Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected again


  • This topic is locked This topic is locked
31 replies to this topic

#1 dumafach

dumafach

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 14 April 2010 - 03:35 PM

When I start up my computer I will get 40 -50 pages of junk.
I have scanned my computer. I hope you can help.

Attached Files

  • Attached File  DDS.txt   27.08KB   12 downloads
  • Attached File  Attach.txt   10.39KB   7 downloads
  • Attached File  ark.txt   660bytes   8 downloads


BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:30 AM

Posted 18 April 2010 - 01:20 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Options box to the right of your topic title and selecting Track This Topic.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#3 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 19 April 2010 - 03:31 AM

I am here. While I was waiting for a response I did download stopzilla and it seem to stop the pop-ups for now but I did not buy the program. It did show a lot of adware. I will not do anything else until I hear from you. Thank you.

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:30 AM

Posted 19 April 2010 - 03:21 PM

Can you run DDS and post the new log so I can see what StopZilla did.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#5 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 19 April 2010 - 07:22 PM

I had to shut down stopzilla to run dds. It kept showing a file called cognac.

Attached Files

  • Attached File  DDS2.txt   29.28KB   10 downloads


#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:30 AM

Posted 19 April 2010 - 07:36 PM

cognac bad mad.gif

During the fixes please keep StopZilla quiet by disabling it.


Please run MBAM

Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application or, if you are using Vista, right-click and select Run As Administrator on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the "Perform Full Scan" option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you may be asked to reboot your computer so it can proceed with the disinfection process. Regardless if prompted to restart the computer or not, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. MBAM may make changes to your registry as part of its disinfection routine. If you're using other security programs that detect registry changes, they may alert you after scanning with MBAM. Please permit the program to allow the changes.


Now please run Combofix

Please download ComboFix from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Posted Image
m0le is a proud member of UNITE

#7 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 20 April 2010 - 04:13 AM

I ran mbam but I could not run combofix. It stated that it only works on windows 2000 and XP. I have Vista 64bit.

Malwarebytes' Anti-Malware 1.45
www.malwarebytes.org

Database version: 4010

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

4/20/2010 3:39:15 AM
mbam-log-2010-04-20 (03-39-15).txt

Scan type: Full scan (C:\|D:\|J:\|)
Objects scanned: 569141
Time elapsed: 2 hour(s), 50 minute(s), 16 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{7326c63e-4c2e-b709-797b-c39330f61224} (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8ce2f082-c95d-db7f-b8ce-e1f01d6c1b03} (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8ce2f082-c95d-db7f-b8ce-e1f01d6c1b03} (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\InferiorBrandingSystem.DLL (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\inferiorbrandingsystem.inferiorbrandingsystem (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\InferiorBrandingSystem (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files (x86)\InferiorBrandingSystem (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files (x86)\MediaCoder\tools\mkvmerge.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Roger\AppData\Local\Temp\42F0.tmp\edS.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Roger\AppData\Local\Temp\C27B.tmp\edS.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files (x86)\InferiorBrandingSystem\uninstall.exe (Adware.InferiorBrandingSystem) -> Quarantined and deleted successfully.


#8 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:30 AM

Posted 20 April 2010 - 02:58 PM

Ah yes, sorry about that. whistling.gif


Adware has been the cause of the problems but I now need a more detailed log to check for other possible issues.
  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Standard Registry box change it to All.
  • Check the boxes beside LOP Check and Purity Check.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Posted Image
m0le is a proud member of UNITE

#9 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 20 April 2010 - 04:58 PM

This looks like it could take days to read.



First OLE text.
OTL logfile created on: 4/20/2010 4:39:10 PM - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\Roger\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 44.00% Memory free
10.00 Gb Paging File | 6.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.22 Gb Total Space | 188.07 Gb Free Space | 27.37% Space Free | Partition Type: NTFS
Drive D: | 11.41 Gb Total Space | 1.52 Gb Free Space | 13.36% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 931.50 Gb Total Space | 505.89 Gb Free Space | 54.31% Space Free | Partition Type: NTFS

Computer Name: ROGER-PC
Current User Name: Roger
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Roger\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\STOPzilla!\STOPzilla.exe (iS3, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe (iS3, Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe (CinemaNow Inc.)
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
PRC - C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
PRC - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\BtAssist.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Secunia\PSI\psi.exe (Secunia)
PRC - C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
PRC - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe (Creative Labs)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\Windows Live\Toolbar\wltuser.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CNRpc.exe ()
PRC - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.)
PRC - C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
PRC - C:\Program Files (x86)\Yahoo!\Common\YInstBroker.exe (Yahoo! Inc.)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe ()
PRC - C:\Program Files (x86)\Dell AIO 810\DLCGmon.exe (Dell)
PRC - C:\Program Files (x86)\Creative\MediaSource5\CTDetctu.exe (Creative Technology Ltd)
PRC - C:\WINDOWS\SysWOW64\CTSVCCDA.EXE (Creative Technology Ltd)


========== Modules (SafeList) ==========

MOD - C:\Users\Roger\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\SysWOW64\comdlg32.dll (Microsoft Corporation)
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (FontCache) -- C:\Windows\SysNative\FntCache.dll (Microsoft Corporation)
SRV:64bit: - (BthServ) -- C:\Windows\SysNative\bthserv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (XAudioService) -- C:\Windows\SysNative\DRIVERS\xaudio64.exe (Conexant Systems, Inc.)
SRV:64bit: - (dlbc_device) -- C:\Windows\SysNative\dlbccoms.exe ( )
SRV:64bit: - (dlcg_device) -- C:\Windows\SysNative\dlcgcoms.exe ( )
SRV - (szserver) -- C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe (iS3, Inc.)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (avg9wd) -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (CinemaNow Service) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe (CinemaNow, Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (TOSHIBA Bluetooth Service) -- C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (TOSHIBA CORPORATION)
SRV - (NeroMediaHomeService.4) -- C:\Program Files (x86)\Nero\Nero MediaHome 4\NMMediaServerService.exe (Nero AG)
SRV - (Creative Audio Pack Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe (Creative Labs)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (clr_optimization_v2.0.50727_64) -- C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (NMSAccessU) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (DigiRefresh) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (digiSPTIService) -- C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (dlcg_device) -- C:\Windows\SysWow64\dlcgcoms.exe ( )
SRV - (MSDTC) -- C:\WINDOWS\SysWOW64\Msdtc [2006/11/02 08:34:14 | 000,000,000 | ---D | M]
SRV - (vds) -- C:\WINDOWS\SysWOW64\wbem\vds.mof ()
SRV - (VSS) -- C:\WINDOWS\SysWOW64\wbem\vss.mof ()
SRV - (IDriverT) -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Creative Service for CDROM Access) -- C:\WINDOWS\SysWOW64\CTSVCCDA.EXE (Creative Technology Ltd)


========== Driver Services (SafeList) ==========

DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\Drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\Drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\Drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (SCDEmu) -- C:\Windows\SysNative\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Tosrfcom) -- C:\Windows\SysNative\Drivers\tosrfcom.sys (TOSHIBA Corporation)
DRV:64bit: - (Tosrfusb) -- C:\Windows\SysNative\DRIVERS\tosrfusb.sys (TOSHIBA CORPORATION)
DRV:64bit: - (tosrfnds) -- C:\Windows\SysNative\DRIVERS\tosrfnds.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfbd) -- C:\Windows\SysNative\DRIVERS\tosrfbd.sys (TOSHIBA CORPORATION)
DRV:64bit: - (TosRfSnd) -- C:\Windows\SysNative\drivers\tosrfsnd.sys (TOSHIBA Corporation)
DRV:64bit: - (Tosrfhid) -- C:\Windows\SysNative\DRIVERS\Tosrfhid.sys (TOSHIBA Corporation.)
DRV:64bit: - (tosrfbnp) -- C:\Windows\SysNative\Drivers\tosrfbnp.sys (TOSHIBA Corporation)
DRV:64bit: - (btnetBUs) -- C:\Windows\SysNative\Drivers\btnetBus.sys ()
DRV:64bit: - (tosporte) -- C:\Windows\SysNative\DRIVERS\tosporte.sys (TOSHIBA Corporation)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\DRIVERS\psi_mf.sys (Secunia)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (BTHPORT) -- C:\Windows\SysNative\Drivers\BTHport.sys (Microsoft Corporation)
DRV:64bit: - (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI) -- C:\Windows\SysNative\DRIVERS\rfcomm.sys (Microsoft Corporation)
DRV:64bit: - (BthEnum) -- C:\Windows\SysNative\DRIVERS\BthEnum.sys (Microsoft Corporation)
DRV:64bit: - (BTHUSB) -- C:\Windows\SysNative\Drivers\BTHUSB.sys (Microsoft Corporation)
DRV:64bit: - (winusb) -- C:\Windows\SysNative\DRIVERS\WinUSB.SYS (Microsoft Corporation)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\DRIVERS\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\DRIVERS\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\DRIVERS\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (CAXHWBS3) -- C:\Windows\SysNative\DRIVERS\CAXHWBS3.sys (Conexant Systems, Inc.)
DRV:64bit: - (winachsf) -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys (Conexant Systems, Inc.)
DRV:64bit: - (HSF_DP) -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys (Conexant Systems, Inc.)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys (Microsoft Corporation)
DRV:64bit: - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\SysNative\drivers\usbaudio.sys (Microsoft Corporation)
DRV:64bit: - (BthPan) Bluetooth Device (Personal Area Network) -- C:\Windows\SysNative\DRIVERS\bthpan.sys (Microsoft Corporation)
DRV:64bit: - (MBX2MIDK) -- C:\Windows\SysNative\drivers\mbx2midk.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV:64bit: - (MBX2DFU) -- C:\Windows\SysNative\DRIVERS\MBX2DFU.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV:64bit: - (DigiNet) -- C:\Windows\SysNative\DRIVERS\diginet.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV:64bit: - (dalwdmservice) -- C:\Windows\SysNative\drivers\dalwdm.sys (Digidesign, A Division of Avid Technology, Inc.)
DRV:64bit: - (XAudio) -- C:\Windows\SysNative\DRIVERS\xaudio64.sys (Conexant Systems, Inc.)
DRV:64bit: - (CrystalSysInfo) -- C:\Program Files\MediaCoder64\SysInfoX64.sys ()
DRV:64bit: - (Tpkd) -- C:\Windows\SysNative\drivers\Tpkd.sys (PACE Anti-Piracy, Inc.)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\DRIVERS\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\DRIVERS\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\SysNative\DRIVERS\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (motport) -- C:\Windows\SysNative\DRIVERS\motport.sys (Motorola)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (elaunidr) -- C:\Windows\SysNative\DRIVERS\elauni64.sys (Gteko Ltd.)
DRV:64bit: - (elagopro) -- C:\Windows\SysNative\DRIVERS\elagop64.sys (Gteko Ltd.)
DRV:64bit: - (mdmxsdk) -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys (Conexant)
DRV - (szkg5) -- C:\Windows\SySWOW64\DRIVERS\szkg64.sys (iS3 Inc.)
DRV - (is3srv) -- C:\Windows\SySWOW64\drivers\is3srv64.sys (iS3 Inc.)
DRV - (winusb) -- C:\WINDOWS\SysWOW64\winusb.dll (Microsoft Corporation)
DRV - (Tcpip) -- C:\WINDOWS\SysWOW64\wbem\tcpip.mof ()
DRV - (mpsdrv) -- C:\WINDOWS\SysWOW64\wbem\mpsdrv.mof ()
DRV - (mdmxsdk) -- C:\WINDOWS\SysWOW64\mdmxsdk.dll (Conexant)
DRV - (FTDIBUS) -- C:\WINDOWS\SysWOW64\FTDIBUS.CAT ()
DRV - (ASPI32) -- C:\WINDOWS\SysWOW64\drivers\ASPI32.SYS (Adaptec)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.suddenlink.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\{400F0BDB-6C49-43A4-BE1F-76D7327A604D}: C:\Program Files (x86)\Common Files\fluxDVD\Download Manager\Mozilla [2008/12/09 17:04:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 03:01:02 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG9\Firefox [2010/04/20 09:55:41 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/12/01 18:26:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/03/31 14:52:49 | 000,000,000 | ---D | M]

[2009/10/17 08:31:12 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Mozilla\Extensions
[2009/05/06 19:36:58 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2009/10/17 07:59:54 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Mozilla\Extensions\MediaCoder
[2009/10/17 08:31:12 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Mozilla\Extensions\MediaCoder-Setup-Wizard
[2008/11/27 13:43:40 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\extensions
[2008/11/27 13:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Download Manager Browser Helper Object) - {19C8E43B-07B3-49CB-BFFC-6777B593E6F8} - C:\Program Files (x86)\Common Files\fluxDVD\Download Manager\XEBDLHelper.dll (Protect Software GmbH)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (STOPzilla Browser Helper Object) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files (x86)\STOPzilla!\SZIEBHO.dll (iS3, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\SysNative\ieframe.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\SysWOW64\ieframe.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [DLCGCATS] C:\Windows\SysNative\spool\DRIVERS\x64\3\DLCGtime.DLL ()
O4:64bit: - HKLM..\Run: [dlcgmon.exe] C:\Program Files (x86)\Dell AIO 810\dlcgmon.exe (Dell)
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.DLL (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NVRaidService] C:\Windows\SysNative\nvraidservice.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files (x86)\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files (x86)\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NBKeyScan] C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)
O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [Creative Detector U] C:\Program Files (x86)\Creative\MediaSource5\CTDetctu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [CTSyncU.exe] C:\Program Files (x86)\Creative\Sync Manager Unicode\CTSyncU.exe ()
O4 - HKCU..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files (x86)\filehippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (Hewlett-Packard)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\restrictions present
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll (Google Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysNative\NLAapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysNative\napinsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\WINDOWS\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SysWOW64\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: cinemanow.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: cinemanow.com ([]https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} http://www.pcpitstop.com/internet/pcpConnCheck.cab (iCC Class)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} https://lowes.2020.net/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photo2.walgreens.com/WalgreensActivia.cab (Snapfish Activia)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {549F957E-2F89-11D6-8CFE-00C04F52B225} http://coupons.smartsource.com/download/cscmv5X.cab (CMV5 Class)
O16 - DPF: {6824D897-F7E1-4E41-B84B-B1D3FA4BF1BD} http://utilities.pcpitstop.com/Exterminate...opAntiVirus.dll (PCPitstop AntiVirus)
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} http://www.creative.com/softwareupdate/su/...101/CTSUEng.cab (Creative Software AutoUpdate)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/inst...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} http://www.pcpitstop.com/mhLbl.cab (mhLabel Class)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareup...15109/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\msvidctl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysNative\shell32.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysNative\sysdm.cpl (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\Windows\SysWow64\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\Windows\SysWow64\sysdm.cpl (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysNative\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SysWOW64\webcheck.dll (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\SysNative\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SysWOW64\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Roger\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Roger\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\TSpkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\TSpkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b28498a2-3a2a-11de-a7e5-001167bd8754}\Shell - "" = AutoRun
O33 - MountPoints2\{b28498a2-3a2a-11de-a7e5-001167bd8754}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c2d4a219-f249-11dd-aa47-001167bd8754}\Shell - "" = AutoRun
O33 - MountPoints2\{c2d4a219-f249-11dd-aa47-001167bd8754}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -- File not found
O33 - MountPoints2\{c4fdf1af-bd57-11dd-b75a-001fc68a7d0f}\Shell - "" = AutoRun
O33 - MountPoints2\{c4fdf1af-bd57-11dd-b75a-001fc68a7d0f}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37:64bit: - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2010/04/20 16:36:01 | 000,562,176 | ---- | C] (OldTimer Tools) -- C:\Users\Roger\Desktop\OTL.exe
[2010/04/20 04:07:24 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2010/04/19 19:03:27 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Roaming\HpUpdate
[2010/04/19 19:03:22 | 000,000,000 | ---D | C] -- C:\Windows\Hewlett-Packard
[2010/04/14 18:46:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SITEguard
[2010/04/14 18:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STOPzilla!
[2010/04/14 18:44:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\iS3
[2010/04/14 18:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2010/04/14 14:23:40 | 004,697,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/04/14 14:23:37 | 000,612,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010/04/14 14:23:36 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010/04/14 14:23:34 | 000,072,192 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codeca.acm
[2010/04/14 14:23:34 | 000,062,464 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codeca.acm
[2010/04/14 14:23:33 | 000,220,672 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysWow64\l3codecp.acm
[2010/04/14 14:23:33 | 000,181,760 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\SysNative\l3codecp.acm
[2010/04/14 09:38:56 | 000,000,000 | ---D | C] -- C:\HJT
[2010/04/14 07:25:43 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010/04/14 07:25:43 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010/04/14 07:25:41 | 000,104,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010/04/14 07:25:41 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010/04/12 09:10:14 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2010/04/10 21:58:49 | 000,000,000 | ---D | C] -- C:\Users\Roger\Documents\Capital Pacific Group
[2010/04/06 21:13:31 | 000,000,000 | ---D | C] -- C:\Users\Roger\AppData\Roaming\Malwarebytes
[2010/04/06 21:13:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/06 21:13:12 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/06 21:13:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/04/06 21:13:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/04/04 19:05:45 | 000,000,000 | ---D | C] -- C:\KODAK
[2010/04/01 05:40:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/04/01 05:40:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010/03/31 14:52:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar
[2010/03/31 14:50:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSN Toolbar Installer
[2010/03/31 14:49:05 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/03/31 14:49:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/03/31 14:49:05 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/03/31 02:37:43 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/03/31 02:37:43 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010/03/31 02:37:42 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010/03/31 02:37:42 | 001,062,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010/03/31 02:37:42 | 000,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/03/31 02:37:42 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010/03/31 02:37:42 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/03/31 02:37:42 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010/03/31 02:37:42 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010/03/31 02:37:42 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010/03/31 02:37:42 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/03/31 02:37:41 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010/03/31 02:37:41 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010/03/31 02:37:41 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/03/31 02:37:41 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/03/31 02:37:41 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/03/31 02:37:41 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010/03/31 02:37:41 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/03/31 02:37:41 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010/03/31 02:37:41 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/03/31 02:37:41 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010/03/31 02:37:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010/03/31 02:37:41 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010/03/31 02:37:41 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010/03/31 02:37:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010/03/31 02:37:41 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010/03/31 02:37:41 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010/03/31 02:37:41 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010/03/31 02:37:41 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010/03/31 02:37:41 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2010/03/31 02:37:41 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2010/03/31 02:37:41 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/03/31 02:37:41 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/03/27 19:19:06 | 000,000,000 | ---D | C] -- C:\Users\Roger\Documents\Dale's Stuff
[2008/11/26 07:13:44 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgserv.dll
[2008/11/26 07:13:44 | 000,991,232 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgusb1.dll
[2008/11/26 07:13:44 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcghbn3.dll
[2008/11/26 07:13:44 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgcomc.dll
[2008/11/26 07:13:44 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgpmui.dll
[2008/11/26 07:13:44 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcglmpm.dll
[2008/11/26 07:13:44 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgcomm.dll
[2008/11/26 07:13:44 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcginpa.dll
[2008/11/26 07:13:44 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgiesc.dll
[2008/11/26 07:13:44 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\DLCGhcp.dll
[2008/11/26 07:13:44 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgprox.dll
[2008/11/26 07:13:44 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\dlcgpplc.dll

========== Files - Modified Within 30 Days ==========

[2010/04/20 16:43:25 | 005,242,880 | -HS- | M] () -- C:\Users\Roger\NTUSER.DAT
[2010/04/20 16:37:28 | 000,001,232 | ---- | M] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/04/20 16:36:04 | 000,562,176 | ---- | M] (OldTimer Tools) -- C:\Users\Roger\Desktop\OTL.exe
[2010/04/20 15:55:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/04/20 15:45:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/04/20 15:45:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/04/20 14:36:15 | 000,000,434 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1993F5BA-1755-4C46-88CF-B1A6CEEC4693}.job
[2010/04/20 09:55:43 | 000,317,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2010/04/20 09:55:38 | 059,094,882 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/04/20 04:06:55 | 003,921,705 | ---- | M] () -- C:\Users\Roger\Desktop\ComFix.exe
[2010/04/20 03:51:41 | 000,694,964 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/04/20 03:51:41 | 000,598,350 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/04/20 03:51:41 | 000,101,988 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/04/20 03:48:08 | 000,000,855 | ---- | M] () -- C:\Users\Roger\Desktop\Bluetooth Information Exchanger.lnk
[2010/04/20 03:45:32 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/04/20 03:45:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/04/20 03:45:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/04/20 03:42:51 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/04/20 03:42:11 | 000,524,288 | -HS- | M] () -- C:\Users\Roger\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2010/04/20 03:42:11 | 000,065,536 | -HS- | M] () -- C:\Users\Roger\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2010/04/20 03:42:04 | 006,291,456 | -H-- | M] () -- C:\Users\Roger\AppData\Local\IconCache.db
[2010/04/19 21:11:50 | 000,000,850 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/04/19 20:00:00 | 000,000,558 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Roger.job
[2010/04/18 17:24:25 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/04/18 17:15:47 | 002,868,224 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[2010/04/18 17:15:46 | 001,571,840 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2010/04/18 02:24:00 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\Driver Fetch.job
[2010/04/17 21:08:19 | 000,001,005 | ---- | M] () -- C:\Users\Roger\Desktop\Googleearth.lnk
[2010/04/17 20:46:16 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/04/17 12:44:09 | 000,001,110 | ---- | M] () -- C:\Users\Roger\AppData\Roaming\wklnhst.dat
[2010/04/16 02:22:13 | 000,708,868 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/04/14 18:06:59 | 000,000,036 | ---- | M] () -- C:\Users\Roger\AppData\Local\housecall.guid.cache
[2010/04/14 07:58:28 | 000,293,376 | ---- | M] () -- C:\Users\Roger\Desktop\gmer.exe
[2010/04/12 09:13:04 | 000,000,172 | ---- | M] () -- C:\Users\Roger\AppData\Roaming\default.rss
[2010/04/12 09:07:14 | 000,000,116 | ---- | M] () -- C:\Users\Roger\AppData\Roaming\default.pls
[2010/04/11 16:18:01 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job
[2010/03/30 18:01:11 | 000,153,088 | ---- | M] () -- C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/30 00:46:30 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/03/30 00:45:56 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/03/24 21:18:17 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/03/23 05:49:11 | 000,233,120 | -H-- | M] () -- C:\Windows\SysWow64\mlfcache.dat
[2010/03/23 00:32:04 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForRoger.job

========== Files Created - No Company Name ==========

[2010/04/20 04:06:54 | 003,921,705 | ---- | C] () -- C:\Users\Roger\Desktop\ComFix.exe
[2010/04/20 03:49:23 | 000,001,232 | ---- | C] () -- C:\Windows\SysNative\drivers\kgpcpy.cfg
[2010/04/17 21:08:19 | 000,001,005 | ---- | C] () -- C:\Users\Roger\Desktop\Googleearth.lnk
[2010/04/17 20:46:16 | 000,002,027 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2010/04/14 18:06:59 | 000,000,036 | ---- | C] () -- C:\Users\Roger\AppData\Local\housecall.guid.cache
[2010/04/06 21:13:16 | 000,000,850 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/02/21 20:40:14 | 000,000,080 | ---- | C] () -- C:\Windows\BsMobileModel.ini
[2010/01/28 02:09:54 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009/11/10 12:52:24 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/11/10 12:51:15 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/11/06 09:43:04 | 000,000,024 | ---- | C] () -- C:\ProgramData\CinemaNowSvc.ini
[2009/09/26 09:32:40 | 000,000,172 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\default.rss
[2009/09/26 09:32:39 | 000,000,000 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\downloads.m3u
[2009/07/29 18:08:02 | 000,221,402 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_ATL90SP1_KB973924MSI1CB4.txt
[2009/07/29 18:08:01 | 000,064,856 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_ATL90SP1_KB973924UI1CB4.txt
[2009/07/29 17:59:17 | 000,524,090 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_ATL80SP1_KB973923MSI15FE.txt
[2009/07/29 17:59:15 | 000,064,840 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_ATL80SP1_KB973923UI15FE.txt
[2009/07/29 17:58:50 | 000,521,588 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_ATL80SP1_KB973923MSI15A0.txt
[2009/07/29 17:58:46 | 000,064,792 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_ATL80SP1_KB973923UI15A0.txt
[2009/06/22 20:19:47 | 000,060,636 | ---- | C] () -- C:\Users\Roger\Disturbed Indestructible.lsl
[2009/06/04 13:34:42 | 000,708,868 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/05/30 01:37:40 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009/05/30 01:31:52 | 000,881,664 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009/04/30 05:18:53 | 000,000,000 | ---- | C] () -- C:\Windows\hpqEmlSz.INI
[2009/04/11 19:30:20 | 008,673,792 | ---- | C] () -- C:\ProgramData\atscie.msi
[2009/03/21 14:33:26 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/02/16 18:52:53 | 000,000,022 | ---- | C] () -- C:\Users\Roger\AppData\Local\kodakpcd.ini
[2009/01/30 19:09:52 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2009/01/29 22:24:28 | 000,333,426 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_vcredistMSI22E9.txt
[2009/01/29 22:24:28 | 000,011,906 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_vcredistUI22E9.txt
[2009/01/22 12:53:34 | 000,335,706 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_vcredistMSI4B05.txt
[2009/01/22 12:53:33 | 000,012,002 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_vcredistUI4B05.txt
[2009/01/16 16:05:23 | 000,425,800 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_vcredistMSI0908.txt
[2009/01/16 16:05:22 | 000,012,226 | ---- | C] () -- C:\Users\Roger\AppData\Local\dd_vcredistUI0908.txt
[2009/01/11 02:10:09 | 000,165,277 | ---- | C] () -- C:\Users\Roger\Ragweed Label.lsl
[2008/11/26 07:41:37 | 000,000,103 | ---- | C] () -- C:\Windows\dellstat.ini
[2008/11/26 07:13:45 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\DLCGinst.dll
[2008/11/26 07:13:44 | 000,434,176 | ---- | C] () -- C:\Windows\SysWow64\dlcgutil.dll
[2008/11/26 07:13:44 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\dlcginsb.dll
[2008/11/26 07:13:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\dlcgins.dll
[2008/11/26 07:13:44 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\dlcgjswr.dll
[2008/11/26 07:13:44 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dlcginsr.dll
[2008/11/26 07:13:44 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\dlcgcub.dll
[2008/11/26 07:13:44 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\dlcgcu.dll
[2008/11/26 07:13:44 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\DLCGcfg.dll
[2008/11/26 07:13:44 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dlcgcur.dll
[2008/11/24 10:14:22 | 000,004,831 | ---- | C] () -- C:\Windows\Irremote.ini
[2008/11/23 06:35:12 | 000,008,412 | ---- | C] () -- C:\Users\Roger\AppData\Local\d3d9caps64.dat
[2008/11/20 19:07:53 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/11/19 19:37:45 | 000,010,647 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/11/19 19:09:19 | 000,153,088 | ---- | C] () -- C:\Users\Roger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/19 16:06:19 | 000,000,020 | -HS- | C] () -- C:\Users\Roger\ntuser.ini
[2008/11/19 16:06:18 | 005,242,880 | -HS- | C] () -- C:\Users\Roger\NTUSER.DAT
[2008/11/19 16:06:18 | 000,524,288 | -HS- | C] () -- C:\Users\Roger\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000002.regtrans-ms
[2008/11/19 16:06:18 | 000,524,288 | -HS- | C] () -- C:\Users\Roger\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TMContainer00000000000000000001.regtrans-ms
[2008/11/19 16:06:18 | 000,262,144 | -H-- | C] () -- C:\Users\Roger\ntuser.dat.LOG1
[2008/11/19 16:06:18 | 000,065,536 | -HS- | C] () -- C:\Users\Roger\NTUSER.DAT{c328fef1-6a85-11db-9fbd-cf3689cba3de}.TM.blf
[2008/11/19 16:06:18 | 000,000,000 | -H-- | C] () -- C:\Users\Roger\ntuser.dat.LOG2
[2008/09/27 16:55:09 | 000,001,110 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\wklnhst.dat
[2008/09/18 09:17:08 | 000,000,680 | ---- | C] () -- C:\Users\Roger\AppData\Local\d3d9caps.dat
[2008/09/12 15:21:02 | 000,000,547 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll.manifest
[2008/09/11 21:45:44 | 000,000,116 | ---- | C] () -- C:\Users\Roger\AppData\Roaming\default.pls
[2008/09/11 18:40:21 | 000,001,024 | ---- | C] () -- C:\Users\Roger\.rnd
[2008/05/12 20:21:23 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/05/12 20:21:23 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/09/04 11:56:10 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2007/02/05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2004/01/30 10:37:50 | 000,000,092 | R--- | C] () -- C:\Windows\SysWow64\FTDIUN2K.INI
[2004/01/30 10:37:50 | 000,000,091 | R--- | C] () -- C:\Windows\SysWow64\FTDIUNIN.INI
[2003/01/07 16:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2002/03/01 15:43:34 | 000,028,008 | ---- | C] () -- C:\Windows\SysWow64\SUSUSB.SYS
[2001/12/03 17:50:58 | 000,147,456 | R--- | C] () -- C:\Windows\SysWow64\LTTLS13N.DLL
[2001/12/03 17:50:20 | 000,708,608 | R--- | C] () -- C:\Windows\SysWow64\LTCRY13N.DLL
[2000/07/07 07:49:30 | 000,069,120 | R--- | C] () -- C:\Windows\SysWow64\LTDLL.DLL
[2000/04/12 17:28:12 | 000,118,784 | R--- | C] () -- C:\Windows\SysWow64\LFKODAK.DLL
[2000/04/12 17:24:10 | 000,338,944 | R--- | C] () -- C:\Windows\SysWow64\LFFPX7.DLL
[2000/01/08 00:34:10 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\pagesync.dll

========== LOP Check ==========

[2010/02/09 05:42:16 | 000,000,000 | -HSD | M] -- C:\Users\Roger\AppData\Roaming\.#
[2010/01/01 07:10:54 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\AnvSoft
[2010/03/16 21:00:37 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Any DVD Converter Professional
[2009/10/28 22:11:56 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Any Video Converter
[2010/02/10 23:14:48 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\AVG9
[2010/03/29 16:13:22 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Azureus
[2009/10/17 07:59:44 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Broad Intelligence
[2009/06/02 17:18:31 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Canneverbe_Limited
[2008/09/15 21:44:29 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\COWON
[2009/02/15 11:38:58 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Digidesign
[2010/04/12 15:07:48 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\FrostWire
[2008/09/10 17:22:54 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Laplink
[2008/09/16 16:13:17 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\muvee Technologies
[2008/09/10 19:11:33 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\OLYMPUS
[2009/01/30 19:29:40 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\PACE Anti-Piracy
[2010/03/06 05:19:46 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\PC Suite
[2009/02/16 18:39:59 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Skinux
[2008/09/29 22:31:13 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Snappy Fax
[2008/09/26 15:18:16 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Snappy Fax Archives
[2009/01/29 22:31:33 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Sony
[2009/10/11 21:22:08 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\SoundSpectrum
[2008/09/27 16:57:06 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\Template
[2009/05/06 19:36:52 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\TomTom
[2010/03/24 21:18:38 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\TuneUpMedia
[2010/03/21 10:09:43 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\VistaCodecs
[2008/09/11 08:30:59 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\WinBatch
[2008/12/11 22:08:00 | 000,000,000 | ---D | M] -- C:\Users\Roger\AppData\Roaming\WinPatrol
[2010/04/18 02:24:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Fetch.job
[2010/04/11 16:18:01 | 000,000,400 | ---- | M] () -- C:\WINDOWS\Tasks\EasyShare Registration Task.job
[2010/04/20 03:42:57 | 000,032,596 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2010/04/20 14:36:15 | 000,000,434 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{1993F5BA-1755-4C46-88CF-B1A6CEEC4693}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:FB1B13D8
@Alternate Data Stream - 1174 bytes -> C:\ProgramData\Microsoft:EF6ZAZpbJBjNjoWrqZXEtHwO9AW2
@Alternate Data Stream - 1139 bytes -> C:\ProgramData\Microsoft:9iJKwCrGEiEHxjzWORQK8
@Alternate Data Stream - 1082 bytes -> C:\ProgramData\Microsoft:Eo1yOaNqhKY65tsgFAotKbHHrU
< End of report >


Extras text.
OTL Extras logfile created on: 4/20/2010 4:39:10 PM - Run 1
OTL by OldTimer - Version 3.2.1.3 Folder = C:\Users\Roger\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18904)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 44.00% Memory free
10.00 Gb Paging File | 6.00 Gb Available in Paging File | 67.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 687.22 Gb Total Space | 188.07 Gb Free Space | 27.37% Space Free | Partition Type: NTFS
Drive D: | 11.41 Gb Total Space | 1.52 Gb Free Space | 13.36% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive J: | 931.50 Gb Total Space | 505.89 Gb Free Space | 54.31% Space Free | Partition Type: NTFS

Computer Name: ROGER-PC
Current User Name: Roger
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.exe [@ = exefile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 0C 94 99 D8 18 64 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C99CA91-61AF-4A52-8FC2-E4A0ACE88E40}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1092DBB0-4A91-4107-B282-FD5D476104C8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2344F572-595E-4324-A498-9C5D9A5B898D}" = rport=445 | protocol=6 | dir=out | app=system |
"{53DE314B-180D-41EC-B4FF-D36257A605CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7020CE6C-4321-41E9-837D-3217D506B2E2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70D66277-A25D-4D99-8157-4E1691A7EB5D}" = lport=445 | protocol=6 | dir=in | app=system |
"{712BC8A1-5DE2-40CE-B8BD-1753C1773B96}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{730888FF-7D6B-45FE-86FD-A18B469EFAFA}" = rport=139 | protocol=6 | dir=out | app=system |
"{742A17D7-80A6-4FEC-A44F-D5E28B63FD4F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7DCD010C-00DC-4B46-A3BA-C840E002F667}" = lport=10243 | protocol=6 | dir=in | app=system |
"{8027EA2B-37C4-4644-84CA-44C0EFDB2BA9}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B5BBA88-C48C-4DDE-9AE6-707F9B7ED4A2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD034954-3016-464C-B59C-9611C88CA3F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{AF7FCA42-3F44-412B-8FD0-0E902E38601B}" = lport=138 | protocol=17 | dir=in | app=system |
"{BC768EE3-C741-46A3-A397-EC7D3F552BF7}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{BC91AB30-FBDA-4D96-92AF-3C8339346638}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C0AEE90F-2EB3-4AF7-9084-29DCA96C0D86}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C60BB2B2-1656-41C9-BF96-82ECB4671F9D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{CB3E93A3-0FB2-42F1-9715-6E8CC25EB2BF}" = lport=139 | protocol=6 | dir=in | app=system |
"{D943AC08-A021-4437-BD4A-3D8A77A440D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{E4C8D6A4-5368-470D-8595-208AD436ECDB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6A86DFB-A461-42DA-8C0D-23D40B807043}" = rport=138 | protocol=17 | dir=out | app=system |
"{F81C6E1E-A620-4174-8230-1E0F8FEB013B}" = rport=137 | protocol=17 | dir=out | app=system |
"{FB322EA9-9C3C-478F-A70C-2E56A2D3C68E}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02939448-22C9-400A-A485-3D720D31A87C}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{07ABCBE6-006D-449A-91E9-57D50A72447A}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{09151343-3360-4293-8DED-86AC27F1B5BD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{0A0B6103-2C59-4D9E-B9B7-5A7871008131}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yserver.exe |
"{0C339838-68AB-4BFD-A905-0BE28155A4EA}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil.exe |
"{15BBCB64-F642-4D63-B6C5-381B32F38106}" = protocol=6 | dir=in | app=c:\windows\syswow64\dlcgcoms.exe |
"{1642890F-731E-47FD-BF9E-F8E7BA1D3144}" = protocol=6 | dir=out | app=system |
"{201416B1-98DE-490A-9376-3CB173A8447F}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{22A32B67-2A9B-4479-A1AA-6FF6DC843C58}" = protocol=6 | dir=in | app=c:\program files (x86)\dell aio 810\dlcgaiox.exe |
"{23505B47-3DE2-4101-B85F-3B91E3E215AE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{24B0FD5C-C579-434D-8FC5-EBA636542FA1}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe |
"{28C45E3A-9829-4AD8-974F-45CF9803195F}" = protocol=6 | dir=in | app=c:\program files (x86)\susteen\datapilot pix 'n tunes\dpringtone.exe |
"{29D14D5E-A356-4950-9BEB-DB7E3801286D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{2AE96173-EDB3-4D2C-AFF3-AFB2E909432B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{32D8A28B-8539-49AF-A38F-A378A34954AC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{37E3FCEB-06ED-490A-A4A7-4BC9F2EFF8C9}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe |
"{398A471E-9757-4C02-A275-ABF8780B5B94}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3E49E2DF-4446-4F09-BDF6-E35C405EDBC6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{3F100BB1-FC76-4027-8957-9A31B822FAB1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{40B81B23-8634-436A-8257-8CA8CC27D917}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4137DF5B-E9C9-4DC7-B644-FE67E6EC3633}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{4192309B-2D0C-4A6E-A41D-DDE607A434D4}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cnupdater.exe |
"{424694B8-8DA8-4417-80B8-5525CF13E1EE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{42BAC991-D08E-4AB7-A27E-ABE6E275CCDA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{463D73A5-2AC7-460D-83AF-C333B68AADB4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C177380-1F96-4A55-8275-B33253F20892}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{517864A3-59B8-4F3E-B55B-A31520C84E2D}" = protocol=6 | dir=in | app=c:\windows\system32\dlcgcoms.exe |
"{52F65A84-3B88-4F75-B292-A116517D7067}" = protocol=17 | dir=in | app=c:\program files (x86)\dell aio 810\dlcgaiox.exe |
"{577DFCEF-9EA8-4B23-9E15-D421DF389E7B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5A9FB9D9-DB4D-4AD1-8872-2DDE1942C3C7}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{5F3C5583-F3B4-4E8D-9D28-8F7D870DE7C7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{60DA40B3-D760-4CE0-B101-86A18D37E71A}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil.exe |
"{6288AAFA-0280-437C-96D4-1B17169933AC}" = protocol=17 | dir=in | app=c:\program files (x86)\susteen\datapilot pix 'n tunes\dpscreen.exe |
"{6407081E-F501-43E2-BC23-4729EE4E0245}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{65C575BC-A8B4-4397-8D5F-2F1241B96BD4}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{65F25E40-D4B3-4E5B-8EE6-FC856E49C994}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{66CEDB58-B658-4366-95AC-B2B0F04B2FFF}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{6749AC65-FA71-499F-9399-ACE710B9F806}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{6909737B-1962-40CD-873A-37BB4024192B}" = dir=in | app=c:\program files (x86)\avg\avg9\avgnsa.exe |
"{6EB39D37-A2E4-4DFD-B733-A8EAFC119FA0}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbstreamerclient.exe |
"{7001569D-E3A3-40EE-9AF6-A423D983F95A}" = protocol=6 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil.exe |
"{730425BE-7E5F-465B-9984-9CA07F23CB5D}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{7682AAAF-EB91-4BB9-8885-70414738905E}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleil.exe |
"{7F5A20E6-AC74-4D17-86DD-7C795D0B89BD}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cnupdater.exe |
"{80CA0101-0E45-4E80-86B9-768DACA37483}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{81096ED4-8903-46F1-9C5C-478BD5F1F01F}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe |
"{81AF3999-4B0C-494C-A57D-C7E4FDA04CCB}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{81EBBD77-B574-4B8C-8DA8-4743B2DB26BF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{82E81D9A-C7E8-45E0-8052-467E8A1D49E8}" = protocol=6 | dir=in | app=c:\program files (x86)\dell aio 810\dlcgmon.exe |
"{83859577-4C27-4EA7-B397-632FDFE3BFA1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{83A11F1C-FCD3-4525-A10F-0FE61982E38C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8837F283-DB98-49CD-B24B-76740FF87AF9}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8C87EDAA-3043-4689-8770-F4D5B3091051}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\pure networks shared\platform\nmsrvc.exe |
"{8F97328C-78E1-4A9C-A0F5-469ACC03DD07}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{904800CC-5537-4BC2-A731-444974899368}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{99633549-070C-4798-ADEB-92613761CE7B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99BF1F85-2188-4142-B2AA-16BE8EB3EA1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9DCD383F-129F-4173-A827-0C8DB4F2C482}" = protocol=17 | dir=in | app=c:\program files (x86)\dell aio 810\dlcgmon.exe |
"{9EB27894-280B-4472-814C-0669DC4B861D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{A4F0F74E-4862-4B82-BDA6-EA2D4E42D71F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A4F52FF5-C714-443B-AB08-8D2FE2ED2230}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A824CACC-8135-435F-A65E-3092021E33CA}" = protocol=6 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe |
"{A91DD027-A74A-4AAF-8A84-444F4246144E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ACE5C5B3-1ED8-48F9-B3DF-1B8D13733AB1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{ADC97F1E-C683-48F4-8EFB-3857E92B6C8D}" = protocol=17 | dir=in | app=c:\windows\syswow64\dlcgcoms.exe |
"{B06D6458-6342-4AE4-AF03-122B929F9477}" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{B13C70DD-BEF5-498A-9A4B-A892C0737F7F}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yserver.exe |
"{B1BE9A5A-3F90-4F84-85A2-DCDB66030A7F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B560C5C3-6C23-46BE-9D58-90788404E7AE}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{B6C83FE7-5278-4214-AB0F-A79E64B92404}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlcgpswx.exe |
"{B6DBA519-1F4A-461B-9AC2-6C943A1D20C8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{B7FC07F5-4A98-4737-A0F9-21DA724C057D}" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero mediahome 4\nmmediaserverservice.exe |
"{BA9F5D93-256E-4796-AA63-AEFAE595F878}" = protocol=6 | dir=in | app=c:\program files (x86)\sony\media manager for psp\mediamanager.exe |
"{BB028CD0-810E-4EB7-A183-C53367121FA4}" = protocol=17 | dir=in | app=c:\program files (x86)\sony\media manager for psp\mediamanager.exe |
"{C26BCD1A-6ABD-444F-8DDB-1AEC49954948}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{C47C5E98-C6A8-4994-BC85-1AE3F595B2C2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{C61C66C2-DB4E-4B57-8ABE-36D2E0C5CFE3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C6C0AC06-6A93-40EF-8385-5C80BFC84E0D}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{CD146DBA-6EBF-4525-A74C-D6D99DD0DF7A}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{D1090FA0-84E5-44FE-B1A4-8ADFCCE6A587}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{D13D7D59-ECE8-4892-A295-06F6A134B1B5}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{D18361E2-7577-4DD6-9F7F-B992CD3119B3}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orb.exe |
"{DB252970-D3BD-4F58-AC93-2AEC3AA324AA}" = protocol=17 | dir=in | app=c:\windows\system32\dlcgcoms.exe |
"{DB3425C7-8013-4CEB-B12B-7E3AFFFEF663}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DB72D373-50FF-4263-88D2-E7B07CA96880}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\dlcgpswx.exe |
"{DDAB5745-4ACB-4A28-8080-325D72530AE4}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DFA38356-F7F5-4BE5-A84B-A35A94B113DE}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbir.exe |
"{E284B094-EB8A-472B-8D87-FA2E55FA0D85}" = protocol=17 | dir=in | app=c:\program files (x86)\susteen\datapilot pix 'n tunes\dpringtone.exe |
"{E6982E6F-32C2-44D5-9FB3-262AAACBCABB}" = protocol=17 | dir=in | app=c:\program files (x86)\winamp remote\bin\orbtray.exe |
"{EA778CE2-DFFE-4B3C-83C3-95F619AE129D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB27ED53-FF5D-4916-82B5-465DBF31C083}" = dir=in | app=c:\program files (x86)\avg\avg9\avgupd.exe |
"{F47BC523-ABE6-4728-A809-47A34BBED60C}" = protocol=6 | dir=in | app=c:\program files (x86)\susteen\datapilot pix 'n tunes\dpscreen.exe |
"{F5A9B8B8-7B00-437E-AA60-C4E4D0D38CF5}" = protocol=17 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{F5F3423A-B2F4-4B5E-884F-1515AB163AA6}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{F9BB9B53-C7AF-4C49-B839-FA56560A1AAF}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{FBA905F6-EBAA-46BC-BE5F-80D42F44A7BC}" = protocol=6 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{FDE606DC-55B1-4EF0-874D-4917A9259906}" = protocol=17 | dir=in | app=c:\program files (x86)\ivt corporation\bluesoleil\bluesoleilcs.exe |
"{FEE6B5C2-D4AF-4062-96CA-43DA1BBDE254}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"TCP Query User{7E7CC241-5CA5-46FF-BC22-C5C6117CC34F}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{88639126-50FF-4D80-8125-6D12D22FD896}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"TCP Query User{90CD8E65-24C7-462C-B851-4FB27E6236C0}C:\windows\system32\javaw.exe" = protocol=6 | dir=in | app=c:\windows\system32\javaw.exe |
"TCP Query User{9CDDDF0C-7935-4AF6-9562-FE48DF1CFB08}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{BACD86DB-2230-4EB7-9426-D73C0EBEEF91}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe |
"TCP Query User{CD3DC010-BB9E-48C5-AFC8-AF4B6B75E338}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soundspectrum\g-force\g-force standalone.exe |
"TCP Query User{E2D0D56E-48D9-463F-A7F1-22128740E984}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{FD16F32F-2AD7-4CEB-B505-E9A2C5B5B9E1}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe" = protocol=6 | dir=in | app=c:\program files (x86)\soundspectrum\g-force\g-force standalone.exe |
"UDP Query User{04196E91-AD94-4490-97BD-D7E9DEE3FA41}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{10A10CBD-F7A0-40A9-9E15-A7D0DF093B30}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{24EDCC76-240A-4685-8F73-2575D975CCE5}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soundspectrum\g-force\g-force standalone.exe |
"UDP Query User{3417F75A-6C1C-421C-85C1-A49514D35904}C:\program files (x86)\nero\nero 9\nero showtime\showtime.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nero\nero 9\nero showtime\showtime.exe |
"UDP Query User{38F340AE-F97F-443A-BA07-0ABDF2D3DDB9}C:\program files (x86)\soundspectrum\g-force\g-force standalone.exe" = protocol=17 | dir=in | app=c:\program files (x86)\soundspectrum\g-force\g-force standalone.exe |
"UDP Query User{B2E3BD43-DAEE-42C1-A0C4-02D7B1CBE71D}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |
"UDP Query User{C6EFE4FD-61FF-4282-87B6-C2307A6AF66F}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{EACD331E-3737-4058-9FF3-50AD69406556}C:\windows\system32\javaw.exe" = protocol=17 | dir=in | app=c:\windows\system32\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D0CA3FB-CD50-4F22-85EE-7A9451C9A792}" = iTunes
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
"{26A24AE4-039D-4CA4-87B4-2F86416016FF}" = Java™ 6 Update 16 (64-bit)
"{64A3A4F4-B792-11D6-A78A-00B0D0160160}" = Java™ SE Development Kit 6 Update 16 (64-bit)
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Windows Live ID Sign-in Assistant
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{C9A7340B-1EFD-42A6-9A27-243C50E57FA4}_is1" = HP Demo
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP
"Dell AIO 810" = Dell AIO 810
"Dell Fax Solutions" = Fax Solutions
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = MSN Toolbar
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1639F068-6EC5-41B9-8B1E-BC1B75994EC2}" = LightScribe Diagnostic Utility
"{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer
"{18143CE1-430E-4FF3-A44F-811FD2910929}" = LightScribe Template Designs - Mythology Pack 1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1CA7ACD6-B21B-4240-AA05-4FC55F6E1033}" = Nero 8
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21C6344A-918B-4D35-ADB6-7614F97B78EA}" = Sony Media Manager for PSP 3.0
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{248e4799-db04-4b1a-902c-194669f995ce}" = Nero Move it
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 19
"{272F534A-29A8-40D4-8E0C-2A9A596F808D}" = LightScribe Template Designs - Tribal Pack 1
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2CDB2DCD-1153-4ED4-9D0A-606231CEFE9A}" = LightScribe Template Designs - Art Pack 1
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{33b2d048-b509-407d-8a45-7a2e1ea678d0}" = Nero 9
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{3580211E-3BB7-42C0-ADC3-9A8C1EFFF2CB}" = ArcSoft Media Card Companion
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D5044A5-97B8-45C0-B956-BB2376569188}" = Windows Live Movie Maker
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{409A13BD-5F3E-442B-BA7B-A1E32B2D8927}" = Digidesign Pro Tools LE 7.4
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4189c58f-a291-4751-98e9-1af1a03424fd}" = Nero Move it
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B445837-4FD0-468D-9CAA-7AA605EA612B}" = OLYMPUS Master 2
"{4ECA4128-8B48-44A0-90E8-B93C6A69CE4B}" = LightScribe Template Designs - Music Pack 1
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{535A4F3D-06C3-446C-A2AA-DBB71EC192B8}" = LightScribe Applications
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{570d0cb6-98e7-4911-915d-9bfebc7a7f46}" = Nero MediaHome 4
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69fc3b9a-4149-43db-a557-6ed0c8d8ba44}" = Nero MediaHome 4 Help
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{708A6AC6-03EC-11D5-AA9A-00C0DF245F7E}" = FloorPlan 3D v7
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{79D16FEF-F66A-4DF3-AE01-DF0AE3E3BA45}" = LightScribe Template Designs - Hobby Pack 1
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{82D48AB1-8E7F-4AA5-A5FA-47FA58A48110}" = Digidesign Free Bomb Factory Plug-Ins 7.4
"{83258E90-1F76-4E13-9F60-A0F8ED41E76F}" = PC Connectivity Solution
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{87B481FA-1E4A-40B0-80C3-157E9770F436}" = DataPilot Pix 'n Tunes
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{93F599DF-519B-4706-A3F1-9530DF2590B4}" = ArcSoft PhotoImpression 5
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-0122-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{9862E0CB-4727-4FFC-963A-E22A9E9EC10C}" = Creative ZEN V Series (R2)
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{99ef387e-633e-4cfb-bfa3-ab961b685ddf}" = Nero MediaHome 4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A9EB5FC-1155-497B-9AF9-D1AB20382B10}" = STOPzilla
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9E82B934-9A25-445B-B8DF-8012808074AC}" = Nero PhotoSnap
"{9e9fdde6-2c26-492a-85a0-05646b3f2795}" = NeroLiveGadget
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A1960A82-DB70-474D-A86B-FA74466103C6}" = Drivers Install For Linksys Easylink Advisor
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A65F7CF8-6F76-40CE-B44D-D5A89D9881C7}" = MSN Toolbar Platform
"{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.4
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B4E96960-5F6B-48B9-A5BD-6A5A9BB4F027}" = Avery Wizard 3.1
"{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}" = PlayStation®Network Downloader
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BDC11767-3C7A-4614-BB88-4338FEF072AF}" = Nero Product Patcher 1.0
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C1211C8F-B456-486A-8845-62EBEFA817C2}" = GLUCOFACTS® Deluxe
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C34FAEF3-4241-4C4E-9CFF-7BBD8BCEABE7}" = WebEx Support Manager for Internet Explorer
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}" = Nokia Connectivity Cable Driver
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CC8E94A2-55C7-4460-953C-2A790180578C}" = LightScribe System Software
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D1C70CF7-F2F3-4A15-ADE5-5DF1BA0739E1}" = LightScribe Template Designs - Bonus Pack 1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{D9DCF92E-72EB-412D-AC71-3B01276E5F8B}" = Nero ShowTime
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DE72186D-A4A5-4504-839C-B14FC3432DA1}" = LightScribe Template Designs - Fantasy Pack 1
"{defa5390-8533-47b5-81f7-3816916bdc6f}" = Nero Move it Help
"{df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}" = Nero Live
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E35A1183-F6D8-4DCA-A111-296AFFA00A5C}" = LightScribe Template Designs - Tattoo Pack 1
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E5BD1F9C-8BBA-410E-837D-94D523269F8F}" = ArcSoft MediaConverter
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{F3A482EC-55E0-48FA-A408-F40FDF265181}" = LightScribe Template Designs - Nature Pack 1
"{f4041dce-3fe1-4e18-8a9e-9de65231ee36}" = Nero ControlCenter
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F8A3C1B6-D2E0-4CE1-80A2-555D6F71C639}" = Microsoft Search Enhancement Pack
"{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}" = Vista Codec Package
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FCBE0690-CBE1-4C60-87B0-4A70A6F5434E}" = LightScribe Template Labeler
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}" = muvee autoProducer 6.1
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"8461-7759-5462-8226" = Vuze
"Active@ ISO Burner v 1.1" = Active@ ISO Burner v 1.1
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Any DVD Converter Professional_is1" = Any DVD Converter Professional 3.7.8
"Any Video Converter_is1" = Any Video Converter 3.0.3
"Ask Toolbar_is1" = Ask Toolbar
"AT&&T Yahoo! Messenger" = AT&T Yahoo! Messenger
"AVG9Uninstall" = AVG Free 9.0
"Belarc Advisor" = Belarc Advisor 7.2
"CCleaner" = CCleaner
"Coupon Printer for Windows4.0" = Coupon Printer for Windows
"Creative Audio Pack" = Creative Audio Pack
"Creative Removable Disk Manager" = Creative Removable Disk Manager
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Flick_is1" = DVD Flick 1.3.0.6
"DVD Shrink_is1" = DVD Shrink 3.2
"EasyLinkAdvisor" = Linksys EasyLink Advisor 1.6 (0044)
"filehippo.com" = FileHippo.com Update Checker
"FrostWire" = FrostWire 4.18.5
"G-Force" = G-Force
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"InstallShield_{87B481FA-1E4A-40B0-80C3-157E9770F436}" = DataPilot Pix 'n Tunes
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MediaCoder" = MediaCoder 0.6.1
"MediaCoder Audio Edition" = MediaCoder Audio Edition 0.6.1
"MediaCoder x64" = MediaCoder x64 0.7.3.4606
"MVApplication1" = Memorex exPressit Label Design Studio
"Orb" = Winamp Remote
"PC Pitstop Exterminate2_is1" = PC Pitstop Exterminate2 2.0
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Photo Viewer S3.0_is1" = Photo Viewer S3.0
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"Secunia PSI" = Secunia PSI
"SequoiaView" = SequoiaView
"ShrinkTo5Basic" = ShrinkTo5Basic
"sp44626" = sp44626
"Sweet Home 3D_is1" = Sweet Home 3D version 1.5.1
"SysInfo" = Creative System Information
"TomTom HOME" = TomTom HOME 2.6.2.1586
"TuneUpMedia" = TuneUp Companion 1.5.11
"VLC media player" = VLC media player 1.0.5
"WildTangent hp Master Uninstall" = My HP Games
"Winamp" = Winamp
"Winamp Toolbar" = Winamp Toolbar
"Winamp Toolbar for Firefox" = Winamp Toolbar for Firefox
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.2
"WinPatrol" = WinPatrol 2009
"WinterWonders" = Winter Wonders
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = AT&T Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"Zen V Series Media Explorer" = ZEN V Series Media Explorer
"ZENcast Organizer" = ZENcast Organizer

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Glucofacts Deluxe Updater 2.0" = Glucofacts Deluxe Updater 2.0
"Winamp Detect" = Winamp Application Detect
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/20/2010 4:52:06 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero
9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest".Error in manifest or policy file
"" on line . A component version required by the application conflicts with another
component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 4/20/2010 4:52:23 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 4/20/2010 4:52:23 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnapViewer.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 4/20/2010 4:52:23 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 4/20/2010 4:52:23 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
PhotoSnap\PhotoSnap.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.
Component
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.

Error - 4/20/2010 4:52:27 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 4/20/2010 4:52:27 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842830
Description = Activation context generation failed for "C:\Program Files (x86)\Nero\Nero8\Nero
Toolkit\DiscSpeed.exe".Error in manifest or policy file "" on line . A component
version required by the application conflicts with another component version already
active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_1509f8bef40ee4da.manifest.
Component
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0.manifest.

Error - 4/20/2010 4:52:38 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 4/20/2010 4:52:39 AM | Computer Name = Roger-PC | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Windows
Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program
Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity
found in manifest does not match the identity of the component requested. Reference
is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition
is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use
sxstrace.exe for detailed diagnosis.

Error - 4/20/2010 5:27:24 PM | Computer Name = Roger-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18904, time stamp
0x4b835fec, faulting module YTBM.dll, version 2007.10.17.1, time stamp 0x47161c50,
exception code 0x40000015, fault offset 0x0003742f, process id 0x1bcc, application
start time 0x01cae0688b0e4c28.

[ Media Center Events ]
Error - 2/15/2009 4:30:38 PM | Computer Name = Roger-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/15/2009 4:33:31 PM | Computer Name = Roger-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 4/14/2010 8:06:44 PM | Computer Name = Roger-PC | Source = DCOM | ID = 10005
Description =

Error - 4/15/2010 9:00:58 PM | Computer Name = Roger-PC | Source = DCOM | ID = 10005
Description =

Error - 4/15/2010 9:00:59 PM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 4/15/2010 9:00:59 PM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/20/2010 4:44:16 AM | Computer Name = Roger-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.

Error - 4/20/2010 4:45:54 AM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 4/20/2010 4:46:52 AM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 4/20/2010 4:47:21 AM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 4/20/2010 4:50:42 AM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 4/20/2010 4:52:36 AM | Computer Name = Roger-PC | Source = Service Control Manager | ID = 7022
Description =


< End of report >


#10 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:30 AM

Posted 20 April 2010 - 07:41 PM

The error log shows problems with Nero 8 and two Windows components.

Please uninstall the PhotoSnap component from Nero 8.

Let me know if that solves the problem.
Posted Image
m0le is a proud member of UNITE

#11 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 21 April 2010 - 07:31 AM

I unistalled photosnap. I can't tell yet if that has taken care of the problem. Do I still need stopzilla or can I delete it now? Stopzilla is still showing adware in it's scan. What were the 2 windows components and what were their problems?

Thank you for your help

#12 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:30 AM

Posted 21 April 2010 - 04:11 PM

While you're testing the PC can you post the StopZilla log showing the malware it has found.

Thanks thumbup2.gif
Posted Image
m0le is a proud member of UNITE

#13 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 21 April 2010 - 09:43 PM

I can not copy the results of ths scan. It states it is a read only file. I could not find where it is saved. I wrote down what it found but of course it is not all the info.

Ron Tool Innbanner - Spyware - 36 instances
Proven AdHelper - adware 3
System Policies - Hijacker - 2
14jde10 - Adware - 4
Cognac - Adware - 2
Spyguard - Adware - 1

I am still curious about the 2 windows components.

#14 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:07:30 AM

Posted 22 April 2010 - 06:24 PM

QUOTE(dumafach @ Apr 22 2010, 03:43 AM) View Post
I am still curious about the 2 windows components.


It's a Nero issue


Is that StopZilla log from after the fixes we have been doing?
Posted Image
m0le is a proud member of UNITE

#15 dumafach

dumafach
  • Topic Starter

  • Members
  • 205 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Oklahoma
  • Local time:01:30 AM

Posted 22 April 2010 - 10:29 PM

Hi

Since I have Nero 9 on here now I have been trying to figure out a way of putting Nero 8 back on my other computer. When I find out how to do that I will take that off of here.

I ran a new scan with stopzilla and it came up with 21 infections. They were still pretty much the same except for a couple of new ones.

GASF Trojan 1
AntiVirusBest Rogue 1

I just read on old post from bleeping computer on 12/09 about a guy that had the same problem and he was told until he uninstalls combo fix stopzilla will show those files. I was just reading while I waited for the scan.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users