/06/24 12:09:00 | 000,568,096 | ---- | M] (Mozilla, Netscape)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.1b1 (en)" /ss browser [2007/05/17 06:16:20 | 000,095,440 | ---- | M] ()
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\shell\open\command\\: "C:\Program Files\Netscape\Netscape\Netscp.exe" [2003/06/24 12:09:00 | 000,568,096 | ---- | M] (Mozilla, Netscape)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

< HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2004/11/19 13:54:25 | 000,016,984 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2004/11/19 13:54:25 | 000,016,984 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2004/11/19 13:54:25 | 000,016,984 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2005/07/12 06:17:44 | 000,050,776 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/09/30 15:56:24 | 000,509,512 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/09/30 15:56:24 | 000,509,512 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/09/30 15:56:24 | 000,509,512 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/09/30 15:56:16 | 000,307,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/09/30 15:56:16 | 000,307,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/09/30 15:56:16 | 000,307,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2012/07/03 08:18:22 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2012/07/03 08:18:22 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2012/07/03 08:18:22 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2012/07/03 06:57:55 | 000,634,488 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.1b1 (en)" /hs browser [2007/05/17 06:16:20 | 000,095,440 | ---- | M] ()
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Netscape\Netscape\Netscp.exe" -silent -nosplash -setDefaultBrowser [2003/06/24 12:09:00 | 000,568,096 | ---- | M] (Mozilla, Netscape)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Netscape\Netscape\uninstall\NSUninst.exe" /ua "7.1b1 (en)" /ss browser [2007/05/17 06:16:20 | 000,095,440 | ---- | M] ()
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Netscp.exe\shell\open\command\\: "C:\Program Files\Netscape\Netscape\Netscp.exe" [2003/06/24 12:09:00 | 000,568,096 | ---- | M] (Mozilla, Netscape)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\SOFTWARE\CLIENTS\Startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2012/03/22 15:21:58 | 002,388,336 | ---- | M] (Apple Inc.)

========== Alternate Data Streams ==========

@Alternate Data Stream - 118 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:94A19129

< End of report >



OTL Extras logfile created on: 9/2/2012 2:14:12 PM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Documents and Settings\Daddy\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.89 Gb Available Physical Memory | 44.78% Memory free
4.40 Gb Paging File | 2.26 Gb Available in Paging File | 51.33% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74.19 Gb Total Space | 5.93 Gb Free Space | 8.00% Space Free | Partition Type: NTFS
Drive D: | 200.23 Gb Total Space | 12.19 Gb Free Space | 6.09% Space Free | Partition Type: NTFS
Drive E: | 98.19 Gb Total Space | 9.00 Gb Free Space | 9.17% Space Free | Partition Type: NTFS
Drive I: | 465.76 Gb Total Space | 19.12 Gb Free Space | 4.10% Space Free | Partition Type: NTFS

Computer Name: ANTEC-20AE6726E | User Name: Daddy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1390067357-823518204-839522115-1003\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"58814:TCP" = 58814:TCP:*:Enabled:Pando Media Booster
"58814:UDP" = 58814:UDP:*:Enabled:Pando Media Booster

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"58814:TCP" = 58814:TCP:*:Enabled:Pando Media Booster
"58814:UDP" = 58814:UDP:*:Enabled:Pando Media Booster
"3703:TCP" = 3703:TCP:*:Enabled:Adobe Version Cue CS3 Server
"3704:TCP" = 3704:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50900:TCP" = 50900:TCP:*:Enabled:Adobe Version Cue CS3 Server
"50901:TCP" = 50901:TCP:*:Enabled:Adobe Version Cue CS3 Server

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Steam\steam.exe" = C:\Program Files\Steam\steam.exe:*:Enabled:Steam -- (Valve Corporation)
"C:\Program Files\WS_FTP Pro\wsftppro.exe" = C:\Program Files\WS_FTP Pro\wsftppro.exe:*:Enabled:WS_FTP Pro Application -- (Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421)
"C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe" = C:\Program Files\Activision\Call of Duty 2\CoD2MP_s.exe:*:Enabled:CoD2MP_s -- ()
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\Program Files\BitLord\BitLord.exe" = C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord -- (www.BitLord.com)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"D:\SOF1\SoF.exe" = D:\SOF1\SoF.exe:*:Enabled:SoF
"D:\Soldier_Of_Fortune_Payback\sof3.exe" = D:\Soldier_Of_Fortune_Payback\sof3.exe:*:Enabled:sof3
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"D:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" = D:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"D:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" = D:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Symantec\pcAnywhere\awhost32.exe" = C:\Program Files\Symantec\pcAnywhere\awhost32.exe:*:Enabled:pcAnywhere Host
"C:\Program Files\TmUnitedForever\TmForever.exe" = C:\Program Files\TmUnitedForever\TmForever.exe:*:Enabled:TmForever
"C:\Program Files\Electronic Arts\EADM\Core.exe" = C:\Program Files\Electronic Arts\EADM\Core.exe:*:Enabled:EA Download Manager -- (Electronic Arts)
"D:\Left4Dead\left4dead.exe" = D:\Left4Dead\left4dead.exe:*:Enabled:left4dead -- ()
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\Common Files\AOL\1179538878\EE\aolsoftware.exe" = C:\Program Files\Common Files\AOL\1179538878\EE\aolsoftware.exe:*:Enabled:AOL Services -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM
"C:\Program Files\DropBox\DropBox\DropBox.exe" = C:\Program Files\DropBox\DropBox\DropBox.exe:*:Enabled:DropBox
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire PRO 4.18.6
"I:\Program Files\YouTubeMP3Downloader.net\YouTubeMP3Downloader\YouTubeMP3.exe" = I:\Program Files\YouTubeMP3Downloader.net\YouTubeMP3Downloader\YouTubeMP3.exe:*:Enabled:Flv2mp3
"C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager
"C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AIM -- (AOL Inc.)
"C:\Documents and Settings\Daddy\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\Daddy\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Documents and Settings\Daddy\Desktop\AviConverterSetup.exe" = C:\Documents and Settings\Daddy\Desktop\AviConverterSetup.exe:*:Enabled:InstallCore™
"C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Documents and Settings\Daddy\Application Data\mjusbsp\magicJack.exe" = C:\Documents and Settings\Daddy\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack -- (magicJack L.P.)
"C:\Program Files\Steam\steamapps\[email protected]\half-life\hl.exe" = C:\Program Files\Steam\steamapps\[email protected]\half-life\hl.exe:*:Enabled:Half-Life -- (Valve)
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe" = C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server -- (Adobe Systems Incorporated)
"c:\WINDOWS\TEMP\~os21.tmp\rlvknlg.exe" = c:\WINDOWS\TEMP\~os21.tmp\rlvknlg.exe:*:Enabled:rlvknlg.exe
"C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe" = C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service -- (Cisco Systems, Inc.)
"C:\Program Files\Steam\steamapps\[email protected]\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\[email protected]\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{06F8CD93-C722-45E9-A9A4-F48F78E39E84}" = hppFaxUtilityCM1410
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09E2111C-16B1-4DDF-BF0D-F994C9A12350}" = Adobe Setup
"{0E26E09B-6687-4A99-BD08-A9E705373029}_is1" = Vyzex Pocket POD 1.17
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{0EF0EA0D-F945-4958-85CC-60FF1E86D216}" = HP LaserJet Professional CM1410 Series
"{0F8C0F8A-2D3B-4105-9B9D-BF8EDDE6C138}" = DVD VR Extractor
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18562567-BC92-9861-00B8-90B8F5545EA8}" = LangoMax Adult Advantage
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.3
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{21749F4E-02A1-4828-9A1E-BBDF5929C5D0}" = HP LJ CM1410 MFP Series HP Scan
"{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic
"{229D6185-BD7E-494B-A73B-C5215BE0690E}" = HPLJUT
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{357820A5-9AED-4C7C-A6C6-046BDDEC8E81}" = Wireless-G Internet Home Monitoring Camera
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3B1D6DF0-EAA2-012B-AE51-000000000000}" = TurboTax 2009 wnjiper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{5A613A09-8F96-4F7E-BD71-69A89F37150D}" = hpg4850QFolder
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5FCCD531-1B38-4A94-924C-127F722F1033}" = Nero 8
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{621FCD24-4498-4324-A81E-07D331376EDF}" = PixiePack Codec Pack
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6663554C-2FC7-4CDC-809D-1BCD59189853}_is1" = Trine
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D172D0A-B9F1-4046-AFAB-8599288545BF}" = Safari
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{76B78008-3832-42FD-AE55-C8F946ED3C7E}" = muvee autoProducer 4.1
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7AC0886A-CE48-4EB6-9CC3-4C56D427F2E1}" = Cisco Network Magic
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7E350663-86D3-466A-AB79-28156A9ABF6E}_is1" = Hamster Free Video Converter
"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8658342C-43E0-43CA-B831-7E1FAB33311D}" = hpg4850
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880119B8-6093-4E35-8A52-056771F4E2BB}" = Movavi VideoSuite 5 Help
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8A2B151C-23FC-4A21-B6DA-263E8BF93E23}" = HP Scanjet 4800 series 7.0
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F1A20DC-251D-47B0-91B7-DCA2523EE6C9}" = McAfee Virtual Technician
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{923CAE62-30C9-425E-B4ED-F5E9C09C5C4A}" = TurboTax 2008 wnjiper
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{92F91A05-8241-4651-B9F4-9D04EE1F2634}" = hppSendFaxCM1410
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9C3F9580-F5CF-4288-894E-9FF0EB24A21C}" = Maxtor Backup
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9FA7A537-E6F6-4A6E-95B9-E4152756132D}" = hppCM1410LaserJetService
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.6.943
"{A855D6F0-DB2E-11DE-B032-005056C00008}" = Paragon Drive Backup™ 2010 Special Edition
"{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{AABE44D1-0B72-4C6B-9778-20B2317F8064}" = hpzTLBXFX
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{B0255743-165B-4BD5-8DA8-37DFB9930012}" = Norton Ghost
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7F560B3-6EFF-4026-A982-843895A41149}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19423A6-78AB-4EF0-BE84-6B18342316A5}" = Kaplan Essential Review - Writing and Vocabulary
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C77A1356-1654-4340-BA5B-A21ED3289B2E}" = Kaplan Essential Review- Biology & Chemistry
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C9C16E4B-4FDD-4A31-8B8F-EC402082407A}" = HPLaserJetHelp_LearnCenter
"{CA19AEA3-B949-41DA-AFBA-692356230F6E}" = TurboTax 2010 wnjiper
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCC4E428-411E-4605-B515-317D50ABD477}" = Ulead DVD MovieFactory 6
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEF7211D-CE3A-44C4-B321-D84A2099AE94}" = Comcast Desktop Software (v1.2.0.9)
"{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF}" = Adobe Creative Suite 3 Design Premium
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D608C59B-424B-45D4-971C-5978F8564CEE}" = hppLaserJetService
"{D642E38E-0D24-486C-9A2D-E316DD696F4B}" = Microsoft XML Parser
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA5576B5-EF2A-4E3A-8763-FCA8BA84DA00}" = hppTLBXFXCM1410
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.19.365
"{DCED0AD4-784D-4667-B4A0-6FE953FAC4BB}" = TurboTax 2011 wnjiper
"{DD23EAC1-BF1C-4E79-ADE0-EBB870CD813A}" = Quivic 6
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E89B484C-B913-49A0-959B-89E836001658}" = GEAR 32bit Driver Installer
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6C84ED7-9CAC-423b-9E00-C9BFAFBD0593}_is1" = RadioGet 1.3.8
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FC467B61-F890-4E29-8585-365DAB66F13E}" = Pure Networks Platform
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"{FF268652-B3E8-494F-8343-1FC6DD0FF523}" = Maxtor OneTouch III
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD7B2D9-AC9D-468C-83A2-21017A811623}" = hppFaxDrvCM1410
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.1.5 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_815" = Adobe Acrobat 8.1.5 - CPSID_49013
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_c14ac4070fd9614ffe63f4bb533db2c" = Add or Remove Adobe Creative Suite 3 Design Premium
"AdultAdvantage" = LangoMax Adult Advantage
"Advanced Video FX Engine" = Advanced Video FX Engine
"AFD653D92C0CA9E8F375124D6A0B19FFBA89B1D2" = Windows Driver Package - Razer (Razerlow) HIDClass (03/07/2007 1.0.0.2)
"AIM_7" = AIM 7
"AnyDVD" = AnyDVD
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AolCoach2_en" = AOL Coach Version 2.0(Build:20041026.5 en)
"Auction Auto Bidder_is1" = Auction Auto Bidder
"Audit Support Center" = Audit Support Center 1.0
"Belarc Advisor" = Belarc Advisor 8.1
"BitLord" = BitLord 1.1
"Chopper_is1" = Chopper XP 2.3
"Creative Live! Cam Center" = Creative Live! Cam Center
"Creative Live! Cam Manager" = Creative Live! Cam Manager
"Creative Photo Manager" = Creative Photo Manager
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative VF0230" = Creative Live! Cam Video IM Pro Driver (1.01.03.0928)
"Creative VF0250" = Creative Live! Cam Notebook Pro Driver (1.01.03.0405)
"Cucusoft DVD to Zune + Zune Video Converter Suite_is1" = Cucusoft DVD to Zune + Zune Video Converter Suite 7.15.7.8
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"DD4F47DF-6540-4BDA-BEAD-2B19250B0C48_is1" = FLAC to MP3 Converter 6.1.2
"Doxillion" = Doxillion Document Converter
"DriverAgent_is1" = DriverAgent by eSupport.com
"DVD Audio Extractor_is1" = DVD Audio Extractor 4.2.2
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab Platinum_is1" = DVDFab Platinum 3.0.8.6
"dvdSanta 4.50 - Make your own DVD movies!_is1" = dvdSanta 4.50
"EPSON Printer and Utilities" = EPSON Printer Software
"Hardlock Device Drivers" = Hardlock Device Drivers
"Higher Score on the SAT/PSAT_is1" = Higher Score on the SAT/PSAT
"HijackThis" = HijackThis 2.0.2
"hp deskjet 5550 series_Driver" = hp deskjet 5550 series
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ImgBurn" = ImgBurn
"InstallShield_{0F8C0F8A-2D3B-4105-9B9D-BF8EDDE6C138}" = DVD VR Extractor
"InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{9C3F9580-F5CF-4288-894E-9FF0EB24A21C}" = Maxtor Backup
"InstallShield_{CCC4E428-411E-4605-B515-317D50ABD477}" = Ulead DVD MovieFactory 6
"InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}" = Call of Duty® 2
"InstallShield_{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"InstallShield_{FF268652-B3E8-494F-8343-1FC6DD0FF523}" = Maxtor OneTouch III
"IOGEAR Auto Printer Sharing Switch_is1" = IOGEAR Printer Sharing Switch 1.0.0.1
"Java Web Start" = Java Web Start
"Magic ISO Maker v5.4 (build 0239)" = Magic ISO Maker v5.4 (build 0239)
"MailWasher Pro_is1" = MailWasher Pro
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"mediAvatar HD Video Converter" = mediAvatar HD Video Converter
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MixMeister Studio 7.2.2_is1" = MixMeister Studio 7.2.2
"Mozilla Firefox (3.0.19)" = Mozilla Firefox (3.0.19)
"Mp3 Audio Editor" = Mp3 Audio Editor
"Mpeg2Decoder_is1" = Mpeg2Decoder 1.3
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"My Video Converter_is1" = My Video Converter 1.2.4
"NETGEAR Print Server Software" = NETGEAR Print Server Software
"Netscape (7.1)" = Netscape (7.1)
"Network MagicUninstall" = Network Magic
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PaperPort 6.5" = PaperPort 6.5
"Pestering Birds_is1" = Pestering Birds
"Picasa 3" = Picasa 3
"Pixillion" = Pixillion Image Converter
"PlayFLV" = PlayFLV
"PowerISO" = PowerISO
"Print Artist 12.0" = SierraHome Print Artist 12.0
"Prism" = Prism Video File Converter
"QuickTime 3.0" = QuickTime 3.0
"RealPlayer 6.0" = RealPlayer Basic
"SightSpeed" = SightSpeed (remove only)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Sound Blaster Live!" = Sound Blaster Live!
"SoundTaxi_is1" = SoundTaxi 1.3.5
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"ST6UNST #1" = Brad Smith Easy SFV Creator
"STMediaSuite" = SoundTaxi Media Suite 3.9.1
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"USB Safely Remove_is1" = USB Safely Remove 4.7
"Video Edit Magic_is1" = Video Edit Magic 4
"VideoGet_is1" = Nuclear Coffee - VideoGet
"VideoPad" = VideoPad Video Editor
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.0
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR archiver
"winusb0100" = Microsoft WinUsb 1.0
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wondershare Video Converter Platinum_is1" = Wondershare Video Converter Platinum(Build 5.1.4.3)
"WS_FTP Pro" = Ipswitch WS_FTP Pro
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
"xfin_portal" = XFINITY Toolbar
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"Zune" = Zune

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1390067357-823518204-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AOL Messaging Toolbar" = AOL Messaging Toolbar
"magicJack" = magicJack
"Steam App 10" = Counter-Strike
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/27/2012 6:30:54 PM | Computer Name = ANTEC-20AE6726E | Source = Norton Ghost | ID = 100
Description = Error EC8F1C50: Cannot create file backup for job: My Documents Backup.
Error E7D1000B: Unable to make directory 'G:/'. Error E7D10026: Unable to get attributes
for 'G:/'. Error EBAB03F1: The system cannot find the path specified. Error E4BC0004:
Unable to backup file C:/Documents and Settings/Daddy/My Documents/2010 JH NY distribution
form . updated.pdf. Details: 0xEBAB0005 Source: Norton Ghost

Error - 8/28/2012 6:30:51 PM | Computer Name = ANTEC-20AE6726E | Source = Norton Ghost | ID = 100
Description = Error EC8F1C50: Cannot create file backup for job: My Documents Backup.
Error E7D1000B: Unable to make directory 'G:/'. Error E7D10026: Unable to get attributes
for 'G:/'. Error EBAB03F1: The system cannot find the path specified. Error E4BC0004:
Unable to backup file C:/Documents and Settings/Daddy/My Documents/2010 JH NY distribution
form . updated.pdf. Details: 0xEBAB0005 Source: Norton Ghost

Error - 8/29/2012 6:31:19 PM | Computer Name = ANTEC-20AE6726E | Source = Norton Ghost | ID = 100
Description = Error EC8F1C50: Cannot create file backup for job: My Documents Backup.
Error E7D1000B: Unable to make directory 'G:/'. Error E7D10026: Unable to get attributes
for 'G:/'. Error EBAB03F1: The system cannot find the path specified. Error E4BC0004:
Unable to backup file C:/Documents and Settings/Daddy/My Documents/2010 JH NY distribution
form . updated.pdf. Details: 0xEBAB0005 Source: Norton Ghost

Error - 8/30/2012 10:34:51 AM | Computer Name = ANTEC-20AE6726E | Source = Application Error | ID = 1000
Description = Faulting application Safari.exe, version 5.34.55.3, faulting module
unknown, version 0.0.0.0, fault address 0x7f9bc9f0.

Error - 8/30/2012 6:30:57 PM | Computer Name = ANTEC-20AE6726E | Source = Norton Ghost | ID = 100
Description = Error EC8F1C50: Cannot create file backup for job: My Documents Backup.
Error E7D1000B: Unable to make directory 'G:/'. Error E7D10026: Unable to get attributes
for 'G:/'. Error EBAB03F1: The system cannot find the path specified. Error E4BC0004:
Unable to backup file C:/Documents and Settings/Daddy/My Documents/2010 JH NY distribution
form . updated.pdf. Details: 0xEBAB0005 Source: Norton Ghost

Error - 8/31/2012 6:30:57 PM | Computer Name = ANTEC-20AE6726E | Source = Norton Ghost | ID = 100
Description = Error EC8F1C50: Cannot create file backup for job: My Documents Backup.
Error E7D1000B: Unable to make directory 'G:/'. Error E7D10026: Unable to get attributes
for 'G:/'. Error EBAB03F1: The system cannot find the path specified. Error E4BC0004:
Unable to backup file C:/Documents and Settings/Daddy/My Documents/2010 JH NY distribution
form . updated.pdf. Details: 0xEBAB0005 Source: Norton Ghost

Error - 9/1/2012 6:24:47 AM | Computer Name = ANTEC-20AE6726E | Source = Application Error | ID = 1000
Description = Faulting application Safari.exe, version 5.34.55.3, faulting module
unknown, version 0.0.0.0, fault address 0x7ed8a678.

Error - 9/1/2012 6:30:53 PM | Computer Name = ANTEC-20AE6726E | Source = Norton Ghost | ID = 100
Description = Error EC8F1C50: Cannot create file backup for job: My Documents Backup.
Error E7D1000B: Unable to make directory 'G:/'. Error E7D10026: Unable to get attributes
for 'G:/'. Error EBAB03F1: The system cannot find the path specified. Error E4BC0004:
Unable to backup file C:/Documents and Settings/Daddy/My Documents/2010 JH NY distribution
form . updated.pdf. Details: 0xEBAB0005 Source: Norton Ghost

Error - 9/1/2012 10:02:05 PM | Computer Name = ANTEC-20AE6726E | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2332 (0x91c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.4.0.387
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Documents and Settings\All
Users\Application Data\McAfee\MCLOGS\MISP\mcagent\log.ini by C:\Program Files\McAfee.com\Agent\mcagent.exe

4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)


Error - 9/2/2012 7:33:24 AM | Computer Name = ANTEC-20AE6726E | Source = Application Error | ID = 1000
Description = Faulting application webkit2webprocess.exe, version 7534.55.3.3, faulting
module npjpi160_33.dll, version 6.0.330.3, fault address 0x00001657.

[ System Events ]
Error - 8/25/2012 1:31:18 PM | Computer Name = ANTEC-20AE6726E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service NMIndexingService
with arguments "" in order to run the server: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 8/25/2012 1:31:18 PM | Computer Name = ANTEC-20AE6726E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service NMIndexingService
with arguments "" in order to run the server: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 8/25/2012 1:31:18 PM | Computer Name = ANTEC-20AE6726E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service NMIndexingService
with arguments "" in order to run the server: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 8/25/2012 1:31:20 PM | Computer Name = ANTEC-20AE6726E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service NMIndexingService
with arguments "" in order to run the server: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 8/25/2012 1:31:21 PM | Computer Name = ANTEC-20AE6726E | Source = DCOM | ID = 10005
Description = DCOM got error "%1058" attempting to start the service NMIndexingService
with arguments "" in order to run the server: {E8933C4B-2C90-4A04-A677-E958D9509F1A}

Error - 8/25/2012 3:53:26 PM | Computer Name = ANTEC-20AE6726E | Source = Service Control Manager | ID = 7000
Description = The Acronis Scheduler2 Service service failed to start due to the
following error: %%3

Error - 8/25/2012 9:49:23 PM | Computer Name = ANTEC-20AE6726E | Source = Service Control Manager | ID = 7031
Description = The McAfee McShield service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.

Error - 8/27/2012 12:10:37 PM | Computer Name = ANTEC-20AE6726E | Source = DCOM | ID = 10005
Description = DCOM got error "%1068" attempting to start the service upnphost with
arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

Error - 8/27/2012 12:10:37 PM | Computer Name = ANTEC-20AE6726E | Source = Service Control Manager | ID = 7001
Description = The Universal Plug and Play Device Host service depends on the SSDP
Discovery Service service which failed to start because of the following error:
%%1058

Error - 9/1/2012 10:02:11 PM | Computer Name = ANTEC-20AE6726E | Source = Service Control Manager | ID = 7031
Description = The McAfee McShield service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 5000 milliseconds:
Restart the service.


< End of report >
  • 0

#5
HSBigDaddy

HSBigDaddy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-02 14:49:13
-----------------------------
14:49:13.057 OS Version: Windows 5.1.2600 Service Pack 3
14:49:13.057 Number of processors: 2 586 0xF06
14:49:13.057 ComputerName: ANTEC-20AE6726E UserName: Daddy
14:49:16.026 Initialize success
14:51:46.197 AVAST engine defs: 12090201
14:52:11.697 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Scsi\nvgts1Port2Path0Target0Lun0
14:52:11.697 Disk 0 Vendor: ST340062 3.AA Size: 381554MB BusType: 3
14:52:11.697 Disk 1 \Device\Harddisk1\DR1 -> \Device\Scsi\nvgts3Port4Path0Target0Lun0
14:52:11.697 Disk 1 Vendor: MAXTOR_S 3.AA Size: 476940MB BusType: 3
14:52:11.697 Disk 0 MBR read successfully
14:52:11.697 Disk 0 MBR scan
14:52:11.729 Disk 0 Windows XP default MBR code
14:52:11.729 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 75971 MB offset 63
14:52:11.744 Disk 0 Partition - 00 0F Extended LBA 305580 MB offset 155589525
14:52:11.744 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 205032 MB offset 155589588
14:52:11.760 Disk 0 Partition - 00 05 Extended 100547 MB offset 575496495
14:52:11.776 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 100547 MB offset 575496558
14:52:11.776 Disk 0 scanning sectors +781417665
14:52:11.838 Disk 0 scanning C:\WINDOWS\system32\drivers
14:52:22.338 Service scanning
14:52:23.010 Modules scanning
14:52:23.088 Disk 0 trace - called modules:
14:52:23.088 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x8b5c31e8]<<
14:52:23.088 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b4437a8]
14:52:23.088 3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\00000096[0x8b4447e0]
14:52:23.088 5 ACPI.sys[b7e7d620] -> nt!IofCallDriver -> \Device\Scsi\nvgts1Port2Path0Target0Lun0[0x8b444998]
14:52:23.088 \Driver\nvgts[0x8b4bba20] -> IRP_MJ_CREATE -> 0x8b5c31e8
14:52:23.151 AVAST engine scan C:\WINDOWS
14:52:23.635 AVAST engine scan C:\WINDOWS\system32
14:57:17.385 AVAST engine scan C:\WINDOWS\system32\drivers
14:57:34.463 AVAST engine scan C:\Documents and Settings\Daddy
16:08:40.010 AVAST engine scan C:\Documents and Settings\All Users
16:14:52.901 Scan finished successfully
22:08:09.463 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Daddy\Desktop\MBR.dat"
22:08:09.510 The log file has been saved successfully to "C:\Documents and Settings\Daddy\Desktop\aswMBR.txt"
  • 0

#6
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Please reopen Posted Image on your desktop.
  • Under the Posted Image box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=12-09-2011
    FF - prefs.js..browser.search.defaultenginename: "Secure Search"
    FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=01-05-2010&tb_mrud=01-05-2010"
    FF - prefs.js..browser.search.selectedEngine: "Secure Search"
    MsConfig - StartUpReg: updateMgr - hkey= - key= - File not found
    
    :Files
    C:\WINDOWS\tasks\At*.job
    C:\WINDOWS\tasks\vjuztgir.job
    
    :Commands
    [CREATERESTOREPOINT]
    [EMPTYTEMP]
  • Then click the Posted Image button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

NEXT:

Posted Image Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2
prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

  • 0

#7
HSBigDaddy

HSBigDaddy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Unable to run OTL with the script provided. It locks the computer up. Tried it with Malwarebytes disabled as well, same result.
  • 0

#8
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Ok, I changed the script. Let's see if it works now.

Please reopen Posted Image on your desktop.
  • Under the Posted Image box at the bottom, paste in the following

    :OTL
    IE - HKLM\..\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}: "URL" = http://slirsredirect...mrud=12-09-2011
    FF - prefs.js..browser.search.defaultenginename: "Secure Search"
    FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/aol/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us&tb_uuid=100000000000000002&tb_oid=01-05-2010&tb_mrud=01-05-2010"
    FF - prefs.js..browser.search.selectedEngine: "Secure Search"
    MsConfig - StartUpReg: updateMgr - hkey= - key= - File not found
    
    :Files
    C:\WINDOWS\tasks\At*.job
    C:\WINDOWS\tasks\vjuztgir.job
    
    :Commands
    [CREATERESTOREPOINT]
    [REBOOT]
  • Then click the Posted Image button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

  • 0

#9
HSBigDaddy

HSBigDaddy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Worked like a charm. Here is the log file:

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}\ not found.
Prefs.js: "Secure Search" removed from browser.search.defaultenginename
Prefs.js: "http://aim.search.ao...rud=01-05-2010" removed from browser.search.defaulturl
Prefs.js: "Secure Search" removed from browser.search.selectedEngine
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\updateMgr\ deleted successfully.
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\WINDOWS\tasks\vjuztgir.job moved successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.59.1 log created on 09042012_212954
  • 0

#10
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Posted Image Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2
prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

  • 0

#11
HSBigDaddy

HSBigDaddy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Running the Malwarebytes scan now. It is taking a long time, currently at 16+ hours. Is this normal?
  • 0

#12
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts

Running the Malwarebytes scan now. It is taking a long time, currently at 16+ hours. Is this normal?

No. You can cancel the scan if you want.

Just tell me how is your computer.
  • 0

#13
HSBigDaddy

HSBigDaddy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
It's still very laggy.
  • 0

#14
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi,

Apparently your computer is clean.

It's still very laggy.

The fact that the computer is slow might be related to several factors and is not easy to determine the cause. I can try a clean boot and see if that work.

Press the Windows Key + R to open run

Type "msconfig" and press [ENTER]

Select the tab Services and click in the option Hide all microsoft services

Next, select the option Disable All > Apply > Ok.

Restart your computer and see if the computer is still slow
  • 0

#15
WhiteHat

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP