Hi and thank you for agreeing to assist me.
Here art the OTL files you requested.
OTL.txt
OTL logfile created on: 1/11/2009 11:17:14 AM - Run 1
OTL by OldTimer - Version 3.1.1.8 Folder = D:\Users\MediaCentre\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 40.84% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.53 Gb Total Space | 14.83 Gb Free Space | 19.90% Space Free | Partition Type: NTFS
Drive D: | 497.40 Gb Total Space | 154.39 Gb Free Space | 31.04% Space Free | Partition Type: NTFS
Drive E: | 7.16 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 98.77 Gb Total Space | 77.85 Gb Free Space | 78.82% Space Free | Partition Type: NTFS
Computer Name: MEDIACENTRE-PC
Current User Name: MediaCentre
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Processes (SafeList) ==========
PRC - [2009/11/01 11:16:04 | 00,528,384 | ---- | M] (OldTimer Tools) -- D:\Users\MediaCentre\Desktop\OTL.exe
PRC - [2009/11/01 10:17:47 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/01 10:17:47 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/11/01 10:17:47 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/10/22 16:58:40 | 02,719,744 | ---- | M] (SoundGraph, Inc.) -- C:\Program Files (x86)\SOUNDGRAPH\iMON\iMON.exe
PRC - [2009/10/17 08:58:20 | 02,025,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgtray.exe
PRC - [2009/10/12 21:24:50 | 02,000,112 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/10/12 21:24:50 | 02,000,112 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2009/10/10 13:32:18 | 00,203,264 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2009/10/09 22:07:25 | 00,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2009/10/09 22:07:25 | 00,289,072 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
PRC - [2009/09/28 09:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009/09/26 00:19:02 | 03,058,624 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2009/09/26 00:19:02 | 03,058,624 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2009/09/05 02:54:42 | 00,417,792 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:46 | 00,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/08/25 22:34:33 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe
PRC - [2009/08/25 22:34:33 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe
PRC - [2009/08/25 22:34:33 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe
PRC - [2009/08/25 22:34:28 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/25 22:34:28 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2009/08/17 02:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/08/17 02:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/07/31 15:23:21 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/04/11 17:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/04/11 17:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/04/11 17:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/04/11 17:28:15 | 00,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009/03/28 21:06:39 | 00,189,672 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2009/03/28 21:06:39 | 00,189,672 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2009/03/09 16:22:44 | 00,090,112 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\DTVSchdl.exe
PRC - [2009/03/05 16:07:20 | 02,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/02/23 19:43:12 | 00,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2009/02/22 18:10:04 | 00,070,968 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2009/01/12 15:04:00 | 02,908,160 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2009/01/12 15:04:00 | 02,908,160 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2009/01/12 15:04:00 | 02,908,160 | ---- | M] (Leadtek Research Inc.) -- C:\Program Files\WinFast\WFDTV\WFWIZ.exe
PRC - [2005/08/11 23:30:30 | 00,081,920 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Win32 Services (SafeList) ==========
SRV:
64bit: - [2009/04/11 18:11:04 | 01,149,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wbengine.exe
SRV:
64bit: - [2008/01/19 19:06:50 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll
SRV:
64bit: - [2008/01/19 19:00:47 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
SRV - [2009/09/28 09:42:50 | 00,109,056 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SRV - [2009/08/25 22:34:33 | 00,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe
SRV - [2009/08/25 22:34:28 | 00,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
SRV - [2009/08/17 02:32:00 | 00,239,648 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SRV - [2009/03/30 15:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
SRV - [2009/03/30 15:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
SRV - [2009/03/28 21:06:39 | 00,189,672 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
SRV - [2009/02/22 18:10:04 | 00,070,968 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
SRV - [2009/02/19 05:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
SRV - [2009/02/19 05:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
SRV - [2009/02/16 17:57:48 | 00,658,432 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SRV - [2008/01/19 19:00:14 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe
SRV - [2008/01/19 19:00:14 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe
SRV - [2007/10/25 15:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Live\installer\WLSetupSvc.exe
SRV - [2007/05/31 17:11:54 | 00,443,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wcescomm.dll
SRV - [2007/05/31 17:11:46 | 00,225,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\rapimgr.dll
SRV - [2006/11/03 02:03:44 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll
SRV - [2006/11/03 00:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc
SRV - [2006/11/02 17:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof
SRV - [2006/11/02 17:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vss.mof
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SRV - [2004/12/13 05:34:32 | 00,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SRV - [2003/07/28 12:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
========== Driver Services (SafeList) ==========
DRV - [2009/10/12 21:24:56 | 00,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS
DRV - [2009/10/12 21:24:54 | 00,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys
DRV - [2009/10/12 21:24:52 | 00,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) -- C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS
DRV - [2009/09/25 09:59:43 | 00,121,280 | ---- | M] (SlySoft, Inc.) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys
DRV - [2009/08/23 14:10:34 | 00,022,336 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\gdrv.sys
DRV - [2009/08/13 11:46:32 | 00,147,968 | ---- | M] () -- C:\Windows\SysWOW64\drivers\ArcHlp.sys
DRV - [2009/05/25 23:01:38 | 00,089,256 | ---- | M] (Elaborate Bytes AG) -- C:\Windows\SysWOW64\ElbyCDIO.dll
DRV - [2009/02/24 18:35:44 | 00,255,552 | ---- | M] (MagicISO, Inc.) -- C:\Windows\SysWOW64\drivers\mcdbus.sys
DRV - [2008/12/02 03:47:34 | 00,001,088 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mpsdrv.mof
DRV - [2008/11/30 20:28:56 | 00,000,000 | ---D | M] -- C:\Windows\CSC
DRV - [2008/01/19 18:36:56 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winusb.dll
DRV - [2006/09/19 08:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWOW64\wbem\tcpip.mof
DRV - [2006/09/18 08:50:18 | 00,022,784 | ---- | M] (Arcsoft, Inc.) -- C:\Windows\SysWOW64\drivers\afc.sys
========== Modules (SafeList) ==========
MOD - [2009/11/01 11:16:04 | 00,528,384 | ---- | M] (OldTimer Tools) -- D:\Users\MediaCentre\Desktop\OTL.exe
MOD - [2009/10/13 17:41:50 | 00,073,728 | ---- | M] () -- C:\Users\MediaCentre\AppData\Local\kbddbClient\kbddbClient.dll
MOD - [2009/07/18 00:54:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/04/11 17:28:25 | 01,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/04/11 17:28:24 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/04/11 17:28:18 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009/04/11 17:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2009/02/14 03:22:35 | 00,117,696 | ---- | M] (SlySoft, Inc.) -- C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp.dll
MOD - [2008/01/19 18:37:12 | 00,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2008/01/19 18:36:48 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll
MOD - [2008/01/19 18:36:35 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com.au/
IE - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\S-1-5-21-4098504633-1038546326-2246272219-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (en)"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}:5.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {66E978CD-981F-47DF-AC42-E3CF417C1467}:0.4.1
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, 192.168.0.1, 192.168.0.2"
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG8\Firefox [2009/06/20 10:07:59 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ File not found
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/11/01 10:17:47 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/28 06:53:03 | 00,000,000 | ---D | M]
[2009/08/22 21:06:25 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Firefox\Profiles\21gbt332.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2009/08/23 00:09:35 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Firefox\Profiles\21gbt332.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/31 18:21:49 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Firefox\Profiles\21gbt332.default\extensions
[2008/12/17 07:35:48 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2008/12/17 07:35:48 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Extensions
[2008/12/17 07:35:48 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Extensions
[2008/12/17 07:35:48 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/31 18:21:49 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Firefox\Profiles\21gbt332.default\extensions
[2009/08/23 00:09:35 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Firefox\Profiles\21gbt332.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/22 21:06:25 | 00,000,000 | ---D | M] -- C:\Users\MediaCentre\AppData\Roaming\Mozilla\Firefox\Profiles\21gbt332.default\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}
[2009/10/21 18:41:20 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/08/23 17:13:32 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/03/29 21:41:31 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/24 20:48:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/05/15 22:42:43 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2009/11/01 10:17:47 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/31 18:21:49 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/10/31 18:21:49 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/11/01 10:17:47 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/05/15 22:42:43 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[2009/03/24 20:48:30 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/29 21:41:31 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/08/23 17:13:32 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/21 18:41:20 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/11/01 10:17:47 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2009/11/01 10:17:47 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2009/09/26 03:41:48 | 01,044,480 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files (x86)\Mozilla Firefox\plugins\libdivx.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
[2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\np32dsw.dll
[2009/07/31 15:23:11 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll
[2009/09/26 03:41:24 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
[2009/09/26 03:41:34 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009/08/25 07:15:27 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2009/02/27 13:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/30 22:11:47 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/30 22:11:47 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/30 22:11:47 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/30 22:11:47 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/30 22:11:47 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/30 22:11:47 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/30 22:11:47 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
[2009/09/26 03:41:48 | 00,200,704 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files (x86)\Mozilla Firefox\plugins\ssldivx.dll
[2009/08/25 05:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/25 05:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2009/08/25 05:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/25 05:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/25 05:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2009/08/25 05:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/25 05:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (757 bytes) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4:
64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4:
64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [iMON] C:\Program Files (x86)\SOUNDGRAPH\iMON\iMON.exe (SoundGraph, Inc.)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinFastDTV] C:\Program Files\WinFast\WFDTV\DTVSchdl.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [kbddbClient] C:\Users\MediaCentre\AppData\Local\kbddbClient\kbddbClient.DLL ()
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFDTV\WFWIZ.exe (Leadtek Research Inc.)
O4 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MediaCentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\Software\Policies\Microsoft\Internet Explorer\restrictions present
O7 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000_Classes\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000_Classes\Software\Policies\Microsoft\Internet Explorer\InfoDelivery present
O7 - HKU\S-1-5-21-4098504633-1038546326-2246272219-1000_Classes\Software\Policies\Microsoft\Internet Explorer\restrictions present
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\\nlaapi.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\\NapiNSP.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\\pnrpnsp.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\\pnrpnsp.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\\wshbth.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\\mswsock.dll File not found
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\\winrnr.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\\mswsock.dll File not found
O10:
64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\\mswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
http://java.sun.com/update/1.5.0/jinstall-...indows-i586.cab (Java Plug-in 1.5.0_12)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:
64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\\MSVidCtl.dll File not found
O18:
64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\\itss.dll File not found
O18:
64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18:
64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\\inetcomm.dll File not found
O18:
64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\\itss.dll File not found
O18:
64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:
64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\\MSVidCtl.dll File not found
O18:
64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18:
64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\\urlmon.dll File not found
O18:
64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\\urlmon.dll File not found
O20:
64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\\userinit.exe File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\\webcheck.dll File not found
O22:
64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\\browseui.dll File not found
O22:
64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\\DreamScene.dll File not found
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d6344489-f856-11dd-8e16-0017facebf2a}\Shell - "" = AutoRun
O33 - MountPoints2\{d6344489-f856-11dd-8e16-0017facebf2a}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ==========
[2009/11/01 11:16:36 | 00,528,384 | ---- | C] (OldTimer Tools) -- D:\Users\MediaCentre\Desktop\OTL.exe
[2009/10/31 18:03:03 | 00,000,000 | ---D | C] -- C:\Windows\pss
[2009/10/29 21:09:05 | 02,621,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2009/10/29 21:09:05 | 02,424,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2009/10/29 21:09:05 | 00,057,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2009/10/29 21:09:05 | 00,043,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2009/10/29 21:08:49 | 00,700,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2009/10/29 21:08:49 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapi.dll
[2009/10/29 21:08:49 | 00,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2009/10/29 21:08:49 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wudriver.dll
[2009/10/29 21:08:49 | 00,038,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2009/10/29 21:08:49 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wups.dll
[2009/10/29 21:08:39 | 00,185,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2009/10/29 21:08:39 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuwebv.dll
[2009/10/29 21:08:39 | 00,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2009/10/29 21:08:39 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wuapp.exe
[2009/10/29 03:00:37 | 00,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2009/10/29 03:00:37 | 00,092,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIAnimation.dll
[2009/10/29 03:00:36 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbonRes.dll
[2009/10/29 03:00:36 | 01,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbonRes.dll
[2009/10/29 03:00:35 | 03,815,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UIRibbon.dll
[2009/10/29 03:00:35 | 03,023,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UIRibbon.dll
[2009/10/29 00:29:56 | 10,626,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2009/10/29 00:29:56 | 00,372,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\unregmp2.exe
[2009/10/29 00:29:55 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unregmp2.exe
[2009/10/29 00:29:54 | 13,428,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2009/10/29 00:29:52 | 08,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2009/10/29 00:29:52 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2009/10/28 06:52:46 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/10/22 21:45:04 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/10/21 18:54:40 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/10/21 18:54:40 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/10/21 18:54:12 | 00,000,000 | ---D | C] -- C:\Users\MediaCentre\AppData\Roaming\SUPERAntiSpyware.com
[2009/10/21 18:54:12 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\SUPERAntiSpyware
[2009/10/21 18:52:39 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2009/10/21 18:50:37 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/10/21 18:50:37 | 00,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2009/10/21 18:50:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2009/10/21 18:41:19 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2009/10/21 18:41:19 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2009/10/21 18:41:19 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2009/10/21 07:01:17 | 00,000,000 | ---D | C] -- C:\32788R22FWJFW
[2009/10/20 21:53:11 | 00,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2009/10/20 21:51:34 | 00,008,704 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP90.SYS
[2009/10/20 21:49:23 | 00,000,000 | ---D | C] -- C:\Users\MediaCentre\AppData\Roaming\Malwarebytes
[2009/10/20 21:49:18 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2009/10/20 21:49:16 | 00,022,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2009/10/20 21:49:16 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/20 21:49:16 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2009/10/20 21:49:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2009/10/20 21:44:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/10/20 21:44:47 | 00,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2009/10/20 20:17:36 | 00,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2009/10/20 20:17:36 | 00,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2009/10/20 20:16:25 | 00,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2009/10/20 20:16:25 | 00,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2009/10/20 20:16:25 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iS3
[2009/10/20 07:04:34 | 01,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFC71.dll
[2009/10/20 07:04:32 | 00,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2009/10/19 19:20:26 | 00,000,000 | -H-D | C] -- C:\$AVG8.VAULT$
[2009/10/19 08:51:30 | 00,000,000 | ---D | C] -- C:\Users\MediaCentre\AppData\Roaming\DivX
[2009/10/18 21:59:49 | 00,000,000 | R--D | C] -- C:\Users\MediaCentre\Videos
[2009/10/18 21:59:49 | 00,000,000 | R--D | C] -- C:\Users\MediaCentre\Pictures
[2009/10/18 21:59:49 | 00,000,000 | R--D | C] -- C:\Users\MediaCentre\Music
[2009/10/18 21:59:49 | 00,000,000 | R--D | C] -- C:\Users\MediaCentre\Favorites
[2009/10/18 21:59:49 | 00,000,000 | R--D | C] -- C:\Users\MediaCentre\Downloads
[2009/10/18 21:59:49 | 00,000,000 | R--D | C] -- C:\Users\MediaCentre\Documents
[2009/10/18 21:59:49 | 00,000,000 | R--D | C] -- C:\Users\MediaCentre\Desktop
[2009/10/18 10:24:37 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Ascentive
[2009/10/17 23:20:46 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/10/17 20:10:51 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2009/10/17 20:10:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2009/10/17 20:10:34 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2009/10/17 17:58:05 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Partition Wizard Home Edition 4.1
[2009/10/17 17:07:22 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\TouchStoneSoftware
[2009/10/17 16:46:02 | 00,000,000 | ---D | C] -- C:\Users\MediaCentre\Temp
[2009/10/17 16:31:29 | 00,000,000 | ---D | C] -- C:\Users\MediaCentre\AppData\Local\kbddbClient
[2009/10/15 21:08:25 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/10/15 21:08:05 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/10/15 21:08:05 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2009/10/15 21:08:01 | 09,236,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/15 21:08:01 | 05,940,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/15 21:08:00 | 12,461,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009/10/15 21:07:59 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/10/15 21:07:59 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iertutil.dll
[2009/10/15 21:07:58 | 02,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2009/10/15 21:07:58 | 01,484,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2009/10/15 21:07:58 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/10/15 21:07:58 | 01,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009/10/15 21:07:58 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/10/15 21:07:57 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.tlb
[2009/10/15 21:07:57 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.tlb
[2009/10/15 21:07:57 | 01,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2009/10/15 21:07:57 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2009/10/15 21:07:57 | 00,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2009/10/15 21:07:57 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2009/10/15 21:07:57 | 00,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2009/10/15 21:07:57 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2009/10/15 21:07:57 | 00,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2009/10/15 21:07:57 | 00,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2009/10/15 21:07:57 | 00,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2009/10/15 21:07:57 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2009/10/15 21:07:57 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2009/10/15 21:07:57 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2009/10/15 21:07:57 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/10/15 21:07:57 | 00,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2009/10/15 21:07:57 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2009/10/15 21:07:57 | 00,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2009/10/15 21:07:57 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2009/10/15 21:07:57 | 00,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2009/10/15 21:07:57 | 00,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2009/10/15 21:07:57 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2009/10/15 21:07:57 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2009/10/15 21:07:57 | 00,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2009/10/15 21:07:57 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2009/10/15 21:07:57 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2009/10/15 21:07:57 | 00,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2009/10/15 21:07:57 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2009/10/15 21:07:57 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2009/10/15 21:07:57 | 00,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2009/10/15 21:07:20 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/15 21:07:20 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/15 21:07:17 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/10/15 21:07:15 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/15 21:07:15 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009/10/11 22:40:59 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2009/10/11 22:40:42 | 00,000,000 | ---D | C] -- D:\Users\MediaCentre\Documents\My Videos
[2009/10/11 22:40:42 | 00,000,000 | ---D | C] -- D:\Users\MediaCentre\Documents\My Music
[2009/10/03 02:44:16 | 00,238,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2008/12/04 17:59:09 | 00,082,816 | ---- | C] (VSO Software) -- C:\Users\MediaCentre\AppData\Roaming\pcouffin.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\MediaCentre\AppData\Local\*.tmp files -> C:\Users\MediaCentre\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2009/11/01 11:16:56 | 02,621,440 | -HS- | M] () -- C:\Users\MediaCentre\NTUSER.DAT
[2009/11/01 11:16:04 | 00,528,384 | ---- | M] (OldTimer Tools) -- D:\Users\MediaCentre\Desktop\OTL.exe
[2009/11/01 10:05:06 | 00,005,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/01 10:05:06 | 00,005,600 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/01 00:29:20 | 44,519,940 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2009/11/01 00:29:20 | 00,068,428 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\microavi.avg
[2009/10/31 20:51:55 | 00,145,920 | ---- | M] () -- C:\Users\MediaCentre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/31 18:05:20 | 00,032,441 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/31 18:05:20 | 00,032,441 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/31 18:05:20 | 00,032,441 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/10/31 18:05:20 | 00,032,441 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/10/31 18:05:05 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/31 18:05:01 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/31 18:03:26 | 00,003,204 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/10/31 18:03:22 | 00,524,288 | -HS- | M] () -- C:\Users\MediaCentre\NTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TMContainer00000000000000000001.regtrans-ms
[2009/10/31 18:03:22 | 00,065,536 | -HS- | M] () -- C:\Users\MediaCentre\NTUSER.DAT{a7bdf3ed-6a85-11db-b5ae-f1534be43d84}.TM.blf
[2009/10/31 18:03:19 | 02,426,060 | -H-- | M] () -- C:\Users\MediaCentre\AppData\Local\IconCache.db
[2009/10/28 06:53:04 | 00,001,923 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/10/25 15:50:51 | 00,790,054 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/10/25 15:50:51 | 00,667,982 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/10/25 15:50:51 | 00,133,210 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/10/25 14:12:00 | 00,001,868 | ---- | M] () -- C:\Users\Public\Desktop\TotalMedia Theatre 3.lnk
[2009/10/25 04:16:26 | 00,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2009/10/24 16:07:41 | 00,383,562 | RHS- | M] () -- C:\bootmgr
[2009/10/24 12:53:52 | 00,438,840 | RHS- | M] () -- C:\bootxe1
[2009/10/24 12:53:52 | 00,171,136 | RHS- | M] () -- C:\XELD1
[2009/10/24 12:53:52 | 00,009,216 | RHS- | M] () -- C:\XELD1.1st
[2009/10/21 07:01:30 | 00,008,704 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\SysNative\drivers\PROCEXP90.SYS
[2009/10/20 21:49:21 | 00,000,854 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/20 20:22:52 | 00,000,480 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2009/10/20 20:17:19 | 00,000,002 | ---- | M] () -- C:\Windows\SysWow64\Dvbpws.dll
[2009/10/20 07:05:01 | 00,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2009/10/19 08:45:29 | 00,000,152 | ---- | M] () -- D:\Users\MediaCentre\Desktop\Senate Committee - Coms.url
[2009/10/17 19:28:02 | 00,001,890 | ---- | M] () -- C:\Windows\diagwrn.xml
[2009/10/17 19:28:01 | 00,001,890 | ---- | M] () -- C:\Windows\diagerr.xml
[2009/10/17 18:56:10 | 00,001,034 | ---- | M] () -- C:\Windows\pwcmdlist.bak
[2009/10/17 18:06:19 | 61,064,4501 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/10/11 22:51:56 | 00,001,919 | ---- | M] () -- D:\Users\MediaCentre\Desktop\iMEDIAN HD.lnk
[2009/10/10 18:54:52 | 00,001,700 | -H-- | M] () -- D:\Users\MediaCentre\Documents\Default.rdp
[2009/10/09 21:23:27 | 00,000,671 | ---- | M] () -- C:\Users\MediaCentre\AppData\Roaming\vso_ts_preview.xml
[2009/10/02 11:40:20 | 26,575,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mrt.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\MediaCentre\AppData\Local\*.tmp files -> C:\Users\MediaCentre\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ==========
[2009/10/28 06:53:04 | 00,001,923 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2009/10/25 14:12:00 | 00,001,868 | ---- | C] () -- C:\Users\Public\Desktop\TotalMedia Theatre 3.lnk
[2009/10/24 12:53:52 | 00,438,840 | RHS- | C] () -- C:\bootxe1
[2009/10/24 12:53:52 | 00,171,136 | RHS- | C] () -- C:\XELD1
[2009/10/24 12:53:52 | 00,009,216 | RHS- | C] () -- C:\XELD1.1st
[2009/10/20 21:49:21 | 00,000,854 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2009/10/20 20:22:42 | 00,000,480 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2009/10/20 07:05:01 | 00,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2009/10/19 20:41:21 | 00,423,622 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_vcredistMSI3A33.txt
[2009/10/19 20:41:21 | 00,011,614 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_vcredistUI3A36.txt
[2009/10/19 20:41:20 | 00,012,490 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_vcredistUI3A33.txt
[2009/10/19 08:45:09 | 00,000,152 | ---- | C] () -- D:\Users\MediaCentre\Desktop\Senate Committee - Coms.url
[2009/10/17 19:28:00 | 00,001,890 | ---- | C] () -- C:\Windows\diagwrn.xml
[2009/10/17 19:28:00 | 00,001,890 | ---- | C] () -- C:\Windows\diagerr.xml
[2009/10/17 18:56:10 | 00,001,034 | ---- | C] () -- C:\Windows\pwcmdlist.bak
[2009/10/17 18:06:19 | 61,064,4501 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/10/17 17:58:20 | 00,510,008 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe
[2009/10/17 17:58:19 | 00,019,912 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2009/10/17 17:58:19 | 00,013,264 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys
[2009/10/11 22:51:56 | 00,001,919 | ---- | C] () -- D:\Users\MediaCentre\Desktop\iMEDIAN HD.lnk
[2009/10/10 18:54:12 | 00,001,700 | -H-- | C] () -- D:\Users\MediaCentre\Documents\Default.rdp
[2009/09/28 23:47:59 | 00,000,145 | ---- | C] () -- C:\Windows\StarryNight.ini
[2009/09/05 00:05:08 | 00,000,152 | ---- | C] () -- C:\Users\MediaCentre\AppData\Roaming\avedesktopsites.ini
[2009/08/23 17:11:19 | 00,032,441 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/08/23 17:10:01 | 00,032,441 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/08/23 14:53:45 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/23 14:52:01 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/08/23 13:16:55 | 02,426,060 | -H-- | C] () -- C:\Users\MediaCentre\AppData\Local\IconCache.db
[2009/08/17 17:23:20 | 00,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/08/03 01:21:54 | 00,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009/08/03 01:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009/08/03 01:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009/08/03 01:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009/08/03 01:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009/08/03 01:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009/08/03 01:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009/08/03 01:21:54 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009/08/03 01:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009/08/03 01:21:52 | 00,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009/06/10 07:31:04 | 00,089,088 | ---- | C] () -- C:\Windows\SysWow64\nvimage.dll
[2009/05/29 17:52:26 | 00,204,800 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 17:47:06 | 00,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/03/15 11:26:20 | 00,000,671 | ---- | C] () -- C:\Users\MediaCentre\AppData\Roaming\vso_ts_preview.xml
[2009/02/26 22:17:49 | 00,735,162 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/02/16 22:02:16 | 00,000,331 | ---- | C] () -- C:\Windows\game.ini
[2009/02/06 20:40:56 | 00,147,968 | ---- | C] () -- C:\Windows\SysWow64\drivers\ArcHlp.sys
[2009/01/10 23:16:56 | 00,069,349 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_depcheckdotnetfx30.txt
[2009/01/10 23:16:38 | 00,004,354 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\uxeventlog.txt
[2009/01/10 23:16:38 | 00,000,596 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_dotnetfx3error.txt
[2009/01/10 23:16:37 | 00,058,850 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_dotnetfx3install.txt
[2008/12/07 11:50:42 | 00,000,002 | ---- | C] () -- C:\Windows\SysWow64\Dvbpws.dll
[2008/12/07 11:47:44 | 00,000,006 | -HS- | C] () -- C:\Users\MediaCentre\AppData\Roaming\desktop.ini
[2008/12/07 11:47:44 | 00,000,006 | -HS- | C] () -- C:\Users\MediaCentre\AppData\Local\desktop.ini
[2008/12/07 10:33:05 | 00,540,738 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_vcredistMSI769C.txt
[2008/12/07 10:33:03 | 00,014,366 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\dd_vcredistUI769C.txt
[2008/12/05 16:09:35 | 00,145,920 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/12/04 17:59:32 | 00,000,034 | ---- | C] () -- C:\Users\MediaCentre\AppData\Roaming\pcouffin.log
[2008/12/04 17:59:09 | 00,099,384 | ---- | C] () -- C:\Users\MediaCentre\AppData\Roaming\inst.exe
[2008/12/04 17:59:09 | 00,007,859 | ---- | C] () -- C:\Users\MediaCentre\AppData\Roaming\pcouffin.cat
[2008/12/04 17:59:09 | 00,001,167 | ---- | C] () -- C:\Users\MediaCentre\AppData\Roaming\pcouffin.inf
[2008/12/04 17:58:17 | 00,000,226 | ---- | C] () -- C:\Users\MediaCentre\AppData\Roaming\burnaware.ini
[2008/12/03 23:52:28 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/12/02 01:16:09 | 00,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2008/11/30 20:38:16 | 00,050,168 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/11/30 20:36:36 | 00,001,460 | ---- | C] () -- C:\Users\MediaCentre\AppData\Local\d3d9caps64.dat
[2008/09/12 17:21:02 | 00,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2007/09/04 13:56:10 | 00,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/02/05 21:05:26 | 00,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2006/11/03 02:24:55 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/03 02:06:34 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/03 02:06:34 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/03 02:06:34 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/03 02:06:34 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 23:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 23:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini
========== Alternate Data Streams ==========
@Alternate Data Stream - 209 bytes -> C:\ProgramData\Temp:66633281
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:DFC5A2B2
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:0888F409
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:A8ADE5D8
< End of report >
Extras.txt
OTL Extras logfile created on: 1/11/2009 11:17:14 AM - Run 1
OTL by OldTimer - Version 3.1.1.8 Folder = D:\Users\MediaCentre\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000c09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
4.00 Gb Total Physical Memory | 1.63 Gb Available Physical Memory | 40.84% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): c:\pagefile.sys 0 0d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74.53 Gb Total Space | 14.83 Gb Free Space | 19.90% Space Free | Partition Type: NTFS
Drive D: | 497.40 Gb Total Space | 154.39 Gb Free Space | 31.04% Space Free | Partition Type: NTFS
Drive E: | 7.16 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 98.77 Gb Total Space | 77.85 Gb Free Space | 78.82% Space Free | Partition Type: NTFS
Computer Name: MEDIACENTRE-PC
Current User Name: MediaCentre
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4098504633-1038546326-2246272219-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 64 62 AB 3F 8D 55 C9 01 [binary data]
"VistaSp2" = DE 3B DE 20 AE 23 CA 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-4098504633-1038546326-2246272219-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 1
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
"C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" = C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7 -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03AAC45B-E4DA-4EFC-9358-3B7E7C0DC7E0}" = lport=10244 | protocol=6 | dir=in | app=system |
"{05AEE49A-66F6-437E-ABBF-7C8ED791B182}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{06655643-02A1-4D9C-B99B-2173AAE69F16}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BBC21E7-8296-47C9-A198-7B3C158BB23E}" = lport=3389 | protocol=6 | dir=in | app=system |
"{0F7F361F-E85E-43D1-90A3-1194F54CBE7A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{12B18307-0F86-47F6-9791-1EBEDC67E60F}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{176503B8-6A2A-4391-A9E3-004690A75D57}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{1C9D9EF1-1B28-4663-8D6E-920A3166AF6C}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1D048BD5-A404-4EFF-A995-381696FD9287}" = lport=2869 | protocol=6 | dir=in | app=system |
"{229C6C81-3774-479C-8AAB-0176EB828F1A}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2340554E-CF56-4305-9BB8-883674CF92E6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{279CD640-755F-47D0-ABE6-FDAB3FA6A2AE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{49A0086C-0BB6-45E5-AC68-A3D53F584F61}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4D13D45F-4649-43AF-A8A7-F353CB414BDA}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{4DC66C7B-E21C-46B1-8046-8ADC620D5E92}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{51A1672B-2C56-49EC-A7A9-0D1D7E365059}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{586694BE-E994-4DF8-AFF8-594AE72E57CC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{5921B8A2-D1B9-41D5-AE39-BF1548A28F89}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5F5AF6E5-1C33-4F0A-B81C-D4DFE83064CC}" = rport=10244 | protocol=6 | dir=out | app=system |
"{5FED52DB-C354-4B61-9438-DF37D048D0D4}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{603FD253-1578-4C93-ADBE-8AF392DAD4B9}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{616C52B1-3A1A-4260-949A-18F912792EFD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6D6E3204-4D62-4147-8EF0-39991FB172F4}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6F109EBC-DD99-4839-BC48-FDB84BD28926}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{71E09386-75CE-4189-8449-BEB8D16D3E5E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{73439BF8-C13C-4BA1-AAD1-59EF128644FC}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{73B73954-9057-4A91-AAEC-5B06488892C9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{7B140662-163D-485B-98F7-3EEC82250BEB}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{7B617184-085E-41B2-A9C4-03220DA87261}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{7CD024F9-DB66-45B9-BAE3-19B577782865}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7D29AF54-9453-49B3-8D11-3AAD22BC434F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{81636F90-34B9-49B2-B6DC-A9031C6BB77B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8B30A291-0250-41D5-9C6A-33D0E86FB970}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8B32BF2C-2B37-42A5-90C3-EC76F5AD9C84}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{9CAEFC31-4B36-4429-8821-44DDDCB89771}" = lport=554 | protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{A24D03FE-9D2A-49D3-BB69-9A5F7A7ED85A}" = lport=7777 | protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{A6D1ED72-D92F-4696-92FA-84266B2A9451}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A95EE28D-996E-4C5E-8E64-A467E4471E5E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AA9A5683-01DD-4D0B-A83D-01E74CBF1909}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{AABBB0E4-2659-4692-92DF-B44C4CC31786}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{B7AAE493-C4C5-40C1-BB95-E087A0D660F2}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BC4ABDDA-950F-4D61-B9EA-23AC4CEB56A3}" = lport=3390 | protocol=6 | dir=in | app=system |
"{C9CAFB83-6202-44D7-8F3B-19FC2ED60F79}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{CC11E32B-3C4C-4628-89CF-B54416498EB6}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D1698AA7-F8B2-4DA7-BF10-A839F9692639}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D7DB07EC-6010-4331-9DF9-504F6880E241}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DEA82D78-875F-470A-B42C-0912E3C1C6C1}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{E817EA3E-3DF5-4BFF-BDCB-003D8E8CA7BC}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EF88C7DE-E2DE-40B3-BBE7-080F86F9BF8B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F1AB9C58-53EB-4C59-8EFC-5AFDB632ABBA}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FF2B163B-F375-4308-A93F-95687C4B0744}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00669AE7-B574-41CD-8E1E-2539BA8B8A90}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{03597C79-921C-4247-8368-759806AF04AF}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{07E79B43-F99B-4A02-8C99-ED0D4C248AC3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0E37EB95-380A-4DEB-8192-406495B4D97A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{14F40DB2-B8F5-4831-B522-EBEE8A580C47}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{17FA82CC-2D1C-4984-B94F-93FEA655CA12}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{19E4E36E-8F3C-4B3D-A01F-0E5E70E1677C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1C418D0A-2B0F-4753-A062-6E9236D5418A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{21224A83-28B3-471A-AE0E-B1F91FFF1E53}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{230B23DA-01BF-43CC-B84C-B4041E661245}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{257390CC-5686-4B2A-86EB-60FC7CE14E54}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{2F5F4FED-7F18-4085-AAA0-01CAAB220FC1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{305FBB57-A460-4771-94C6-5FA5DBA48C13}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{367F5B14-5F09-4F19-99E0-AA3EE2F00AAB}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{3A983773-AC3E-448A-B512-FFEE9E6A7081}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{3ED77DFC-9970-4BBF-8D9B-B615BA7D46C0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4122C9A4-6F7F-4A86-B464-661C71DAC751}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{47BD55A4-7B2A-4C6C-9DAD-B090F75452D9}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{47E9A794-557C-4D82-BD4D-40E872152285}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4BE8E756-6A50-4B85-858F-70366F62D823}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{4D6CB2D4-5039-44BE-A067-2F0072B4EBE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{51D98A62-D30E-41CF-81F0-3459F5D46129}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{58DBD9EF-AE71-4736-A04E-42C213F27037}" = protocol=6 | dir=out | app=support inrosettastoneltdservices.exe |
"{593E1CDF-5B9F-41CC-A72E-136DF526E225}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5A71395E-78C6-464F-A173-1BA38335BBAF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5FC394FD-6BB5-4484-BEE7-CB985D873926}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{60793EE7-9D66-4543-92DF-A415F59FB369}" = dir=in | app=c:\program files (x86)\avg\avg8\avgemc.exe |
"{63BE4ABC-D322-4F0A-98A2-709033571EF2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{65AA8605-A98B-4A97-9A84-AF614C82EDCF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6D7D4965-A3DA-440E-AF3A-5B28855D643C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{6D826C80-EB8C-403F-8F67-1437536BC1DB}" = protocol=6 | dir=out | svc=mcx2svc | app=c:\windows\system32\svchost.exe |
"{7B56C3B8-D915-4F48-9602-C41CACB02FD0}" = protocol=6 | dir=out | app=system |
"{826225A6-0A5A-4646-9928-36B3AD551DCD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{855AC0DB-B6C2-40E8-9F1B-50316065F304}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{86D49EA2-47A6-4DE4-8A2D-07F61DD5C07D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{8764B0B2-3F5D-4624-916E-0630E756B93B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{89D62344-96DD-46BD-AF83-CAA5B25037FA}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8DB9AAD3-934D-40FC-840B-B1867B5C36EF}" = protocol=6 | dir=out | app=c:\windows\ehome\mcx2prov.exe |
"{8DC3E881-FBE8-43F1-8756-E690AF502991}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8F92AA5C-8E88-4B4A-B4DA-C1B21F75CE58}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{91A7D7B5-DC6E-4629-86A8-D454E871226D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9EEC2C9E-FFBF-4F87-A290-6619C3155C9A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{9FCB0D36-63F5-48BE-AE5A-015E9476F66A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{9FF7CF0B-4FB6-4241-859B-E92D86E4525B}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A433CEA8-B93A-4B0D-B37C-FC9E22E269D9}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A82CE850-DFA6-4CB1-8A5E-65216809F2D3}" = protocol=6 | dir=out | app=rosettastoneversion3.exe |
"{B07E4EC6-FBA1-4D95-9F3E-486AA57553BB}" = protocol=6 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{B117BA2D-6584-40D2-BDE4-BA1C7874272F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B2C5A1B0-217B-42A8-80BA-03D718D5BC7B}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B42E1195-56CB-42FE-856B-009D499F5AE2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BEDA3ACD-FF75-47B5-9E3A-415675595792}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C502C601-19E9-4AC0-9C71-8125035F6E3B}" = protocol=17 | dir=out | app=c:\windows\ehome\ehshell.exe |
"{C55656B1-ED87-417F-B020-2C9946CCBBE8}" = dir=in | app=c:\program files (x86)\avg\avg8\avgupd.exe |
"{C81E9B9F-CF07-4502-8A1C-CD77C6545410}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{CA482982-67FA-4312-8574-920D38900282}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D529CA69-C953-4501-B239-2E92DC127E4C}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D7A593C7-6B4C-4FC0-AA74-EAE5B8341987}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D7CF0EFB-2B0A-43D3-82C1-6CC0B06627E2}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D84C1EF9-1952-4C4C-A775-D3971204D1CD}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{DA8CF1CE-019F-4407-A271-A7224619CD8F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E062AF53-A68D-4B0E-A51E-AD50C06464F1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E68D4B2E-98ED-4193-BE11-F8FC63940CB6}" = dir=in | app=rosettastoneversion3.exe |
"{E91C3376-C211-41E5-9DD6-CE68610685A8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EA643C6D-6E3E-4692-BF24-EA891DE08FD3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EB1665C2-6031-49FF-9B67-6CADE2467B22}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EF2457A3-0496-4677-8E9F-5DBAB3A8CE50}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F060E2C7-B5F5-4C7F-8C1E-94BF5795A0B2}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F7B3CE5A-B5CA-45AA-8907-B3A1626EC5D2}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{F94A3743-BAF5-44BD-B990-361F3F498FCF}" = dir=in | app=support inrosettastoneltdservices.exe |
"TCP Query User{0C3F328B-7038-4D2B-83C7-E80EE73FFC7F}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"TCP Query User{1AB479AD-4C06-402D-9589-F11FE7642EBA}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{1C8A4D12-BC5E-46B9-88B6-9C1EF90AA0B0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{2C921DF6-633F-4BA2-8E79-1120668873D2}C:\windows\ehome\ehexthost.exe" = protocol=6 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"TCP Query User{2D708666-0D9C-4CFB-BB10-7A7D3E984D20}C:\program files (x86)\gigabyte\i-cool\run.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\i-cool\run.exe |
"TCP Query User{377C2D32-222A-43F0-AFBE-471829994CE2}C:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe |
"TCP Query User{377FCB29-A9B4-4C26-9AF2-06046A49657E}C:\program files (x86)\jlc's software\internet tv\internet tv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jlc's software\internet tv\internet tv.exe |
"TCP Query User{4492D483-3EF9-46D0-956A-558133F6C4A7}C:\program files (x86)\portpeeker\portpeeker.exe" = protocol=6 | dir=in | app=c:\program files (x86)\portpeeker\portpeeker.exe |
"TCP Query User{488704DA-83E9-4E99-BAC3-78038B7C8998}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{68ED61B1-F4C8-43EA-91A1-AE2CFADC34B6}C:\program files (x86)\vidalia bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia bundle\tor\tor.exe |
"TCP Query User{AB263C79-3678-4E4C-889C-EA18DC8EB760}C:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe |
"TCP Query User{AC409008-4AD9-4FB7-A6D0-8E5D9DAC4FA6}C:\program files (x86)\vidalia bundle\tor\tor.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vidalia bundle\tor\tor.exe |
"TCP Query User{CAFB8C4F-EB9A-4623-8E3D-33BD3A2F07F6}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
"TCP Query User{CFA61C33-66A6-46E4-B7E2-3AC5628B8483}C:\program files (x86)\gigabyte\i-cool\run.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gigabyte\i-cool\run.exe |
"TCP Query User{D592DB1B-9963-47C1-8BE3-B6870A00CF04}C:\program files (x86)\iepro\minidm.exe" = protocol=6 | dir=in | app=c:\program files (x86)\iepro\minidm.exe |
"UDP Query User{0DF1873B-3AF4-4EF7-BB85-A06517331666}C:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\activision\call of duty 4 - modern warfare\iw3mp.exe |
"UDP Query User{20BEACD9-B166-441B-9523-EB7941211D78}C:\program files (x86)\gigabyte\i-cool\run.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\i-cool\run.exe |
"UDP Query User{325F6ACA-C6F2-48D4-9F5F-ACD1067464EF}C:\program files (x86)\gigabyte\@bios\gwflash.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\@bios\gwflash.exe |
"UDP Query User{3A6DC12F-04DB-47D0-B491-A064E94EF010}C:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe |
"UDP Query User{443F9A96-64E8-4ECD-837C-EC79F17157B4}C:\windows\ehome\ehexthost.exe" = protocol=17 | dir=in | app=c:\windows\ehome\ehexthost.exe |
"UDP Query User{47F62194-57E5-49A7-AE57-CA178AF2F37E}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{52978E05-2440-4AC8-BD8F-900670018D2A}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{55481850-144F-40F8-A2C4-F0410BE6D68B}C:\program files (x86)\vidalia bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia bundle\tor\tor.exe |
"UDP Query User{571AD2F9-5992-4852-A23D-ACD1FD268733}C:\program files (x86)\portpeeker\portpeeker.exe" = protocol=17 | dir=in | app=c:\program files (x86)\portpeeker\portpeeker.exe |
"UDP Query User{82B80C53-6186-4675-9773-F869CD48B83E}C:\program files (x86)\iepro\minidm.exe" = protocol=17 | dir=in | app=c:\program files (x86)\iepro\minidm.exe |
"UDP Query User{878C8E35-F1C0-4152-864E-CA7010364E53}C:\program files (x86)\jlc's software\internet tv\internet tv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jlc's software\internet tv\internet tv.exe |
"UDP Query User{90F6028D-B252-4123-A095-3CA68BC4666E}C:\program files (x86)\vidalia bundle\tor\tor.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vidalia bundle\tor\tor.exe |
"UDP Query User{A150B7FD-2299-4656-9426-784CC6D444C2}C:\program files (x86)\gigabyte\i-cool\run.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gigabyte\i-cool\run.exe |
"UDP Query User{BC31A515-9F43-46E7-90DF-6B2559514FC6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{FC1934D3-0C91-4F65-92FE-299545B01071}C:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\tpgsoftphone\tpgsoftphone\tpgsoftphone.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0464-000001000000}" = 7-Zip 4.64 (x64 edition)
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile Device Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{A927737F-8C1C-46BE-A85B-E4246CF75D0D}" = Microsoft IntelliType Pro 6.1
"{AD5BAA95-657F-4D81-8E07-D0882C2E8985}" = Microsoft IntelliPoint 6.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F850707C-B6A0-4B56-8709-F89CF8F9AC6D}" = Eraser
"D410A1715EF3A4E4A0EE33A217691DDBA3037DDE" = Windows Driver Package - Silicon Integrated Systems Corp.(1.09d.00) (SIS163u) Net (01/25/2007 6.0.1039.1094)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"Ogg Codecs" = Ogg Codecs 0.81.15562
"UltSounds" = Windows Sound Schemes
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
"x64 Components_is1" = x64 Components v2.0.9
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{048DB60B-5AD7-40D3-ACDA-6E8B233829FA}" = Logitech Harmony Remote Software 7
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 16
"{28FB7853-A6ED-4F67-8635-9F0E863FC0AD}" = WinFast Codec-TS SDK
"{2DD388FF-6422-43C9-86A1-C7A99C83E946}" = ASUS nVidia Driver
"{3248F0A8-6813-11D6-A77B-00B0D0150120}" = J2SE Runtime Environment 5.0 Update 12
"{366E24C6-9097-4F63-BF42-3F3EF356A960}" = Photosynth 2.0.1519.16
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{418EC9DD-25EE-4C3F-8827-B7AA9B26405B}" = WinFast Multimedia Driver Installation
"{5C6F884D-680C-448B-B4C9-22296EE1B206}" = Logitech Harmony Remote Software 7
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7210BCFE-ED8D-4261-8537-81B5A4BDFA2A}" = Rosetta Stone V3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76C24F39-B161-498F-BD8B-C64789812D13}_is1" = ConvertXtoDVD 3.5.1.135
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{8471021C-F529-43DE-84DF-3612E10F58C4}" = Remote Control USB Driver
"{851367C1-2F9F-4087-B3E8-8DECFE328370}" = The Da Vinci Code
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A0E0340-C3D7-42D1-96D4-64179FD456AE}" = WinFast De-interlace SDK
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A040AC77-C1AA-4CC9-8931-9F648AF178F6}" = VC 9.0 Runtime
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA468551-1794-42FE-B504-C41D75EEBDF2}_is1" = Partition Wizard Home Edition 4.1
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{AC76BA86-7AD7-2448-0000-900000000003}" = Chinese Traditional Fonts Support For Adobe Reader 9
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF9848E2-5F19-4E49-9E6E-044FBDC28404}" = WinFast TT-SB SDK
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B5F47039-9B19-4AC3-9A4A-E1CA3068E59F}" = ArcSoft TotalMedia Theatre 3
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}" = QuickTime
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C92C584E-C781-475E-A8E2-C67D993A6B95}" = WinFast PVR2
"{C96A23CB-DDE6-4DEF-AD83-D5D5037D4316}" = iMON
"{CA897AF5-4EA6-42E9-AD11-138160C560B2}" = VmcLauncher
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"ASCOM Platform 3.0" = ASCOM Platform 3.0
"AVG8Uninstall" = AVG Free 8.5
"CCleaner" = CCleaner (remove only)
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Eraser" = Eraser
"HijackThis" = HijackThis 2.0.2
"InstallShield_{B5F47039-9B19-4AC3-9A4A-E1CA3068E59F}" = ArcSoft TotalMedia Theatre 3
"Magic ISO Maker v5.4 (build 0245)" = Magic ISO Maker v5.4 (build 0245)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Starry Night Pro Plus 6" = Starry Night Pro Plus 6
"Stellarium_is1" = Stellarium 0.10.0
"UndeletePlus_is1" = Undelete Plus 2.94
"uTorrent" = µTorrent
"VideoReDoTVSuite_is1" = VideoReDo TVSuite Version 3.1.4.549
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-4098504633-1038546326-2246272219-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 31/10/2009 3:28:31 AM | Computer Name = MediaCentre-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 31/10/2009 3:28:31 AM | Computer Name = MediaCentre-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 31/10/2009 3:28:34 AM | Computer Name = MediaCentre-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 31/10/2009 3:28:34 AM | Computer Name = MediaCentre-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 31/10/2009 8:17:48 AM | Computer Name = MediaCentre-PC | Source = Perflib | ID = 1023
Description =
Error - 31/10/2009 8:17:48 AM | Computer Name = MediaCentre-PC | Source = Perflib | ID = 1023
Description =
Error - 31/10/2009 8:25:48 AM | Computer Name = MediaCentre-PC | Source = Perflib | ID = 1023
Description =
Error - 31/10/2009 8:25:48 AM | Computer Name = MediaCentre-PC | Source = Perflib | ID = 1023
Description =
Error - 31/10/2009 8:16:29 PM | Computer Name = MediaCentre-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 31/10/2009 8:16:29 PM | Computer Name = MediaCentre-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_c46a533c8a667ee7\MFC80.DLL".
Dependent
Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.
[ Media Center Events ]
Error - 23/08/2009 5:41:51 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 23/08/2009 8:41:34 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 12/09/2009 1:11:12 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 22/09/2009 7:43:31 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 30/09/2009 7:20:20 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 1/10/2009 4:45:13 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 4/10/2009 8:33:35 PM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 5/10/2009 1:12:01 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 25/10/2009 5:51:35 PM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 26/10/2009 1:20:37 AM | Computer Name = MediaCentre-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
[ System Events ]
Error - 31/10/2009 3:04:50 AM | Computer Name = MediaCentre-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 31/10/2009 3:05:14 AM | Computer Name = MediaCentre-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 31/10/2009 3:05:22 AM | Computer Name = MediaCentre-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31/10/2009 3:05:22 AM | Computer Name = MediaCentre-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31/10/2009 3:05:22 AM | Computer Name = MediaCentre-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 31/10/2009 3:05:22 AM | Computer Name = MediaCentre-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 31/10/2009 3:05:43 AM | Computer Name = MediaCentre-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31/10/2009 3:05:43 AM | Computer Name = MediaCentre-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS has been blocked
from loading due to incompatibility with this system. Please contact your software
vendor for a compatible version of the driver.
Error - 31/10/2009 3:06:26 AM | Computer Name = MediaCentre-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 31/10/2009 3:06:26 AM | Computer Name = MediaCentre-PC | Source = Application Popup | ID = 1060
Description = \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
< End of report >
Help
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.
This topic is locked
Back to top
icon on your desktop.
button.
