My computer recently started crashing at random times. Avast kept detecting an infection so I decided to follow these instructions http://www.geekstogo...uide-t2852.html
First I used TFC to clean my temporary files, then I used ERUNT to back up my registry. Here's where the fun starts, when I tried to use malwarebytes to scan and clean the infections, it would crash about 3 minutes into the scan after it detected 19 infections. this happened about 3 or 4 times, so I started windows in safe mode and was able to successfully complete the scan and clear the infections, here is the log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4215
Windows 6.0.6001 Service Pack 1 (Safe Mode)
Internet Explorer 7.0.6001.18000
6/20/2010 2:56:58 PM
mbam-log-2010-06-20 (14-56-58).txt
Scan type: Quick scan
Objects scanned: 130226
Time elapsed: 4 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 19
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\ProgramData\sysReserve.ini (Malware.Trace) -> No action taken.
Anyway, the computer is still crashing at random times, so I created I ran gmer here is the log:
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-06-20 23:18:31
Windows 6.0.6001 Service Pack 1
Running: gmer.exe
---- Files - GMER 1.0.15 ----
File C:\Users\Basil Beirouti\AppData\Local\Temp\Oj+b9cvw.mp3.part 0 bytes
---- EOF - GMER 1.0.15 ----
OTL Log:
OTL logfile created on: 6/21/2010 1:24:47 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Basil Beirouti\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 85.00% Memory free
8.00 Gb Paging File | 8.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.97 Gb Total Space | 75.34 Gb Free Space | 26.25% Space Free | Partition Type: NTFS
Drive D: | 11.12 Gb Total Space | 1.83 Gb Free Space | 16.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BASILBEIROUTI
Current User Name: Basil Beirouti
Logged in as Administrator.
Current Boot Mode: SafeMode
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2010/06/21 00:49:20 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Basil Beirouti\Desktop\OTL.exe
========== Modules (SafeList) ==========
MOD - [2010/06/21 00:49:20 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Basil Beirouti\Desktop\OTL.exe
MOD - [2008/01/21 05:50:03 | 000,450,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\comdlg32.dll
MOD - [2008/01/21 05:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWOW64\msscript.ocx
MOD - [2008/01/21 05:48:06 | 001,684,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/05/06 23:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV:64bit: - [2010/05/06 23:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV:64bit: - [2010/05/06 23:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009/05/26 17:28:22 | 001,030,600 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2008/09/11 19:53:00 | 000,279,040 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/06/27 23:53:06 | 000,089,088 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/03/19 02:25:40 | 000,023,040 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/01/21 05:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/11 22:11:30 | 000,015,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2010/05/12 03:08:52 | 002,478,640 | ---- | M] () [Auto | Stopped] -- c:\Program Files (x86)\Common Files\Akamai\rswin_3697.dll -- (Akamai)
SRV - [2010/01/15 15:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/07/21 22:34:33 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009/05/14 00:48:22 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008/07/27 21:01:49 | 000,093,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/04/16 03:54:42 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/03/27 01:26:56 | 000,341,328 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2007/01/05 00:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/11/02 16:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\WINDOWS\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 09:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 09:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wbem\vss.mof -- (VSS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/05/06 23:39:27 | 000,051,280 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2010/05/06 23:39:06 | 000,121,936 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2010/05/06 23:34:30 | 000,028,752 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2010/05/06 23:34:14 | 000,063,568 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/05/06 23:33:50 | 000,022,096 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2009/12/11 05:37:27 | 000,074,880 | ---- | M] () [File_System | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009/08/29 04:42:52 | 000,049,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/05/18 23:17:08 | 000,034,152 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/09/11 19:54:44 | 000,465,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/05/23 06:29:00 | 000,054,816 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008/04/28 09:38:12 | 004,730,368 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel®
DRV:64bit: - [2008/04/16 03:54:16 | 000,388,120 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\iaStor.sys -- (iaStor)
DRV:64bit: - [2008/04/15 13:05:42 | 000,161,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/04/01 14:13:34 | 000,120,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/03/27 22:10:56 | 000,026,984 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 22:10:14 | 000,040,296 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/03/01 01:59:32 | 001,252,352 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2008/01/24 16:24:24 | 000,060,928 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/01/21 05:47:28 | 000,046,080 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/21 05:47:27 | 000,168,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2008/01/21 05:47:04 | 000,098,816 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaudio.sys -- (usbaudio) USB Audio Driver (WDM)
DRV:64bit: - [2008/01/21 05:46:57 | 001,523,712 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTDPV6.SYS -- (HSF_DPV)
DRV:64bit: - [2008/01/21 05:46:57 | 000,724,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2008/01/21 05:46:57 | 000,286,720 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/21 05:46:55 | 000,111,104 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/21 05:46:51 | 000,017,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2008/01/18 14:31:30 | 000,320,560 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/07/11 20:30:34 | 000,009,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqRemHid.sys -- (HpqRemHid)
DRV:64bit: - [2007/06/19 03:13:12 | 000,018,432 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/11/02 08:28:10 | 000,273,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2006/10/10 05:09:03 | 000,742,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nvm60x64.sys -- (NVENETFD)
DRV:64bit: - [2006/10/07 05:13:22 | 000,550,912 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XV)
DRV - [2008/04/24 09:50:54 | 000,032,240 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Program Files (x86)\HP\QuickPlay\000.fcl -- ({22D78859-9CE9-4B77-BF18-AC83E81A9263})
DRV - [2006/09/19 00:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/19 00:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...ion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...ion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.msn.com"
FF - prefs.js..extensions.enabledItems: {d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}:1.0.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:4.60
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.63
FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/01 08:42:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/28 10:06:01 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/06/03 16:12:52 | 000,000,000 | ---D | M]
[2010/01/20 23:16:43 | 000,000,000 | ---D | M] -- C:\Users\Basil Beirouti\AppData\Roaming\Mozilla\Extensions
[2010/01/20 23:16:43 | 000,000,000 | ---D | M] -- C:\Users\Basil Beirouti\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/06/21 07:58:07 | 000,000,000 | ---D | M] -- C:\Users\Basil Beirouti\AppData\Roaming\Mozilla\Firefox\Profiles\ow73ldks.default\extensions
[2009/06/25 14:34:26 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Basil Beirouti\AppData\Roaming\Mozilla\Firefox\Profiles\ow73ldks.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/03/01 08:18:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Basil Beirouti\AppData\Roaming\Mozilla\Firefox\Profiles\ow73ldks.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
O1 HOSTS File: ([2006/09/19 00:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\real\realplayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL ()
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (ALWIL Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [BitTorrent DNA] C:\Users\Basil Beirouti\Program Files (x86)\DNA\btdna.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [cdloader] C:\Users\Basil Beirouti\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [la7nckruudn86] C:\Windows\SysWow64\la7nckruudn86.exe File not found
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h50203.www5....DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro.cce.h...ads/sysinfo.cab (SysData Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 95.172.193.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Basil Beirouti\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O24 - Desktop BackupWallPaper: C:\Users\Basil Beirouti\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/05/26 16:09:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{4139b99f-4721-11de-adc4-001e68a26a3e}\Shell\Autoplay\Command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{4139b99f-4721-11de-adc4-001e68a26a3e}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{4139b99f-4721-11de-adc4-001e68a26a3e}\Shell\Explore\Command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{4139b99f-4721-11de-adc4-001e68a26a3e}\Shell\Open\Command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{4571754b-bc68-11dd-b2f9-001e68a26a3e}\Shell\AutoRun\command - "" = b.com
O33 - MountPoints2\{4571754b-bc68-11dd-b2f9-001e68a26a3e}\Shell\explore\Command - "" = b.com
O33 - MountPoints2\{4571754b-bc68-11dd-b2f9-001e68a26a3e}\Shell\open\Command - "" = b.com
O33 - MountPoints2\{46354b6a-881d-11de-b56f-001e68a26a3e}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{46354b6a-881d-11de-b56f-001e68a26a3e}\Shell\phone\command - "" = F:\autorun.exe -- File not found
O33 - MountPoints2\{62cf0336-a5c0-11dd-a79f-001e68a26a3e}\Shell - "" = AutoRun
O33 - MountPoints2\{62cf0336-a5c0-11dd-a79f-001e68a26a3e}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O33 - MountPoints2\{ed4eb9c7-0ed8-11df-aaf5-001e68a26a3e}\Shell\AutoRun\command - "" = WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2008/01/21 06:06:38 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll ()
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll ()
NetSvcs: Ias - C:\WINDOWS\SysWOW64\ias [2008/01/21 06:08:35 | 000,000,000 | ---D | M]
NetSvcs: Wmi - C:\WINDOWS\SysWOW64\wmi.dll (Microsoft Corporation)
Drivers32:64bit: aux - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: aux1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midi3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: midimapper - C:\Windows\SysNative\midimap.dll ()
Drivers32:64bit: mixer - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: mixer3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: msacm.imaadpcm - C:\Windows\SysNative\imaadp32.acm ()
Drivers32:64bit: msacm.l3acm - C:\Windows\SysNative\l3codeca.acm ()
Drivers32:64bit: msacm.msadpcm - C:\Windows\SysNative\msadp32.acm ()
Drivers32:64bit: msacm.msg711 - C:\Windows\SysNative\msg711.acm ()
Drivers32:64bit: msacm.msgsm610 - C:\Windows\SysNative\msgsm32.acm ()
Drivers32:64bit: MSVideo8 - C:\Windows\SysNative\vfwwdm32.dll ()
Drivers32:64bit: vidc.i420 - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:64bit: VIDC.IYUV - C:\Windows\SysNative\iyuv_32.dll ()
Drivers32:64bit: vidc.mrle - C:\Windows\SysNative\msrle32.dll ()
Drivers32:64bit: vidc.msvc - C:\Windows\SysNative\msvidc32.dll ()
Drivers32:64bit: VIDC.UYVY - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: VIDC.YUY2 - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: VIDC.YVU9 - C:\Windows\SysNative\tsbyuv.dll ()
Drivers32:64bit: VIDC.YVYU - C:\Windows\SysNative\msyuv.dll ()
Drivers32:64bit: wave - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave1 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave2 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wave3 - C:\Windows\SysNative\wdmaud.drv ()
Drivers32:64bit: wavemapper - C:\Windows\SysNative\msacm32.drv ()
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\SysWow64\sirenacm.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave2 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave3 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Error creating restore point.
========== Files/Folders - Created Within 30 Days ==========
[2010/06/21 09:31:49 | 000,000,000 | -HSD | C] -- C:\found.001
[2010/06/21 00:49:06 | 000,572,416 | ---- | C] (OldTimer Tools) -- C:\Users\Basil Beirouti\Desktop\OTL.exe
[2010/06/21 00:31:00 | 000,000,000 | -HSD | C] -- C:\found.002
[2010/06/19 13:33:00 | 000,000,000 | ---D | C] -- C:\Users\Basil Beirouti\AppData\Roaming\Malwarebytes
[2010/06/19 13:32:53 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/06/19 13:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/06/19 13:32:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/19 13:24:31 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Basil Beirouti\Desktop\blablabla.exe
[2010/06/19 13:23:56 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/19 13:21:23 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/06/19 13:21:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2010/06/19 13:19:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iS3
[2010/06/19 13:19:28 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/06/19 12:54:37 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\Basil Beirouti\Desktop\blablabla2.exe
[2010/06/19 08:11:40 | 000,444,416 | ---- | C] (OldTimer Tools) -- C:\Users\Basil Beirouti\Desktop\TFC.exe
[2010/06/18 04:44:17 | 000,000,000 | -HSD | C] -- C:\found.000
[2010/06/10 15:44:56 | 000,833,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010/06/10 15:44:56 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/06/10 15:44:54 | 000,476,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/06/10 15:44:54 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2010/06/10 15:44:53 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/06/10 15:44:53 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/06/10 15:44:53 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010/06/10 15:44:53 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2010/06/10 15:44:53 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/06/10 15:44:53 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/06/10 15:44:52 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010/06/10 15:44:52 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2010/06/10 15:44:52 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2010/06/10 05:55:57 | 000,289,792 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/06/10 05:55:57 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/06/10 05:50:38 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\asycfilt.dll
[2010/06/10 04:04:24 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010/06/08 16:38:09 | 000,000,000 | ---D | C] -- C:\Users\Basil Beirouti\Documents\Basil's Files
========== Files - Modified Within 30 Days ==========
[2010/06/21 13:23:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/21 08:24:59 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{EB9C2E78-9E49-481D-97B5-440598385D6A}.job
[2010/06/21 08:22:49 | 005,505,024 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT
[2010/06/21 08:05:22 | 000,071,470 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/06/21 08:05:03 | 000,001,231 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2010/06/21 08:04:40 | 000,071,470 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/06/21 08:04:38 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/21 08:01:24 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/21 08:01:24 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/21 08:01:18 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/21 08:00:29 | 000,524,288 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{28029397-7cb8-11df-baad-001e68a26a3e}.TMContainer00000000000000000001.regtrans-ms
[2010/06/21 08:00:29 | 000,065,536 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{28029397-7cb8-11df-baad-001e68a26a3e}.TM.blf
[2010/06/21 08:00:08 | 002,029,732 | -H-- | M] () -- C:\Users\Basil Beirouti\AppData\Local\IconCache.db
[2010/06/21 01:10:10 | 000,524,288 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{28029397-7cb8-11df-baad-001e68a26a3e}.TMContainer00000000000000000002.regtrans-ms
[2010/06/21 00:49:20 | 000,572,416 | ---- | M] (OldTimer Tools) -- C:\Users\Basil Beirouti\Desktop\OTL.exe
[2010/06/20 23:46:44 | 038,398,782 | ---- | M] () -- C:\Users\Basil Beirouti\Desktop\6-19-2010.zip
[2010/06/20 23:32:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/20 15:41:28 | 000,284,915 | ---- | M] () -- C:\Users\Basil Beirouti\Desktop\gmer.zip
[2010/06/20 14:57:21 | 000,524,288 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02651-b5a5-11de-a261-001e68a26a3e}.TMContainer00000000000000000001.regtrans-ms
[2010/06/20 14:57:21 | 000,065,536 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02651-b5a5-11de-a261-001e68a26a3e}.TM.blf
[2010/06/19 21:15:18 | 000,107,008 | ---- | M] () -- C:\Users\Basil Beirouti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/19 20:52:39 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/06/19 20:52:39 | 000,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/06/19 20:52:39 | 000,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/06/19 14:33:39 | 000,066,159 | ---- | M] () -- C:\Users\Basil Beirouti\Desktop\messi.jpg
[2010/06/19 14:28:11 | 001,048,576 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.2.regtrans-ms
[2010/06/19 14:28:11 | 001,048,576 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.1.regtrans-ms
[2010/06/19 14:28:11 | 001,048,576 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.0.regtrans-ms
[2010/06/19 14:28:10 | 000,065,536 | -HS- | M] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.blf
[2010/06/19 13:32:55 | 000,000,774 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 13:32:19 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Basil Beirouti\Desktop\blablabla.exe
[2010/06/19 13:23:16 | 000,000,670 | ---- | M] () -- C:\Users\Basil Beirouti\Desktop\ERUNT.lnk
[2010/06/19 13:23:11 | 000,005,904 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/06/19 12:56:38 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\Basil Beirouti\Desktop\blablabla2.exe
[2010/06/19 08:11:56 | 000,444,416 | ---- | M] (OldTimer Tools) -- C:\Users\Basil Beirouti\Desktop\TFC.exe
[2010/06/19 04:14:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/06/11 07:33:39 | 000,505,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/09 21:28:25 | 000,000,924 | ---- | M] () -- C:\Users\Basil Beirouti\Desktop\magicJack.lnk
[2010/06/08 15:48:05 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
[2010/06/08 15:48:05 | 000,001,771 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
[2010/05/26 19:53:52 | 000,048,128 | ---- | M] () -- C:\Windows\SysNative\atmlib.dll
[2010/05/26 19:16:50 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010/05/26 17:56:53 | 000,366,080 | ---- | M] () -- C:\Windows\SysNative\atmfd.dll
[2010/05/26 17:25:15 | 000,289,792 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
========== Files Created - No Company Name ==========
[2010/06/21 01:08:08 | 000,524,288 | -HS- | C] () -- C:\Users\Basil Beirouti\NTUSER.DAT{28029397-7cb8-11df-baad-001e68a26a3e}.TMContainer00000000000000000002.regtrans-ms
[2010/06/21 01:08:08 | 000,524,288 | -HS- | C] () -- C:\Users\Basil Beirouti\NTUSER.DAT{28029397-7cb8-11df-baad-001e68a26a3e}.TMContainer00000000000000000001.regtrans-ms
[2010/06/21 01:08:08 | 000,065,536 | -HS- | C] () -- C:\Users\Basil Beirouti\NTUSER.DAT{28029397-7cb8-11df-baad-001e68a26a3e}.TM.blf
[2010/06/20 23:46:31 | 038,398,782 | ---- | C] () -- C:\Users\Basil Beirouti\Desktop\6-19-2010.zip
[2010/06/20 15:41:26 | 000,284,915 | ---- | C] () -- C:\Users\Basil Beirouti\Desktop\gmer.zip
[2010/06/19 14:33:36 | 000,066,159 | ---- | C] () -- C:\Users\Basil Beirouti\Desktop\messi.jpg
[2010/06/19 14:28:11 | 001,048,576 | -HS- | C] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.2.regtrans-ms
[2010/06/19 14:28:11 | 001,048,576 | -HS- | C] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.1.regtrans-ms
[2010/06/19 14:28:11 | 001,048,576 | -HS- | C] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.0.regtrans-ms
[2010/06/19 14:28:10 | 000,065,536 | -HS- | C] () -- C:\Users\Basil Beirouti\NTUSER.DAT{e1e02650-b5a5-11de-a261-001e68a26a3e}.TxR.blf
[2010/06/19 13:32:55 | 000,000,774 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/06/19 13:32:51 | 000,024,664 | ---- | C] () -- C:\Windows\SysNative\drivers\mbam.sys
[2010/06/19 13:23:16 | 000,000,670 | ---- | C] () -- C:\Users\Basil Beirouti\Desktop\ERUNT.lnk
[2010/06/19 13:21:13 | 000,005,904 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/06/10 15:44:59 | 005,690,368 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2010/06/10 15:44:58 | 007,006,208 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2010/06/10 15:44:57 | 001,426,944 | ---- | C] () -- C:\Windows\SysNative\urlmon.dll
[2010/06/10 15:44:56 | 001,032,704 | ---- | C] () -- C:\Windows\SysNative\wininet.dll
[2010/06/10 15:44:56 | 000,208,896 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2010/06/10 15:44:55 | 000,422,400 | ---- | C] () -- C:\Windows\SysNative\ieapfltr.dll
[2010/06/10 15:44:54 | 000,758,784 | ---- | C] () -- C:\Windows\SysNative\mshtmled.dll
[2010/06/10 15:44:54 | 000,580,608 | ---- | C] () -- C:\Windows\SysNative\msfeeds.dll
[2010/06/10 15:44:53 | 000,485,376 | ---- | C] () -- C:\Windows\SysNative\html.iec
[2010/06/10 15:44:53 | 000,480,256 | ---- | C] () -- C:\Windows\SysNative\iedkcs32.dll
[2010/06/10 15:44:53 | 000,375,296 | ---- | C] () -- C:\Windows\SysNative\iertutil.dll
[2010/06/10 15:44:53 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2010/06/10 15:44:53 | 000,249,856 | ---- | C] () -- C:\Windows\SysNative\iepeers.dll
[2010/06/10 15:44:53 | 000,032,768 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2010/06/10 15:44:52 | 001,129,984 | ---- | C] () -- C:\Windows\SysNative\mstime.dll
[2010/06/10 15:44:52 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\ieencode.dll
[2010/06/10 15:44:52 | 000,032,256 | ---- | C] () -- C:\Windows\SysNative\jsproxy.dll
[2010/06/10 15:44:51 | 001,383,424 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2010/06/10 05:55:58 | 000,366,080 | ---- | C] () -- C:\Windows\SysNative\atmfd.dll
[2010/06/10 05:55:57 | 000,048,128 | ---- | C] () -- C:\Windows\SysNative\atmlib.dll
[2010/06/10 05:50:38 | 000,084,480 | ---- | C] () -- C:\Windows\SysNative\asycfilt.dll
[2010/06/10 04:20:55 | 002,749,952 | ---- | C] () -- C:\Windows\SysNative\win32k.sys
[2010/06/10 04:04:24 | 001,570,816 | ---- | C] () -- C:\Windows\SysNative\quartz.dll
[2010/06/08 15:56:27 | 000,002,048 | ---- | C] () -- C:\Windows\SysNative\tzres.dll
[2009/03/27 00:33:30 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\NSREG.DLL
[2009/03/18 21:11:23 | 000,000,030 | ---- | C] () -- C:\Windows\EZSOLVE.INI
[2009/03/18 21:11:23 | 000,000,009 | ---- | C] () -- C:\Windows\MSE5E.INI
[2009/03/18 21:11:22 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\Winsys.dll
[2009/03/18 21:11:22 | 000,000,195 | ---- | C] () -- C:\Windows\SysWow64\Ic.ini
[2008/10/26 01:33:53 | 000,000,025 | ---- | C] () -- C:\Windows\cdplayer.ini
[2008/01/21 05:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/21 05:49:49 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/01/15 01:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2008/01/21 05:50:15 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2008/10/22 10:59:42 | 000,000,368 | -H-- | M] () -- C:\IPH.PH
[2006/12/02 09:37:14 | 000,904,704 | ---- | M] (Microsoft Corporation) -- C:\msdia80.dll
[2007/08/30 00:47:44 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\npbittorrent.dll
[2010/06/21 13:23:25 | 310,657,023 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\user32.dll /md5 >
[2008/01/21 05:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\WINDOWS\SysWOW64\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/21 05:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\WINDOWS\SysWOW64\ws2_32.dll
< End of report >
OTL extras:
OTL Extras logfile created on: 6/21/2010 1:24:47 PM - Run 1
OTL by OldTimer - Version 3.2.6.0 Folder = C:\Users\Basil Beirouti\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 85.00% Memory free
8.00 Gb Paging File | 8.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 286.97 Gb Total Space | 75.34 Gb Free Space | 26.25% Space Free | Partition Type: NTFS
Drive D: | 11.12 Gb Total Space | 1.83 Gb Free Space | 16.50% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BASILBEIROUTI
Current User Name: Basil Beirouti
Logged in as Administrator.
Current Boot Mode: SafeMode
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" ()
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l ()
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{057FAAA5-4FD3-45DF-A52A-FB2D0AAA3FCB}" = lport=138 | protocol=17 | dir=in | app=system |
"{05F60510-A296-4391-A0D1-B10A5C3564DC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1271A7DE-1783-4059-A0EC-4B727AA5762A}" = rport=138 | protocol=17 | dir=out | app=system |
"{15BB9319-25C7-4073-A468-C1AEACD2F420}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{18B21A61-2622-4FC0-A6BB-1BDCE2D1564A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1ED9D36A-9B1D-4B13-B416-7D12F3BD3AD2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{288E876A-2C9F-478A-8A41-23843144C01C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{33F8A192-A42C-4F78-A855-DCB74D54E45A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3654F88D-9BFA-4DC7-B82C-0D78C8522190}" = lport=445 | protocol=6 | dir=in | app=system |
"{41D2F5FA-F583-444C-A345-63EDE52E28FF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{44E9EC24-C8E8-487A-85B7-C824577E632B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4EC45BAF-5E6A-4FEC-BA84-D22E4E2122B3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6358A42C-BC89-46A4-A7DD-7D7973BBAAE5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{64A0ECAF-9E42-4AAF-870E-A0168CADF38B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{66E10191-2135-4579-A04B-C1C11E75C6CB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{6E80E182-39E2-435D-863D-D2FB125AD322}" = rport=139 | protocol=6 | dir=out | app=system |
"{768D4A7E-5596-4BF3-A19A-89BED6BEC0B1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{774337C0-671F-43CE-856B-A344AA29865A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7DDA7631-B714-486E-9CEC-E713194C0F10}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{803EC333-9F27-4B07-A6B8-48FF0EBE054E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{88A2A3B4-8709-48E6-A24E-ADF97E3F97A6}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{90A9C113-999D-4B90-91C7-3CD0C7E88680}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{97F582AF-7681-49CC-9878-90C8D453AEC5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9D6DBAE4-5FF2-4B60-9315-30C332BA5895}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A4627BE1-DD63-448C-8CB9-B576D2488C45}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A76855E6-6FD2-45EA-93B2-E418A7013180}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AA444E4D-B0E6-4E76-9D84-F0E4910FD9D8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AB65CC9A-852D-4945-BFEE-84EE06E0A626}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{ABA9787F-54A8-4605-B705-8C76E8157D77}" = rport=137 | protocol=17 | dir=out | app=system |
"{B043BEF8-2339-418D-BE13-7E3CA1B021EF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B2A7925D-E19F-4933-9AD1-DF7184C57F67}" = rport=445 | protocol=6 | dir=out | app=system |
"{B602E37C-4931-4DFA-8582-5698E152CE59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B7FB228A-76B2-44B8-88C6-D2D138B56B18}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC6B8D51-E07D-418D-80DF-7A0BAC85132C}" = lport=137 | protocol=17 | dir=in | app=system |
"{C1302B01-E327-4642-9916-FC5D02EA9DA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C466537E-B49E-44AC-A380-8F2175A3CB48}" = lport=49158 | protocol=6 | dir=in | name=akamai netsession interface |
"{C920891F-8414-4EEE-B678-83B59625ACAC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CD5CE5CB-AEF9-42B3-BE5C-5B3EBD6EFC79}" = lport=49227 | protocol=6 | dir=in | name=akamai netsession interface |
"{DAC94DCC-8C20-4C9A-B110-47B8D6A27863}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E4ED448D-CA3C-4AB1-99CA-422694F88509}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F1AFF98A-D594-490E-8426-65575343C106}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F27D78F0-141E-40DC-9411-28C9164B789C}" = lport=139 | protocol=6 | dir=in | app=system |
"{F2E6BE52-5007-4BAD-8581-6E1B078F82B4}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01F4E093-B609-402E-B9DB-5DDD2A2F9266}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{031C9CED-091C-4540-8643-597018DFCD69}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathkernel.exe |
"{06735CAD-442D-4E3B-8498-8A0A1C608489}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent_dna\dna.exe |
"{0C3D8895-45F4-4031-B541-277E05E739E1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0CE064B0-B34A-438F-9298-5453AC7B8F39}" = dir=in | app=c:\program files (x86)\windows live\messenger\livecall.exe |
"{0DA0437A-DC09-4263-8CC3-AAF09BC134AF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{11F5EC2F-4329-4DE0-86D7-CD44DBD97A93}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{12EA3D6E-E6E6-4489-8AC4-1BC517D2EFA0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{13BDC337-60A2-4E4F-8130-2E92ADDD65FD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1532AB0C-04FF-4BB5-AF65-2DFB16A3BA86}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{15B2728E-0B1A-431F-9949-BA42A3D1415F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{1D4D971B-BFBE-44D1-96D8-3751BAD340D2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D76EB8C-A547-4F1C-9E01-EB1BC2A5F17A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{24F34E1C-BC92-46C8-8830-09D68A33BB70}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{264E3DFD-E8D4-474F-8061-CCA358C1E90C}" = protocol=1 | dir=out | [email protected],-28544 |
"{2D53F64F-E42D-42D3-A8F2-42F7A9528BF9}" = dir=in | app=c:\program files (x86)\windows live\messenger\livecall.exe |
"{32ACC2C7-F4D8-4EEB-AEC9-C70A66332749}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{43298955-C09B-49E4-B6A9-EC93B340761C}" = protocol=6 | dir=in | app=c:\program files (x86)\activision\prototype\prototypef.exe |
"{45DD81B1-6CF6-4F50-A249-65A149917D79}" = protocol=58 | dir=in | [email protected],-28545 |
"{45E63F67-81C9-498D-BF6D-B517EA13F4B1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{51FB7E0D-237A-4A1C-9EE3-1AB0C89E129E}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathematica.exe |
"{53F0A2D5-661E-4562-A391-3AB8DC6373A6}" = protocol=6 | dir=out | app=system |
"{54E1AB30-154E-4DB4-8B25-E80F25A8BF3A}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{624B5C22-DD3A-4344-B002-DA074097ADAA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{663DDE16-0D60-4F84-A699-6C4D6B37F3EE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6A428DCA-CF72-457E-AC43-614F3B09563A}" = protocol=17 | dir=in | app=c:\program files (x86)\activision\prototype\prototypef.exe |
"{6AED4C38-F77B-4156-8DBD-CBF94F39BB28}" = dir=in | app=c:\program files (x86)\hp\quickplay\qp.exe |
"{6D3CC809-B6EF-4AA8-9625-40204ED7120A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6F7EDA50-B600-4B2D-88BD-8C867F11FE7E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{77204920-DAA4-400F-8A02-D71360B8E28F}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathematica.exe |
"{7B4B6AD5-2BD5-4EBF-A46A-8746FC491118}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{819C2E24-76B1-4099-9233-FAFBEA8FAE35}" = dir=in | app=c:\program files (x86)\windows live\messenger\livecall.exe |
"{8B06C066-DDED-4FEB-90BD-3F76B4E1DF88}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8BC11314-7887-4E7F-ADFE-315ACCF8697D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8D015FE0-C68B-45C0-A5CF-B99C862EC1FC}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{8DD998E7-C597-46D6-B322-2E31A3E48E72}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{975EF47F-1EA0-4E1F-9626-8EE6A8E5A7EF}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{989E56E9-B4CD-4229-9E49-F28351351F68}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{9E8E7856-6718-4669-8CF6-B3B5AA74A6CA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A12C5566-AE5C-4369-8A0B-335218307F3E}" = protocol=6 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\math.exe |
"{ABB589CD-21BD-4462-8652-1346D9DDF722}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\mathkernel.exe |
"{AD0E3633-F70E-4028-ACDF-6B0220F1DC4A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AEE648E3-4B92-4F2A-ADA0-2812FAAC0922}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{B1414930-C8B1-40A0-BCC0-FA9250C30F11}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\ra3.exe |
"{B5480A96-8494-4640-93D9-FE816EB6746D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B68FD785-DAA6-4AED-80F9-A2BC93480063}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B9F86038-D70D-4A98-B957-094666E4CEF4}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent_dna\dna.exe |
"{BB28CA12-4607-4C39-9F56-1442AAFCE0E3}" = protocol=6 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{C1FBFCC5-4D8A-4857-87AB-AE6ABD8F0A83}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C73D81BA-A7A3-419F-918A-460C21BF7195}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C7A7BFD1-F316-46B8-94A0-9744F724F2F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C7DE6782-7E3E-406E-A1BF-CDEF28870E7A}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CB6F3177-0443-4A3F-9456-7AD732F03ACD}" = dir=in | app=c:\program files (x86)\windows live\messenger\livecall.exe |
"{CF0939F8-8E25-4798-BB73-7210215C42FF}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CF5AE70A-226A-428B-B41A-ACB1308AFC6B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{D1320B38-53CB-45E2-9C0B-8A719EEE3D5E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{D3B3CA0D-4C05-4C70-81EA-EA9D1AF81522}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D46965C1-48F6-4EA4-BD1A-22666168F59C}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{D91ACB0F-7973-4634-8538-4AA14A6E286E}" = protocol=17 | dir=in | app=c:\program files\wolfram research\mathematica\7.0\math.exe |
"{D91C00E0-69DD-4FBB-B054-86CAC052991B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D977792A-B74A-41C6-821E-D9A32C600E21}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{E39C7A38-DA8F-4B0D-B70F-B7DD598B5514}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{E3E9B5E6-5106-43A5-8F77-41C16B221C81}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{E4C89489-4B02-4296-8CC5-17B1C61EBBE0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E52070C7-FD74-4C64-B808-75DD36CEB491}" = dir=in | app=c:\program files (x86)\hp\quickplay\qpservice.exe |
"{E7594096-FD07-48E1-8B7D-70DEB6BF37D6}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E8336FD0-040F-4877-8EA9-D2D9DB7210C0}" = dir=in | app=c:\program files (x86)\windows live\messenger\livecall.exe |
"{E94CCDDC-8937-4AF7-891A-5D1435FAE126}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EBA2EBD8-CA2E-4AC0-9462-F54394C17BAD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EE5E6F4C-B74A-4CA6-8B45-9E849BA2FB53}" = protocol=58 | dir=out | [email protected],-28546 |
"{F07DB27B-50E8-46B3-8842-E30091056D34}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F48B70F8-8802-4721-9B3B-BEFCD52F6FFD}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\ra3.exe |
"{F90016E5-DEA1-41A5-97E6-342788DD57C3}" = protocol=17 | dir=in | app=c:\program files (x86)\firaxis games\sid meier's civilization 4\civilization4.exe |
"{FC5240FA-FB38-4C9E-A785-D62F0C76D234}" = protocol=1 | dir=in | [email protected],-28543 |
"TCP Query User{131F1C0B-CE82-47AD-965D-69BAAC374B3C}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{1D11F834-94E3-4316-8085-B6F100A6AD33}C:\program files (x86)\deusty\mojo\mojo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deusty\mojo\mojo.exe |
"TCP Query User{1D9C12C9-A309-40C9-928B-B0122C5D732F}C:\users\basil beirouti\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\basil beirouti\program files (x86)\dna\btdna.exe |
"TCP Query User{55EB87CB-FF0F-4C07-8637-1D95B042A51F}C:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{72CC6EA3-825A-4491-AB1C-DBB63D6AC699}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"TCP Query User{78697AE0-1776-4E10-923F-82711630393B}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{878BAC6A-3473-4DA0-9420-42CC98BDD930}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"TCP Query User{92B7FB01-6059-4F7C-B8B9-6BB2420D1C9A}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{93BA4BA8-ED4E-4B41-A0A3-098044143AB0}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{AD4E596E-C438-4CB7-A6EF-805232A060F8}C:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{B0DC26E4-8A91-4D61-92D5-597BC58D026A}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"TCP Query User{B4F6DFD9-D5D1-4FB2-ABCC-115B23584A8B}C:\program files\imagej\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\imagej\jre\bin\javaw.exe |
"TCP Query User{BD83F767-7680-4793-A953-CD22D2611595}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{C8BAF37D-35CB-4D09-9227-4E02F25C4F66}C:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe |
"TCP Query User{D545BBDB-695A-4CCD-8C7B-013A83ACCE7A}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{D8A82CA5-CB97-4A89-99DE-2155F6D89E3F}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.4.game" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.4.game |
"TCP Query User{E9F6D28F-27CC-44F0-A513-041A89999C36}C:\imagej\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\imagej\jre\bin\javaw.exe |
"TCP Query User{EB1DDFFA-036A-4635-8C55-A02380F832E2}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"TCP Query User{EF39CAA7-9F2A-4F95-9DEF-11598071F2DA}C:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{EF4FF778-8A67-4A64-8515-75731EC652EE}C:\program files (x86)\deusty\mojo\mojo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\deusty\mojo\mojo.exe |
"TCP Query User{F92E1551-7E4B-4B9B-B788-D67AC711940D}C:\users\basil beirouti\program files (x86)\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\basil beirouti\program files (x86)\dna\btdna.exe |
"TCP Query User{F9CB1BF3-0900-4217-96F1-726565C290E0}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{0B1CCE67-60EC-4D06-9668-1A34ECF5E230}C:\users\basil beirouti\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\basil beirouti\program files (x86)\dna\btdna.exe |
"UDP Query User{0D05388D-07E7-4F1C-BC37-EEB1FF306511}C:\users\basil beirouti\program files (x86)\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\basil beirouti\program files (x86)\dna\btdna.exe |
"UDP Query User{11366448-F0D9-411E-933E-06BA29B1766E}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{1E80F437-76A6-4F3B-97EE-E9483D3ADC98}C:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{34AB5C75-D3EC-49F2-A5B3-FA5696030696}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"UDP Query User{3A33B6CB-9B29-4C39-9C7C-DB36AD0E2A7A}C:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{4D657B7A-C141-487D-B293-F78C12B57D2A}C:\program files (x86)\deusty\mojo\mojo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deusty\mojo\mojo.exe |
"UDP Query User{54075BB6-FDB3-4992-99EA-8DBE1EA26AF7}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"UDP Query User{5D66F354-B8B9-49BB-B4E9-B6AFDB6717E3}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{6262FAF8-BB4C-4568-B31C-9B3BBF4E731C}C:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\basil beirouti\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{63295AAB-B021-43DC-879E-69CCD854DC6B}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{66D99CE1-BF6F-467F-AB26-25FE0FD5CD8C}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{6ED3ABA5-7282-456E-A950-1DE4629E23B8}C:\program files (x86)\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\eadm\core.exe |
"UDP Query User{8C21A384-4651-40AA-AE29-117CAEAA63EF}C:\program files (x86)\deusty\mojo\mojo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\deusty\mojo\mojo.exe |
"UDP Query User{95B4DE2A-FC3C-40A1-B0D7-DDD6B978F905}C:\program files\imagej\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\imagej\jre\bin\javaw.exe |
"UDP Query User{98764FF2-5078-4C69-8922-80F4F2D0F72B}C:\program files (x86)\electronic arts\red alert 3\data\ra3_1.4.game" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\red alert 3\data\ra3_1.4.game |
"UDP Query User{9D5404BA-2CF5-4BE1-BA9D-36C812D46194}C:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\basil beirouti\program files (x86)\bittorrent\bittorrent.exe |
"UDP Query User{A3900013-0A23-46D5-AD9F-2CF8978B68F2}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{BEAA4A76-61D6-4017-AED7-F8CDD4C93B4B}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{D5F81D40-E399-4A03-83D4-F129362DCD55}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"UDP Query User{D62225E0-1CCE-4D82-BD84-51FF29BE352D}C:\imagej\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\imagej\jre\bin\javaw.exe |
"UDP Query User{D73C0CDF-0EEC-490E-B33A-69E9BE1B029A}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AD2F8FE-A357-4728-BDF8-B92D794CE793}" = HP QuickTouch 1.00 D2
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{5783F2D7-8001-0409-0102-0060B0CE6BBA}" = AutoCAD 2010 - English
"{5783F2D7-8001-0409-1102-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - English
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B812FCC0-6192-4BFA-A9C6-1E8578F255DA}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AutoCAD 2010 - English" = AutoCAD 2010 - English
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"MatlabR2008b" = MATLAB R2008b
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"M-WIN-L 7.0.1 1213965_is1" = Wolfram Mathematica 7 (M-WIN-L 7.0.1 1213965)
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24A55F97-AA44-4EDB-BEA1-CD51441B2AD4}" = Mojo
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron JMB38X Flash Media Controller
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 20
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 D1
"{35F83303-C0C0-46B7-B8A8-ADA7C2AC5645}" = muvee autoProducer 6.1
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{55D9E026-DCB0-46FF-B60A-68B972228CF6}" = Autodesk Design Review 2010
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8C0DF485-DB3E-453C-BFB3-4C47E636ECF9}" = Serif WebPlus 10
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype™
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{98736A65-3C79-49EC-B7E9-A3C77774B0E6}" = Google SketchUp 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A5CE7175-080D-49AC-B5A3-E7E3502428F5}" = HP Wireless Assistant
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A869A1DA-9571-4287-B170-4A7246994C84}" = Serif WebPlus 10 Resources
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{B3D8B2F8-3C2C-45BC-933E-8B60E78F6684}" = Google SketchUp 6
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B6C2569C-E2AA-4AB9-8C26-AC2487A2BFFC}" = Sid Meier's Civilization 4
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}" = Sid Meier's Civilization 4
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{f32502b5-5b64-4882-bf61-77f23edcac4f}" = HP Total Care Advisor
"{F48098CD-2D66-4861-85EC-DC1D4D09D5F9}" = HP User Guides 0102
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FB9607C0-17B8-42B8-BB99-A1C9F7038363}" = Wolfram Notebook Indexer 2.0
"7-Zip" = 7-Zip 4.57
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Autodesk Design Review 2010" = Autodesk Design Review 2010
"avast5" = avast! Free Antivirus
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BrainWave Generator" = BrainWave Generator
"ERUNT_is1" = ERUNT 1.1j
"Guitar Pro 5_is1" = Guitar Pro 5.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{9322A850-9091-4D0E-B252-3E82EDA3D94A}" = Prototype™
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"LimeWire" = LimeWire 5.4.6
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox (3.5)" = Mozilla Firefox (3.5)
"PokerStars" = PokerStars
"RealPlayer 12.0" = RealPlayer
"Skype_is1" = Skype 2.5
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"Total Video Player 1.03_is1" = Total Video Player 1.03
"ViewpointMediaPlayer" = Viewpoint Media Player
"WCIF ImageJ_is1" = Uninstall_ImageJ
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Xfire" = Xfire (remove only)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"BitTorrent DNA" = DNA
"Move Media Player" = Move Media Player
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/12/2009 2:11:13 AM | Computer Name = BasilBeirouti | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 8.1.0.137, time stamp 0x46444e37,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x3030302e, process id 0x1054, application start time 0x01ca635eeec07778.
Error - 11/12/2009 2:11:15 AM | Computer Name = BasilBeirouti | Source = Application Error | ID = 1000
Description = Faulting application AcroRd32.exe, version 8.1.0.137, time stamp 0x46444e37,
faulting module MSVCR80.dll, version 8.0.50727.3053, time stamp 0x4889d619, exception
code 0xc0000005, fault offset 0x00014a7f, process id 0x1054, application start time
0x01ca635eeec07778.
Error - 11/12/2009 11:49:27 PM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11/12/2009 11:49:28 PM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11/13/2009 5:12:49 AM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11/13/2009 5:12:49 AM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11/13/2009 5:27:41 PM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11/15/2009 1:15:10 AM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11/15/2009 1:15:10 AM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 11/16/2009 3:19:10 AM | Computer Name = BasilBeirouti | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 1/29/2009 12:40:43 AM | Computer Name = BasilBeirouti | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 3/17/2009 11:36:13 PM | Computer Name = BasilBeirouti | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ OSession Events ]
Error - 11/13/2008 8:50:31 PM | Computer Name = BasilBeirouti | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4160
seconds with 120 seconds of active time. This session ended with a crash.
Error - 11/13/2008 8:51:28 PM | Computer Name = BasilBeirouti | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 43
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11/13/2008 8:51:38 PM | Computer Name = BasilBeirouti | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11/13/2008 8:52:16 PM | Computer Name = BasilBeirouti | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 33
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/6/2008 4:58:50 AM | Computer Name = BasilBeirouti | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6324.5001, Microsoft Office Version: 12.0.6215.1000. This session lasted 6800
seconds with 5940 seconds of active time. This session ended with a crash.
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Also, when I opened my computer in safe mode once, it kept telling me windows explorer has caused an error and then windows explorer is restarting whenever I pressed the start menu. I don't know if that helps. I also still don't know if it's a hardware or software problem hopefully it's a software one. It's getting bad though I had to prepare this post in safe mode and save it on a notepad, then copy it here in regular mode because I couldn't keep the computer from crashing long enough to write this. Please let me know if you need any other information I will be checking this very often.
Thanks a lot guys.
Sign In
Create Account
