Win 7 Home Security

View previous topic View next topic Go down

Win 7 Home Security

Post by Nativetexan2 on 30th March 2011, 8:59 pm

I'm getting the Win 7 Home Security pop up. Ran Malwarebytes and found 8 items infected but it comes back the next day.

Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Sneakyone on 31st March 2011, 3:57 am

Hi,

Please download [You must be registered and logged in to see this link.] to your Desktop. (If you already have it downloaded, then just follow the instructions below).
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\system32\*.exe /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\*.sys
    %systemroot%\system32\drivers\*.dll
    %systemroot%\system32\drivers\*.ini
    %systemroot%\system32\drivers\*.exe
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.
    %appdata%\*.*
    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    disk.sys
    nvstor32.sys
    ahcix86s.sys
    nvrd32.sys
    symmpi.sys
    adp3132.sys
    mv61xx.sys
    usbstor.sys
    /md5stop
    CREATERESTOREPOINT
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs


  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) and paste (Edit->Paste) the contents of these files, one at a time


Note: in the event that OTL fails to run, please use alternate download links to try again:

[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56094
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Nativetexan2 on 7th April 2011, 3:20 am

I had to post the OTL in 2 parts.


Last edited by Nativetexan2 on 7th April 2011, 5:57 am; edited 1 time in total

Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Nativetexan2 on 7th April 2011, 5:54 am

OTL Log File: Part 1

OTL logfile created on: 4/6/2011 8:25:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Office Depot\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 36.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 48.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.29 Gb Total Space | 47.65 Gb Free Space | 33.02% Space Free | Partition Type: NTFS
Drive D: | 144.04 Gb Total Space | 143.91 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive F: | 698.64 Gb Total Space | 426.57 Gb Free Space | 61.06% Space Free | Partition Type: NTFS
Drive K: | 931.51 Gb Total Space | 876.52 Gb Free Space | 94.10% Space Free | Partition Type: NTFS

Computer Name: MAINCOMPUTER | User Name: Office Depot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
PRC - [2011/03/06 11:53:05 | 000,234,656 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10n_ActiveX.exe
PRC - [2011/01/12 21:01:28 | 006,129,496 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\Vid HD\Vid.exe
PRC - [2011/01/07 02:22:54 | 002,747,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2011/01/07 02:22:44 | 001,084,256 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/01/06 16:23:20 | 000,737,872 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2010/12/05 17:26:40 | 000,654,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2010/12/05 17:26:12 | 000,650,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/09/22 12:00:58 | 000,330,784 | ---- | M] (Soluto) -- C:\Program Files\Soluto\SolutoService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/07/20 00:39:24 | 000,020,480 | ---- | M] (Logitech) -- C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
PRC - [2010/04/06 22:32:40 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2009/05/21 20:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/03 04:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2007/10/09 13:33:10 | 001,949,480 | ---- | M] (Apricorn) -- C:\Program Files\Apricorn\EZ Gig II\TimounterMonitor.exe
PRC - [2007/09/10 17:28:18 | 000,057,344 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/05/31 09:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
PRC - [2007/03/15 18:16:42 | 000,454,784 | ---- | M] (Linksys, a Division of Cisco Systems, Inc.) -- C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe


========== Modules (SafeList) ==========

MOD - [2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/01/06 16:23:18 | 006,128,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/06 11:31:48 | 000,517,448 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2010/09/22 12:00:58 | 000,330,784 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/10/07 01:47:34 | 000,154,136 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2009/07/07 21:46:02 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/07/21 16:53:04 | 000,193,888 | ---- | M] (Seagate Technology LLC) [On_Demand | Stopped] -- C:\Program Files\Maxtor\Sync\SyncServices.exe -- (Maxtor Sync Service)
SRV - [2008/07/13 23:39:22 | 000,382,240 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2008/01/25 21:49:04 | 000,269,448 | ---- | M] (CyberLink) [On_Demand | Stopped] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008/01/03 04:55:52 | 000,506,416 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/12/19 21:09:22 | 000,024,576 | ---- | M] () [Disabled | Stopped] -- C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe -- (eSettingsService)
SRV - [2007/10/17 13:38:20 | 000,028,672 | ---- | M] () [Disabled | Stopped] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2007/10/09 13:24:32 | 000,410,856 | ---- | M] (Apricorn) [On_Demand | Stopped] -- C:\Program Files\Common Files\Apricorn\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007/09/10 17:28:18 | 000,057,344 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/12/08 05:12:38 | 000,251,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010/11/12 14:19:38 | 000,299,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2010/09/22 11:52:54 | 000,183,240 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\PCGenFAM.sys -- (PCGenFAM)
DRV - [2010/09/13 16:27:40 | 000,025,680 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2010/09/07 03:48:56 | 000,034,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2010/09/07 03:48:50 | 000,026,064 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2010/08/19 21:42:38 | 000,123,472 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2010/08/19 21:42:38 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2010/08/19 21:42:36 | 000,030,288 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2009/11/05 15:35:25 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2009/10/07 01:46:36 | 000,025,752 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/07/04 17:48:48 | 000,400,560 | ---- | M] (Apricorn) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2009/07/04 17:48:48 | 000,039,376 | ---- | M] (Apricorn) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/07/04 17:48:46 | 000,120,688 | ---- | M] (Apricorn) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2008/08/30 06:58:16 | 003,929,600 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008/01/20 21:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/11/06 12:30:48 | 000,006,080 | ---- | M] (Zeal SoftStudio) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\zntport.sys -- (zntport)
DRV - [2007/11/06 12:30:46 | 000,014,544 | ---- | M] (EnTech Taiwan) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\TVicPort.sys -- (tvicport)
DRV - [2007/07/03 12:05:20 | 000,015,392 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2007/05/09 21:51:34 | 000,041,888 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/05/09 21:47:00 | 001,276,832 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV302V32.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV - [2007/05/09 21:46:48 | 000,014,112 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lv302af.sys -- (pepifilter)
DRV - [2007/05/03 13:37:08 | 000,022,152 | ---- | M] (Maxtor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mxopswd.sys -- (MXOPSWD)
DRV - [2007/03/22 12:57:14 | 000,028,672 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\elagopro.sys -- (elagopro)
DRV - [2007/03/22 12:57:14 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\elaunidr.sys -- (elaunidr)
DRV - [2007/01/29 07:20:04 | 000,361,728 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emBDA.sys -- (USB28xxBGA)
DRV - [2007/01/29 07:19:48 | 000,039,680 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\emOEM.sys -- (USB28xxOEM)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 02:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/10/30 13:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2004/04/13 17:03:46 | 000,016,509 | ---- | M] (Palm, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [You must be registered and logged in to see this link.] [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E1 64 E2 E1 F6 1A CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {b9b97401-98e1-4942-930d-c36652dab7f2} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.msn.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {7A6B31EE-8F70-4549-93F5-B29CA7B3C093}:1.9.1
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209

FF - HKLM\software\mozilla\Firefox\Extensions\\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093}: C:\Users\Office Depot\AppData\Local\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093} [2011/03/26 01:17:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/03/31 09:41:27 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/17 02:44:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/02/21 23:34:11 | 000,000,000 | ---D | M]

[2010/12/16 09:02:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Office Depot\AppData\Roaming\mozilla\Extensions
[2009/04/25 18:29:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Office Depot\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2010/12/27 21:35:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Office Depot\AppData\Roaming\mozilla\Firefox\Profiles\4532al2u.default\extensions
[2011/04/03 19:51:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/14 11:22:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/03/31 09:41:27 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2011/03/26 01:17:12 | 000,000,000 | ---D | M] (XULRunner) -- C:\USERS\OFFICE DEPOT\APPDATA\LOCAL\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093}
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/03/26 01:40:21 | 000,000,296 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 whysohardx.com
O1 - Hosts: 127.0.0.1 protectyourpc-11.com
O1 - Hosts: 127.0.0.1 checkserverstatux.com
O1 - Hosts: 127.0.0.1 xinmin.cn
O1 - Hosts: 127.0.0.1 xy95.cn
O1 - Hosts: 127.0.0.1 koralda.com
O1 - Hosts: 127.0.0.1 weirden.com
O1 - Hosts: 127.0.0.1 nanocloudcontroller.com
O1 - Hosts: 127.0.0.1 coo0lnet.net
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\Snagit 9\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - File not found
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files\Apricorn\EZ Gig II\TimounterMonitor.exe (Apricorn)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EasyLinkAdvisor] C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe (Linksys, a Division of Cisco Systems, Inc.)
O4 - HKCU..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe (Logitech)
O4 - HKCU..\Run: [Logitech Vid] C:\Program Files\Logitech\Vid HD\Vid.exe (Logitech Inc.)
O4 - Startup: C:\Users\Office Depot\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: bikebarn.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: openmyeyeslord.net ([www] http in Trusted sites)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} [You must be registered and logged in to see this link.] (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} [You must be registered and logged in to see this link.] (Snapfish Activia)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} [You must be registered and logged in to see this link.] (MSN Photo Upload Tool)
O16 - DPF: {6BAB93B7-1917-4214-A7D2-874FA6DB4740} [You must be registered and logged in to see this link.] (AOL Newport Editor Ctrl)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} [You must be registered and logged in to see this link.] (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} [You must be registered and logged in to see this link.] (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_23)
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} [You must be registered and logged in to see this link.] (SysInfo Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} [You must be registered and logged in to see this link.] (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.85.102 68.87.69.150 192.168.1.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Waterfall.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\System32\relog_ap.dll (Apricorn)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/07/04 01:10:33 | 000,000,055 | ---- | M] () - F:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/11/02 22:47:20 | 000,000,067 | ---- | M] () - K:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{40844fa0-595a-11dd-b6a0-001c2587e739}\Shell\AutoRun\command - "" = M:\setupSNK.exe
O33 - MountPoints2\{40844fa3-595a-11dd-b6a0-001c2587e739}\Shell - "" = AutoRun
O33 - MountPoints2\{40844fa3-595a-11dd-b6a0-001c2587e739}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{733f7b79-9e60-11dd-8194-00038a000015}\Shell\AutoRun\command - "" = L:\LinksysConnectPC.exe
O33 - MountPoints2\{7cacc7a1-d574-11df-aeeb-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{7cacc7a1-d574-11df-aeeb-00038a000015}\Shell\AutoRun\command - "" = M:\TL-Bootstrap.exe
O33 - MountPoints2\{d0acd093-f998-11de-87bb-00038a000015}\Shell\AutoRun\command - "" = L:\Programs\nu2menu\nu2menu.exe
O33 - MountPoints2\{d40da054-ff30-11de-a8a3-00038a000015}\Shell\AutoRun\command - "" = L:\DmailerSync_v9_0_15109.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) - C:\Program Files\AVG\AVG10\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) - C:\Program Files\AVG\AVG10\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe - (Acer Inc.)
MsConfig - StartUpReg: Acer Assist Launcher - hkey= - key= - C:\Program Files\Acer Assist\launcher.exe ()
MsConfig - StartUpReg: Acer Empowering Technology Monitor - hkey= - key= - C:\Acer\Empowering Technology\SysMonitor.exe ()
MsConfig - StartUpReg: Acer Product Registration - hkey= - key= - C:\Program Files\Acer Registration\ACE1.exe (Leader Technologies)
MsConfig - StartUpReg: BkupTray - hkey= - key= - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe ()
MsConfig - StartUpReg: eDataSecurity Loader - hkey= - key= - C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe (Egis Incorporated)
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: PCMMediaSharing - hkey= - key= - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
MsConfig - StartUpReg: StartCCC - hkey= - key= - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
MsConfig - StartUpReg: Windows Defender - hkey= - key= - File not found
MsConfig - StartUpReg: WindowsWelcomeCenter - hkey= - key= - File not found
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: SolutoService - C:\Program Files\Soluto\SolutoService.exe (Soluto)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SolutoService - C:\Program Files\Soluto\SolutoService.exe (Soluto)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: SupportSoft RemoteAssist - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - Service
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0739DE2-571F-11D2-A031-0060977F760C} - InterActual PCFriendly ActiveX Control
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~1\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: MSVideo - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\Windows\System32\LVCodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yvu9 - C:\Windows\System32\Iyvu9_32.dll ()
Drivers32: wave1 - C:\Windows\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2011/04/06 00:47:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
[2011/03/26 03:09:34 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/03/26 01:17:11 | 000,000,000 | ---D | C] -- C:\Users\Office Depot\AppData\Local\{7A6B31EE-8F70-4549-93F5-B29CA7B3C093}
[2011/03/22 16:32:42 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/22 16:32:41 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011/03/20 13:46:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/20 13:44:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/03/09 09:15:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2010
[2011/03/08 16:50:19 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/08 16:50:19 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/08 16:50:19 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2011/03/08 16:50:19 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbeio.dll
[2008/03/20 02:38:36 | 000,016,384 | ---- | C] ( ) -- C:\Windows\System32\ClearEvent.exe
[1 C:\Users\Office Depot\Desktop\*.tmp files -> C:\Users\Office Depot\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/04/06 20:28:16 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/06 20:28:16 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/06 20:23:48 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{778E61E6-1D2E-4282-8402-E15FD89B81C9}.job
[2011/04/06 20:22:02 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/06 20:22:02 | 000,003,344 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/06 20:22:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/04/06 20:21:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/06 20:21:31 | 1878,515,712 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/06 09:16:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/04/06 07:07:08 | 111,767,864 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
[2011/04/05 08:29:49 | 000,338,965 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011/04/04 23:15:07 | 000,009,610 | -HS- | M] () -- C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
[2011/04/04 20:17:03 | 000,001,935 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/04/04 15:30:25 | 000,009,920 | -HS- | M] () -- C:\ProgramData\j638u7q3443b5j
[2011/04/04 13:27:12 | 000,009,892 | -HS- | M] () -- C:\Users\Office Depot\AppData\Local\j638u7q3443b5j
[2011/04/04 13:25:53 | 183,749,961 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/04/02 12:07:07 | 000,012,800 | ---- | M] () -- C:\Users\Office Depot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/01 20:51:55 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/04/01 20:48:33 | 000,000,300 | ---- | M] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-3635493022-1987165414-2180967125-1000.job
[2011/03/31 19:36:52 | 000,000,120 | ---- | M] () -- C:\Users\Office Depot\AppData\Local\Lcabu.dat
[2011/03/31 19:36:52 | 000,000,000 | ---- | M] () -- C:\Users\Office Depot\AppData\Local\Dgehedi.bin
[2011/03/31 09:42:49 | 000,000,794 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2011/03/21 09:09:04 | 000,001,750 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Vid HD.lnk
[2011/03/20 13:46:51 | 000,001,628 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/16 03:22:17 | 000,398,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/03/09 22:05:23 | 000,002,483 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2010.lnk
[2011/03/07 23:23:38 | 000,002,337 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[1 C:\Users\Office Depot\Desktop\*.tmp files -> C:\Users\Office Depot\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/04/04 23:12:13 | 000,009,610 | -HS- | C] () -- C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
[2011/04/04 11:43:59 | 000,009,892 | -HS- | C] () -- C:\Users\Office Depot\AppData\Local\j638u7q3443b5j
[2011/04/03 23:00:58 | 000,009,920 | -HS- | C] () -- C:\ProgramData\j638u7q3443b5j
[2011/04/01 18:56:48 | 000,000,300 | ---- | C] () -- C:\Windows\tasks\RealUpgradeScheduledTaskS-1-5-21-3635493022-1987165414-2180967125-1000.job
[2011/03/26 03:08:54 | 183,749,961 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/03/26 01:17:13 | 000,000,120 | ---- | C] () -- C:\Users\Office Depot\AppData\Local\Lcabu.dat
[2011/03/26 01:17:13 | 000,000,000 | ---- | C] () -- C:\Users\Office Depot\AppData\Local\Dgehedi.bin
[2011/03/20 13:46:51 | 000,001,628 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/03/09 09:15:17 | 000,002,483 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2010.lnk
[2010/10/24 20:37:53 | 000,012,800 | ---- | C] () -- C:\Users\Office Depot\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/29 19:52:38 | 000,000,098 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/08/07 16:31:10 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/07/20 00:39:25 | 000,081,920 | R--- | C] () -- C:\Windows\bwUnin-6.1.4.68-8876480L.exe
[2010/02/26 09:27:22 | 000,000,088 | ---- | C] () -- C:\Users\Office Depot\AppData\Roaming\usb.inf
[2010/01/21 23:17:12 | 000,002,739 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2010/01/21 22:42:14 | 000,023,115 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/01/14 00:51:36 | 000,196,147 | ---- | C] () -- C:\Windows\hpoins41.dat
[2009/10/08 19:00:29 | 000,000,000 | ---- | C] () -- C:\Windows\PCFriend.INI
[2009/10/07 01:46:36 | 000,025,752 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2009/10/07 01:23:08 | 000,013,584 | ---- | C] () -- C:\Windows\System32\drivers\iKeyLFT2.dll
[2009/10/05 23:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/09/11 02:04:08 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/11 02:04:08 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/07 21:41:10 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009/06/04 19:14:55 | 000,001,253 | ---- | C] () -- C:\Windows\hpomdl41.dat
[2009/04/25 17:48:49 | 000,000,000 | ---- | C] () -- C:\Windows\QuickInstall.INI
[2009/04/25 17:40:31 | 000,000,341 | ---- | C] () -- C:\Windows\PowerReg.dat
[2009/02/02 23:49:53 | 000,001,279 | ---- | C] () -- C:\Windows\TVEpaDrv.ini
[2009/01/24 13:23:48 | 000,000,132 | ---- | C] () -- C:\Users\Office Depot\AppData\Roaming\wklnhst.dat
[2009/01/22 03:05:42 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/08/16 23:44:18 | 000,001,028 | ---- | C] () -- C:\Users\Office Depot\AppData\Roaming\WavCodec.wff
[2008/08/14 18:40:42 | 000,176,214 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/08/01 19:06:36 | 000,000,464 | ---- | C] () -- C:\Windows\REGENUNINS.INI
[2008/08/01 19:06:14 | 000,003,702 | ---- | C] () -- C:\Windows\REGENCALL.INI
[2008/07/31 23:11:20 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/07/31 22:34:10 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/07/26 13:57:08 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/03/20 02:39:41 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2008/03/20 02:39:41 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2008/03/20 02:38:36 | 000,016,384 | ---- | C] () -- C:\Windows\System32\LauncheRyAgentUser.exe
[2008/03/19 20:41:59 | 000,024,576 | ---- | C] () -- C:\Windows\NEWSETAPANEL.EXE
[2008/03/06 00:38:44 | 000,090,112 | ---- | C] () -- C:\Windows\System32\atibrtmon.exe
[2008/02/26 03:03:46 | 000,015,656 | ---- | C] () -- C:\Windows\System32\drivers\int15_64.sys
[2008/02/26 03:03:26 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIOFM4.dll
[2008/02/26 03:03:25 | 000,001,024 | RH-- | C] () -- C:\Windows\System32\NTIBUN5.dll
[2008/02/26 01:23:01 | 000,001,047 | ---- | C] () -- C:\Windows\generic.ini
[2008/02/26 01:23:01 | 000,000,128 | ---- | C] () -- C:\Windows\Alaunch.ini
[2008/02/26 01:22:58 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008/02/26 01:22:58 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/12/28 02:22:04 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
[2007/05/09 20:35:54 | 000,057,126 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,398,184 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2004/09/28 07:38:30 | 000,114,688 | ---- | C] () -- C:\Windows\System32\wmatimer.dll
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\System32\HMPV2_ENC_MMX.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\System32\indounin.dll
[1998/10/11 02:07:38 | 000,088,576 | ---- | C] () -- C:\Windows\System32\Iticheck.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll


Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Nativetexan2 on 7th April 2011, 5:56 am

OTL Log File Part 2

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >
[2006/11/02 07:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/09/13 15:33:35 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/04/20 13:23:48 | 000,315,904 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70w.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2006/10/19 12:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Normal).scr
[2006/10/19 12:00:56 | 000,187,392 | ---- | M] () -- C:\Windows\Acer(Wide).scr
[2010/09/23 00:32:56 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 21:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/05/25 22:51:05 | 000,000,286 | -HS- | M] () -- C:\Users\Office Depot\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/04/06 00:47:37 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Office Depot\Desktop\OTL.exe
[1 C:\Users\Office Depot\Desktop\*.tmp files -> C:\Users\Office Depot\Desktop\*.tmp -> ]

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >
[2010/07/19 11:41:22 | 001,063,320 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Office Depot\gotomypc_533.exe
[2011/02/25 09:02:44 | 001,062,984 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\Office Depot\gotomypc_540.exe

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >
[2009/09/14 00:02:12 | 000,008,192 | ---- | M] () -- C:\Windows\security\database\edb.chk
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edb.log
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00001.jrs
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbres00002.jrs
[2009/09/14 00:01:42 | 001,048,576 | ---- | M] () -- C:\Windows\security\database\edbtmp.log
[2009/09/14 00:01:42 | 001,056,768 | ---- | M] () -- C:\Windows\security\database\tmp.edb

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/03 14:35:07 | 000,107,480 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/03 14:35:08 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/03 14:35:08 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2010/12/03 14:35:08 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2008/04/20 12:35:29 | 000,000,402 | -HS- | M] () -- C:\Users\Office Depot\Favorites\desktop.ini
[2011/04/01 18:55:16 | 000,000,450 | ---- | M] () -- C:\Users\Office Depot\Favorites\NCH Audio and Telephony Software Page.lnk

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/04/04 23:15:07 | 000,009,610 | -HS- | M] () -- C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
[2010/01/21 22:42:52 | 000,001,581 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2011/04/04 15:30:25 | 000,009,920 | -HS- | M] () -- C:\ProgramData\j638u7q3443b5j
[2010/09/29 19:52:38 | 000,000,098 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011/04/01 20:51:55 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2009/03/08 06:31:42 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2009/03/08 06:31:37 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2010/12/18 01:22:10 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\iepeers.dll

< %systemroot%\system32\*.exe /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.sys >
[2006/11/02 02:09:42 | 000,009,029 | ---- | M] () -- C:\Windows\System32\ANSI.SYS
[2009/04/11 01:32:46 | 000,245,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clfs.sys
[2006/11/02 02:09:45 | 000,027,097 | ---- | M] () -- C:\Windows\System32\country.sys
[2006/11/02 02:09:41 | 000,004,768 | ---- | M] () -- C:\Windows\System32\HIMEM.SYS
[2006/11/02 02:09:44 | 000,042,809 | ---- | M] () -- C:\Windows\System32\KEY01.SYS
[2006/11/02 02:09:44 | 000,042,537 | ---- | M] () -- C:\Windows\System32\KEYBOARD.SYS
[2006/11/02 02:09:29 | 000,027,866 | ---- | M] () -- C:\Windows\System32\NTDOS.SYS
[2006/11/02 02:09:35 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS404.SYS
[2006/11/02 02:09:38 | 000,029,370 | ---- | M] () -- C:\Windows\System32\NTDOS411.SYS
[2006/11/02 02:09:40 | 000,029,274 | ---- | M] () -- C:\Windows\System32\NTDOS412.SYS
[2006/11/02 02:09:31 | 000,029,146 | ---- | M] () -- C:\Windows\System32\NTDOS804.SYS
[2006/11/02 02:09:20 | 000,033,952 | ---- | M] () -- C:\Windows\System32\NTIO.SYS
[2006/11/02 02:09:23 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO404.SYS
[2006/11/02 02:09:24 | 000,035,776 | ---- | M] () -- C:\Windows\System32\NTIO411.SYS
[2006/11/02 02:09:26 | 000,035,536 | ---- | M] () -- C:\Windows\System32\NTIO412.SYS
[2006/11/02 02:09:22 | 000,034,672 | ---- | M] () -- C:\Windows\System32\NTIO804.SYS
[2010/12/31 08:57:01 | 002,039,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

< %systemroot%\system32\drivers\*.dll >
[2008/08/30 03:56:14 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\System32\drivers\ati2erec.dll
[2009/10/07 01:23:08 | 000,013,584 | ---- | M] () -- C:\Windows\System32\drivers\iKeyLFT2.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >

< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
[2009/04/20 13:23:48 | 000,315,904 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\hpfpp70w.dll
[2006/11/02 07:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 22:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll

< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 01:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/02/26 01:24:03 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2010/07/04 01:06:06 | 000,020,657 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/04/06 20:21:31 | 1878,515,712 | -HS- | M] () -- C:\hiberfil.sys
[2008/07/25 00:44:40 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/07/20 00:39:31 | 000,000,183 | ---- | M] () -- C:\LogiSetup.log
[2007/06/28 03:44:50 | 000,000,512 | ---- | M] () -- C:\MDR.iss
[2008/07/25 00:44:40 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2011/04/06 20:21:30 | 2192,326,656 | -HS- | M] () -- C:\pagefile.sys
[2008/04/20 12:35:12 | 000,000,471 | ---- | M] () -- C:\RHDSetup.log
[2010/07/04 00:20:08 | 000,000,429 | ---- | M] () -- C:\rkill.log
[2009/01/22 01:41:06 | 000,000,232 | -H-- | M] () -- C:\sqmdata00.sqm
[2009/01/22 01:41:10 | 000,000,232 | -H-- | M] () -- C:\sqmdata01.sqm
[2009/01/22 01:41:13 | 000,000,232 | -H-- | M] () -- C:\sqmdata02.sqm
[2009/01/22 01:41:14 | 000,000,232 | -H-- | M] () -- C:\sqmdata03.sqm
[2009/01/22 01:41:18 | 000,000,232 | -H-- | M] () -- C:\sqmdata04.sqm
[2009/01/22 01:43:33 | 000,000,232 | -H-- | M] () -- C:\sqmdata05.sqm
[2009/01/22 01:43:55 | 000,000,232 | -H-- | M] () -- C:\sqmdata06.sqm
[2009/01/22 01:44:36 | 000,000,232 | -H-- | M] () -- C:\sqmdata07.sqm
[2009/01/22 01:44:44 | 000,000,232 | -H-- | M] () -- C:\sqmdata08.sqm
[2009/01/22 01:44:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata09.sqm
[2009/01/22 01:45:24 | 000,000,232 | -H-- | M] () -- C:\sqmdata10.sqm
[2009/01/22 01:46:19 | 000,000,232 | -H-- | M] () -- C:\sqmdata11.sqm
[2009/01/22 01:48:01 | 000,000,232 | -H-- | M] () -- C:\sqmdata12.sqm
[2009/01/22 01:50:34 | 000,000,232 | -H-- | M] () -- C:\sqmdata13.sqm
[2009/01/22 01:40:52 | 000,000,232 | -H-- | M] () -- C:\sqmdata14.sqm
[2009/01/22 01:40:54 | 000,000,232 | -H-- | M] () -- C:\sqmdata15.sqm
[2009/01/22 01:40:56 | 000,000,232 | -H-- | M] () -- C:\sqmdata16.sqm
[2009/01/22 01:40:59 | 000,000,232 | -H-- | M] () -- C:\sqmdata17.sqm
[2009/01/22 01:41:02 | 000,000,232 | -H-- | M] () -- C:\sqmdata18.sqm
[2009/01/22 01:41:04 | 000,000,232 | -H-- | M] () -- C:\sqmdata19.sqm
[2009/01/22 01:41:06 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt00.sqm
[2009/01/22 01:41:10 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt01.sqm
[2009/01/22 01:41:13 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt02.sqm
[2009/01/22 01:41:14 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt03.sqm
[2009/01/22 01:41:18 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt04.sqm
[2009/01/22 01:43:33 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt05.sqm
[2009/01/22 01:43:55 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt06.sqm
[2009/01/22 01:44:36 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt07.sqm
[2009/01/22 01:44:44 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt08.sqm
[2009/01/22 01:44:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt09.sqm
[2009/01/22 01:45:24 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt10.sqm
[2009/01/22 01:46:19 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt11.sqm
[2009/01/22 01:48:01 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt12.sqm
[2009/01/22 01:50:34 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt13.sqm
[2009/01/22 01:40:52 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt14.sqm
[2009/01/22 01:40:54 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt15.sqm
[2009/01/22 01:40:56 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt16.sqm
[2009/01/22 01:40:59 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt17.sqm
[2009/01/22 01:41:02 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt18.sqm
[2009/01/22 01:41:04 | 000,000,244 | -H-- | M] () -- C:\sqmnoopt19.sqm
[2008/07/25 23:20:52 | 000,000,152 | ---- | M] () -- C:\YServer.txt

< %PROGRAMFILES%\*. >
[2010/01/21 22:59:22 | 000,000,000 | ---D | M] -- C:\Program Files\7-Zip
[2008/02/26 03:10:23 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Arcade Live
[2008/03/20 02:33:06 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Assist
[2009/01/24 20:02:50 | 000,000,000 | ---D | M] -- C:\Program Files\Acer GameZone
[2008/03/20 02:39:39 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Inc
[2008/03/20 02:33:05 | 000,000,000 | ---D | M] -- C:\Program Files\Acer Registration
[2008/02/26 02:56:14 | 000,000,000 | ---D | M] -- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2010/10/11 15:30:35 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2009/09/18 23:01:42 | 000,000,000 | ---D | M] -- C:\Program Files\Agogo FLV to DVD Converter
[2008/07/31 23:04:31 | 000,000,000 | ---D | M] -- C:\Program Files\AIM
[2008/08/01 00:33:16 | 000,000,000 | ---D | M] -- C:\Program Files\AIM+
[2010/08/01 09:38:58 | 000,000,000 | ---D | M] -- C:\Program Files\AIM7
[2008/08/01 20:36:27 | 000,000,000 | ---D | M] -- C:\Program Files\AOL
[2008/07/31 23:25:47 | 000,000,000 | ---D | M] -- C:\Program Files\AOL 9.0
[2009/11/25 04:21:33 | 000,000,000 | ---D | M] -- C:\Program Files\AOL 9.1
[2008/07/25 00:25:33 | 000,000,000 | ---D | M] -- C:\Program Files\AOL Pictures
[2011/01/06 01:14:00 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2009/07/04 17:48:21 | 000,000,000 | ---D | M] -- C:\Program Files\Apricorn
[2008/03/20 02:34:21 | 000,000,000 | ---D | M] -- C:\Program Files\ATI
[2008/03/20 02:36:05 | 000,000,000 | ---D | M] -- C:\Program Files\ATI Technologies
[2010/10/16 15:29:24 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/12/27 14:28:41 | 000,000,000 | ---D | M] -- C:\Program Files\BearShare Applications
[2008/12/20 01:23:42 | 000,000,000 | ---D | M] -- C:\Program Files\Belarc
[2010/12/30 20:23:02 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/02/18 13:28:53 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2011/01/17 14:53:38 | 000,000,000 | ---D | M] -- C:\Program Files\Content Manager
[2009/06/13 15:48:59 | 000,000,000 | ---D | M] -- C:\Program Files\CoreFTP
[2009/05/05 23:14:47 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2009/02/03 00:13:15 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2008/03/20 02:37:13 | 000,000,000 | ---D | M] -- C:\Program Files\DIFX
[2010/01/02 20:06:12 | 000,000,000 | ---D | M] -- C:\Program Files\dvdSanta
[2009/08/08 14:51:54 | 000,000,000 | ---D | M] -- C:\Program Files\Edge Computer Consulting, Inc
[2010/07/04 09:29:12 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2008/02/26 03:11:12 | 000,000,000 | ---D | M] -- C:\Program Files\eSobi
[2009/01/24 20:03:03 | 000,000,000 | ---D | M] -- C:\Program Files\GamesBar
[2010/12/15 23:02:35 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/04/16 20:21:25 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2008/08/15 20:36:39 | 000,000,000 | ---D | M] -- C:\Program Files\HTC
[2010/11/02 22:45:29 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/02/10 04:29:55 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/03/20 13:44:40 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2011/03/20 13:46:47 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/01/14 11:22:37 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2010/10/12 21:09:04 | 000,000,000 | ---D | M] -- C:\Program Files\LG Electronics
[2010/10/04 16:34:51 | 000,000,000 | ---D | M] -- C:\Program Files\LimeWire
[2008/07/23 19:07:59 | 000,000,000 | ---D | M] -- C:\Program Files\Linksys EasyLink Advisor
[2010/09/29 23:39:29 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2010/04/10 19:03:55 | 000,000,000 | ---D | M] -- C:\Program Files\Lotto Buster
[2011/04/01 16:05:05 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/09/20 14:38:53 | 000,000,000 | ---D | M] -- C:\Program Files\Maxtor
[2010/10/23 14:49:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2008/09/15 20:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2010/08/25 00:53:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliPoint
[2010/08/25 00:50:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft IntelliType Pro
[2009/01/07 22:35:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/03/16 03:21:22 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2008/07/26 13:41:45 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/10/15 03:02:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/25 03:02:17 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2008/03/20 02:28:35 | 000,000,000 | ---D | M] -- C:\Program Files\Motorola
[2010/08/11 03:30:23 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/04/03 19:41:40 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2009/01/07 22:35:03 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2008/07/23 19:08:01 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2010/11/29 11:55:58 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Software
[2009/01/25 01:20:27 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2008/02/26 02:51:06 | 000,000,000 | ---D | M] -- C:\Program Files\NewTech Infosystems
[2010/10/12 21:28:11 | 000,000,000 | ---D | M] -- C:\Program Files\PANTECH
[2010/10/07 00:10:09 | 000,000,000 | ---D | M] -- C:\Program Files\PCFriendly
[2010/12/17 02:44:17 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/04/06 22:33:15 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2010/08/11 13:53:40 | 000,000,000 | ---D | M] -- C:\Program Files\RealArcade
[2008/04/20 12:34:08 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/10/12 20:58:24 | 000,000,000 | ---D | M] -- C:\Program Files\Research In Motion
[2010/10/12 21:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2010/11/02 22:45:16 | 000,000,000 | ---D | M] -- C:\Program Files\Seagate
[2011/02/18 13:28:53 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2010/02/10 22:38:09 | 000,000,000 | ---D | M] -- C:\Program Files\SmartDVDCreatorPro
[2010/09/29 19:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\Soluto
[2008/07/22 15:40:05 | 000,000,000 | ---D | M] -- C:\Program Files\supportdotcom
[2010/10/20 08:54:29 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2009/11/18 00:49:47 | 000,000,000 | ---D | M] -- C:\Program Files\TechSmith
[2011/03/09 09:12:47 | 000,000,000 | ---D | M] -- C:\Program Files\TurboTax
[2008/06/01 14:11:44 | 000,000,000 | ---D | M] -- C:\Program Files\Ubisoft
[2006/11/02 08:01:55 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2010/10/12 21:54:07 | 000,000,000 | ---D | M] -- C:\Program Files\V CAST Media Manager
[2010/11/04 23:32:04 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2009/09/13 23:52:50 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Calendar
[2009/09/13 23:52:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Collaboration
[2009/09/13 23:52:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2009/09/13 23:52:46 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/10/23 14:28:31 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/02/10 04:29:55 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2010/10/17 08:41:38 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2006/11/02 07:37:34 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2009/09/13 23:52:44 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Gallery
[2009/11/17 04:21:42 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2009/09/13 23:52:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2010/10/12 20:57:07 | 000,000,000 | ---D | M] -- C:\Program Files\Xiph.Org
[2008/07/25 23:20:43 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2008/03/20 02:37:24 | 000,000,000 | ---D | M] -- C:\Program Files\YUAN

< %appdata%\*.* >
[2010/07/21 16:17:39 | 000,106,776 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\GDIPFONTCACHEV1.DAT
[2010/02/26 09:27:22 | 000,000,088 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\usb.inf
[2008/08/16 23:44:18 | 000,001,028 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\WavCodec.wff
[2009/01/24 13:23:50 | 000,000,132 | ---- | M] () -- C:\Users\Office Depot\AppData\Roaming\wklnhst.dat


< MD5 for: AGP440.SYS >
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\ERDNT\cache\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\ERDNT\cache\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\ERDNT\cache\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: DISK.SYS >
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\drivers\disk.sys
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_5c850fad\disk.sys
[2009/04/11 01:32:31 | 000,053,736 | ---- | M] (Microsoft Corporation) MD5=5D4AEFC3386920236A548271F8F1AF6A -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6002.18005_none_fbb1faf0714e4ea6\disk.sys
[2008/01/20 21:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_90722180\disk.sys
[2008/01/20 21:23:20 | 000,055,352 | ---- | M] (Microsoft Corporation) MD5=64109E623ABD6955C8FB110B592E68B7 -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.0.6001.18000_none_f9c681e4742c835a\disk.sys
[2006/11/02 04:49:51 | 000,052,840 | ---- | M] (Microsoft Corporation) MD5=841AF4C4D41D3E3B2F244E976B0F7963 -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_e0b0b355\disk.sys

< MD5 for: IASTORV.SYS >
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\ERDNT\cache\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 21:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 21:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\ERDNT\cache\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USBSTOR.SYS >
[2008/01/20 21:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_b9f18584\USBSTOR.SYS
[2008/01/20 21:23:24 | 000,055,296 | ---- | M] (Microsoft Corporation) MD5=87BA6B83C5D19B69160968D07D6E2982 -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6001.18000_none_48864eb697d31b43\USBSTOR.SYS
[2009/04/10 23:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\drivers\USBSTOR.SYS
[2009/04/10 23:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_72a6a3e5\USBSTOR.SYS
[2009/04/10 23:42:55 | 000,065,536 | ---- | M] (Microsoft Corporation) MD5=BE3DA31C191BC222D9AD503C5224F2AD -- C:\Windows\winsxs\x86_usbstor.inf_31bf3856ad364e35_6.0.6002.18005_none_4a71c7c294f4e68f\USBSTOR.SYS
[2006/11/02 03:55:05 | 000,054,784 | ---- | M] (Microsoft Corporation) MD5=FDBAABF07244C60B0F4E0A6E71A107C6 -- C:\Windows\System32\DriverStore\FileRepository\usbstor.inf_bb2778a0\USBSTOR.SYS

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-03-24 08:01:37

========== Alternate Data Streams ==========

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:9AB56A06
@Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:4F636E25
@Alternate Data Stream - 108 bytes -> C:\ProgramData\TEMP:861A898F
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:131C0EE9

< End of report >

Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Nativetexan2 on 7th April 2011, 5:58 am

Extras Log File

OTL Extras logfile created on: 4/6/2011 8:25:49 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Office Depot\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 36.00% Memory free
4.00 Gb Paging File | 2.00 Gb Available in Paging File | 48.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.29 Gb Total Space | 47.65 Gb Free Space | 33.02% Space Free | Partition Type: NTFS
Drive D: | 144.04 Gb Total Space | 143.91 Gb Free Space | 99.91% Space Free | Partition Type: NTFS
Drive F: | 698.64 Gb Total Space | 426.57 Gb Free Space | 61.06% Space Free | Partition Type: NTFS
Drive K: | 931.51 Gb Total Space | 876.52 Gb Free Space | 94.10% Space Free | Partition Type: NTFS

Computer Name: MAINCOMPUTER | User Name: Office Depot | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07BFFA0E-FF08-4314-B0D0-2B0760273319}" = rport=138 | protocol=17 | dir=out | app=system |
"{0B5B0FA3-064B-47D6-9229-7F20F863CA76}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{25C3C7B9-4CD7-4C4D-8047-781CCA14A616}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{3DB72460-C43D-4AC8-84C2-FB7E8AA4E5C1}" = rport=139 | protocol=6 | dir=out | app=system |
"{40A2F936-7F88-4069-A026-BC5F333CD26E}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |
"{4852B9E7-DB7E-465B-BF81-FDFD2536C23A}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{489C675D-959E-4FEF-8D85-EB101B5957CF}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{4A2B5125-EC4F-401B-A22F-743E45A6EC28}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4BAC63C1-44E9-42F5-8094-9BD67A360D7D}" = rport=445 | protocol=6 | dir=out | app=system |
"{5CEFF725-CCD1-43AC-839D-CD056B3AAA14}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{73911CA6-D023-4731-A8C8-7D7F0578FB8A}" = rport=137 | protocol=17 | dir=out | app=system |
"{781D2AE0-0F97-47AC-B9CD-3F97AA771196}" = lport=137 | protocol=17 | dir=in | app=system |
"{8905094B-BAAE-470B-BCC3-B9F828F9A24C}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{8E83BF25-5DF3-4662-8DA5-25546BF2C258}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{9175B8A7-93A6-4DD6-A7AE-45DBE67C9FC2}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{97DC5AF7-719D-4BF3-A58E-50EB87F8EB5B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9E37F318-0109-4CC7-A9AB-C5C4D197074F}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{A737CA55-36C3-40A9-9903-C91D8B108F0F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ABACE8EF-12E2-409E-B890-65D2BBC609CA}" = lport=445 | protocol=6 | dir=in | app=system |
"{AE2B74AC-91EA-4FF9-AE01-8B45BE9A9A32}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B0073C1D-1DF4-4F3B-98BC-EBC123CF3FD3}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B1905161-4067-46A7-BDFD-98E399D30AEE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{BCA65484-5C9F-4C68-81E9-C3688927815E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DCC75B5C-351A-49F8-8039-709C87C3C3B2}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DFF04D95-573E-4A25-BB3F-32749C81E493}" = lport=139 | protocol=6 | dir=in | app=system |
"{E2C7FE26-DB3F-4C14-8647-0EDB251AAC8D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E6C38520-2CB0-462C-BE38-D10666A77E76}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E9E5056A-0F82-4D24-96EC-3C9AF60911A6}" = lport=138 | protocol=17 | dir=in | app=system |
"{ECB1D5D4-1A62-4E4D-944F-67D9CA49540B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{036A3B73-D648-4D6A-BF70-19B86142F29D}" = protocol=17 | dir=in | app=c:\program files\soluto\soluto.exe |
"{05507238-EBAF-4B6C-B755-182D1581F47F}" = protocol=6 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{0B6ECD14-525E-422E-88D6-A43805EF18F1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{0F3241FD-55B5-4B80-A761-B0DE735BAD89}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{10559B3C-F5F1-4506-92CC-7966C2796F55}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{10DAFB14-8D9B-4B11-BB8D-0DC93F1163B4}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\acer homemedia.exe |
"{13DC4E3E-79C6-4894-830E-2A4833B5A635}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{15CE96C6-BC1A-425A-81A3-F0843FBD6B7D}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{17AEDD11-6DE5-476F-9F57-C8595941B16A}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{21AEE3D8-F5C0-4B82-B018-CEA347A98E5C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{2424BBFC-DA74-4FA1-A988-DA7C7CD15A56}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\acer videomagician.exe |
"{2842BE10-B2BE-49E7-A6A5-56EA08E4DF17}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2A9B4A7D-7681-48BA-AF34-3EAE5C2AB4D1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2F93CBC3-8149-49C3-AF65-E9586C5E8E50}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{2FD796CD-827C-4BFA-87C2-391F171B5E62}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{3022A1BD-5906-40E6-8696-7888174E45A8}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{34847FAE-9483-4EBB-8B49-D8372006F016}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{38729BA1-4378-44B3-9BDF-86B913719E00}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{3BE693F5-7130-4BC7-9A6C-4A6205845946}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{3BF92F22-92A6-4B04-8746-9F52460D36DC}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{3C4E973C-E4C0-4D22-8DF8-2223CE02C3F9}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{3E999AF6-D419-45F3-A291-51BD56A150A7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{3EBED986-5BD9-479C-9A1C-B1C24E10CE30}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{450BA434-C7CF-4CB5-82FF-FB98ACB9C057}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoupdateservice.exe |
"{475B3E77-EDDF-4BE8-9872-3EE2A2CCA3DC}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{4E5CB066-F571-4A4C-893E-522F9698D3E1}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{4EBBDE6D-C2C9-4899-A6F8-31C397CD5968}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{51FA69D6-BCAE-4ED8-B619-08DA81A49835}" = dir=in | app=e:\setup\hpznui01.exe |
"{52EAE075-BFC6-4499-B564-2A3179F01748}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{53A279C9-94CB-4A8A-A6EE-DDEA81D23602}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{54DC87CE-21BD-4943-B7C3-8E63EBB4F7EC}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{56B857D5-7658-43F9-A74D-3DE17018B2A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57D22BF1-7D78-4154-8181-67CAD1FA3523}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5A3D4B71-67B2-4B63-A4DE-288968F276EE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5A8A8559-5669-4B81-B974-C8B3FBB6CFD7}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{5EF7D966-ECAC-4E24-ABE7-3808F439347A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{630A577B-7FC1-4EE5-95E9-EE1CCF34F55C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1217564602\ee\aolsoftware.exe |
"{638AAEA9-E92F-475D-8609-DAD3C12661B1}" = protocol=6 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{6930726A-5771-4096-8C4A-E49A192530B9}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{702A97E0-F685-4D27-8BC2-8E2109319E1B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{71E5EBB0-7CBD-41B9-95E4-04EE99FF4A28}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1217564602\ee\aolsoftware.exe |
"{737FFFEE-FAD8-4D03-BA71-6E397860660D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{73CC74D6-31D2-4A38-9EFF-3F227D54A531}" = protocol=17 | dir=in | app=c:\program files\aol 9.1\waol.exe |
"{74027377-7E08-40B5-9877-6232F2B5C24F}" = dir=in | app=c:\program files\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{7495F16C-D43B-4EA1-9E0E-4DA369270A3D}" = protocol=6 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{7697B367-DF3F-4900-A385-5C52E7C34B61}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{77562CDA-B59F-4B91-8FDA-4A746014A916}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77B1F8FF-2DC4-4D63-A990-1C244E95EFC8}" = protocol=17 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{7821505B-EA7C-48DA-9DC9-B014164974E2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{784E97C5-D2C8-40FF-A3B5-DABDF263E990}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7890EA34-544C-4947-B410-B6ABD0CD3367}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{78C1C8B1-ED73-4492-8D72-44888598561A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7919EAE8-EB68-4ACE-A0DE-F8400BE4931F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{7C1A78EC-838F-43E5-BE92-053FA0CCF180}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{7D3A4FB9-06C1-439A-B1CA-864C960504C2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{7ED38501-5231-4781-91F0-500B2C93CB17}" = protocol=17 | dir=in | app=c:\program files\relevantknowledge\rlvknlg.exe |
"{7F7AD478-03C4-4125-9F7D-ECF27D191B67}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{81F2CB2C-0D89-431B-9136-65592878CC70}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{82DE3839-7131-4E3C-B2E5-525AE4D60092}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{84CB691F-9518-4720-8540-A543118DB746}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{85A302DC-90FC-444F-9365-A265055611E6}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{85B30592-2319-4109-8DA6-186FD76841D6}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{875F396C-6B61-472A-9BAA-3FEC923BB975}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{89CB2DFD-A4C5-46E5-A8CF-4BC9ED54D7B4}" = protocol=17 | dir=in | app=c:\program files\soluto\solutoservice.exe |
"{8A373027-3787-4852-9F80-3AD87F8321A7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{8FEEC1D1-4213-4FDE-BD8B-30AEFCF6F06F}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{937F3CCC-044F-40C2-9ADC-8681E0F31FDD}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{968871DE-8189-45BD-A9B4-9939E1B2BA14}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{97D3C119-531D-48BD-AEAE-24FE6880CFAD}" = protocol=17 | dir=in | app=c:\program files\aol 9.0\waol.exe |
"{9971AF25-27ED-4559-AEB1-EE1F34583A52}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{A198FD7E-A3D1-4317-A9C6-69B407593935}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{A2D351A8-2F25-46B6-B42C-3D38C95428C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3B67C9E-41D7-4610-A176-CEE5758E2622}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{A73F1BA0-F857-4C1A-A683-2543BDC41419}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{A9437DB6-06D7-4B60-A74D-4BBE322260C6}" = protocol=6 | dir=in | app=c:\program files\logitech\vid hd\vid.exe |
"{AB0A967B-C94B-4568-A625-A63B06710B56}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AD6D0236-0842-4C56-A1D0-D080BAEFEDA4}" = protocol=6 | dir=in | app=c:\windows\temp\~os6a86.tmp\rlvknlg.exe |
"{AE3FEE78-BF7E-4A6E-BBCF-592942DE9E9C}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{B4345AD1-0D5B-4AE2-975D-7F59FA356C5F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{B49D073F-FE72-4F7D-A349-952157574EDB}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{B4C40AD5-AB9E-415E-BC5C-8BAD37273E44}" = protocol=6 | dir=in | app=c:\program files\aim7\aim.exe |
"{B74A9B48-AE6A-476C-AB49-9CB3D4E074A1}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{BDE17F0C-915D-463B-9E8E-BFF22C6EE1AB}" = protocol=6 | dir=in | app=c:\program files\soluto\soluto.exe |
"{BF2F9F6D-9453-494D-9025-545C781E2C75}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{C08A6CAB-2C8B-42DB-A25C-E5F7A9C5EF2F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{C15226BF-E8CB-4679-B62F-5C812569AAE3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{C17933F7-5BE0-470D-A802-54359459E77D}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{C6C39252-A23C-4802-AA01-F25E13C46392}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{CE47B956-C137-46AA-8EBD-8937F47CB507}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{D1741034-D663-49D3-AAC0-935DC87C194F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D5646571-1D27-4092-9EF1-1B270F38D329}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{D5ABAF88-F22B-4EB1-9687-F3A9906D99F3}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D94CDE77-7ADE-438D-ADCD-B8D481939752}" = protocol=6 | dir=in | app=c:\program files\soluto\solutoconsole.exe |
"{DC673934-7E4D-4DBD-9D7E-479063E2BCE5}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DDECFC1A-943C-475A-86AC-067A006AEF12}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{E33715D5-3E44-4CC4-9F02-4ECBF1025D1B}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\acer dv magician.exe |
"{E3EE33CC-B1E0-47C0-B55E-9DE87166D4E7}" = protocol=17 | dir=in | app=c:\program files\aim7\aim.exe |
"{E8106789-5E96-48B3-A380-679CD4739868}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{E813ACD2-3204-4713-913C-2B618C3DBDC9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E8BE82B0-DEEA-4B0F-9DCF-3F695F4FFE7A}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{E9A58426-59F6-4D48-8290-41AC89E55B90}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{EDFE95DC-538D-4A77-9F86-036EAF0F008C}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{EF56780F-D30D-4E07-8394-0A2262537826}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{F04004BF-1DEA-4FFB-A01E-18365CADB035}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2BD437C-0766-4D3E-930B-0535E5515045}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F77C497B-598A-4494-B8B9-4074CE1DC9BF}" = dir=in | app=c:\program files\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{F7E57563-B9B8-4643-8C2A-B1493F0459E7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{F857D19D-F60D-49C1-B06C-14BEE8FD1B12}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{F9562BEB-2510-4980-9475-D9AB88429A06}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FA7D414D-531B-407C-9896-FA31A462A639}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{FAC4D070-9E50-499A-8687-2635FD88149B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FB6CAB6D-A385-4FB2-A674-93DE80177B73}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{FBEEBDA8-BD89-48CB-B267-6A4A9B6C8BEF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{FEED0C5F-2AA6-44D5-BB3B-DE291C36D0E7}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{45E372E7-B944-4278-9AA7-1DE78FD98A40}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{67477B66-4A51-4321-B2F9-6E74C38D8814}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"TCP Query User{6AB77250-E3EA-4AD9-B61E-5A992BCAF68B}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{760C4DBB-8F45-4A62-B2B4-42F864970270}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=6 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"TCP Query User{E15E9940-6514-4A20-8616-03572C84A23A}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"TCP Query User{F9E126DF-AF8B-4F05-AF6C-F6D3FAE21D55}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{7F22068E-42AF-4BDF-89A1-B76F599612BE}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{984533E2-C571-4B58-870B-FF7B6D9BAA56}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"UDP Query User{9BD8F6BB-72C5-4AAC-B660-AA92C610271E}C:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe" = protocol=17 | dir=in | app=c:\program files\logitech\desktop messenger\8876480\program\backweb-8876480.exe |
"UDP Query User{CA567625-ED17-4DC0-AA2A-DE890B4F6D7C}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{CF22B85A-79D6-4ACB-8633-6E8FCBDD374D}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{F8F3B0A7-C1F7-47AB-898D-FD368D8518AF}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FB3E48-4459-4986-BBE5-945B063B1E58}" = Help 2.0
"{0478A597-5B05-5671-B594-27427A642AE5}" = CCC Help Chinese Traditional
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07760C24-3C41-4C64-9A1D-1CF8D281060A}" = PG583_install_V6_1_32_36_vista
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0856323C-4103-4658-C5A8-FB16ED3079F5}" = Catalyst Control Center Localization Greek
"{08AD32A8-D704-4FC8-DB04-CA90A373D9C3}" = Catalyst Control Center Localization Portuguese
"{08DEC21F-F7E5-46F9-81D1-3ED30BD3AEC9}" = CASIO USB Driver V1.2.2474.0623
"{0A23CBF1-CCB0-B411-6A7A-A177E376BF70}" = Catalyst Control Center Localization Danish
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E92F644-6E11-8FE3-1BFC-5DB09A79F9B3}" = CCC Help Japanese
"{0ECD1EB9-CBB5-09BA-5947-74CBDA3011FC}" = CCC Help Spanish
"{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}" = Microsoft IntelliType Pro 7.1
"{12EDCFD1-E000-F4F2-A3E6-A6C15D0F8A63}" = Catalyst Control Center Graphics Previews Vista
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BDBEDD-5264-29E1-1BFB-6F64FD943596}" = CCC Help Czech
"{1AFA55D1-EA04-9E87-4537-929E66B60D69}" = CCC Help Russian
"{1C028265-E8D7-751F-246F-9FD52CD237A8}" = Catalyst Control Center Localization Hungarian
"{1CCB52B9-FB58-0729-5C26-E8F8B3162043}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FA97774-2351-8DF4-7853-BEB20C726DFB}" = Catalyst Control Center Localization Russian
"{1FB9A0D0-DC5C-B75A-36EE-414706846CC2}" = Catalyst Control Center Localization Italian
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20308457-CE7C-85A9-1B8F-6C521B2B4CCF}" = CCC Help Hungarian
"{213ABE23-10B9-F45F-DC87-63DACAD40C0D}" = Skins
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24C7254F-C2D5-22FC-7C7C-F17E4894530E}" = CCC Help Italian
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 23
"{28FD3796-5271-EF11-DA27-2939ACA62515}" = CCC Help Greek
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29456613-49DE-D48C-10E6-06AD36EEE3D7}" = CCC Help Norwegian
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{31C4615C-45C3-776C-AE54-9CE4B76E9DD1}" = CCC Help Korean
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3304276B-6134-44BD-8D87-F06A13AE2AFE}" = Music Oasis
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34C1AC91-2D4A-59C1-6875-B3692D1E0365}" = Catalyst Control Center Localization Chinese Standard
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35B30E03-B947-49C8-9818-5820E249119D}" = MarMike5
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{38189804-0D18-4469-8BE6-CC16C4E1B2A5}" = WModem_Installer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EB351F3-CCFD-4BB4-90D2-FDE5A125C87B}" = My Old YearbookTM CD
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{416D1B47-451B-435A-8441-12A9F33AE860}" = Lotto Buster 2010
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Apricorn EZ Gig II
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4708942C-76A1-ECC8-5B3D-0D412D68DF24}" = Catalyst Control Center Localization Dutch
"{471BB1D9-6F59-4093-B46D-373772D5C111}" = Far Cry Demo
"{47247CC1-1221-9449-B4EF-8C9F6D02C1A0}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"{4E084313-093F-5947-CEB9-DE41FD24EF1B}" = Catalyst Control Center Localization Czech
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{4F78B943-3CE1-410F-BC3A-FC65C3EB1F89}" = YUAN PE585QA Driver
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{52F4AC33-36D4-78D2-E694-7AAC07CD6C5A}" = Catalyst Control Center Graphics Light
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59FD9D9B-29F9-7572-C2B1-30B65AB2BC29}" = Catalyst Control Center Localization Japanese
"{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}" = Snagit 9.1.3
"{5D51C5DC-3604-4C3B-981B-309340755447}" = Pantech Handset Driver
"{5D976966-B187-E4D5-5AF1-23C54556E173}" = CCC Help German
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min
"{6AD90C4B-89D3-5961-F13F-835E73DA1082}" = ccc-utility
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7057ABC2-EFF3-4E43-9806-8BCB6EEA9FE6}" = Microsoft IntelliPoint 7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8109E5E7-A23D-4B67-A26D-7DAC358D46A2}" = Soluto
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}" = Backspin Billiards
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113644907}" = Gold Miner Vegas
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{856D0363-1C0A-1562-46E7-A9ECABC8DF78}" = CCC Help Polish
"{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CCFDB06-9B09-12D7-F1D4-1E22AC7583E0}" = Catalyst Control Center Localization Finnish
"{8D982E57-BF86-BEE7-3944-BD346EFE6A24}" = CCC Help Portuguese
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FAE8DE8-A63C-F5DE-D9F7-E011BBD44C32}" = CCC Help Turkish
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}" = Logitech Desktop Messenger
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90260409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Web Components
"{90300409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Media Content
"{91110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{91190409-6000-11D3-8CFE-0050048383C9}" = Microsoft Publisher 2002
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0D21ABE-D004-5F89-4485-1BF4C7B3D66A}" = Catalyst Control Center Graphics Full Existing
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A37978CF-6E03-238A-6571-7EA53B8FAE1B}" = Catalyst Control Center Localization Norwegian
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A830CA28-932E-6081-EEAA-31A6173DCA23}" = CCC Help Finnish
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A980B2A8-661F-35CD-4C3C-8EECE2F5F5D1}" = Catalyst Control Center Localization Korean
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.2
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ADD72094-D289-4714-A62E-70574478A2BC}" = System Requirements Lab for Intel
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF04309C-7CFC-C0F4-8A75-5135AF07FD1A}" = ccc-core-static
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B20A9F0F-9504-A107-E381-E956CE96EE86}" = Catalyst Control Center Localization Chinese Traditional
"{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network
"{B2460671-BD25-4C1C-ACB7-FBD4967365FE}" = Samsung_I500 1.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3AEF776-7FFF-4C50-A402-9119E3849EE0}" = AVG 2011
"{B3BCCEC8-58B0-4B2A-0B25-2DF887F06E55}" = CCC Help Danish
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B5CCC9F7-3D21-B444-7EB4-235C1E0AC551}" = CCC Help Dutch
"{B64BC516-2406-43AE-A21A-1E387A2343B1}" = ContentManager
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BB51F026-06AC-4F5D-B18C-4E99ED18E477}" = BlackBerry_9330 1.0
"{BC24FA40-8A7A-42FF-0B9A-5FB02E2A5536}" = CCC Help Thai
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C43048A9-742C-4DAD-90D2-E3B53C9DB825}" = Logitech QuickCam Software
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C7D86D8E-8C33-4A42-B401-3BABDB4E91C7}" = VCAST Media Manager Update 1.0.0.1
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCA08326-B1CA-A2A7-10A1-EA1978847514}" = Catalyst Control Center Localization German
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CDD3ACE0-7C01-10C8-495D-831EB9375095}" = Catalyst Control Center Localization Thai
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE65A9A0-9686-45C6-9098-3C9543A412F0}" = Acer eSettings Management
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D4E53304-1F6C-4111-9872-1BCD2CF5B642}" = AVG 2011
"{D6093905-1B7B-D236-2054-CC0B3E08B413}" = ATI Catalyst Install Manager
"{D7BFE046-4862-AF73-0FB9-E3723BDFDE40}" = CCC Help French
"{DBED8673-81E5-7763-F3E5-887E43F2E428}" = CCC Help English
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC9A7C58-A8A8-0B6D-F1FA-6A35DE82A8E7}" = CCC Help Chinese Standard
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3FECA8-82DD-B597-80EB-6236918FFABB}" = Catalyst Control Center Localization Polish
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E16BEE5B-82E8-574E-786F-B21DC03E7091}" = Catalyst Control Center Localization Spanish
"{E32DF02F-0C8F-DE2F-9E76-4EA3960D7083}" = Catalyst Control Center Localization Turkish
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"{E7269FD6-34EA-4617-8752-6739AA384080}" = V CAST Media Manager
"{E8302B10-2762-1C24-596C-ED5FFBA1E041}" = Catalyst Control Center Localization French
"{E89D78B8-28F7-412F-8B26-C684739CBBDC}" = Palm Desktop
"{E940B035-8220-4C6B-C064-D6E4424553FC}" = Catalyst Control Center Graphics Full New
"{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F226C1DA-66D7-4ABC-86B5-3F978A660EBF}" = AOL Mail and AIM Gadget
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FB068BA4-C6EA-4D47-A491-C40E23E77F89}" = Motorola Driver Installation 3.9.0
"{FDF64A37-4842-48CD-A424-2C38444D36FD}" = LG Android Drivers
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEA4C854-4B15-2FD3-BDE8-9654EC55AB72}" = Catalyst Control Center Localization Swedish
"7-Zip" = 7-Zip 4.57
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Acer Registration" = Acer Registration
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
"Agogo FLV to DVD Converter Free_is1" = Agogo FLV to DVD Converter Free 8.49
"AIM_7" = AIM 7
"AOL Instant Messenger" = AOL Instant Messenger
"AOL Pictures" = AOL Pictures Tools (version 10.6.0.8)
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"AVG" = AVG 2011
"Belarc Advisor" = Belarc Advisor 7.2
"BlackBerry_{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"Core FTP LE 2.1" = Core FTP LE 2.1
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"DB77CFA42983BD7D1CD0FB829CC6F71BEA49C472" = Windows Driver Package - YUAN High-Tech Development Co. Ltd. (OmniTV) Media (08/19/2007 6.1.32.36)
"Debut" = Debut Video Capture Software
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0042)
"ESET Online Scanner" = ESET Online Scanner v3
"FlashLynx" = FlashLynx Video Download Software
"GoldenVideos" = Golden Videos
"Google Chrome" = Google Chrome
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HTC_WModemDriver" = WModem Driver Installer
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{471BB1D9-6F59-4093-B46D-373772D5C111}" = Far Cry Demo
"InstallShield_{4D36E953-4456-4F8F-BC44-90BC4AA59889}" = Maxtor Manager
"InstallShield_{E6F019F1-DFB6-4853-A87D-6E31624755A9}" = Seagate Manager Installer
"InstallShield_{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"LimeWire" = LimeWire 5.5.16
"Logitech Vid" = Logitech Vid HD
"lvdrivers_12.10" = Logitech Webcam Software Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"Ogg Codecs" = Ogg Codecs 0.81.15562
"Pixillion" = Pixillion Image Converter
"RealPlayer 12.0" = RealPlayer
"Shop for HP Supplies" = Shop for HP Supplies
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"support.com Support Connection" = support.com Support Connection
"ToolBox" = NCH Toolbox
"TurboTax 2010" = TurboTax 2010
"TVEpaDrv" = KWorld USB 2860 Device Driver
"VideoPad" = VideoPad Video Editor
"WavePad" = WavePad Sound Editor
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/10/2011 5:33:54 AM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 2/14/2011 1:06:41 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application stxmenumgr.exe, version 4.7.0.10, time stamp
0x49fb68a3, faulting module MFC80U.DLL, version 8.0.50727.4053, time stamp 0x4a595928,
exception code 0xc0000005, fault offset 0x0003d148, process id 0x1048, application
start time 0x01cbc905af1bd9b0.

Error - 2/18/2011 2:06:16 PM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 2/19/2011 2:09:43 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module Flash10m.ocx, version 10.2.152.26, time stamp 0x4d4b5d09,
exception code 0xc0000005, fault offset 0x001785db, process id 0xaec, application
start time 0x01cbd05776f14898.

Error - 2/20/2011 10:13:38 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module mshtml.dll, version 8.0.6001.19019, time stamp 0x4d0c53b1,
exception code 0xc0000005, fault offset 0x000a0f31, process id 0xab4, application
start time 0x01cbd169abbe72b8.

Error - 2/26/2011 3:45:14 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application spoolsv.exe, version 6.0.6002.18294, time stamp
0x4c6a9898, faulting module SNAGITPT.DLL_unloaded, version 0.0.0.0, time stamp
0x4ad73a43, exception code 0xc0000005, fault offset 0x0373c9dd, process id 0x4ac,
application start time 0x01cbcf966d60c8b0.

Error - 2/26/2011 4:12:03 PM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 3/6/2011 12:35:30 PM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

Error - 3/14/2011 1:03:06 PM | Computer Name = MainComputer | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.19019, time stamp
0x4d0c3d4c, faulting module mshtml.dll, version 8.0.6001.19019, time stamp 0x4d0c53b1,
exception code 0xc0000005, fault offset 0x000a0f31, process id 0x177c, application
start time 0x01cbe2675b185020.

Error - 3/16/2011 4:23:03 AM | Computer Name = MainComputer | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 4/29/2009 11:33:51 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 8/6/2009 3:26:21 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 9/17/2010 9:07:14 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/1/2010 9:03:25 PM | Computer Name = MainComputer | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 4/5/2011 12:50:17 AM | Computer Name = MainComputer | Source = EventLog | ID = 6008
Description = The previous system shutdown at 11:40:39 PM on 4/4/2011 was unexpected.

Error - 4/5/2011 12:51:00 AM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =

Error - 4/6/2011 1:37:42 AM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =

Error - 4/6/2011 8:42:07 AM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:08:10 AM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:24:37 AM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =

Error - 4/6/2011 10:26:23 AM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:17:00 PM | Computer Name = MainComputer | Source = sbp2port | ID = 262153
Description = The device, \Device\Sbp2\Maxtor&OneTouch&0&0010b902_114225b2_Instance00,
did not respond within the timeout period.

Error - 4/6/2011 9:22:02 PM | Computer Name = MainComputer | Source = Print | ID = 19
Description = The print spooler failed to share printer HP DeskJet820Cse with shared
resource name HP DeskJet 820Cse. Error 2114. The printer cannot be used by others
on the network.

Error - 4/6/2011 9:22:59 PM | Computer Name = MainComputer | Source = Service Control Manager | ID = 7000
Description =


< End of report >

Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Sneakyone on 8th April 2011, 4:09 am

Hi,

Please download ComboFix from [You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]


Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start then copy paste the following command into the search box & hit enter: "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. This will not install in Vista. Just continue scanning, and skip the console install.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56094
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Nativetexan2 on 9th April 2011, 6:35 pm

I was able to download Combofix to the desktop and renamed it. Disabled AVG and tried to run Commy. I get the message "The service cannot accept control messages at this time". Rebooted into safe mode with networking and ran Commy. Got a message that an updated version was available. Updated and began to run Cmmy again. This time it took me to the Blue Screen and then rebooted.

Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Sneakyone on 10th April 2011, 5:26 am

Hi,

Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.].


Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


I'm livin' life in the fast lane.

Sneakyone
Master
Master

Posts Posts : 2707
Joined Joined : 2010-01-10
Gender Gender : Male
OS OS : Windows 7 Ultimate 64-bit
Protection Protection : Avast, Comodo Firewall, and Malwarebytes' Anti-Malware
Points Points : 56094
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Nativetexan2 on 10th April 2011, 6:08 pm

tried downloading Malwarebytes but get an access denied notice. Also all the files on C drive are now hidden.

Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Win 7 Home Security

Post by Nativetexan2 on 16th April 2011, 5:03 pm

What else can I try???

Nativetexan2
Novice
Novice

Posts Posts : 48
Joined Joined : 2010-07-04
OS OS : Windows 7 Professional
Protection Protection : AVG 9.0 Professional/Malwarebytes
Points Points : 24057
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum