Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I infected?


  • This topic is locked This topic is locked
10 replies to this topic

#1 pchoi22

pchoi22

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 19 October 2009 - 11:45 PM

My internet performance is absolutely terrible these days. I'm on a family router with 3-4 laptops at a time, but this has never been a problem until recently. My parents and my sister can stream view streaming videos and download things without a problem. I notice the drop in performance particularly when I'm viewing videos online (youtube, justin.tv, hulu) and also while I am playing games (dota). Please help!

Attached Files



BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:14 AM

Posted 30 October 2009 - 09:58 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
  • Please download OTL from following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 pchoi22

pchoi22
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 02 November 2009 - 12:11 AM

I'm on a router with 3 people. I experience noticeable drop in performance while viewing videos online (youtube, hulu, justin.tv, etc) and also during online gaming, namely warcraft. I get disconnected in every single game, and I get massive lag. This hasn't been a problem for months, but started about a month ago.

Comcast says there is no problem from their side. First time I called, they told me to reset the modem, and it fixed the problem for just that one day. The next time they told me to unplug the ethernet cable from my router to my modem, and that they will reset the service so I get the expected service. Well, the problem's back again. Maybe its my computer?

OTL:
OTL logfile created on: 11/2/2009 12:02:28 AM - Run 1
OTL by OldTimer - Version 3.1.2.1 Folder = C:\Users\pchoi22\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 59.43% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.12 Gb Total Space | 164.17 Gb Free Space | 57.58% Space Free | Partition Type: NTFS
Drive D: | 12.97 Gb Total Space | 2.43 Gb Free Space | 18.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PCHOI22-PC
Current User Name: pchoi22
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/11/02 00:01:07 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\pchoi22\Desktop\OTL.exe
PRC - [2009/10/28 15:24:53 | 00,908,280 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/10/05 14:10:02 | 03,634,024 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\AIM\aim.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/09/21 15:36:12 | 00,305,440 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/09/15 05:56:48 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/09/15 05:53:12 | 00,159,280 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
PRC - [2009/09/15 05:53:12 | 00,159,280 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
PRC - [2009/09/15 05:53:12 | 00,159,280 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
PRC - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/09 20:16:44 | 00,102,400 | ---- | M] (VT Software) -- C:\Users\pchoi22\Desktop\W3DR.exe
PRC - [2009/08/09 20:16:44 | 00,102,400 | ---- | M] (VT Software) -- C:\Users\pchoi22\Desktop\W3DR.exe
PRC - [2009/08/07 14:20:53 | 00,471,040 | ---- | M] (Blizzard Entertainment) -- c:\Program Files (x86)\Warcraft III\war3.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/07/25 04:23:12 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Java\jre6\bin\jusched.exe
PRC - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2008/12/12 17:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 17:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 17:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2008/12/08 14:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
PRC - [2008/12/08 14:50:04 | 00,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
PRC - [2008/06/02 02:55:22 | 00,080,896 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
PRC - [2007/12/19 21:28:34 | 00,271,760 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
PRC - [2007/12/19 21:28:34 | 00,271,760 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe
PRC - [2007/12/19 21:27:50 | 00,468,264 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\HP\QuickPlay\QPService.exe
PRC - [2007/09/19 16:31:34 | 00,202,032 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2007/09/13 10:47:52 | 00,480,560 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
PRC - [2007/08/23 16:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/08/23 16:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
PRC - [2007/05/16 12:43:06 | 00,677,432 | R--- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2007/01/08 17:53:06 | 00,311,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe
PRC - [2006/05/02 17:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/09/21 15:36:16 | 00,660,256 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
SRV:64bit: - [2009/09/15 05:56:43 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
SRV:64bit: - [2009/09/15 05:56:28 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
SRV:64bit: - [2009/09/15 05:54:13 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
SRV:64bit: - [2009/09/15 05:49:40 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
SRV:64bit: - [2009/03/30 16:19:56 | 02,297,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
SRV:64bit: - [2008/01/20 21:52:15 | 01,216,000 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe
SRV:64bit: - [2008/01/20 21:47:32 | 00,383,544 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MpSvc.dll
SRV:64bit: - [2007/02/14 16:23:36 | 00,566,768 | ---- | M] ( ) -- C:\Windows\SysNative\dlcccoms.exe
SRV:64bit: - [2007/02/07 15:27:02 | 00,566,768 | ---- | M] ( ) -- C:\Windows\SysNative\dlbccoms.exe
SRV - [2009/06/05 10:48:14 | 00,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device) [Auto | Running]
SRV - [2009/03/29 23:42:14 | 00,066,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) [On_Demand | Stopped]
SRV - [2009/03/29 23:39:54 | 00,089,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64) [On_Demand | Stopped]
SRV - [2009/03/26 22:47:13 | 00,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) [On_Demand | Stopped]
SRV - [2009/02/18 13:40:04 | 00,042,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0) [On_Demand | Stopped]
SRV - [2009/02/18 13:39:11 | 00,857,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc) [Unknown | Stopped]
SRV - [2008/12/12 17:06:40 | 00,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice) [Auto | Running]
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service) [Auto | Running]
SRV - [2008/11/04 00:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv) [On_Demand | Stopped]
SRV - [2008/01/20 21:51:36 | 00,344,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehrecvr.exe -- (ehRecvr) [On_Demand | Stopped]
SRV - [2008/01/20 21:51:36 | 00,153,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched) [On_Demand | Stopped]
SRV - [2008/01/20 21:47:00 | 00,428,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) [Auto | Running]
SRV - [2008/01/20 21:47:00 | 00,211,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) [Auto | Running]
SRV - [2007/12/19 21:28:34 | 00,271,760 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPCapSvc.exe -- (QPCapSvc) [Auto | Running]
SRV - [2007/12/19 21:28:34 | 00,112,016 | ---- | M] () -- C:\Program Files (x86)\HP\QuickPlay\Kernel\TV\QPSched.exe -- (QPSched) [Auto | Running]
SRV - [2007/09/19 19:30:52 | 00,065,536 | ---- | M] (Hewlett-Packard) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service) [Auto | Running]
SRV - [2007/08/23 16:40:48 | 00,079,136 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService) [Auto | Running]
SRV - [2007/03/05 12:30:06 | 00,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb) [On_Demand | Stopped]
SRV - [2007/02/07 15:26:52 | 00,538,096 | ---- | M] ( ) -- C:\Windows\SysWow64\dlbccoms.exe -- (dlbc_device) [Auto | Running]
SRV - [2007/01/04 16:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) [Auto | Running]
SRV - [2006/11/02 10:03:48 | 00,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart) [Auto | Stopped]
SRV - [2006/11/02 08:34:14 | 00,000,000 | ---D | M] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) [Unknown | Stopped]
SRV - [2006/11/02 01:35:15 | 00,060,994 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds) [On_Demand | Stopped]
SRV - [2006/11/02 01:35:15 | 00,055,846 | ---- | M] () -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS) [On_Demand | Stopped]
SRV - [2006/10/26 16:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose) [On_Demand | Stopped]
SRV - [2006/05/02 17:41:28 | 00,135,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe -- (hpqwmiex) [Auto | Running]
SRV - [2005/11/14 03:06:04 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT) [On_Demand | Stopped]


========== Driver Services (SafeList) ==========

DRV - [2009/03/26 19:56:29 | 00,475,696 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running]
DRV - [2009/03/26 19:56:29 | 00,131,632 | ---- | M] (Symantec Corporation) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Stopped]
DRV - [2008/01/20 21:49:57 | 00,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\winusb.dll -- (winusb) WinUSB Service [Kernel | On_Demand | Stopped]
DRV - [2007/02/07 13:27:46 | 00,014,104 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan) speedfan [Kernel | Boot | Running]
DRV - [2006/09/18 16:36:40 | 00,003,066 | ---- | M] () -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip) TCP/IP Protocol Driver [Kernel | Boot | Running]
DRV - [2006/09/18 16:35:23 | 00,001,088 | ---- | M] () -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv) Windows Firewall Authorization Driver [Kernel | On_Demand | Running]
DRV - [2006/06/18 03:26:50 | 00,094,208 | ---- | M] (Conexant) -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk) mdmxsdk [Kernel | Auto | Running]


========== Modules (SafeList) ==========

MOD - [2009/11/02 00:01:07 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\pchoi22\Desktop\OTL.exe
MOD - [2009/07/17 08:54:43 | 00,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\atl.dll
MOD - [2009/04/11 01:28:25 | 01,077,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vssapi.dll
MOD - [2009/04/11 01:28:24 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\spp.dll
MOD - [2009/04/11 01:28:24 | 00,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\IME\SPTIP.DLL
MOD - [2009/04/11 01:28:20 | 00,545,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\imekr8\imkrtip.dll
MOD - [2009/04/11 01:28:20 | 00,364,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\SHARED\IMETIP.DLL
MOD - [2009/04/11 01:28:20 | 00,126,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\SHARED\IMJKAPI.DLL
MOD - [2009/04/11 01:28:20 | 00,113,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IME\imekr8\imkrapi.dll
MOD - [2009/04/11 01:28:18 | 00,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authz.dll
MOD - [2009/04/11 01:21:38 | 01,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
MOD - [2008/01/20 21:52:09 | 00,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
MOD - [2008/01/20 21:50:01 | 00,183,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\xmllite.dll
MOD - [2008/01/20 21:49:43 | 00,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vsstrace.dll


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKLM\..\URLSearchHook: {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found


IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...n&pf=laptop
IE - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\S-1-5-21-3910799180-2590520660-771679722-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\S-1-5-21-3910799180-2590520660-771679722-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://aim.search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-aim-chromesbox-en-us"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems: uploader@adblockfilters.mozdev.org:1.7.1
FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.0.6
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.96.5.1
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.1
FF - prefs.js..extensions.enabledItems: flash_switcher@sephiroth.it:2.0.2
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}:6.0.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.4
FF - prefs.js..extensions.enabledItems: {239c61a8-e55f-11db-8314-0800200c9a66}:2.1.1
FF - prefs.js..extensions.enabledItems: camifox@altmusictv.com:2.0.3
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - prefs.js..keyword.URL: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50-ff-aim-ab-en-us&query="
FF - prefs.js..network.proxy.http: "208.74.174.142"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.socks_version: 4


FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ File not found
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2009/10/28 15:24:56 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2009/10/29 09:59:13 | 00,000,000 | ---D | M]

[2009/06/27 19:58:25 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\youtube2mp3@mondayx.de
[2009/02/28 14:03:31 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\uploader@adblockfilters.mozdev.org
[2009/08/31 16:30:50 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\flash_switcher@sephiroth.it
[2009/07/01 20:44:49 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\elemhidehelper@adblockplus.org
[2009/08/25 14:17:23 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\camifox@altmusictv.com
[2009/08/17 19:37:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/10/14 15:57:56 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/08/17 19:37:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/09/21 20:48:29 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/08/25 14:07:58 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{239c61a8-e55f-11db-8314-0800200c9a66}
[2009/07/15 02:35:27 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2008/10/14 10:00:28 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{00fb5da0-78c2-4ed7-98d2-d2ae637ed844}
[2009/11/01 02:43:52 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions
[2009/02/27 02:13:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2008/09/04 09:39:00 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/02/27 02:13:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Extensions
[2009/02/27 02:13:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Extensions
[2008/09/04 09:39:00 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/02/27 02:13:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org
[2009/11/01 02:43:52 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions
[2008/10/14 10:00:28 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{00fb5da0-78c2-4ed7-98d2-d2ae637ed844}
[2009/07/15 02:35:27 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/08/25 14:07:58 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{239c61a8-e55f-11db-8314-0800200c9a66}
[2009/09/21 20:48:29 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/08/17 19:37:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/10/14 15:57:56 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/08/17 19:37:20 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/08/25 14:17:23 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\camifox@altmusictv.com
[2009/07/01 20:44:49 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\elemhidehelper@adblockplus.org
[2009/08/31 16:30:50 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\flash_switcher@sephiroth.it
[2009/02/28 14:03:31 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\uploader@adblockfilters.mozdev.org
[2009/06/27 19:58:25 | 00,000,000 | ---D | M] -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\extensions\youtube2mp3@mondayx.de
[2009/10/14 15:58:11 | 00,004,554 | ---- | M] () -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\searchplugins\aim-search-1.xml
[2008/12/27 16:23:25 | 00,001,739 | ---- | M] () -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\searchplugins\aim-search.xml
[2008/10/14 08:57:52 | 00,001,136 | ---- | M] () -- C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\searchplugins\winamp-search.xml
[2009/08/06 15:09:42 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/03/25 11:38:26 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/03/05 15:58:14 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2008/12/05 23:54:45 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/10/28 15:24:56 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/18 00:08:55 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/10/18 00:08:55 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/10/28 15:24:56 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2008/12/05 23:54:45 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[2009/03/05 15:58:14 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[2009/03/25 11:38:26 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/08/06 15:09:42 | 00,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009/10/28 15:24:52 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/28 15:24:52 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll
[2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Mozilla Firefox\plugins\libdivx.dll
[2007/04/10 16:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
[2009/07/25 04:23:01 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeploytk.dll
[2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdivx32.dll
[2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009/07/07 16:20:42 | 00,061,440 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
[2009/07/07 16:20:42 | 00,065,536 | ---- | M] (AOL LLC) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
[2008/06/27 16:03:12 | 01,446,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
[2009/10/28 15:24:53 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll
[2008/10/14 21:33:30 | 00,095,600 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/22 13:20:35 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/22 13:20:35 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/22 13:20:35 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/22 13:20:35 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/22 13:20:36 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/22 13:20:36 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/22 13:20:36 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\plugins\npViewpoint.dll
[2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project, http://www.openssl.org/) -- C:\Program Files (x86)\Mozilla Firefox\plugins\ssldivx.dll
[2009/08/24 13:45:46 | 00,001,394 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/24 13:45:46 | 00,002,193 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\answers.xml
[2009/08/24 13:45:46 | 00,001,534 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/24 13:45:46 | 00,002,344 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/24 13:45:46 | 00,002,371 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\google.xml
[2009/08/24 13:45:46 | 00,001,178 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/24 13:45:46 | 00,000,792 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\yahoo.xml

O1 HOSTS File: (761 bytes) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files (x86)\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (no name) - {266fcdca-7bb3-4da7-b3bf-f845dea2ebd6} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O3 - HKU\S-1-5-21-3910799180-2590520660-771679722-1000\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll File not found
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] File not found
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [nmctxth] C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [QlbCtrl] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QPService] C:\Program Files (x86)\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WAWifiMessage] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3910799180-2590520660-771679722-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3910799180-2590520660-771679722-1000..\Run: [Google Update] C:\Users\pchoi22\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8:64bit: - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files (x86)\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\\nlaapi.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\\NapiNSP.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\\pnrpnsp.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\\pnrpnsp.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\\mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\\winrnr.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\\mswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\\mswsock.dll File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.87.73.246 68.87.71.230
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\\MSVidCtl.dll File not found
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\\itss.dll File not found
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\\inetcomm.dll File not found
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\\itss.dll File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll (Cisco Systems, Inc.)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\\MSVidCtl.dll File not found
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\\mshtml.dll File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\\urlmon.dll File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\\userinit.exe File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\\webcheck.dll File not found
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\\browseui.dll File not found
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\\DreamScene.dll File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/09/11 10:18:54 | 00,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{358d2e45-20ba-11de-ae2d-001d726ee996}\Shell - "" = AutoRun
O33 - MountPoints2\{358d2e45-20ba-11de-ae2d-001d726ee996}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (lsdelete) - File not found
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\SysWow64\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (/k:C) - File not found
O34 - HKLM BootExecute: (*) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found

========== Files/Folders - Created Within 30 Days ==========

[2009/11/02 00:01:04 | 00,528,384 | ---- | C] (OldTimer Tools) -- C:\Users\pchoi22\Desktop\OTL.exe
[2009/10/26 16:43:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2009/10/25 23:45:54 | 00,000,000 | ---D | C] -- C:\Users\pchoi22\Desktop\tcp
[2009/10/24 23:48:58 | 00,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2009/10/24 23:48:58 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2009/10/24 23:48:57 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2009/10/24 23:48:56 | 04,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2009/10/19 23:35:16 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2009/10/16 22:37:54 | 00,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMSPDMOD.DLL
[2009/10/16 22:37:54 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMSPDMOD.DLL
[2009/10/16 22:37:47 | 04,698,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2009/10/16 22:37:39 | 00,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msv1_0.dll
[2009/10/16 22:37:38 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msv1_0.dll
[2009/10/16 22:37:15 | 05,690,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2009/10/16 22:37:11 | 07,006,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2009/10/16 22:37:10 | 01,032,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2009/10/16 22:36:54 | 01,426,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2009/10/16 22:36:53 | 00,834,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2009/10/16 22:36:51 | 01,176,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\urlmon.dll
[2009/10/16 22:36:50 | 03,599,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtml.dll
[2009/10/16 22:36:46 | 06,079,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieframe.dll
[2009/10/16 22:36:29 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2009/10/16 22:36:26 | 00,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieencode.dll
[2009/10/16 22:36:25 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieencode.dll
[2009/10/16 22:36:18 | 00,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2009/10/16 22:36:17 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2009/10/16 22:36:09 | 00,174,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\srv2.sys
[2009/10/16 22:36:05 | 00,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2009/10/16 22:36:05 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msasn1.dll
[2009/10/14 15:43:36 | 00,000,000 | ---D | C] -- C:\ProgramData\AIM
[2009/10/14 15:43:36 | 00,000,000 | ---D | C] -- C:\ProgramData\AIM
[2009/10/14 15:43:20 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\AIM
[2009/10/14 15:43:14 | 00,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Software Update Utility
[2009/10/13 10:03:23 | 00,000,000 | ---D | C] -- C:\Users\pchoi22\AppData\Local\AIM
[2009/10/12 20:11:04 | 00,000,000 | ---D | C] -- C:\Users\pchoi22\Documents\Documents\Leawo
[2009/10/12 20:10:47 | 00,000,000 | ---D | C] -- C:\Program Files\Leawo
[2009/10/03 12:07:33 | 00,238,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MpSigStub.exe
[2009/04/20 20:05:11 | 01,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbcserv.dll
[2009/04/20 20:05:11 | 00,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbcusb1.dll
[2009/04/20 20:05:11 | 00,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbchbn3.dll
[2009/04/20 20:05:11 | 00,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbccomc.dll
[2009/04/20 20:05:11 | 00,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbcpmui.dll
[2009/04/20 20:05:11 | 00,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbclmpm.dll
[2009/04/20 20:05:11 | 00,483,328 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbcjswr.dll
[2009/04/20 20:05:11 | 00,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbccomm.dll
[2009/04/20 20:05:11 | 00,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbcinpa.dll
[2009/04/20 20:05:11 | 00,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbciesc.dll
[2009/04/20 20:05:11 | 00,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\DLBChcp.dll
[2009/04/20 20:05:11 | 00,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbcprox.dll
[2009/04/20 20:05:11 | 00,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbcpplc.dll
[2009/04/20 20:05:11 | 00,073,728 | ---- | C] ( ) -- C:\Windows\SysWow64\dlbccu.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/11/02 00:06:40 | 03,670,016 | -HS- | M] () -- C:\Users\pchoi22\ntuser.dat
[2009/11/02 00:01:07 | 00,528,384 | ---- | M] (OldTimer Tools) -- C:\Users\pchoi22\Desktop\OTL.exe
[2009/11/01 23:59:34 | 00,063,359 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/11/01 23:59:34 | 00,063,359 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/11/01 23:13:01 | 00,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3910799180-2590520660-771679722-1000UA.job
[2009/11/01 22:46:35 | 00,032,256 | ---- | M] () -- C:\Users\pchoi22\Desktop\jype.xls
[2009/11/01 22:24:27 | 00,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/01 22:24:27 | 00,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/01 22:17:36 | 00,002,215 | ---- | M] () -- C:\Users\pchoi22\Desktop\iTunes.lnk
[2009/11/01 15:13:00 | 00,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3910799180-2590520660-771679722-1000Core.job
[2009/10/31 23:39:22 | 00,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{900A9C89-C9A8-41F2-B497-C63F763130E8}.job
[2009/10/30 22:48:15 | 00,000,329 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2009/10/30 22:24:22 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/10/30 22:24:17 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/10/30 22:24:11 | 42,267,32032 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/30 06:54:20 | 00,524,288 | -HS- | M] () -- C:\Users\pchoi22\ntuser.dat{c09c46bf-bfd1-11dd-983e-001d726ee996}.TMContainer00000000000000000001.regtrans-ms
[2009/10/30 06:54:20 | 00,065,536 | -HS- | M] () -- C:\Users\pchoi22\ntuser.dat{c09c46bf-bfd1-11dd-983e-001d726ee996}.TM.blf
[2009/10/30 06:54:14 | 03,085,717 | -H-- | M] () -- C:\Users\pchoi22\AppData\Local\IconCache.db
[2009/10/29 15:55:37 | 00,002,611 | ---- | M] () -- C:\Users\pchoi22\Desktop\Microsoft Office Word 2007.lnk
[2009/10/27 00:45:14 | 00,001,795 | ---- | M] () -- C:\Users\pchoi22\Desktop\Warcraft III - The Frozen Throne.lnk
[2009/10/26 21:30:02 | 00,171,894 | ---- | M] () -- C:\Users\pchoi22\Documents\Documents\proof3.jpg
[2009/10/26 21:29:03 | 00,161,893 | ---- | M] () -- C:\Users\pchoi22\Documents\Documents\proof2.jpg
[2009/10/26 21:28:16 | 00,167,697 | ---- | M] () -- C:\Users\pchoi22\Documents\Documents\proof.jpg
[2009/10/26 16:52:29 | 00,054,503 | ---- | M] () -- C:\Users\pchoi22\AppData\Roaming\nvModes.001
[2009/10/25 22:38:56 | 00,268,238 | ---- | M] () -- C:\Users\pchoi22\Documents\Documents\Xenosaga Episode I.docx
[2009/10/22 17:48:52 | 00,012,660 | ---- | M] () -- C:\Users\pchoi22\Documents\Documents\THE RULES.docx
[2009/10/19 23:35:16 | 00,001,888 | ---- | M] () -- C:\Users\pchoi22\Documents\Documents\HijackThis.lnk
[2009/10/19 22:55:33 | 00,063,359 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/19 22:55:33 | 00,063,359 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/19 20:35:58 | 00,054,503 | ---- | M] () -- C:\Users\pchoi22\AppData\Roaming\nvModes.dat
[2009/10/17 19:18:52 | 00,002,365 | ---- | M] () -- C:\Users\pchoi22\Desktop\Skype.lnk
[2009/10/17 16:33:19 | 00,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/14 15:49:11 | 00,075,776 | ---- | M] () -- C:\Users\pchoi22\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/14 15:43:46 | 00,001,971 | -H-- | M] () -- C:\IPH.PH
[2009/10/14 15:43:36 | 00,001,712 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2009/10/13 21:08:22 | 00,002,052 | ---- | M] () -- C:\Users\pchoi22\Desktop\Google Chrome.lnk
[2009/10/10 21:15:26 | 00,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2009/10/10 21:15:26 | 00,595,684 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2009/10/10 21:15:26 | 00,101,350 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2009/10/07 23:54:15 | 00,000,435 | ---- | M] () -- C:\Users\pchoi22\Desktop\Documents.lnk
[2009/10/06 21:33:00 | 00,000,780 | ---- | M] () -- C:\Users\pchoi22\Desktop\ooVoo.lnk
[2009/10/06 20:51:55 | 00,000,410 | ---- | M] () -- C:\Users\pchoi22\Desktop\Pictures.lnk
[2009/10/06 20:45:16 | 00,000,104 | ---- | M] () -- C:\Users\pchoi22\Desktop\Firefox.lnk
[2009/10/06 20:45:05 | 00,000,919 | ---- | M] () -- C:\Users\pchoi22\Desktop\VLC media player.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/11/01 22:46:33 | 00,032,256 | ---- | C] () -- C:\Users\pchoi22\Desktop\jype.xls
[2009/10/26 21:30:01 | 00,171,894 | ---- | C] () -- C:\Users\pchoi22\Documents\Documents\proof3.jpg
[2009/10/26 21:29:02 | 00,161,893 | ---- | C] () -- C:\Users\pchoi22\Documents\Documents\proof2.jpg
[2009/10/26 21:28:15 | 00,167,697 | ---- | C] () -- C:\Users\pchoi22\Documents\Documents\proof.jpg
[2009/10/24 15:07:28 | 00,268,238 | ---- | C] () -- C:\Users\pchoi22\Documents\Documents\Xenosaga Episode I.docx
[2009/10/22 14:45:03 | 00,012,660 | ---- | C] () -- C:\Users\pchoi22\Documents\Documents\THE RULES.docx
[2009/10/19 23:35:16 | 00,001,888 | ---- | C] () -- C:\Users\pchoi22\Documents\Documents\HijackThis.lnk
[2009/10/19 22:55:33 | 00,063,359 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/19 22:55:33 | 00,063,359 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/10/19 22:55:33 | 00,063,359 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/10/19 22:55:33 | 00,063,359 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/10/17 16:33:19 | 00,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2009/10/14 15:43:36 | 00,001,712 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2009/10/11 12:36:29 | 42,267,32032 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/06 21:51:22 | 00,002,365 | ---- | C] () -- C:\Users\pchoi22\Desktop\Skype.lnk
[2009/10/06 21:51:09 | 00,000,948 | ---- | C] () -- C:\Users\pchoi22\Desktop\CyberLink YouCam.lnk
[2009/10/06 21:33:00 | 00,000,780 | ---- | C] () -- C:\Users\pchoi22\Desktop\ooVoo.lnk
[2009/10/06 20:53:16 | 00,001,823 | ---- | C] () -- C:\Users\pchoi22\Desktop\avast! Antivirus.lnk
[2009/10/06 20:52:55 | 00,002,611 | ---- | C] () -- C:\Users\pchoi22\Desktop\Microsoft Office Word 2007.lnk
[2009/10/06 20:51:55 | 00,000,410 | ---- | C] () -- C:\Users\pchoi22\Desktop\Pictures.lnk
[2009/10/06 20:51:46 | 00,000,435 | ---- | C] () -- C:\Users\pchoi22\Desktop\Documents.lnk
[2009/10/06 20:50:13 | 00,000,881 | ---- | C] () -- C:\Users\pchoi22\Desktop\DivX Player.lnk
[2009/10/06 20:48:33 | 00,001,795 | ---- | C] () -- C:\Users\pchoi22\Desktop\Warcraft III - The Frozen Throne.lnk
[2009/10/06 20:46:24 | 00,002,215 | ---- | C] () -- C:\Users\pchoi22\Desktop\iTunes.lnk
[2009/10/06 20:46:02 | 00,001,732 | ---- | C] () -- C:\Users\pchoi22\Desktop\LimeWire 5.1.3.lnk
[2009/10/06 20:45:16 | 00,000,104 | ---- | C] () -- C:\Users\pchoi22\Desktop\Firefox.lnk
[2009/10/06 20:45:14 | 00,002,052 | ---- | C] () -- C:\Users\pchoi22\Desktop\Google Chrome.lnk
[2009/10/06 20:45:05 | 00,000,919 | ---- | C] () -- C:\Users\pchoi22\Desktop\VLC media player.lnk
[2009/09/28 18:55:34 | 08,673,792 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/07/26 21:36:46 | 01,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2009/06/09 05:16:47 | 00,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/09 05:15:17 | 00,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/03 01:40:29 | 04,762,112 | ---- | C] () -- C:\Windows\SysWow64\NCMedia.dll
[2009/05/03 01:40:29 | 00,383,238 | ---- | C] () -- C:\Windows\SysWow64\libmp3lame-0.dll
[2009/04/20 20:40:51 | 00,000,279 | ---- | C] () -- C:\Windows\dellstat.ini
[2009/04/20 20:05:11 | 00,413,696 | ---- | C] () -- C:\Windows\SysWow64\dlbcutil.dll
[2009/04/20 20:05:11 | 00,274,432 | ---- | C] () -- C:\Windows\SysWow64\DLBCinst.dll
[2009/04/20 20:05:11 | 00,155,648 | ---- | C] () -- C:\Windows\SysWow64\dlbcinsb.dll
[2009/04/20 20:05:11 | 00,090,112 | ---- | C] () -- C:\Windows\SysWow64\dlbccur.dll
[2009/04/15 22:42:19 | 00,000,096 | ---- | C] () -- C:\Users\pchoi22\AppData\Roaming\wklnhst.dat
[2009/03/27 17:20:05 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/03/26 18:56:59 | 01,141,750 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2009/03/20 20:58:34 | 00,000,050 | ---- | C] () -- C:\Windows\Winamp.ini
[2009/03/20 20:58:31 | 00,000,041 | ---- | C] () -- C:\Windows\winampa.ini
[2009/02/12 12:06:03 | 00,000,000 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\FnF4.txt
[2008/11/06 12:48:26 | 00,000,552 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\d3d8caps.dat
[2008/10/24 02:05:25 | 03,085,717 | -H-- | C] () -- C:\Users\pchoi22\AppData\Local\IconCache.db
[2008/10/08 01:07:06 | 00,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2008/09/10 17:50:40 | 00,000,680 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\d3d9caps.dat
[2008/09/09 20:54:49 | 00,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/04 09:46:18 | 00,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/09/03 22:00:06 | 00,017,043 | ---- | C] () -- C:\Users\pchoi22\AppData\Roaming\UserTile.png
[2008/09/03 19:51:30 | 00,075,776 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/03 18:25:22 | 00,054,503 | ---- | C] () -- C:\Users\pchoi22\AppData\Roaming\nvModes.001
[2008/09/03 18:15:28 | 00,054,503 | ---- | C] () -- C:\Users\pchoi22\AppData\Roaming\nvModes.dat
[2008/09/03 16:53:11 | 00,000,000 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\QSwitch.txt
[2008/09/03 16:53:11 | 00,000,000 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\DSwitch.txt
[2008/09/03 16:53:11 | 00,000,000 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\AtStart.txt
[2008/09/03 16:47:21 | 00,077,376 | ---- | C] () -- C:\Users\pchoi22\AppData\Local\GDIPFONTCACHEV1.DAT
[2008/07/01 07:10:42 | 00,000,371 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/05/21 18:56:36 | 00,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2008/01/20 21:50:05 | 00,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:25:49 | 00,000,174 | -HS- | C] () -- C:\Program Files (x86)\desktop.ini
[2006/11/02 10:07:25 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 10:07:25 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 10:07:25 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 10:07:25 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:34:27 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 07:34:27 | 00,000,144 | ---- | C] () -- C:\Windows\win.ini

========== Alternate Data Streams ==========

@Alternate Data Stream - 1338 bytes -> C:\Users\pchoi22\AppData\Local\HEQAm0OzlVc7w:AosECNhMKbkBmlJFftU7j58M
< End of report >

Extras:

OTL Extras logfile created on: 11/2/2009 12:02:28 AM - Run 1
OTL by OldTimer - Version 3.1.2.1 Folder = C:\Users\pchoi22\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.94 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 59.43% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 100.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.12 Gb Total Space | 164.17 Gb Free Space | 57.58% Space Free | Partition Type: NTFS
Drive D: | 12.97 Gb Total Space | 2.43 Gb Free Space | 18.71% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: PCHOI22-PC
Current User Name: pchoi22
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl[@ = cplfile] -- C:\Windows\SysNative\control.exe (Microsoft Corporation)
.hlp[@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html[@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf[@ = inffile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.ini[@ = inifile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.js[@ = JSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.jse[@ = JSEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.txt[@ = txtfile] -- C:\Windows\SysNative\NOTEPAD.EXE (Microsoft Corporation)
.vbe[@ = VBEFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.vbs[@ = VBSFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsf[@ = WSFFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)
.wsh[@ = WSHFile] -- C:\Windows\SysNative\WScript.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.reg [@ = regfile] -- C:\Windows\SysWow64\regedit.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3910799180-2590520660-771679722-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %* File not found
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [open] -- "regedit.exe" "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 32 F2 65 A3 0E E9 C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files (x86)\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08F8DCAB-2DEC-4801-946A-8683D92A6BF9}" = rport=445 | protocol=6 | dir=out | app=system |
"{155A4814-9E67-4766-8A4C-F074DD905055}" = lport=139 | protocol=6 | dir=in | app=system |
"{16821960-1E29-4187-8B38-FB39FAC20552}" = rport=138 | protocol=17 | dir=out | app=system |
"{190E8565-06F9-4CB2-92D8-B7460573C3E3}" = lport=445 | protocol=6 | dir=in | app=system |
"{2A4B703E-CDDA-4FD1-BDAB-B6A39881D070}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3BBE6EC4-3BF9-4FD2-857E-9085FE6C4A42}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{43DE617E-68C7-4C1C-8EBC-B2BE717C2E94}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{4949EDE0-350B-40BB-9E7F-8E5F93DB1633}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{494CB2ED-EAED-4B77-9876-255947C5A928}" = rport=137 | protocol=17 | dir=out | app=system |
"{4A844AFC-BF35-4EF7-B707-36F87D3DC6B9}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{4DB3CFCF-B6B6-4494-B84F-F04537DD6258}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{506FD5DF-5630-4AFE-BCAF-EC14A6C80CF2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{64309B93-DE81-4815-8524-51C8659B3557}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6727CCF6-8221-45EF-AA00-BA74CBD227A4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{67A70D44-84F6-470C-8A27-FD0C4275AF98}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{69BAF321-274F-4A5D-BE18-53C95FC128C8}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8273DDB5-650F-4349-AE09-342C2F56F8F6}" = lport=138 | protocol=17 | dir=in | app=system |
"{88869BA7-A6B3-4763-A0D7-C8263B1FBC7D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{977CBA78-9312-4541-8AE9-9AA4A2BA133E}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{A29D8417-3C36-4AC0-9A54-118BB4570CCB}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{AB91C9EC-6E9B-4C26-9E2E-7E142ED93A09}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{BD4B208C-E7BE-4711-8C6B-2022230649ED}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{BDAAB50A-3C5F-4432-95EF-B6925A74EB77}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CEC4629E-4121-43E0-B56C-C1BEB5066228}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{CF1A251A-6B78-4F79-939B-1EC8863A84AE}" = rport=139 | protocol=6 | dir=out | app=system |
"{D783BB6C-DE2D-44F9-AED5-D8D896B9E1D7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D7B3E182-71F6-4CF2-AC21-DFFC2D069160}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{EC802B62-52A6-4EDF-9938-525BA17851C2}" = rport=3540 | protocol=17 | dir=out | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{F6B371DA-125A-4786-BD8D-E4EA8875F25E}" = lport=3540 | protocol=17 | dir=in | svc=pnrpsvc | app=%systemroot%\system32\svchost.exe |
"{F77CA487-CE20-4DD1-B3F0-6CDCC68AFC2C}" = rport=3702 | protocol=17 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{FB3F6989-A7C7-48CC-872E-5013BA2E0463}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FF77B21A-4691-46EF-B564-F255914E7BD1}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000CE242-AB60-4017-BB50-D68231E7811F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{009A80CE-3115-4115-AF4B-45C9948A9B00}" = protocol=17 | dir=in | app=c:\windows\syswow64\dlbccoms.exe |
"{015246BC-575C-498F-A37A-24426CE3C54C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{034947D5-A56E-49C5-8AC6-DCAE52E0C26A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{0540566C-B816-459C-971F-3F2FB681AFF9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{0C100FCB-FD8D-4C4E-912D-656D0BA1BEB2}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe |
"{0DBB6629-00A9-474E-BA8C-202571164F1D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0F20A3A4-5FF9-4F1F-AC59-3758F0EFBEF9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0F360E58-C0BB-4F6D-B3A0-6AA350EE6F0C}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe |
"{108724DC-9C35-41CD-A043-87D713ADC94F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{110DC0F6-1A5B-4ACA-A549-FEA2C1FD5FD0}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{15F7F74E-65C8-4290-89A8-530FBD32444E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1AC86F7D-53DB-46E3-92CC-D8C4C9E593D3}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe |
"{1AE886B6-FC7D-4EB3-BDAA-4DC6BC2804EB}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe |
"{1BC0D310-86C3-4BCF-98E5-3B68D404EFB4}" = protocol=17 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{1D8C0FAE-14D1-42BF-9625-CA1852CD2E47}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{1DF30519-F260-4494-8EA3-45CC3D6ED3AB}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{203C00B6-7EB9-434A-ADD4-270943AC5071}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{28622FF7-0381-4AF4-AE6D-B5EA0312AD6A}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{3090BF67-B9DF-44C0-8D5C-E8097881B45C}" = dir=in | app=c:\program files (x86)\hp\quickplay\qp.exe |
"{31E99800-2241-4190-832E-FD6397162E2D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{33D5BFBD-548C-4C52-90D6-77B3A5461990}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{35ACBD76-BE48-46C3-B481-88C41B23AE5A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{47C81CA9-62E7-4152-BB28-25B7DA70365C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{489FA7A0-330D-4BC5-B0A2-D24FD2A65740}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{4B9DD925-DDE8-41A7-94F9-75619889FC74}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{50CA3ED2-B821-46D5-9720-CB5363DFDBB9}" = protocol=6 | dir=out | app=%systemroot%\system32\p2phost.exe |
"{640FE2E0-2EFF-402F-A42B-0DD328427768}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe |
"{6476186D-7C4D-47E9-84EC-DD8B677B0777}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6CBBFA66-F89A-44A2-8DA0-B32242889D59}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{71954B74-2938-48EB-A689-27E4B8C64EF3}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{71E53035-D61D-4611-9278-8754A1D46B44}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7816C097-90C9-4F39-8ECB-008B9F30BF69}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{7E555CF1-0A3A-4AAB-A28B-9083CC22B726}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{80DFC26D-C6D0-4F2C-9F38-0857222C888B}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"{89BE158E-1309-4A82-8E6D-02E525A6807C}" = protocol=6 | dir=in | app=c:\windows\system32\dlcccoms.exe |
"{8ADB3412-3ECD-4F01-B6BE-6CD4B274614A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8DA04F7A-C284-497A-9521-FF1FB646A75C}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbcpswx.exe |
"{9088B54E-C1C1-493F-A3F3-2C274415C0C8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{90A26C02-CBB1-4192-B23B-CF92B0EF2F3A}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{98221878-E92A-4479-99E9-EE33705EE8C4}" = protocol=6 | dir=in | app=c:\program files (x86)\aim6\aim6.exe |
"{9A0EFDF6-7C0D-4C9F-BEFE-B548E0D6656E}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlbcpswx.exe |
"{9A62D9DA-6210-4271-8C1F-F53809916B7B}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{AF6BD284-C633-4F81-BF95-5B8A78E447F9}" = protocol=17 | dir=in | app=c:\program files (x86)\aim6\aim6.exe |
"{B8BAD5F9-F1F1-4C5D-A24A-275F91DCA846}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe |
"{B9BC97A7-DA6B-4185-AA4A-707906675DB6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{BE5EB784-20D4-4078-974A-AF96230D3DB4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C04951B0-E24F-48A6-8B27-E76AB2496490}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe |
"{C69EA629-EFA4-4216-B98C-57C679E6571B}" = protocol=17 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{CD18A19B-E56C-4F27-9B69-0274A7FA89FB}" = protocol=6 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{D4246B10-256C-4756-839B-DB4E6B6383C9}" = protocol=6 | dir=in | app=%systemroot%\system32\p2phost.exe |
"{D5D52980-1C41-4FD4-8AAB-7E1CB631EC89}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{DA773923-6E71-4D99-ADB0-45F12AAA1C99}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{E3D12EF1-4F2F-4E9D-A7CA-2B92145CAB74}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EBF2C5B0-DDAE-4392-8407-ED458D796143}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{ED6F1EAE-AAF2-4450-A1EF-E8B336CFE5D1}" = protocol=6 | dir=in | app=c:\windows\syswow64\dlbccoms.exe |
"{EECBF6AF-DFE0-4583-AB29-FB81270921AF}" = dir=in | app=c:\program files (x86)\hp\quickplay\qpservice.exe |
"{EFBCDC78-A68E-46FF-AB1C-418A89C04F2F}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{EFF5A077-C592-4422-934C-9E076CABEA49}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{F1A3F2ED-640F-4324-9A3D-122A131C9590}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{F3DCC82B-14B3-4BE6-94C7-47AB497C6207}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{FA573355-C8BD-4A73-AAB0-E0F1ED2E25F5}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe |
"{FCA14A11-5B45-4055-95FF-6628DC5A3FD6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{FF9080CC-24EE-427A-A7FA-E496A802E9F9}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"TCP Query User{0E5E8ABC-F7F9-4319-8B8C-2B48C19FE7D3}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{12FC0E25-D5BB-42DC-AE8B-BA67976CC2A9}C:\program files (x86)\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\hl.exe |
"TCP Query User{22FD4556-9A11-4A05-A2EE-501E28673D58}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{2B44DEC5-F56C-4B1E-A0E5-217950B1E834}C:\program files (x86)\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"TCP Query User{407F0DD6-4E9B-4B7A-A18E-D9D1C03C6347}C:\program files (x86)\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"TCP Query User{41BB6CED-9FC6-4F89-8DB4-97E91C8A9346}C:\program files (x86)\winpcap\rpcapd.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winpcap\rpcapd.exe |
"TCP Query User{56063324-B741-477A-952B-F5A9766D6F08}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{647499A0-07C7-4901-A253-BA585AA85C44}C:\program files (x86)\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"TCP Query User{6D063DFF-6DA1-4D32-BF6F-42E67D38A5D1}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"TCP Query User{79BC3878-EAC5-434A-B877-83184B34B62A}C:\program files (x86)\pando networks\pando\pando.exe" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |
"TCP Query User{7D8843F5-A22E-4633-92CF-838236733407}C:\program files (x86)\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"TCP Query User{7EF44982-47BD-4924-9325-570A03785842}C:\program files (x86)\valve\hltv.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\hltv.exe |
"TCP Query User{A5487802-56F0-44C3-9B80-D5B6AF6F5BEF}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{C5554851-2DE3-4F02-B126-2F779E8A1673}C:\program files (x86)\gaz\gaz.exe" = protocol=6 | dir=in | app=c:\program files (x86)\gaz\gaz.exe |
"TCP Query User{CB6CDA4C-5FD5-405A-8B06-A963DD734393}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{DC724E59-9096-4A8E-B426-C220E81FAA73}C:\program files (x86)\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\valve\hl.exe |
"TCP Query User{DCFB34BF-C6B9-4BE7-AA42-1AFC306640D5}C:\program files (x86)\aim6\aim6.exe" = protocol=6 | dir=in | app=c:\program files (x86)\aim6\aim6.exe |
"TCP Query User{E139924D-7901-4961-AF50-512A0B54CEC0}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{E734D01B-D9D8-40CB-9033-2DED83DD3B42}C:\users\pchoi22\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\pchoi22\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{EAD9F413-AFA3-4CF8-83B2-954A86CA80C8}C:\users\pchoi22\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=6 | dir=in | app=c:\users\pchoi22\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"TCP Query User{F8DF6F73-C029-47A1-B163-EFD1F7F018AE}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{14DA8322-095A-4E50-9D1B-AF7727BFDCE1}C:\program files (x86)\aim6\aim6.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim6\aim6.exe |
"UDP Query User{26C5CAD7-3009-45D3-9E23-B63B772B1A2E}C:\program files (x86)\valve\hltv.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\hltv.exe |
"UDP Query User{2B1DC3FF-12E6-4956-875B-1E063ACB7C04}C:\program files (x86)\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
"UDP Query User{475624E9-4C72-4682-91F2-67251D63C319}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{4921D93F-68D7-427E-B4F9-CB5D70AB5CF4}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{4BB1E0AC-7E99-4722-BBAF-C70BD2CF9020}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{6A6C76C7-6C03-4854-92BB-C8EFFAE29BC8}C:\program files (x86)\pando networks\pando\pando.exe" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |
"UDP Query User{7BCED578-99F8-439D-92E2-BBF9D72E5398}C:\program files (x86)\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"UDP Query User{9096984A-30F7-47E1-A6B0-187B659893AF}C:\program files (x86)\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"UDP Query User{9173E190-7E84-44F2-93C8-12843B132ABA}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{91B80412-9F1A-420C-B025-616E2DBD1175}C:\program files (x86)\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\hl.exe |
"UDP Query User{93287781-D387-4677-901D-B09456A43816}C:\program files (x86)\gaz\gaz.exe" = protocol=17 | dir=in | app=c:\program files (x86)\gaz\gaz.exe |
"UDP Query User{99B32558-A943-4EC1-9D00-CC27F16EB67A}C:\users\pchoi22\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe" = protocol=17 | dir=in | app=c:\users\pchoi22\appdata\roaming\macromedia\flash player\www.macromedia.com\bin\octoshape\octoshape.exe |
"UDP Query User{A6175934-1DE2-405D-A199-1180FBA34280}C:\program files (x86)\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\valve\hl.exe |
"UDP Query User{B3FA6A9A-7721-4AA0-ABA4-BE6DA1BC1995}C:\users\pchoi22\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\pchoi22\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{C4497248-5F22-4DDD-9D49-3171C9D82190}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{C5E58DC9-5422-42D9-A76F-C3BEA93499D9}C:\program files (x86)\winpcap\rpcapd.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winpcap\rpcapd.exe |
"UDP Query User{C757CD99-99E8-4AD9-8603-F7D27B88E6CA}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |
"UDP Query User{C8E8D0D2-2D53-4EF9-AAD3-8AE925327E45}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{E897C654-E792-4008-AEAF-DCB3C8E92800}C:\program files (x86)\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\sopcast\adv\sopadver.exe |
"UDP Query User{E9B6B3DD-CB32-49D8-8148-B82FD68D2A84}C:\program files (x86)\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\warcraft iii\war3.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{11192F89-510C-4E23-A62A-D3BEA9139596}" = HP QuickTouch 1.00 C3
"{14021E77-2FC1-4972-8C51-08808CD62838}_is1" = Leawo Free MP4 Converter version 1.9.3.8
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{5759E649-E281-46C2-BB4B-50413623DCDF}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90B5B05F-AFDA-4922-A153-45B14200BA77}" = SPBBC 64bit
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A348C751-0EFF-4B9D-8065-B5339BEFBE27}" = HP Help and Support
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{EACB261C-5C4D-4CB4-B8CC-0EF998C5B3E8}" = User State Migration Tools version 3.0.1
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Dell Photo Printer 720" = Dell Photo Printer 720
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0B026E2A-3026-4608-A1B9-03AD1C8CDF77}_is1" = Convert FLV to MP3 1.0
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 15
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{3B1A4366-8DFA-4582-91F6-27F7A4714FCC}" = Pure Networks Platform
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9FD6F1A8-5550-46AF-8509-271DF0E768B5}" = Dual-Core Optimizer
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time Lib Setup
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.6
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B53620C0-3A83-4F50-A7AB-175DB64C1CE3}" = HP User Guides 0090
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{F1CBC6F7-D82D-4DC5-B81C-9A14F418593A}_is1" = WC3Banlist
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"AIM_7" = AIM 7
"ALUpdate_is1" = ALUpdate
"ALZip_is1" = ALZip
"Antares Autotune VST RTAS TDM_is1" = Antares Autotune VST RTAS TDM v5.08
"avast!" = avast! Antivirus
"CDisplay_is1" = CDisplay 1.8
"Cheat Engine 5.5_is1" = Cheat Engine 5.5
"Collab" = Collab
"Dell Photo Printer 720" = Dell Photo Printer 720
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Extension Changer" = Extension Changer
"FLV Player" = FLV Player 2.0 (build 25)
"GNU Aspell_is1" = GNU Aspell 0.50-3
"GTK 2.0" = GTK+ Runtime 2.12.12 rev a (remove only)
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"LimeWire" = LimeWire 5.1.3
"Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4)
"Notebook Hardware Control" = Notebook Hardware Control 2.0 Pre-Release-06 Bugfix
"RocketDock_is1" = RocketDock 1.3.5
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SopCast" = SopCast 3.0.3
"SpeedFan" = SpeedFan (remove only)
"ST6UNST #1" = Hero Editor V0.96
"Starcraft" = Starcraft
"SystemRequirementsLab" = System Requirements Lab
"Toxic Biohazard" = Toxic Biohazard
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6i
"Warcraft III" = Warcraft III
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1 beta4

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3910799180-2590520660-771679722-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"uTorrent" = µTorrent
"Warcraft III" = Warcraft III: All Products

========== Last 10 Event Log Errors ==========

[ Antivirus Events ]
Error - 10/25/2009 10:16:04 PM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
failed, 00000005.

Error - 10/27/2009 8:08:41 AM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
failed, 00000005.

Error - 10/27/2009 10:34:26 AM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
failed, 00000005.

Error - 10/27/2009 1:17:08 PM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Local\Temp\Acr5820.tmp failed, 00000005.

Error - 10/27/2009 3:41:05 PM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Roaming\Microsoft\Windows\Cookies\index.dat failed, 00000005.


Error - 10/28/2009 4:25:07 PM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\cookies.sqlite-journal
failed, 00000005.

Error - 10/29/2009 11:37:02 AM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Roaming\Microsoft\Windows\Cookies\index.dat failed, 00000005.


Error - 10/29/2009 3:05:18 PM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
failed, 00000005.

Error - 10/29/2009 11:54:09 PM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\Music\iTunes\iTunes Library Extras.itdb failed, 00000005.

Error - 10/31/2009 12:05:48 AM | Computer Name = pchoi22-PC | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Users\pchoi22\AppData\Roaming\Mozilla\Firefox\Profiles\hmq9jd5h.default\places.sqlite
failed, 00000005.

[ Application Events ]
Error - 10/17/2009 11:18:43 PM | Computer Name = pchoi22-PC | Source = Application Error | ID = 1000
Description = Faulting application explorer.exe, version 6.0.6002.18005, time stamp
0x49e02a1e, faulting module korwbrkr.dll_unloaded, version 0.0.0.0, time stamp
0x49e04135, exception code 0xc0000005, fault offset 0x000007fef5facafc, process id
0x10f4, application start time 0x01ca4f85bde67091.

Error - 10/18/2009 8:20:03 PM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/19/2009 2:05:59 AM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/19/2009 3:05:41 PM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/19/2009 3:14:48 PM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/20/2009 12:09:17 AM | Computer Name = pchoi22-PC | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e02a1e, faulting module korwbrkr.dll_unloaded, version 0.0.0.0, time stamp
0x49e04135, exception code 0xc0000005, fault offset 0x000007fef73bcafc, process id
0xe10, application start time 0x01ca50f080cd2bdc.

Error - 10/20/2009 11:14:12 AM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/20/2009 12:23:28 PM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/21/2009 3:11:52 PM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/21/2009 8:43:57 PM | Computer Name = pchoi22-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 3/26/2009 11:58:26 PM | Computer Name = pchoi22-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 4/1/2009 1:01:55 AM | Computer Name = pchoi22-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 4/29/2009 10:23:19 PM | Computer Name = pchoi22-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 5/13/2009 12:32:46 AM | Computer Name = pchoi22-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 6/10/2009 3:40:34 PM | Computer Name = pchoi22-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 7/23/2009 5:50:30 PM | Computer Name = pchoi22-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 7/26/2009 6:06:57 PM | Computer Name = pchoi22-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 8/25/2009 1:25:23 PM | Computer Name = pchoi22-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/11/2009 11:57:38 PM | Computer Name = pchoi22-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/29/2009 8:00:40 AM | Computer Name = pchoi22-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ System Events ]
Error - 10/30/2009 11:25:17 PM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 10/30/2009 11:25:50 PM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 10/31/2009 11:24:23 AM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 10/31/2009 11:24:57 AM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 10/31/2009 11:24:25 PM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 10/31/2009 11:24:57 PM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/1/2009 11:24:25 AM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/1/2009 11:24:57 AM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/1/2009 11:24:23 PM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 11/1/2009 11:24:57 PM | Computer Name = pchoi22-PC | Source = Service Control Manager | ID = 7001
Description =


< End of report >

Thanks guys.

#4 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:14 AM

Posted 02 November 2009 - 05:09 AM

Hi,

I notice the presence of Viewpointmanager on your PC:
Viewpoint Manager is considered as foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad". This changed from what we know in 2006 read this article:

http://www.clickz.com/news/article.php/3561546

I suggest you remove the program now. Click on start > run > and then paste the following into the "open" field: appwiz.cpl and press OK. From within Add or Remove Programs uninstall the following if they exist: Viewpoint, Viewpoint Manager, Viewpoint Media Player.

Please run a scan with Malwarebytes as well:

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2
If you have a previous version of MBAM, remove it via Add/Remove Programs and download a fresh copy.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself.
  • Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install. Alternatively, you can update through MBAM's interface from a clean computer, copy the definitions (rules.ref) located in C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware from that system to a usb stick or CD and then copy it to the infected machine.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you after scanning with MBAM. Please temporarily disable such programs or permit them to allow the changes.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#5 pchoi22

pchoi22
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 02 November 2009 - 02:31 PM

Malwarebytes' Anti-Malware 1.41
Database version: 3089
Windows 6.0.6002 Service Pack 2

11/2/2009 2:30:32 PM
mbam-log-2009-11-02 (14-30-32).txt

Scan type: Quick Scan
Objects scanned: 120825
Time elapsed: 4 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

#6 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:14 AM

Posted 03 November 2009 - 03:15 PM

Hi,

it may be your security software that is slowing down your internet connection. Have you tried running an alternative anti virus program and/or firewall to check if this was the cause?

How is your internet connection when the remaining 3-4 computers are not connected to the internet?

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#7 pchoi22

pchoi22
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 04 November 2009 - 08:48 PM

The connection's fine for the other computers, they have no problem viewing videos on youtube, or downloading things. I, on the other hand, cannot even view videos on youtube without it constantly stopping to buffer. Gaming performance is despicable. I don't understand? I turned off the security system to see if that works but so far I haven't seen any improvement.

#8 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:14 AM

Posted 05 November 2009 - 01:34 PM

Hi,

you have a total amount of bandwidth you can use, if the other PCs on the network use up that amount, your surfing will be delayed. This is why I asked if you were alse having problems when non of the other PCs are connected to the internet.

I'm not really good with networking problems. All I can tell you, is that the problem does not seem to originate from malware. So you need to investigate other possibilities, such as router settings and/or which programs are allowed to connect to the internet. Maybe you recall what you changed before your internet connection slowed down? Did you install new programs? Some updates?

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#9 pchoi22

pchoi22
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:14 PM

Posted 06 November 2009 - 09:31 PM

I think I figured it out. The cable modem might be bad, because on the occasions of lag/dropped performances, the modem's lights showed irregularity. I'll monitor the situation a bit more and call Comcast. Thanks for your help.

#10 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:14 AM

Posted 07 November 2009 - 11:19 AM

Hi,

please let me know how this works out. :( Would be good to know the solution to this one! :(


please remember to update your software:

Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Runtime Environment (JRE)" JRE 6 Update 17.
  • Click the Download button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u17-windows-i586-p.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Your Adobe Reader is also out of date. Please uninstall it and download the latest version from Adobe: Download
Please untick all proposed toolbars unless you really want them.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#11 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,766 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:01:14 AM

Posted 12 November 2009 - 07:45 AM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users