Okay so I read some on the forum now seems I posted the wrong thing. So I will post what needs posted here.
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4631
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943
9/16/2010 3:17:34 PM
mbam-log-2010-09-16 (15-17-34).txt
Scan type: Quick scan
Objects scanned: 157375
Time elapsed: 14 minute(s), 55 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 16
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
GMER 1.0.15.15281 -
http://www.gmer.netRootkit scan 2010-09-16 15:35:22
Windows 6.0.6002 Service Pack 2
Running: gmer.exe; Driver: C:\Users\VALUED~1\AppData\Local\Temp\pwkyypow.sys
---- System - GMER 1.0.15 ----
INT 0x62 ? 8614BF00
INT 0x72 ? 8614BF00
INT 0x92 ? 848D4BF8
INT 0xA2 ? 848D4BF8
INT 0xB2 ? 848D4BF8
---- Kernel code sections - GMER 1.0.15 ----
? System32\Drivers\sphr.sys The system cannot find the path specified. !
.text USBPORT.SYS!DllUnload 8C63E41B 5 Bytes JMP 8614B4E0
.text C:\Windows\system32\DRIVERS\nvlddmkm.sys section is writeable [0x8CC0F340, 0x3EA427, 0xE8000020]
---- User code sections - GMER 1.0.15 ----
.text C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe[3388] kernel32.dll!CreateThread + 1A 75FFC928 4 Bytes CALL 5983D95D C:\Program Files\Auslogics\Auslogics BoostSpeed\madExcept_.bpl
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8528A1F8
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (Kernel Mode Driver Framework Runtime/Microsoft Corporation)
Device \Driver\volmgr \Device\VolMgrControl 852661F8
Device \Driver\usbohci \Device\USBPDO-0 861EB1F8
Device \Driver\usbehci \Device\USBPDO-1 861ED1F8
Device \Driver\usbohci \Device\USBPDO-2 861EB1F8
Device \Driver\usbehci \Device\USBPDO-3 861ED1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{7B5F573B-3627-44E8-A73D-15283A53E0D2} 8738E500
Device \Driver\volmgr \Device\HarddiskVolume1 852661F8
Device \Driver\volmgr \Device\HarddiskVolume2 852661F8
Device \Driver\cdrom \Device\CdRom0 861E71F8
Device \Driver\cdrom \Device\CdRom1 861E71F8
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-4 852691F8
Device \Driver\atapi \Device\Ide\IdePort0 852691F8
Device \Driver\atapi \Device\Ide\IdePort1 852691F8
Device \Driver\atapi \Device\Ide\IdePort2 852691F8
Device \Driver\atapi \Device\Ide\IdePort3 852691F8
Device \Driver\atapi \Device\Ide\IdeDeviceP3T0L0-5 852691F8
Device \Driver\netbt \Device\NetBt_Wins_Export 8738E500
Device \Driver\Smb \Device\NetbiosSmb 8751D1F8
Device \Driver\netbt \Device\NetBT_Tcpip_{B7B48673-92E2-497E-9E16-8E92869CC216} 8738E500
Device \Driver\iScsiPrt \Device\RaidPort0 862461F8
Device \Driver\usbohci \Device\USBFDO-0 861EB1F8
Device \Driver\usbehci \Device\USBFDO-1 861ED1F8
Device \Driver\usbohci \Device\USBFDO-2 861EB1F8
Device \Driver\usbehci \Device\USBFDO-3 861ED1F8
Device \FileSystem\cdfs \Cdfs 84B5E1F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cf
[email protected] 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cf
[email protected] 285507792
---- EOF - GMER 1.0.15 ----
OTL logfile created on: 9/16/2010 3:53:08 PM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Valued Customer\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.71 Gb Total Space | 15.47 Gb Free Space | 11.15% Space Free | Partition Type: NTFS
Drive D: | 10.33 Gb Total Space | 1.71 Gb Free Space | 16.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VALUEDCUSTOM-PC
Current User Name: Valued Customer
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2010/09/16 15:20:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
PRC - [2010/07/18 11:54:40 | 001,774,080 | ---- | M] (Exent Technologies Ltd.) -- C:\Program Files\Free Ride Games\GPlayer.exe
PRC - [2010/06/09 14:37:24 | 000,107,856 | ---- | M] () -- C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe
PRC - [2010/06/01 14:53:46 | 001,093,208 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Essentials\msseces.exe
PRC - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
PRC - [2009/09/14 14:16:58 | 000,480,368 | ---- | M] (Auslogics) -- C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/09 07:58:56 | 000,075,008 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
PRC - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
========== Modules (SafeList) ========== MOD - [2010/09/16 15:20:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
MOD - [2009/04/10 23:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 19:34:21 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2010/06/09 14:40:04 | 000,120,144 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\RcAppSvc.exe -- (CLEARWIRERcAppSvc)
SRV - [2010/06/09 14:37:24 | 000,124,240 | ---- | M] (SmithMicro Inc.) [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\ConAppsSvc.exe -- (CACLEARWIRE)
SRV - [2010/06/09 14:37:24 | 000,107,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Clearwire\Connection Manager\DeviceLaunchSvc.exe -- (SMSI Device Launch Service)
SRV - [2010/04/19 15:06:06 | 000,399,872 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Clearwire\Connection Manager\clearwireDeviceDiagnosticsService.exe -- (clearwireDeviceDiagnosticsService)
SRV - [2010/03/25 21:40:44 | 000,017,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2009/09/24 18:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/10/06 09:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/01/20 19:33:00 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | System | Stopped] -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSPX.SYS -- (SRTSPX)
DRV - File not found [File_System | System | Stopped] -- C:\Windows\System32\drivers\NIS\1000000.07D\SRTSP.SYS -- (SRTSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVEX15.SYS -- (NAVEX15)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\NAVENG.SYS -- (NAVENG)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2010/09/13 02:13:36 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2010/09/13 02:13:33 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2010/09/13 02:13:32 | 000,319,488 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\drxvi314.sys -- (bcm)
DRV - [2010/06/09 14:30:26 | 000,030,080 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\swvspser.sys -- (swvspser)
DRV - [2010/06/09 11:34:14 | 000,032,408 | ---- | M] (Smith Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\PCTINDIS5.sys -- (PCTINDIS5)
DRV - [2010/05/25 21:48:12 | 000,203,008 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SWNC5E00.sys -- (SWNC5E00) Sierra Wireless MUX NDIS Driver (#00)
DRV - [2010/05/25 21:48:12 | 000,157,440 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmx00.sys -- (swmx00) Sierra Wireless USB MUX Driver (#00)
DRV - [2010/05/25 21:48:08 | 000,037,248 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2010/04/10 19:58:12 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/03/26 21:04:24 | 000,051,456 | ---- | M] (Beceem communications pvt ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BcmBusCtr.sys -- (bcmbusctr)
DRV - [2010/03/25 21:30:22 | 000,151,216 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\MpFilter.sys -- (MpFilter)
DRV - [2010/03/25 21:30:22 | 000,042,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2010/03/16 14:34:36 | 000,042,880 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvdfab.sys -- (dvdfab)
DRV - [2010/03/10 21:02:38 | 000,056,352 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Running] -- C:\Program Files\Free Ride Games\X4HSEx.sys -- (X4HSEx)
DRV - [2009/11/08 20:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2009/04/23 12:33:34 | 000,064,512 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTSTOR.sys -- (RTSTOR)
DRV - [2009/04/10 21:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/10/22 23:04:58 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/10/22 23:04:58 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/10/22 23:04:58 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008/10/03 04:39:28 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/07/11 11:31:00 | 007,530,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/27 12:31:24 | 000,093,544 | ---- | M] (Rocket Division Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\StarPortLite.sys -- (StarPortLite) StarPort Storage Controller (Lite)
DRV - [2008/05/09 12:17:32 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/04/27 12:07:44 | 000,909,824 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2008/04/24 15:51:46 | 000,014,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/04/17 11:05:16 | 000,199,344 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2008/01/29 06:55:00 | 001,042,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/01/20 19:32:53 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008/01/20 19:32:53 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008/01/20 19:32:52 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008/01/20 19:32:52 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008/01/20 19:32:52 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008/01/20 19:32:52 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008/01/20 19:32:51 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008/01/20 19:32:51 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008/01/20 19:32:50 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008/01/20 19:32:50 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008/01/20 19:32:49 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008/01/20 19:32:49 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008/01/20 19:32:49 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008/01/20 19:32:49 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008/01/20 19:32:49 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008/01/20 19:32:48 | 000,342,584 | ---- | M] (Emulex) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008/01/20 19:32:48 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008/01/20 19:32:47 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008/01/20 19:32:47 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008/01/20 19:32:46 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008/01/20 19:32:45 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2008/01/20 19:32:45 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008/01/19 00:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/10/31 18:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007/10/31 18:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007/10/17 16:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2006/11/02 02:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 02:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 02:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 02:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 02:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 02:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 02:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 02:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 02:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 02:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 02:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 01:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 01:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006/11/02 01:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 01:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 01:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 01:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 00:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 00:30:56 | 000,194,048 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2001/05/07 03:56:02 | 000,019,805 | ---- | M] (Thesycon GmbH, Germany) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbio.sys -- (USBIO) USBIO Driver (usbio.sys)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...resario&pf=cnnbIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...resario&pf=cnnbIE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...resario&pf=cnnbIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.pogo.com/IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaulturl: "
http://www.bing.com/...2DF&PC=DCF2&q="FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=135963"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.pogo.com/"FF - prefs.js..extensions.enabledItems:
[email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.8
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.0.11
FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.3.7
FF - prefs.js..extensions.enabledItems: {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.8
FF - prefs.js..extensions.enabledItems: {7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}:5.2.4.8
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems:
[email protected]:1.69.1
FF - prefs.js..extensions.enabledItems: {afe43e80-0abc-4df2-81a0-3fe44b74abe8}:1.300.306
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems:
[email protected]:2.0
FF - prefs.js..extensions.enabledItems:
[email protected]:2.0.8
FF - prefs.js..keyword.URL: "
http://ws.infospace...._id=60531&qkw=" FF - HKLM\software\mozilla\Flock 2.5.6\extensions\\Components: C:\Program Files\Flock\components
FF - HKLM\software\mozilla\Flock 2.5.6\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Components: C:\Program Files\Flock\components
FF - HKLM\software\mozilla\Flock 2.6.1\extensions\\Plugins: C:\Program Files\Flock\plugins
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/16 14:07:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.9\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/16 14:07:59 | 000,000,000 | ---D | M]
[2010/03/07 22:34:42 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Extensions
[2010/03/07 22:34:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2010/09/16 14:07:56 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions
[2010/08/19 19:45:14 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010/05/15 10:11:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/19 19:45:10 | 000,000,000 | ---D | M] (Stylish) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}
[2010/03/26 20:31:21 | 000,000,000 | ---D | M] (ScrapBook) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}
[2010/07/30 00:32:58 | 000,000,000 | ---D | M] (Fire.fm) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}
[2010/03/21 09:57:33 | 000,000,000 | ---D | M] (ImageShack® Toolbar) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}
[2010/08/31 11:29:03 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/09/16 14:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}
[2010/09/15 14:13:11 | 000,000,000 | ---D | M] (Gamers Unite! Snag Bar) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{afe43e80-0abc-4df2-81a0-3fe44b74abe8}(53)
[2010/04/14 13:22:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/08/28 13:06:17 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\
[email protected][2010/09/12 21:02:48 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\
[email protected][2010/02/21 17:44:12 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\
[email protected][2010/07/30 00:33:10 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\mozilla\Firefox\Profiles\o0lwndie.default\extensions\
[email protected][2010/05/17 16:59:21 | 000,001,832 | ---- | M] () -- C:\Users\Valued Customer\AppData\Roaming\Mozilla\FireFox\Profiles\o0lwndie.default\searchplugins\bing.xml
[2010/08/14 14:06:49 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/01 13:22:20 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/01 13:16:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/09/13 00:30:53 | 000,065,536 | ---- | M] ( ) -- C:\Program Files\Mozilla Firefox\plugins\npkimi.dll
[2010/05/16 15:00:38 | 000,002,191 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O2 - BHO: (LastPass Browser Helper Object) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files\Zynga\tbZyn1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Clearwire Connection Manager] C:\Program Files\Clearwire\Connection Manager\ClearwireCM.exe (ClearwireCM)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Auslogics BoostSpeed] C:\Program Files\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe (Auslogics)
O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\RunServices: [zmojerix] C:\Users\Valued Customer\AppData\Local\Temp\zmojerix.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DriveConfiguration = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LegacyDrive = [Binary data over 100 bytes]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files\LastPass\LPBar.dll (LastPass)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Valued Customer\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{952451bc-675e-11df-aecf-001f1671332f}\Shell\Auto\command - "" = F:\launcher.exe -- File not found
O33 - MountPoints2\{b76a23e1-514a-11df-8386-001f1671332f}\Shell\AutoRun\command - "" = F:\Setup.exe -- File not found
O33 - MountPoints2\{c27299ac-b768-11df-847c-001f1671332f}\Shell - "" = AutoRun
O33 - MountPoints2\{c27299ac-b768-11df-847c-001f1671332f}\Shell\AutoRun\command - "" = G:\WIN\setup.exe -- File not found
O33 - MountPoints2\{feade38a-18c6-11df-a719-001e737e17da}\Shell - "" = AutoRun
O33 - MountPoints2\{feade38a-18c6-11df-a719-001e737e17da}\Shell\AutoRun\command - "" = G:\VideoConvert.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.ac3filter - C:\Windows\System32\ac3filter.acm ()
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ========== [2010/09/16 15:20:13 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
[2010/09/16 15:00:33 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Malwarebytes
[2010/09/16 15:00:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/09/16 15:00:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/09/16 15:00:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/09/16 15:00:13 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/09/16 14:40:23 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/09/16 14:39:49 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/09/16 13:57:03 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Valued Customer\Desktop\mbam-setup.exe
[2010/09/16 13:51:49 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\TFC.exe
[2010/09/16 12:41:43 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010/09/16 00:42:03 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Real
[2010/09/14 01:22:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media
[2010/09/14 01:08:51 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Local\Oberon Media
[2010/09/14 00:56:30 | 000,000,000 | ---D | C] -- C:\games
[2010/09/13 15:43:51 | 000,053,314 | ---- | C] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2010/09/13 15:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Free Ride Games
[2010/09/13 15:20:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Diner Dash Family Style
[2010/09/13 15:19:57 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Pogo Games
[2010/09/12 22:46:09 | 000,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade
[2010/09/08 13:22:49 | 000,000,000 | ---D | C] -- C:\Program Files\vLite
[2010/09/08 13:12:58 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Documents\AceBackup 3
[2010/09/08 13:12:40 | 000,937,800 | ---- | C] (AceBIT GmbH) -- C:\Windows\System32\acebitaw.dll
[2010/09/08 13:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\AceBIT
[2010/09/05 09:28:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PctelEapPeer Authentication
[2010/09/03 11:02:50 | 000,000,000 | ---D | C] -- C:\Program Files\Sierra Wireless Inc
[2010/09/03 11:02:50 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Sierra Wireless
[2010/08/28 13:06:22 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\IDEVFH
[2010/08/27 10:14:10 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Facebook
[2010/08/26 09:46:18 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/08/24 13:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\WallpaperToy
[2010/08/15 12:55:56 | 000,000,000 | ---D | C] -- C:\Remote Programs
[2010/08/15 12:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Ride Games
[2010/08/15 12:02:30 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Games
[2010/08/03 16:55:16 | 000,000,000 | R--D | C] -- C:\Users\Valued Customer\Desktop\UCC FORMS
[2010/07/30 00:57:14 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Toadies
[2010/07/28 15:12:41 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2010/07/26 22:43:37 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\OpenOffice.org
[2010/07/26 22:39:33 | 000,000,000 | ---D | C] -- C:\Program Files\JRE
[2010/07/26 22:38:33 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2010/07/26 22:33:47 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\OpenOffice.org 3.2 (en-US) Installation Files
[2010/07/26 00:57:39 | 000,000,000 | ---D | C] -- C:\Plugins
[2010/07/25 22:50:42 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/07/25 22:50:37 | 000,000,000 | ---D | C] -- C:\Windows\Splash Screens
[2010/07/25 22:50:31 | 000,000,000 | ---D | C] -- C:\Program Files\DreamSuite Bonus
[2010/07/22 14:39:06 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Roaming\Jasc
[2010/07/16 21:13:53 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Local\MigWiz
[2010/07/15 14:50:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Windows 7 Upgrade Advisor
[2010/07/14 23:00:13 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Automatic Mouse Clicker
[2010/07/09 18:15:47 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\FOLDERS
[2010/07/05 10:07:04 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Desktop\Badgewinners
[2010/06/27 15:39:39 | 000,090,112 | ---- | C] (
http://www.mvps.org/vb) -- C:\Windows\System32\ccrpTmr6.dll
[2010/06/27 15:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Cool Timer
[2010/06/27 01:18:15 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\AppData\Local\Microsoft_Corporation
[2010/06/26 13:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\MySQL
[2010/06/26 12:56:56 | 000,000,000 | ---D | C] -- C:\Program Files\MySQL
[2010/06/26 12:51:01 | 000,000,000 | ---D | C] -- C:\Windows\System32\WindowsPowerShell
[2010/06/26 12:11:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/06/26 12:09:03 | 000,000,000 | ---D | C] -- C:\Program Files\IIS
[2010/06/26 12:04:54 | 000,000,000 | ---D | C] -- C:\Users\Valued Customer\Documents\Visual Studio 2010
[2010/06/26 12:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 10.0
[2010/06/26 12:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SDKs
[2010/06/26 12:01:11 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Help Viewer
[2010/06/25 11:42:36 | 000,000,000 | ---D | C] -- C:\Program Files\YASADVDRipperPlatinum
[2010/05/29 13:55:59 | 007,839,944 | ---- | C] (LastPass) -- C:\Program Files\Common Files\lpuninstall.exe
[2010/03/28 13:58:19 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.sys
[2007/05/22 16:20:54 | 001,059,840 | ---- | C] (Auto FX Software) -- C:\Program Files\DS_Bonus_Plugin.8bf
========== Files - Modified Within 90 Days ========== [2010/09/16 15:53:36 | 003,670,016 | ---- | M] () -- C:\Users\Valued Customer\ntuser.dat
[2010/09/16 15:49:18 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/09/16 15:49:18 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/09/16 15:49:05 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/09/16 15:48:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/09/16 15:48:42 | 224,913,990 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/09/16 15:20:16 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\OTL.exe
[2010/09/16 15:07:01 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2499751553-1250953643-248992182-1000UA.job
[2010/09/16 15:00:20 | 000,000,842 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/09/16 14:55:53 | 000,524,288 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{1b2d5403-35cc-11df-9cd7-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms
[2010/09/16 14:55:53 | 000,065,536 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{1b2d5403-35cc-11df-9cd7-806e6f6e6963}.TM.blf
[2010/09/16 14:39:52 | 000,000,733 | ---- | M] () -- C:\Users\Valued Customer\Desktop\NTREGOPT.lnk
[2010/09/16 14:39:52 | 000,000,714 | ---- | M] () -- C:\Users\Valued Customer\Desktop\ERUNT.lnk
[2010/09/16 13:57:21 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Valued Customer\Desktop\mbam-setup.exe
[2010/09/16 13:51:53 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Valued Customer\Desktop\TFC.exe
[2010/09/16 12:04:24 | 000,032,821 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/09/16 12:02:31 | 000,032,821 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010/09/15 23:17:38 | 000,008,484 | ---- | M] () -- C:\Users\Valued Customer\AppData\Local\d3d9caps.dat
[2010/09/14 13:07:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2499751553-1250953643-248992182-1000Core.job
[2010/09/14 08:59:27 | 000,738,408 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/09/14 08:44:48 | 000,756,090 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/09/14 08:44:48 | 000,640,604 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/09/14 08:44:48 | 000,118,534 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/09/14 01:22:05 | 000,001,936 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Diner Dash 5 BOOM.lnk
[2010/09/14 01:22:05 | 000,001,108 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Pogo Games.lnk
[2010/09/13 15:44:23 | 000,001,855 | ---- | M] () -- C:\Users\Public\Desktop\Play My Games.lnk
[2010/09/13 15:44:22 | 000,000,145 | ---- | M] () -- C:\Users\Public\Desktop\More FREE games.url
[2010/09/13 15:44:17 | 000,000,064 | ---- | M] () -- C:\Windows\GPlrLanc.dat
[2010/09/13 02:16:15 | 000,090,112 | ---- | M] (MindVision Software) -- C:\Windows\unvise32.exe
[2010/09/13 02:16:14 | 000,348,160 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\WMAFile.dll
[2010/09/13 02:15:51 | 001,003,520 | ---- | M] (Gabest) -- C:\Windows\System32\vsfilter.dll
[2010/09/13 02:15:50 | 000,491,520 | ---- | M] (vbAccelerator) -- C:\Windows\System32\vbalSGrid6.ocx
[2010/09/13 02:15:50 | 000,200,704 | ---- | M] (vbAccelerator) -- C:\Windows\System32\vbalExpBar6.ocx
[2010/09/13 02:15:50 | 000,061,440 | ---- | M] (vbaccelerator) -- C:\Windows\System32\vbalTab6.ocx
[2010/09/13 02:15:48 | 000,036,864 | ---- | M] () -- C:\Windows\System32\umstartup.etl
[2010/09/13 02:15:42 | 000,110,592 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPCo4.dll
[2010/09/13 02:15:41 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCtrl.dll
[2010/09/13 02:15:41 | 000,040,960 | ---- | M] (vbAccelerator) -- C:\Windows\System32\SSubTmr6.dll
[2010/09/13 02:15:34 | 000,376,832 | ---- | M] (Atheros) -- C:\Windows\System32\S64CPA.exe
[2010/09/13 02:15:31 | 001,314,816 | R--- | M] (SONY Deutschland GmbH - Stuttgart Technology Center) -- C:\Windows\System32\PVSonyDll.dll
[2010/09/13 02:15:30 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010/09/13 02:14:58 | 000,057,344 | ---- | M] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\nvapo32v.dll
[2010/09/13 02:14:49 | 000,016,384 | ---- | M] () -- C:\Windows\System32\msdrve.dll
[2010/09/13 02:14:47 | 000,434,176 | ---- | M] (Gabest) -- C:\Windows\System32\Mpeg2DecFilter.ax
[2010/09/13 02:13:32 | 000,319,488 | ---- | M] (Beceem communications pvt ltd.) -- C:\Windows\System32\drivers\drxvi314.sys
[2010/09/13 02:13:25 | 000,045,056 | ---- | M] (FredJustSoft) -- C:\Windows\System32\Cursor.ocx
[2010/09/13 02:13:07 | 000,049,152 | ---- | M] (Fred Just Soft) -- C:\Windows\System32\ColorBar.ocx
[2010/09/13 02:13:06 | 000,028,672 | ---- | M] (Cyberlink) -- C:\Windows\System32\CLQTSrc.ax
[2010/09/13 02:13:05 | 000,090,112 | ---- | M] (
http://www.mvps.org/vb) -- C:\Windows\System32\ccrpTmr6.dll
[2010/09/13 02:10:58 | 001,986,560 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudFile.dll
[2010/09/13 02:10:58 | 001,212,416 | ---- | M] (NCT Company Ltd.) -- C:\Windows\System32\AudioInfos.dll
[2010/09/13 02:10:57 | 000,114,688 | ---- | M] (Fred Just Soft) -- C:\Windows\System32\AnyBouton.ocx
[2010/09/13 02:10:57 | 000,053,248 | ---- | M] (Atheros) -- C:\Windows\System32\athihvui.dll
[2010/09/13 01:51:02 | 000,524,288 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000002.regtrans-ms
[2010/09/13 01:51:02 | 000,524,288 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TMContainer00000000000000000001.regtrans-ms
[2010/09/13 01:51:02 | 000,065,536 | -HS- | M] () -- C:\Users\Valued Customer\NTUSER.DAT{d8932e6d-6a6f-11db-b6ab-a038f15a5785}.TM.blf
[2010/09/12 20:59:00 | 000,002,013 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Diner Dash Family Style.lnk
[2010/09/10 15:54:35 | 000,002,659 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Jasc Paint Shop Pro 9.lnk
[2010/09/06 03:15:52 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynTPAPI.dll
[2010/09/06 03:15:51 | 000,163,840 | ---- | M] (Synaptics, Inc.) -- C:\Windows\System32\SynCOM.dll
[2010/09/05 22:37:23 | 000,001,056 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.9.lnk
[2010/09/05 22:37:22 | 000,001,032 | ---- | M] () -- C:\Users\Valued Customer\Desktop\FrostWire 4.20.9.lnk
[2010/09/05 09:28:39 | 000,001,951 | ---- | M] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/08/31 10:26:50 | 000,000,790 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\ColorMania.lnk
[2010/08/30 18:17:34 | 000,000,246 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2010/08/29 10:09:58 | 000,000,966 | ---- | M] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/29 09:50:52 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2010/08/27 00:27:47 | 000,000,632 | RHS- | M] () -- C:\Users\Valued Customer\ntuser.pol
[2010/08/24 15:57:36 | 004,196,406 | -H-- | M] () -- C:\Windows\System32\toyhide.bmp
[2010/08/19 16:21:48 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/08/15 12:56:13 | 000,001,855 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Play My Games.lnk
[2010/08/14 09:27:48 | 000,281,192 | ---- | M] () -- C:\Users\Valued Customer\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/08/13 09:49:41 | 000,001,050 | ---- | M] () -- C:\Users\Public\Desktop\The Weather Channel Desktop .lnk
[2010/07/29 18:52:10 | 000,001,636 | ---- | M] () -- C:\Users\Valued Customer\Desktop\Loader.lnk
[2010/07/26 22:53:29 | 000,002,611 | ---- | M] () -- C:\Users\Valued Customer\Documents\Yahtzee Party.odb
[2010/07/19 09:28:16 | 000,010,816 | ---- | M] () -- C:\Windows\vmoptver.dll
[2010/07/18 11:34:12 | 000,053,314 | ---- | M] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2010/07/07 14:01:22 | 000,017,542 | ---- | M] () -- C:\Windows\FRGN.ico
[2010/06/29 09:07:02 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
========== Files Created - No Company Name ========== [2010/09/16 15:00:20 | 000,000,842 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/09/16 14:46:53 | 224,913,990 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/09/16 14:42:04 | 000,293,376 | ---- | C] () -- C:\Users\Valued Customer\Desktop\gmer.exe
[2010/09/16 14:39:52 | 000,000,733 | ---- | C] () -- C:\Users\Valued Customer\Desktop\NTREGOPT.lnk
[2010/09/16 14:39:52 | 000,000,714 | ---- | C] () -- C:\Users\Valued Customer\Desktop\ERUNT.lnk
[2010/09/14 01:22:05 | 000,001,936 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Diner Dash 5 BOOM.lnk
[2010/09/13 15:44:23 | 000,001,855 | ---- | C] () -- C:\Users\Public\Desktop\Play My Games.lnk
[2010/09/13 15:44:22 | 000,000,145 | ---- | C] () -- C:\Users\Public\Desktop\More FREE games.url
[2010/09/12 20:59:00 | 000,001,108 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Pogo Games.lnk
[2010/09/12 20:58:59 | 000,002,013 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Diner Dash Family Style.lnk
[2010/09/05 22:37:23 | 000,001,056 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.9.lnk
[2010/09/05 22:37:22 | 000,001,032 | ---- | C] () -- C:\Users\Valued Customer\Desktop\FrostWire 4.20.9.lnk
[2010/09/05 09:28:39 | 000,001,951 | ---- | C] () -- C:\Users\Public\Desktop\CLEAR Connection Manager.lnk
[2010/08/31 10:26:50 | 000,000,790 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\ColorMania.lnk
[2010/08/29 10:09:58 | 000,000,966 | ---- | C] () -- C:\Users\Valued Customer\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2010/08/29 09:50:52 | 000,000,000 | ---- | C] () -- C:\install.rdf
[2010/08/24 13:07:25 | 004,196,406 | -H-- | C] () -- C:\Windows\System32\toyhide.bmp
[2010/08/15 12:56:13 | 000,001,855 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Play My Games.lnk
[2010/08/15 12:56:06 | 000,017,542 | ---- | C] () -- C:\Windows\FRGN.ico
[2010/08/15 12:56:06 | 000,000,064 | ---- | C] () -- C:\Windows\GPlrLanc.dat
[2010/07/29 18:52:10 | 000,001,636 | ---- | C] () -- C:\Users\Valued Customer\Desktop\Loader.lnk
[2010/07/26 22:51:25 | 000,002,611 | ---- | C] () -- C:\Users\Valued Customer\Documents\Yahtzee Party.odb
[2010/07/25 22:56:02 | 000,210,944 | ---- | C] () -- C:\Windows\System\MSVCRT10.DLL
[2010/07/24 01:00:41 | 000,000,632 | RHS- | C] () -- C:\Users\Valued Customer\ntuser.pol
[2010/07/19 09:28:16 | 000,016,384 | ---- | C] () -- C:\Windows\System32\msdrve.dll
[2010/07/19 09:28:16 | 000,010,816 | ---- | C] () -- C:\Windows\vmoptver.dll
[2010/06/29 09:07:02 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/26 13:07:00 | 000,201,184 | ---- | C] () -- C:\Windows\System32\winrm.vbs
[2010/06/26 13:07:00 | 000,004,675 | ---- | C] () -- C:\Windows\System32\wsmanconfig_schema.xml
[2010/06/26 13:07:00 | 000,002,426 | ---- | C] () -- C:\Windows\System32\WsmTxt.xsl
[2010/05/25 21:48:08 | 000,037,248 | ---- | C] () -- C:\Windows\System32\drivers\swmsflt.sys
[2010/04/29 18:50:30 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/10 19:58:11 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010/03/28 14:00:15 | 000,000,034 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.log
[2010/03/28 13:58:19 | 000,087,608 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\inst.exe
[2010/03/28 13:58:19 | 000,007,887 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.cat
[2010/03/28 13:58:19 | 000,001,144 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\pcouffin.inf
[2010/03/19 14:32:20 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010/02/13 17:40:49 | 000,030,208 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/08 12:15:07 | 000,000,342 | ---- | C] () -- C:\Users\Valued Customer\AppData\Roaming\settings.dat
[2010/02/07 22:35:28 | 000,000,021 | ---- | C] () -- C:\ProgramData\hpqp.txt
[2010/02/07 15:21:04 | 000,000,056 | ---- | C] () -- C:\Windows\wininit.ini
[2010/02/05 11:30:32 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010/02/04 11:35:28 | 000,008,484 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\d3d9caps.dat
[2010/01/29 17:39:30 | 000,032,821 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/01/29 17:07:35 | 000,032,821 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/01/28 10:25:47 | 000,000,000 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\QSwitch.txt
[2010/01/28 10:25:47 | 000,000,000 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\DSwitch.txt
[2010/01/28 10:25:47 | 000,000,000 | ---- | C] () -- C:\Users\Valued Customer\AppData\Local\AtStart.txt
[2010/01/28 09:42:06 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2010/01/28 09:41:55 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2010/01/28 09:41:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2010/01/28 09:40:52 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2010/01/28 09:39:30 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2010/01/28 09:38:39 | 000,000,246 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/08/03 16:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/05/08 02:08:44 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
[2008/11/04 11:28:18 | 000,023,104 | ---- | C] () -- C:\Windows\System32\svcprmpt.dll
[2008/11/04 11:28:14 | 000,030,976 | ---- | C] () -- C:\Windows\rascntrl.dll
[2008/10/22 23:58:59 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2008/10/22 23:53:18 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2008/10/22 23:51:20 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2008/10/22 23:49:59 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2007/06/23 12:50:44 | 000,001,577 | ---- | C] () -- C:\Windows\WSYS049.SYS
[2007/06/23 12:50:44 | 000,000,008 | ---- | C] () -- C:\Windows\Modemx.dll
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/03/09 02:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
========== LOP Check ========== [2010/06/05 00:57:29 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Auslogics
[2010/08/02 16:11:15 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\AweSEM
[2010/03/11 14:18:13 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\BestOn
[2010/02/13 15:57:59 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Canneverbe Limited
[2010/03/30 15:42:04 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Facebook
[2010/08/29 09:52:46 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Flock
[2010/03/01 14:36:12 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FloodLightGames
[2010/02/19 17:04:22 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FreeBurner
[2010/05/29 20:19:26 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FreeVideoConverter
[2010/05/26 15:33:47 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\freshgames
[2010/09/14 00:49:00 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\FrostWire
[2010/07/22 14:39:06 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Jasc
[2010/03/14 17:28:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Merscom
[2010/03/16 13:48:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\muvee Technologies
[2010/07/26 22:43:37 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\OpenOffice.org
[2010/09/13 15:19:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\PlayFirst
[2010/09/13 15:19:58 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Pogo Games
[2010/09/03 11:02:50 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Sierra Wireless
[2010/02/07 15:22:50 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\SPORE Creature Creator
[2010/03/07 21:45:27 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\uTorrent
[2010/06/25 14:45:29 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\Vso
[2010/05/26 17:18:02 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\WhiteSmokeTranslator
[2010/01/29 17:06:56 | 000,000,000 | ---D | M] -- C:\Users\Valued Customer\AppData\Roaming\WildTangent
[2010/09/16 14:01:55 | 000,032,570 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2006/09/18 14:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2010/07/10 10:35:27 | 000,209,749 | ---- | M] () -- C:\drivers.log
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2007/11/07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2010/08/29 09:50:52 | 000,000,000 | ---- | M] () -- C:\install.rdf
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2010/05/30 14:03:54 | 000,000,932 | ---- | M] () -- C:\nsinst.log
[2010/09/16 15:48:42 | 2191,200,256 | -HS- | M] () -- C:\pagefile.sys
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
< %systemroot%\*. /mp /s > < %systemroot%\System32\config\*.sav >[2010/09/13 02:13:07 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2010/09/13 02:13:08 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2010/09/13 02:13:10 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2010/09/13 02:13:10 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2010/09/13 02:13:10 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-09-03 21:21:26
========== Alternate Data Streams ========== @Alternate Data Stream - 176 bytes -> C:\ProgramData\Temp:C8E29393
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:679ABA25
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:A88A1788
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:7814339A
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:593E515D
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:84ABACE9
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:CD2D00F8
< End of report >
OTL Extras logfile created on: 9/16/2010 3:53:08 PM - Run 1
OTL by OldTimer - Version 3.2.12.1 Folder = C:\Users\Valued Customer\Desktop
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 56.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 76.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 138.71 Gb Total Space | 15.47 Gb Free Space | 11.15% Space Free | Partition Type: NTFS
Drive D: | 10.33 Gb Total Space | 1.71 Gb Free Space | 16.57% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: VALUEDCUSTOM-PC
Current User Name: Valued Customer
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Valued Customer\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AceBackup] -- "C:\Program Files\AceBIT\AceBackup 3\AceBackup.exe" -as "%1" (AceBIT)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{039968E2-B1D4-4C6F-9A49-8B721CBCEE69}" = lport=137 | protocol=17 | dir=in | app=system |
"{18F9A032-835F-4286-80C8-BEB3F37CD7E3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A3CCBAD-7C74-48BB-82CF-A1ACC50BAD08}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{211AD7C5-6718-4206-95F2-D6466A1273D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{38BFF1F3-9A0B-4C2A-9B10-159376136561}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B9740F6-CA9C-4AA6-9506-A912B6D1968E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{430BDAD6-7C28-43F2-9902-EE603E8D1292}" = lport=2869 | protocol=6 | dir=in | app=system |
"{465E1B4C-2D86-4478-86E2-BB4830D8B55C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4D1ABE3B-7284-45B6-BC58-0D05086B79B4}" = lport=138 | protocol=17 | dir=in | app=system |
"{5097A81D-D611-4F5B-ADCE-58D6C937EA3A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5318421A-E2BE-4757-8418-B3D012030834}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5744B32B-E065-421E-87EF-14146C32FB0E}" = lport=445 | protocol=6 | dir=in | app=system |
"{5973A2B9-4FBA-45E7-B7DF-8E7888F2788E}" = lport=3306 | protocol=6 | dir=in | name=mysql server |
"{65B31E98-D9B2-4594-B9D2-0343812CA94D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6A8945CA-242E-4E0A-BC0A-2C8AF179C8EB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7E0EA9DD-7813-4B6A-917F-FA9E45FB9F66}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7FCA202D-7380-4A1D-9584-6B7FB939EEE3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{874D0E6B-AE22-43D5-961E-D6C014696D0D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{A2952765-22EF-4644-A32C-10B99344F510}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D0F8BAE2-5E52-4F91-BEA7-97B3F8A8A384}" = rport=445 | protocol=6 | dir=out | app=system |
"{D9798A75-B597-4029-AE83-23F41BCBCA0B}" = rport=138 | protocol=17 | dir=out | app=system |
"{DA3342F6-1573-46EB-8F57-AC5295BD09A3}" = rport=137 | protocol=17 | dir=out | app=system |
"{DB66657C-F502-4E75-855E-667A5770F421}" = rport=139 | protocol=6 | dir=out | app=system |
"{E6A7587F-DA42-4962-9906-FD27CD62316B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E9685B10-EB71-4543-A5B9-C273ACDB6059}" = lport=139 | protocol=6 | dir=in | app=system |
"{ED89FD12-D8FA-4ABB-9161-953306BD5EDA}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFABA0AD-1A33-426D-A324-6FE774D2EA5A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FFF220FC-3BC2-4176-8D57-9FD440541F7E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2792317C-62C3-4AD4-A69C-290A7F6E259A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{291F0A84-2ECF-4734-8454-11E5CE7EABC9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{35343106-0985-4197-ADE2-ADD0CDDEA440}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{4C87E8B6-65E7-46D2-8144-E187DFFFA497}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{52C64911-4286-46E4-BAF9-B1E40AF89A8F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5521E194-28D7-46B3-BC03-23BE504695A4}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{5613BDFE-509B-4D4E-A90F-77BD3EE9BA34}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{677BCD5F-C497-4E5C-A0E3-C2473B494445}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6B50D6EC-CA9E-406B-AA42-CF55246CE426}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6C62D088-8FC2-4875-A0AD-67A7B60B43CC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{72BDFE94-A785-46AC-B7F6-69A2FCC84F3D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{736D7836-7207-4775-B903-7BC56ABFF29F}" = protocol=58 | dir=in |
[email protected],-28545 |
"{76E8C450-7469-439E-A325-41DAF991CF57}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{78BF51F2-FCAC-4751-AF37-685E5A8C69A1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7D6B4613-AE4C-40E2-9BA4-E67B26F7CAD4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7FC88A60-4F07-4CD7-A86A-08E2FF6D2DE4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8DB48BEC-621C-42B3-AAED-762AEA3EC33D}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{A4FD90B8-0AF8-4D1F-BA61-84A7950065D2}" = protocol=6 | dir=out | app=system |
"{A6642951-C1DC-40CB-9DFA-6A1AEF0230DC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AA3247AC-050B-43F1-AB8B-1C50F39141B2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AD9700C8-86B2-4F72-B8D5-EDD8CBF44C99}" = protocol=1 | dir=out |
[email protected],-28544 |
"{AFFB7931-80F4-4C89-8282-87596D80D9BB}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{B3A23BEA-36CD-45A4-9447-9A738754DED4}" = protocol=58 | dir=out |
[email protected],-28546 |
"{CFBA5F48-18A8-4FD5-8B53-8402FA0421CA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E7E2B4D8-76A0-4EDF-92E4-BB3463CD0C9C}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{EDF73E9F-7266-46AB-98B5-A9FF57B0C728}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FB88B599-DC0E-45FF-9ED8-185FF4131061}" = protocol=1 | dir=in |
[email protected],-28543 |
"TCP Query User{17EF4BDC-7955-4694-8056-4D32E6F43297}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{89FE3128-8BFC-428D-8387-77D71A30087C}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{D6E004F0-94BD-45F4-96B6-6518F3AA609D}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{DA4F6320-3C08-4580-94F0-B255088A5294}C:\users\valued customer\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\valued customer\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{EC17CB1F-CB08-467D-AA26-9C8126C87431}C:\program files\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"TCP Query User{F12A593C-2F46-4E1D-A466-51AF3321AB4B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{181425BE-FCD8-40B5-BA19-C2A485B132E8}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{2969F98A-C191-491E-904D-BCAC84DB87F8}C:\users\valued customer\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\valued customer\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{764FC816-21E3-403F-A190-3DB91414816E}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{7671D3C0-BD8E-4B57-ADCD-19B937E8E71E}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{974B5AF8-6843-4ED9-8E80-B79C82D47183}C:\program files\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"UDP Query User{ECE86235-E6B4-4F4D-AF25-B90C65DD00F7}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 21
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{34A350D1-64FB-36D8-9D0C-1CD8E392DBA5}" = Google Talk Plugin
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{364EA847-D026-4DC1-8FC6-BC2307697A90}" = Dinner Timer Lite
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E029F9D-A709-4B0A-89C9-D56AA4B1254B}" = WebCam Suite 2.0
"{506BC11F-B54E-4C7A-9194-CF672F1D2191}" = CLEAR Connection Manager
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5A13987D-55F4-4271-A40E-76AC9B1B38FD}" = OpenOffice.org 3.2
"{5FD88490-011C-4DF1-B886-F298D955171B}" = MySQL Connector Net 5.2.5
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551167}" = Diner Dash Family Style
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-118793300}" = Ranch Rush 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119241170}" = Diner Dash 5 BOOM
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
"{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}" = AceBackup 3
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.4
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}" = HP Update
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D1087411-3382-4298-8B1B-215A7F02E086}" = MySQL Server 5.1
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E62A1F01-07B7-4541-A835-EE5B0BF064C2}" = Microsoft Antimalware
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EF98A02A-1748-4762-9B7D-5ED1600520D5}" = Microsoft Security Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Jasc Paint Shop Pro 9
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Action Replay Code Manager_is1" = Action Replay Code Manager
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"ColorMania_is1" = ColorMania 3.0
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cool Timer_is1" = Cool Timer 3.6
"Dinner Timer Lite" = Dinner Timer Lite
"DreamSuite Bonus" = Uninstall DreamSuite Bonus
"DVD Shrink_is1" = DVD Shrink 3.2
"DVDFab 7_is1" = DVDFab 7.0.3.0 (26/03/2010)
"DVDFab Passkey 7_is1" = DVDFab Passkey 7.0.1.0 Beta (20/03/2010)
"ERUNT_is1" = ERUNT 1.1j
"FrostWire" = FrostWire 4.20.9
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"KLiteCodecPack_is1" = K-Lite Codec Pack 5.8.3 (Standard)
"Loader-Full_ 2.0.0" = Loader-Full_ 2.0.0
"Loki ActiveX Control" = Loki ActiveX Control
"Magic ISO Maker v5.5 (build 0281)" = Magic ISO Maker v5.5 (build 0281)
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Security Essentials" = Microsoft Security Essentials
"Mozilla Firefox (3.6.9)" = Mozilla Firefox (3.6.9)
"NVIDIA Drivers" = NVIDIA Drivers
"PowerISO" = PowerISO
"RADVideo" = RAD Video Tools
"RealAlt_is1" = Real Alternative 2.0.2
"ShortKeys 2" = ShortKeys 2
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"Veetle TV" = Veetle TV 0.9.17
"vLite_is1" = vLite
"WallpaperToy" = Wallpaper Changer for Windows XPntVersion\Uninstall\vLite_is1
"WildTangent hp Master Uninstall" = My HP Games
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Messenger" = Yahoo! Messenger
"YASA DVD Ripper Platinum v2.8 (build 037)" = YASA DVD Ripper Platinum v2.8 (build 037)
"Zynga Toolbar" = Zynga Toolbar
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"LastPass" = LastPass (uninstall only)
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 9/16/2010 5:05:07 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/16/2010 5:48:20 PM | Computer Name = ValuedCustom-PC | Source = EventSystem | ID = 4609
Description =
Error - 9/16/2010 5:49:00 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/16/2010 5:52:48 PM | Computer Name = ValuedCustom-PC | Source = Perflib | ID = 1008
Description =
Error - 9/16/2010 5:52:48 PM | Computer Name = ValuedCustom-PC | Source = Perflib | ID = 1010
Description =
Error - 9/16/2010 5:52:49 PM | Computer Name = ValuedCustom-PC | Source = PerfNet | ID = 2004
Description =
Error - 9/16/2010 5:58:58 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/16/2010 6:20:55 PM | Computer Name = ValuedCustom-PC | Source = Application Error | ID = 1000
Description = Faulting application gmer.exe, version 1.0.15.15281, time stamp 0x4b2763f0,
faulting module gmer.exe, version 1.0.15.15281, time stamp 0x4b2763f0, exception
code 0xc0000005, fault offset 0x0000c4b1, process id 0x8b8, application start time
0x01cb55ed245cd990.
Error - 9/16/2010 6:24:40 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/16/2010 6:50:28 PM | Computer Name = ValuedCustom-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 9/16/2010 5:58:59 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/16/2010 5:58:59 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 9/16/2010 6:22:42 PM | Computer Name = ValuedCustom-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:21:14 PM on 9/16/2010 was unexpected.
Error - 9/16/2010 6:24:41 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/16/2010 6:24:41 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/16/2010 6:24:41 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 9/16/2010 6:48:55 PM | Computer Name = ValuedCustom-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 3:39:34 PM on 9/16/2010 was unexpected.
Error - 9/16/2010 6:50:30 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/16/2010 6:50:30 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 9/16/2010 6:50:30 PM | Computer Name = ValuedCustom-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report >
Sign In
Create Account
