I dont think this has anything to do with it but on Wednesday Febuary 24 I did a scan with AVG and it said i had the Trojan Horse SHeur2 trojan horse, I just remembered this and thought i would update this post to let you know. thank you... Well i wasnt able to do TFC or gmer. My computer froze with gmer and with TFC my compter went black and i waited for an hour to see if it was just what the program was supposed to do but nothing happened. EI tried both programs twice but each time the same thing happened and I had to do a hard shut off. I was able to do Malwarebytes and OTL and here are my logs for them...
Malwarebytes...
Malwarebytes' Anti-Malware 1.44
Database version: 3510
Windows 6.0.6000
Internet Explorer 7.0.6000.16982
2/27/2010 1:48:44 AM
mbam-log-2010-02-27 (01-48-41).txt
Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 354788
Time elapsed: 26 hour(s), 28 minute(s), 23 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
OTL...
OTL logfile created on: 2/27/2010 7:33:41 PM - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Users\Ashitaga\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 226.00 Mb Available Physical Memory | 22.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 43.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.50 Gb Total Space | 116.11 Gb Free Space | 52.18% Space Free | Partition Type: NTFS
Drive D: | 10.39 Gb Total Space | 3.88 Gb Free Space | 37.39% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ASHITAGA-PC
Current User Name: Ashitaga
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/02/27 19:32:39 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Users\Ashitaga\Desktop\OTL.exe
PRC - [2009/12/18 04:18:29 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2009/12/12 10:02:16 | 002,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2009/11/19 22:29:16 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/09/14 21:39:15 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/09/14 21:39:13 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/09/14 21:39:05 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/09/14 21:38:37 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/09/14 21:38:10 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/25 12:39:16 | 000,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe
PRC - [2009/03/02 12:08:47 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008/12/12 12:41:06 | 000,157,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/10/29 00:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/24 09:14:36 | 000,206,112 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
PRC - [2008/03/25 21:30:04 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe
PRC - [2008/03/01 02:51:09 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2008/01/02 17:07:04 | 000,256,536 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
PRC - [2008/01/02 17:07:02 | 000,133,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
PRC - [2008/01/02 17:06:52 | 000,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
PRC - [2007/12/30 13:42:34 | 000,724,992 | ---- | M] () -- C:\Program Files\TVersity\Media Server\MediaServer.exe
PRC - [2007/08/23 02:02:45 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/07/27 10:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2007/07/27 10:48:28 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Windows\sttray.exe
PRC - [2007/07/24 14:12:50 | 004,572,160 | ---- | M] () -- C:\Program Files\Camera Assistant Software for Gateway\CEC_MAIN.exe
PRC - [2007/07/12 22:27:36 | 005,252,936 | ---- | M] (SpareBackup, Inc.) -- C:\Program Files\Spare Backup\SpareBackup.exe
PRC - [2007/06/29 17:12:06 | 000,638,976 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Gateway\traybar.exe
PRC - [2007/03/11 20:34:40 | 000,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2007/03/11 20:32:42 | 000,151,552 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
PRC - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/02/12 14:37:58 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2006/11/17 15:58:40 | 000,815,104 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/11/02 06:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnscfg.exe
PRC - [2006/11/02 06:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe
PRC - [2006/11/02 03:45:50 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
PRC - [2006/11/02 03:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
========== Modules (SafeList) ========== MOD - [2010/02/27 19:32:39 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Users\Ashitaga\Desktop\OTL.exe
MOD - [2009/09/14 21:39:16 | 000,011,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\avgrsstx.dll
MOD - [2006/11/02 03:38:57 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Disabled | Stopped] -- -- (Viewpoint Manager Service)
SRV - [2010/02/12 12:05:26 | 000,326,792 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2009/11/12 16:33:00 | 000,545,568 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/14 21:38:37 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/09/14 21:38:10 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/28 19:42:54 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/07/21 13:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/07/08 12:31:36 | 000,313,840 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe -- (RoxLiveShare9)
SRV - [2009/07/08 12:31:32 | 000,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe -- (RoxWatch9)
SRV - [2009/07/08 12:31:12 | 001,108,464 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe -- (RoxMediaDB9)
SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2009/05/13 15:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/03/25 12:39:16 | 000,133,104 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9ad7912016860) Google Update Service (gupdate1c9ad7912016860)
SRV - [2009/03/25 12:36:40 | 000,183,280 | ---- | M] (Google) [Auto | Stopped] -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2008/12/12 12:41:18 | 005,117,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2008/12/12 12:41:08 | 000,243,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2008/12/12 11:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/11/04 00:06:28 | 000,441,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2007/12/30 13:42:34 | 000,724,992 | ---- | M] () [Auto | Running] -- C:\Program Files\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2007/12/06 23:20:56 | 000,088,560 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe -- (Roxio UPnP Renderer 9)
SRV - [2007/12/06 23:20:52 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe -- (Roxio Upnp Server 9)
SRV - [2007/08/23 02:02:44 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/27 10:49:42 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2007/06/04 21:14:50 | 000,217,088 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2007/06/04 21:14:50 | 000,131,072 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2007/02/12 14:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2006/11/08 15:35:38 | 000,053,248 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZipm12.dll -- (Pml Driver HPZ12)
SRV - [2006/11/08 15:35:36 | 000,043,520 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Windows\System32\HPZinw12.dll -- (Net Driver HPZ12)
SRV - [2006/11/02 06:35:29 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\ehome\ehstart.dll -- (ehstart)
SRV - [2006/10/26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.gateway.c...h...TB&M=M-6823 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.gateway.c...h...TB&M=M-6823IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.aarinfantasy.com/forum/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
[2009/05/17 12:28:28 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Mozilla\Extensions
[2009/05/17 12:28:28 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Mozilla\Extensions\
[email protected] O1 HOSTS File: ([2008/01/07 01:33:05 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ActiveSpeed] C:\Program Files\Ascentive\ActiveSpeed\AS.exe File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BigFix] c:\program files\Bigfix\bigfix.exe (BigFix Inc.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Gateway\traybar.exe (Chicony)
O4 - HKLM..\Run: [HD Tune] C:\Program Files\HD Tune\HDTune.exe (EFD Software)
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe File not found
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe (Sonic Solutions)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Spare Backup] C:\Program Files\Spare Backup\SpareBackup.exe (SpareBackup, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] c:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Aim6] C:\Program Files\AIM6\aim6.exe (AOL LLC)
O4 - HKCU..\Run: [ISUSPM] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1100429 -Mozilla\4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla\4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; MEGAUPLOAD 3.0; Zune 3.0) File not found
O4 - Startup: C:\Users\Ashitaga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: CDRAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLegacyLogonScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideLogoffScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunLogonScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: RunStartupScriptSync = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideStartupScripts = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409}
http://www.nanoscan....s/ascstubie.cab (TotalScan Installer Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.220.0.10 24.220.0.11
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Ashitaga\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Ashitaga\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 15:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{8a32ec0d-0c62-11de-84b6-0003254cded6}\Shell - "" = AutoRun
O33 - MountPoints2\{8a32ec0d-0c62-11de-84b6-0003254cded6}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{9d48c6ae-b079-11de-b091-0003254cded6}\Shell\AutoRun\command - "" = F:\slacker.synclauncher.exe -- File not found
O33 - MountPoints2\{9d48c6ae-b079-11de-b091-0003254cded6}\Shell\slacker\command - "" = F:\slacker.synclauncher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (SsiEfr.exe) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2006/11/02 05:18:47 | 000,000,000 | ---D | M]
NetSvcs: Irmon - C:\Windows\System32\irmon.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!
========== Files/Folders - Created Within 14 Days ========== [2010/02/27 19:32:29 | 000,549,888 | ---- | C] (OldTimer Tools) -- C:\Users\Ashitaga\Desktop\OTL.exe
[2010/02/27 16:27:40 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/02/27 13:51:42 | 000,439,808 | ---- | C] (OldTimer Tools) -- C:\Users\Ashitaga\Desktop\TFC.exe
[2010/02/25 03:07:43 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2010/02/23 12:34:42 | 000,000,000 | ---D | C] -- C:\Users\Ashitaga\Desktop\New songs for wade
[2010/02/18 13:00:28 | 000,000,000 | ---D | C] -- C:\Users\Ashitaga\Desktop\Stuff for Ashley
[2010/02/16 00:48:43 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 14 Days ========== [2010/02/27 19:50:32 | 004,456,448 | -HS- | M] () -- C:\Users\Ashitaga\ntuser.dat
[2010/02/27 19:32:39 | 000,549,888 | ---- | M] (OldTimer Tools) -- C:\Users\Ashitaga\Desktop\OTL.exe
[2010/02/27 19:24:04 | 000,000,632 | RHS- | M] () -- C:\Users\Ashitaga\ntuser.pol
[2010/02/27 19:22:15 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/02/27 19:21:29 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/02/27 19:19:46 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/02/27 19:16:46 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/27 19:16:46 | 000,003,200 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/27 19:15:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/27 19:15:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/27 19:15:38 | 1063,706,624 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/27 16:27:46 | 000,000,693 | ---- | M] () -- C:\Users\Ashitaga\Desktop\NTREGOPT.lnk
[2010/02/27 16:27:46 | 000,000,674 | ---- | M] () -- C:\Users\Ashitaga\Desktop\ERUNT.lnk
[2010/02/27 14:40:52 | 056,305,693 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010/02/27 13:52:09 | 000,439,808 | ---- | M] (OldTimer Tools) -- C:\Users\Ashitaga\Desktop\TFC.exe
[2010/02/27 01:45:06 | 000,000,340 | ---- | M] () -- C:\Windows\System32\tversity.cookies
[2010/02/25 15:01:10 | 000,127,040 | ---- | M] () -- C:\Users\Ashitaga\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/25 05:35:37 | 000,443,568 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/02/25 05:28:55 | 006,291,456 | -H-- | M] () -- C:\Users\Ashitaga\AppData\Local\IconCache.db
[2010/02/25 03:04:03 | 000,000,680 | ---- | M] () -- C:\Users\Ashitaga\AppData\Local\d3d9caps.dat
[2010/02/24 02:19:21 | 000,716,948 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/02/24 02:19:21 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/02/24 02:19:21 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/02/23 16:40:13 | 000,041,726 | ---- | M] () -- C:\Users\Ashitaga\Desktop\[isoHunt]_download.torrent
[2010/02/16 00:52:31 | 013,400,269 | ---- | M] () -- C:\Users\Ashitaga\Desktop\YouTube- hellsing amv the used the bird and the worm.mp4
[2010/02/16 00:48:47 | 000,000,879 | ---- | M] () -- C:\Users\Ashitaga\Desktop\YouTube Downloader.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2010/02/27 16:44:38 | 000,293,376 | ---- | C] () -- C:\Users\Ashitaga\Desktop\gmer.exe
[2010/02/27 16:27:46 | 000,000,693 | ---- | C] () -- C:\Users\Ashitaga\Desktop\NTREGOPT.lnk
[2010/02/27 16:27:46 | 000,000,674 | ---- | C] () -- C:\Users\Ashitaga\Desktop\ERUNT.lnk
[2010/02/23 16:40:07 | 000,041,726 | ---- | C] () -- C:\Users\Ashitaga\Desktop\[isoHunt]_download.torrent
[2010/02/16 00:52:26 | 013,400,269 | ---- | C] () -- C:\Users\Ashitaga\Desktop\YouTube- hellsing amv the used the bird and the worm.mp4
[2010/02/16 00:48:47 | 000,000,879 | ---- | C] () -- C:\Users\Ashitaga\Desktop\YouTube Downloader.lnk
[2009/08/11 14:16:48 | 000,000,050 | ---- | C] () -- C:\Windows\MegaManager.INI
[2009/03/13 13:51:51 | 000,000,000 | ---- | C] () -- C:\Users\Ashitaga\AppData\Roaming\wklnhst.dat
[2008/06/29 17:53:30 | 000,000,827 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/04/07 12:19:51 | 000,000,250 | ---- | C] () -- C:\Windows\gmer.ini
[2008/04/07 12:19:44 | 000,819,200 | ---- | C] () -- C:\Windows\gmer.dll
[2008/03/16 14:46:10 | 000,000,255 | ---- | C] () -- C:\Windows\SIERRA.INI
[2008/02/04 18:23:10 | 000,693,792 | ---- | C] () -- C:\Windows\System32\OGACheckControl.DLL
[2008/01/23 21:47:38 | 000,000,680 | ---- | C] () -- C:\Users\Ashitaga\AppData\Local\d3d9caps.dat
[2008/01/07 02:11:09 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2008/01/02 16:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 16:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 16:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 16:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/12/30 00:06:13 | 000,684,032 | ---- | C] () -- C:\Windows\libeay32.dll
[2007/12/30 00:06:13 | 000,155,648 | ---- | C] () -- C:\Windows\ssleay32.dll
[2007/12/17 03:22:32 | 000,200,720 | ---- | C] () -- C:\ProgramData\Wave for mfcd.khp9etl
[2007/12/17 03:22:12 | 000,180,240 | ---- | C] () -- C:\ProgramData\licensetypetype.91bx2
[2007/12/17 03:22:11 | 000,307,216 | ---- | C] () -- C:\ProgramData\licensetypetype.6yols
[2007/11/27 19:32:36 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2007/11/27 19:32:26 | 001,559,040 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007/11/27 19:32:25 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/11/27 19:32:25 | 000,282,624 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2007/11/27 19:32:23 | 000,010,752 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2007/11/27 19:32:23 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2007/11/14 21:12:11 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2007/11/14 21:12:10 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2007/11/14 21:12:10 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2007/11/14 17:45:49 | 000,061,952 | ---- | C] () -- C:\Users\Ashitaga\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/08/23 01:50:55 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/08/23 01:50:55 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007/08/23 01:50:21 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2006/11/02 06:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 01:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[1998/08/16 05:00:00 | 000,004,096 | ---- | C] () -- C:\Windows\System32\sysres.dll
========== LOP Check ========== [2008/03/01 21:31:05 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\acccore
[2009/01/27 23:02:56 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Azgard
[2008/11/09 13:09:09 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\FlashGet
[2009/12/29 22:40:49 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\FOG Downloader
[2008/08/24 22:32:24 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Geek Squad 24 Hour Computer Support
[2010/02/23 20:54:14 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\LimeWire
[2008/12/07 22:03:55 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Megaupload
[2010/01/22 17:23:54 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Research In Motion
[2007/11/14 18:12:48 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\SampleView
[2010/02/27 19:24:34 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Spare Backup
[2009/03/13 13:51:58 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\Template
[2010/02/24 04:00:53 | 000,000,000 | ---D | M] -- C:\Users\Ashitaga\AppData\Roaming\uTorrent
[2010/02/27 18:48:05 | 000,032,572 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: AGP440.SYS >[2008/01/19 01:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006/11/02 03:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006/11/02 03:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >[2008/01/19 01:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 03:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/03/01 03:06:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2008/03/01 03:06:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2008/03/01 03:06:25 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2008/03/01 03:06:24 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
< MD5 for: CNGAUDIT.DLL >[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 03:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >[2007/02/12 14:37:22 | 000,537,368 | ---- | M] (Intel Corporation) MD5=2EE127D5407DA3957EE54711C9AED6EC -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver64\IaStor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Program Files\Intel\Intel Matrix Storage Manager\Driver\iaStor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\drivers\iaStor.sys
[2007/02/12 14:36:54 | 000,277,784 | ---- | M] (Intel Corporation) MD5=FD7F9D74C2B35DBDA400804A3F5ED5D8 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_1cb29a96\iaStor.sys
< MD5 for: IASTORV.SYS >[2008/01/19 01:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006/11/02 03:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >[2006/11/02 03:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006/11/02 03:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008/01/19 01:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >[2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006/11/02 03:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/19 01:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >[2008/01/19 01:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\b2ee164db645e6bc8d77bb51f082e3b3\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006/11/02 03:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006/11/02 03:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles >[2006/11/02 03:47:18 | 000,228,968 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2007/08/23 02:11:35 | 000,223,232 | ---- | M] (Microsoft Corporation)
Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav >[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 04:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 04:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 04:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 04:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
========== Alternate Data Streams ========== @Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:C980DA7D
< End of report >
OTL Extras...
OTL Extras logfile created on: 2/27/2010 7:34:06 PM - Run 1
OTL by OldTimer - Version 3.1.30.3 Folder = C:\Users\Ashitaga\Desktop
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16982)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1,014.00 Mb Total Physical Memory | 226.00 Mb Available Physical Memory | 22.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 43.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 222.50 Gb Total Space | 116.11 Gb Free Space | 52.18% Space Free | Partition Type: NTFS
Drive D: | 10.39 Gb Total Space | 3.88 Gb Free Space | 37.39% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: ASHITAGA-PC
Current User Name: Ashitaga
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [TVersity] -- "C:\Program Files\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B92B16-1059-47E8-BE6A-838318B4DCF7}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{0249CE2D-9CE9-45F0-BF33-13DCBC30488E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0A76856A-4058-4A95-AF5F-72BD5C03ED94}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{15A77724-7FD5-46D6-B972-71B055DCA16F}" = lport=3390 | protocol=6 | dir=in | app=system |
"{200A6871-BA74-491C-BCD0-1DF134331F18}" = rport=10244 | protocol=6 | dir=out | app=system |
"{202381A5-FE67-4963-8782-A2F98E999359}" = rport=10243 | protocol=6 | dir=out | app=system |
"{22FB49D7-335E-42D1-85F4-880B42CFF44D}" = rport=445 | protocol=6 | dir=out | app=system |
"{237FE794-9C75-4B7C-B746-09F21528DBF4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CAAB0F9-B3B5-41DD-8723-8E864D431122}" = rport=139 | protocol=6 | dir=out | app=system |
"{3107560F-6910-49C4-A472-4DA473E206D3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{34E6F8C5-8292-4887-988C-1136B13E58E9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{37C7685E-9A7E-4883-8F19-D801174ED6C5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3BDD7803-FD6B-42D6-B1A0-AB36907363C6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{40142D8E-416B-49DB-9B2C-143D41B3970C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4CDD18D5-C48A-4E96-8C3F-52468042465A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4D0C6540-C2B1-48D8-9AB2-FF35D165CE78}" = rport=137 | protocol=17 | dir=out | app=system |
"{5462D3F1-415D-42F7-8E4A-B4D99F081EC5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63426990-F7A5-451B-ABC5-5B30DED94F67}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6585CEE7-921F-4F3D-9B50-F07482C157ED}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{658996BC-5899-43DC-9C5E-826DCD3E021A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6A91DCF7-BE12-4516-A312-965F18BAA52B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6AB9F8F4-5730-4638-AF0D-43780A96F17C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C10946D-D8F2-4112-9789-908A7333315E}" = rport=138 | protocol=17 | dir=out | app=system |
"{7B243839-E0E8-4658-A877-607C6FC45785}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{80CDBFE5-DCE5-4585-A314-55618C3541B7}" = lport=3390 | protocol=6 | dir=in | app=system |
"{83609443-82C2-478D-88D9-8CE30F3B1F7E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8523B273-323F-4C76-8D38-6A171ED1684D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{88346454-B232-4BEA-B4C8-1A1D6965864A}" = lport=445 | protocol=6 | dir=in | app=system |
"{8FB9BB00-D949-4E51-8D8C-48885323440B}" = rport=10244 | protocol=6 | dir=out | app=system |
"{92C77D3F-7640-4A2D-A49A-04693D38FD68}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{9A4E4B26-271D-4202-98A5-A446F748DB0E}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{9ABDE1EE-16D7-4665-9FBC-2CE0333352B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A106008B-9BAB-4ACC-ACE1-C14161192A59}" = lport=138 | protocol=17 | dir=in | app=system |
"{A86F070A-F53D-46FA-8D2C-56AAAF7FF945}" = lport=10244 | protocol=6 | dir=in | app=system |
"{A90770D6-6DEC-41F4-9FC8-54EC97CC48C9}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{AB5B1381-35AA-4B47-82FF-391241CBD8DA}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{AC16232D-AFC3-457C-8C07-59DB2FEDA226}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0057515-1C16-47AB-9CB9-D996777D7E1B}" = lport=139 | protocol=6 | dir=in | app=system |
"{B2FD775D-4D6F-4ACD-A653-EBDDFBDA643D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B7DCE4E2-52DB-4500-BB32-D5158C0F4642}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8D9F2EF-633D-4D65-8D4E-A1F5D4A7ADD7}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{C3184A06-DB15-4AA0-9748-284C64EB137C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6AB2EF6-C69E-4B62-A05E-FD1E924277B0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DFDBC9A4-A563-4D97-A1D9-A1AAF81427BA}" = lport=10244 | protocol=6 | dir=in | app=system |
"{E65D0C24-29EF-4B84-913B-ABA427DE7898}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F26DCCD0-E808-4DD9-A501-2F4BF237A8AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F82A258B-8FA3-4E7E-9B37-97D49695579E}" = lport=137 | protocol=17 | dir=in | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040412C1-2CB3-4551-8B93-09D8B7337212}" = protocol=6 | dir=out | app=system |
"{0AFDF0CD-95C4-4633-A29B-B74662605722}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{0DEEA5B5-9CE8-403D-BEFD-0911FF906028}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0F39981F-0F12-460F-A250-C0087144932B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{11AEDA89-87DA-496A-894C-A961BE80BB1D}" = protocol=1 | dir=in |
[email protected],-28543 |
"{128B91DB-BFD1-4FC4-B488-4DA91C903B47}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{19EE0410-3495-49FA-A296-AAB5FFC1EE56}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{1DEEFE32-C3B3-4CCB-B3E3-BEFF9D1EEA9F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{29206CE3-84B6-44F7-A63C-8F20195847DC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A25BB84-0714-40C3-AB3B-1A5B01E076CB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2BED18B9-0DBF-45BA-950E-F92BDC833342}" = protocol=58 | dir=out |
[email protected],-28546 |
"{2E1F2181-EB75-4782-B22D-9AD19B03E854}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{2E471786-EDE1-457E-9EB3-9FE22ACBAAF0}" = protocol=1 | dir=in |
[email protected],-28543 |
"{2EE19C91-39CE-4D8F-BD20-AAA41FF90433}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E2BA53F-30E2-4EC5-8D83-8F4977312D86}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{58C98849-0B71-4E28-BF92-01B1DDFD0C60}" = protocol=58 | dir=in |
[email protected],-28545 |
"{5F23FFFE-1E08-4F42-AA7E-7E2806DC7E8D}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{67BB8218-E24C-43C7-B5EC-6D0B4F32EA46}" = protocol=58 | dir=out |
[email protected],-28546 |
"{6E8742D7-54DD-45B3-9D81-29A1277DA120}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{82C8A5B4-7329-4D6D-93D1-3917F38D973F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{8412C811-5C8A-493C-951A-70D9584D2841}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{8F074CF5-8F1E-4931-A90F-AC4DA3A24302}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9085A2AE-E3E7-48E9-9B88-0EB00ED7809B}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{90F9B4F8-15FC-4C09-A069-32DCD14F8913}" = protocol=1 | dir=out |
[email protected],-28544 |
"{9388A335-4C19-47CF-AB4A-70871BF39BEC}" = protocol=58 | dir=in |
[email protected],-28545 |
"{98F1E61A-2AE3-465F-B641-74E8E6964340}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{AC93E550-F208-4E91-9376-8BD791BE0943}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AD1E74BA-5834-49FB-978C-89829426FDD4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AFA905D9-C982-4AE4-B4F5-E0091F9CB978}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{B573861D-2AB3-42C0-BD9F-78C3ED3F000B}" = dir=in | app=c:\program files\myspace\im\myspaceim.exe |
"{B7AF4702-7EDB-40CB-A21D-188B2B5672B0}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B7EA9208-D78E-4348-9C57-83076B723F5A}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{BC37A8CD-3A73-443E-88A4-041D2A2E5A73}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BDEC5B1F-25E6-4777-8C36-9DCE119F861E}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{C138BD83-B59D-4F67-BE95-5359DEF39803}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{C280A10C-1F81-44D5-A12A-9B0C85C772EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C88D0F75-A799-417D-A2B4-F4AD178BD55A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CC4B0EBF-85A3-486A-81BB-933BBC555E8C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF76DC2E-1B4B-4DEB-8F70-033277C04189}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{DA648A77-20BE-42D2-BFA3-18C58A76A455}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{E852C276-9320-4BB9-A5E2-A6F337975AB8}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{EADEBC1D-6070-4B6A-B8E2-4305FD8EE71A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EC24BF7A-8E57-4BA8-8D2A-1CE4DB6852B1}" = protocol=1 | dir=out |
[email protected],-28544 |
"{EE910D02-A117-42D7-8091-9D2A1C13C4BB}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{F767C93D-A58E-4792-820A-5D1E03A22B63}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{FFCBD4A7-DD68-46B0-8D9D-546DEC9FE8B6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"TCP Query User{0A32E088-13E0-44C9-92E5-8510201A2644}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{3C9831DD-708B-40A9-8E52-05DF9C4D5486}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{44E8E523-1969-4463-B1CD-BE53CE5BCB0E}C:\users\ashitaga\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\ashitaga\program files\utorrent\utorrent.exe |
"TCP Query User{85228F0D-3876-410F-BA86-D87764C80B80}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{88C7D4F8-42A3-4ADF-A6CB-0F4E938C4BF0}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{A4CFD1BE-9DE0-4072-ADDB-0D3FD8B60E99}C:\program files\msn backup\msnbackup.exe" = protocol=6 | dir=in | app=c:\program files\msn backup\msnbackup.exe |
"TCP Query User{AF1D6420-74BA-4776-A2EF-A57DFA5A4C9E}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{B780A87B-22A3-4318-9F96-BCA5850411EB}C:\users\ashitaga\desktop\fogdownloader-rom_2_1_0_1871.exe" = protocol=6 | dir=in | app=c:\users\ashitaga\desktop\fogdownloader-rom_2_1_0_1871.exe |
"TCP Query User{C06261DD-92DA-4554-B996-37C3E91740A3}C:\program files\flashget\flashget.exe" = protocol=6 | dir=in | app=c:\program files\flashget\flashget.exe |
"TCP Query User{D4683D37-0952-47B8-BEBE-982A6DC6ACB8}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{E665E7A4-70BD-4039-97D8-2A92B04D8EAB}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{1D63B477-5E73-4649-ACC8-A4B52473D943}C:\users\ashitaga\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\ashitaga\program files\utorrent\utorrent.exe |
"UDP Query User{39436A43-1E17-45A3-B947-C74D27B09073}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{4BE2A483-4BF0-4A35-9BBF-1BD24A3CAA50}C:\users\ashitaga\desktop\fogdownloader-rom_2_1_0_1871.exe" = protocol=17 | dir=in | app=c:\users\ashitaga\desktop\fogdownloader-rom_2_1_0_1871.exe |
"UDP Query User{502C4E75-B54B-490A-B75D-3982B26D572A}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{755D2C9F-5BB7-4DA8-ACBC-7BB3456085AD}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{7759DED6-B07B-41D1-A995-CF5B5C85C5D4}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{8B0B134F-A713-4E11-8ADB-65B785C2C1D4}C:\program files\flashget\flashget.exe" = protocol=17 | dir=in | app=c:\program files\flashget\flashget.exe |
"UDP Query User{8C0F0B09-6C17-4D60-B494-C6E357CBA0F3}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{8E9A8FFF-6A12-40BC-803D-06DD52F0586B}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{9248160A-5FE8-4A2A-AEDC-124BCC533E59}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{B7B72626-D272-4858-BBBE-005B457F3413}C:\program files\msn backup\msnbackup.exe" = protocol=17 | dir=in | app=c:\program files\msn backup\msnbackup.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0076E1AC-9E7B-4B9F-A62A-4CC9511AD8E3}" = Zune Language Pack (FR)
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 2.5.3
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22466889-7642-488d-AA0E-F619704CF7AB}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{356C1B0F-7ABD-4B52-ADD1-52681D27DBF6}" = Geek Squad 24 Hour Computer Support
"{39098402-3F7A-4257-A4AE-FC1181D1B40B}" = Camera Assistant Software for Gateway
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}" = Mega Manager
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5DC0DF76-3B2F-4C38-BE34-58627949BC1A}" = Mega Manager
"{5F00DF7E-418B-4CD9-8EC5-781156BCC49E}" = Microsoft Money Shared Libraries
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DCA3763-701D-45DD-8F6B-A8C3206C0289}" = ActiveSpeed
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4}" = Spare Backup
"{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help
"{A6C265BE-E2C1-483e-843D-6B4C1E912AE0}" = F4100
"{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}" = iTunes
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4509BCE-7BAD-4a8c-B1AE-4D0CE7467C42}" = F4100_doccd
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{B6F7DBE7-2FE2-458F-A738-B10832746036}" = Microsoft Reader
"{B98BE95C-E76F-4246-B8E6-BEB8EE791D06}" = Roxio Media Manager
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C470A3BD-799C-4DEC-ABE7-9FE8BC4366D8}" = TrophyRoom
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA50045C-5119-48e7-9BA7-6B317379857A}" = DJ_AIO_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E548726E-F4E8-459f-BAB8-45551BC071E9}" = DJ_AIO_ProductContext
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{EE4ACABF-531E-419A-9225-B8E0FA4955AF}" = Zune Language Pack (ES)
"{EE5EEDAF-F932-462B-A2CB-EEBDF819D5F5}" = Gateway Connect
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1D3D463-023F-4BC6-B0C4-E287E24A635A}" = ActiveSpeed
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F270470B-D4A7-4EE2-B010-390E104443A7}" = croNous
"{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}" = Microsoft WSE 2.0 SP3 Runtime
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}" = HP Deskjet All-In-One Software 9.0
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF70513F-E3A7-402F-84FB-B7810A064BE2}" = Zune
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AIM_6" = AIM 6
"Audacity_is1" = Audacity 1.2.6
"AVG8Uninstall" = AVG Free 8.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"Carnivores" = Carnivores
"Carnivores 2" = Carnivores 2
"Carnivores Ice Age" = Carnivores Ice Age
"DXTXTRA" = Microsoft DirectX Transform optional components
"ERUNT_is1" = ERUNT 1.1j
"ffdshow_is1" = ffdshow [rev 1324] [2007-07-01]
"Finale NotePad 2008" = Finale NotePad 2008
"Finale Reader" = Finale Reader 2009
"Google Updater" = Google Updater
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HD Tune_is1" = HD Tune 2.55
"HDMI" = Intel® Graphics Media Accelerator Driver
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.5.7 Full
"LimeWire" = LimeWire 5.3.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Money2007b" = Microsoft Money Essentials
"MSN BackUp" = MSN BackUp 1.3.2
"Narcissu" = Narcissu [Web Edition]
"Primal Prey" = Primal Prey
"Rage of Magic II" = Rage of Magic II
"RealPlayer 6.0" = RealPlayer
"Red Shift" = Red Shift 1.00E
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.3.1
"SpywareBlaster_is1" = SpywareBlaster v3.5.1
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TotalScan" = Panda TotalScan
"TVersity Codec Pack" = TVersity Codec Pack 1.1
"TVersity Media Server " = TVersity Media Server 0.9.11.4 beta
"UnityWebPlayer" = Unity Web Player
"uTorrent" = µTorrent
"Videora iPod Converter" = Videora iPod Converter 4.01
"ViewpointMediaPlayer" = Viewpoint Media Player
"Visions from the Other Side" = Visions from the Other Side 1.1E
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"WT021718" = FATE
"Zune" = Zune
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 12/1/2009 8:41:24 PM | Computer Name = Ashitaga-PC | Source = Application Error | ID = 1000
Description = Faulting application wlcsdk.exe, version 14.0.8064.206, time stamp
0x498ce4b2, faulting module msxml3.dll, version 8.100.3501.0, time stamp 0x4a801b45,
exception code 0xc0000005, fault offset 0x000065b0, process id 0x13e4, application
start time 0x01ca7243cfbff6c0.
Error - 12/1/2009 8:44:56 PM | Computer Name = Ashitaga-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12/1/2009 9:14:18 PM | Computer Name = Ashitaga-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12/1/2009 10:06:33 PM | Computer Name = Ashitaga-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12/2/2009 12:49:37 AM | Computer Name = Ashitaga-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 12/4/2009 4:11:40 AM | Computer Name = Ashitaga-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16916, time stamp
0x4a966cea, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549bdc9,
exception code 0xc0000374, fault offset 0x000af1c9, process id 0xac0, application
start time 0x01ca74b368142880.
Error - 12/4/2009 10:07:40 PM | Computer Name = Ashitaga-PC | Source = WerSvc | ID = 5007
Description =
Error - 12/7/2009 4:38:23 PM | Computer Name = Ashitaga-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16916, time stamp
0x4a966cea, faulting module mshtml.dll, version 7.0.6000.16939, time stamp 0x4adc7aa8,
exception code 0xc0000005, fault offset 0x0009875a, process id 0x1324, application
start time 0x01ca777c634bc300.
Error - 12/9/2009 4:55:42 AM | Computer Name = Ashitaga-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 7.0.6000.16916, time stamp
0x4a966cea, faulting module mshtml.dll, version 7.0.6000.16939, time stamp 0x4adc7aa8,
exception code 0xc0000005, fault offset 0x0009875a, process id 0x17fc, application
start time 0x01ca78acb8f718f0.
Error - 12/9/2009 10:18:42 AM | Computer Name = Ashitaga-PC | Source = VSS | ID = 8194
Description =
[ Media Center Events ]
Error - 8/28/2008 8:38:41 AM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 2/12/2009 9:00:44 PM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/6/2009 7:27:19 PM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/8/2009 2:20:21 AM | Computer Name = Ashitaga-PC | Source = Mcx2Dvcs | ID = 401
Description =
Error - 7/3/2009 9:34:31 PM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/9/2009 12:23:50 AM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/7/2009 5:57:13 PM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/11/2009 11:17:51 PM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 1/2/2010 4:31:28 PM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 2/12/2010 6:39:39 PM | Computer Name = Ashitaga-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 2/27/2010 5:19:31 PM | Computer Name = Ashitaga-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/27/2010 5:19:31 PM | Computer Name = Ashitaga-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 2/27/2010 6:20:21 PM | Computer Name = Ashitaga-PC | Source = DCOM | ID = 10016
Description =
Error - 2/27/2010 6:20:21 PM | Computer Name = Ashitaga-PC | Source = DCOM | ID = 10016
Description =
Error - 2/27/2010 8:47:58 PM | Computer Name = Ashitaga-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:54:07 PM on 2/27/2010 was unexpected.
Error - 2/27/2010 8:49:18 PM | Computer Name = Ashitaga-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/27/2010 8:49:18 PM | Computer Name = Ashitaga-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 2/27/2010 9:15:50 PM | Computer Name = Ashitaga-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:09:47 PM on 2/27/2010 was unexpected.
Error - 2/27/2010 9:17:09 PM | Computer Name = Ashitaga-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 2/27/2010 9:17:09 PM | Computer Name = Ashitaga-PC | Source = Service Control Manager | ID = 7009
Description =
< End of report >
Edited by Ashitaga, 28 February 2010 - 10:04 PM.
Sign In
Create Account
