Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Yet Another Search Redirect Virus


  • This topic is locked This topic is locked
5 replies to this topic

#1 mellohero

mellohero

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 22 August 2010 - 03:18 PM

Occasionally --usually during the day, almost never at night-- clicked search results will instead take me to another page of search engine results, usually via Asklots. As I have heard, this is some form of messy malware. Norton AV, of course, turns up nothing. I will include the HJT log and an OTS log as well. I am running Vista Home Premium.

All searches for how to remove this problem have required custom advice, or included such that I couldn't figure out what I needed to do from their advice. I've created an account here for this reason. Sorry if this is in the wrong place.

HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:14, on 8/22/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal

Running processes:
C:\Program Files\DigitalPersona\Bin\DpAgent.exe
C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\MICROS~4\Office12\OUTLOOK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [wepaju] rundll32 "C:\Users\Jesse\AppData\Roaming\msafd1.dll",ttpbt
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.17\AMVConverter\grab.html
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.1...toUploader5.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AuthenTec Fingerprint Service (ATService) - AuthenTec, Inc. - C:\Program Files\Fingerprint Sensor\AtService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Update Service (gupdate1c98d1da9881d39) (gupdate1c98d1da9881d39) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Virtual IR COM Port, Service Program (IrCOMM2kSvc) - Jan Kiszka - C:\Windows\system32\ircomm2k.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Norton AntiVirus - Symantec Corporation - C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 13866 bytes


BEGIN OTS LOG

CODE
OTS logfile created on: 8/22/2010 01:42:07 - Run 2
OTS by OldTimer - Version 3.1.35.0     Folder = C:\Users\Jesse\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 40.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 285.84 Gb Total Space | 98.83 Gb Free Space | 34.57% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.43 Gb Free Space | 55.60% Space Free | Partition Type: NTFS
Drive E: | 4.60 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: THEGREENMACHINE
Current User Name: Jesse
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Jesse\Desktop\OTS.exe -> [2010/08/22 01:30:38 | 000,641,536 | ---- | M] (OldTimer Tools)
flashutil10h_activex.exe -> C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe -> [2010/06/25 12:48:11 | 000,231,888 | ---- | M] (Adobe Systems, Inc.)
applemobiledeviceservice.exe -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.)
szserver.exe -> C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -> [2010/03/18 15:59:36 | 000,057,344 | R--- | M] (iS3, Inc.)
realsched.exe -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe -> [2010/03/13 03:41:19 | 000,202,256 | ---- | M] (RealNetworks, Inc.)
wscstub.exe -> C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\WSCStub.exe -> [2010/01/20 16:43:01 | 000,096,456 | R--- | M] (Symantec Corporation)
aim.exe -> C:\Program Files\AIM\aim.exe -> [2009/10/01 16:20:57 | 003,634,024 | ---- | M] (AOL LLC)
ccsvchst.exe -> C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe -> [2009/08/22 02:37:15 | 000,117,640 | R--- | M] (Symantec Corporation)
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
conime.exe -> C:\Windows\System32\conime.exe -> [2009/04/11 02:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation)
fdm.exe -> C:\Program Files\Free Download Manager\fdm.exe -> [2009/01/31 04:45:14 | 003,399,727 | ---- | M] (FreeDownloadManager.ORG)
yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
sqlservr.exe -> c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -> [2008/07/10 17:28:06 | 040,999,448 | ---- | M] (Microsoft Corporation)
sqlwriter.exe -> c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -> [2008/07/10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation)
sttray.exe -> C:\Program Files\IDT\WDM\sttray.exe -> [2008/06/26 07:10:06 | 000,442,467 | ---- | M] (IDT, Inc.)
stacsv.exe -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe -> [2008/06/26 07:10:00 | 000,221,273 | ---- | M] (IDT, Inc.)
aestsrv.exe -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe -> [2008/06/26 07:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation)
delldock.exe -> C:\Program Files\Dell\DellDock\DellDock.exe -> [2008/05/13 17:33:10 | 001,058,088 | ---- | M] (Stardock Corporation)
docklogin.exe -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2008/04/28 17:56:28 | 000,161,048 | ---- | M] (Stardock Corporation)
dpagent.exe -> C:\Program Files\DigitalPersona\Bin\DpAgent.exe -> [2008/03/25 22:53:16 | 000,699,456 | ---- | M] (DigitalPersona, Inc.)
dphostw.exe -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2008/03/25 22:53:16 | 000,302,144 | ---- | M] (DigitalPersona, Inc.)
hidfind.exe -> C:\Program Files\DellTPad\hidfind.exe -> [2008/03/11 02:22:50 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.)
apoint.exe -> C:\Program Files\DellTPad\Apoint.exe -> [2008/03/11 02:22:46 | 000,163,840 | ---- | M] (Alps Electric Co., Ltd.)
apmsgfwd.exe -> C:\Program Files\DellTPad\ApMsgFwd.exe -> [2008/03/11 02:22:44 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.)
apntex.exe -> C:\Program Files\DellTPad\ApntEx.exe -> [2008/03/11 02:22:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.)
atservice.exe -> C:\Program Files\Fingerprint Sensor\AtService.exe -> [2008/02/29 05:37:16 | 001,053,944 | ---- | M] (AuthenTec, Inc.)
bttray.exe -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe -> [2008/02/08 16:18:16 | 000,752,168 | ---- | M] (Broadcom Corporation.)
pifsvc.exe -> C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation)
msascui.exe -> C:\Program Files\Windows Defender\MSASCui.exe -> [2008/01/20 22:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation)
pcmservice.exe -> C:\Program Files\Dell\MediaDirect\PCMService.exe -> [2008/01/14 11:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.)
cvpnd.exe -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/10/26 15:28:06 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
iaantmon.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2007/10/03 16:45:02 | 000,358,936 | ---- | M] (Intel Corporation)
iaanotif.exe -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe -> [2007/10/03 16:44:58 | 000,178,712 | ---- | M] (Intel Corporation)
aluschedulersvc.exe -> C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -> [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation)
viewpointservice.exe -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
ircomm2k.exe -> C:\Windows\System32\ircomm2k.exe -> [2002/03/20 20:58:44 | 000,053,248 | ---- | M] (Jan Kiszka)

[Modules - Safe List]
ots.exe -> C:\Users\Jesse\Desktop\OTS.exe -> [2010/08/22 01:30:38 | 000,641,536 | ---- | M] (OldTimer Tools)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009/04/11 02:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation)
msscript.ocx -> C:\Windows\System32\msscript.ocx -> [2008/01/20 22:24:37 | 000,110,592 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(LiveUpdate Notice Ex) LiveUpdate Notice Service Ex [Auto | Stopped] -> C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -> File not found
(Steam Client Service) Steam Client Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Steam\SteamService.exe -> [2010/05/18 16:39:10 | 000,395,048 | ---- | M] (Valve Corporation)
(Apple Mobile Device) Apple Mobile Device [Auto | Running] -> C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -> [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.)
(szserver) STOPzilla Service [Auto | Running] -> C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe -> [2010/03/18 15:59:36 | 000,057,344 | R--- | M] (iS3, Inc.)
(aspnet_state) ASP.NET State Service [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.21006\aspnet_state.exe -> [2009/10/07 06:31:18 | 000,035,144 | ---- | M] (Microsoft Corporation)
(WPFFontCache_v0400) Windows Presentation Foundation Font Cache 4.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.21006\WPF\WPFFontCache_v0400.exe -> [2009/10/07 03:44:58 | 000,752,984 | ---- | M] (Microsoft Corporation)
(clr_optimization_v4.0.21006_32) Microsoft .NET Framework NGEN v4.0.21006_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.21006\mscorsvw.exe -> [2009/10/07 03:44:58 | 000,129,856 | ---- | M] (Microsoft Corporation)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe -> [2009/10/07 03:44:58 | 000,124,224 | ---- | M] (Microsoft Corporation)
(NetTcpActivator) Net.Tcp Listener Adapter [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe -> [2009/10/07 03:44:58 | 000,124,224 | ---- | M] (Microsoft Corporation)
(NetPipeActivator) Net.Pipe Listener Adapter [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe -> [2009/10/07 03:44:58 | 000,124,224 | ---- | M] (Microsoft Corporation)
(NetMsmqActivator) Net.Msmq Listener Adapter [Disabled | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.21006\SMSvcHost.exe -> [2009/10/07 03:44:58 | 000,124,224 | ---- | M] (Microsoft Corporation)
(FontCache) Windows Font Cache Service [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation)
(Norton AntiVirus) Norton AntiVirus [Auto | Running] -> C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\ccSvcHst.exe -> [2009/08/22 02:37:15 | 000,117,640 | R--- | M] (Symantec Corporation)
(FLEXnet Licensing Service) FLEXnet Licensing Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -> [2009/06/20 23:15:39 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.)
(YahooAUService) Yahoo! Updater [Auto | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.)
(GoToAssist) GoToAssist [On_Demand | Stopped] -> C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -> [2008/08/07 22:33:15 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
(MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) [Auto | Running] -> c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -> [2008/07/10 17:28:06 | 040,999,448 | ---- | M] (Microsoft Corporation)
(SQLAgent$SQLEXPRESS) SQL Server Agent (SQLEXPRESS) [Disabled | Stopped] -> c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -> [2008/07/10 17:28:06 | 000,369,688 | ---- | M] (Microsoft Corporation)
(MSSQLServerADHelper100) SQL Active Directory Helper Service [Disabled | Stopped] -> c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE -> [2008/07/10 17:28:04 | 000,047,128 | ---- | M] (Microsoft Corporation)
(SQLWriter) SQL Server VSS Writer [Auto | Running] -> c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -> [2008/07/10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation)
(SQLBrowser) SQL Server Browser [Disabled | Stopped] -> c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -> [2008/07/10 02:49:34 | 000,258,072 | ---- | M] (Microsoft Corporation)
(STacSV) Audio Service [Auto | Running] -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\stacsv.exe -> [2008/06/26 07:10:00 | 000,221,273 | ---- | M] (IDT, Inc.)
(AESTFilters) Andrea ST Filters Service [Auto | Running] -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\AEstSrv.exe -> [2008/06/26 07:09:50 | 000,073,728 | ---- | M] (Andrea Electronics Corporation)
(DockLoginService) Dock Login Service [Auto | Running] -> C:\Program Files\Dell\DellDock\DockLogin.exe -> [2008/04/28 17:56:28 | 000,161,048 | ---- | M] (Stardock Corporation)
(DpHost) Biometric Authentication Service [Auto | Running] -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2008/03/25 22:53:16 | 000,302,144 | ---- | M] (DigitalPersona, Inc.)
(ATService) AuthenTec Fingerprint Service [Auto | Running] -> C:\Program Files\Fingerprint Sensor\AtService.exe -> [2008/02/29 05:37:16 | 001,053,944 | ---- | M] (AuthenTec, Inc.)
(LiveUpdate Notice Service) LiveUpdate Notice Service [Auto | Running] -> C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe -> [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation)
(WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation)
(CVPND) Cisco Systems, Inc. VPN Service [Auto | Running] -> C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe -> [2007/10/26 15:28:06 | 001,524,512 | ---- | M] (Cisco Systems, Inc.)
(IAANTMON) Intel(R) Matrix Storage Event Monitor [Auto | Running] -> C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -> [2007/10/03 16:45:02 | 000,358,936 | ---- | M] (Intel Corporation)
(LiveUpdate) LiveUpdate [On_Demand | Stopped] -> C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE -> [2007/09/12 18:27:24 | 002,999,664 | ---- | M] (Symantec Corporation)
(Automatic LiveUpdate Scheduler) Automatic LiveUpdate Scheduler [Auto | Running] -> C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe -> [2007/09/12 18:27:24 | 000,554,352 | ---- | M] (Symantec Corporation)
(Viewpoint Manager Service) Viewpoint Manager Service [Auto | Running] -> C:\Program Files\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation)
(FirebirdServerMAGIXInstance) Firebird Server - MAGIX Instance [On_Demand | Stopped] -> C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -> [2005/11/17 15:18:52 | 001,527,900 | ---- | M] (MAGIX)
(IrCOMM2kSvc) Virtual IR COM Port, Service Program [Auto | Running] -> C:\Windows\System32\ircomm2k.exe -> [2002/03/20 20:58:44 | 000,053,248 | ---- | M] (Jan Kiszka)

[Driver Services - Safe List]
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NAV\1000000.07D\SYMREDRV.SYS -> File not found
(SYMDNS) SYMDNS [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NAV\1000000.07D\SYMDNS.SYS -> File not found
(NwlnkFwd) IPX Traffic Forwarder Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkfwd.sys -> File not found
(NwlnkFlt) IPX Traffic Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\nwlnkflt.sys -> File not found
(IpInIp) IP in IP Tunnel Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\DRIVERS\ipinip.sys -> File not found
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100821.004\NAVEX15.SYS -> [2010/07/13 04:00:00 | 001,362,608 | ---- | M] (Symantec Corporation)
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100821.004\NAVENG.SYS -> [2010/07/13 04:00:00 | 000,085,424 | ---- | M] (Symantec Corporation)
(IDSVix86) IDSVix86 [Kernel | System | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100820.001\IDSvix86.sys -> [2010/05/28 15:33:19 | 000,344,112 | ---- | M] (Symantec Corporation)
(eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2010/05/26 04:00:00 | 000,371,248 | ---- | M] (Symantec Corporation)
(EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2010/05/26 04:00:00 | 000,102,448 | ---- | M] (Symantec Corporation)
(szkgfs) szkgfs [Kernel | Boot | Running] -> C:\Windows\system32\drivers\szkgfs.sys -> [2010/02/24 15:06:36 | 000,173,328 | R--- | M] (iS3, Inc.)
(ccHP) Symantec Hash Provider [Kernel | System | Running] -> C:\Windows\System32\Drivers\NAV\1008000.029\ccHPx86.sys -> [2010/02/03 02:40:54 | 000,482,432 | ---- | M] (Symantec Corporation)
(vmm) Virtual Machine Monitor [Kernel | System | Running] -> C:\Windows\System32\drivers\VMM.sys -> [2010/02/01 02:41:45 | 000,229,224 | ---- | M] (Microsoft Corporation)
(szkg5) szkg5 [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\szkg.sys -> [2009/12/07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.)
(is3srv) is3srv [Kernel | Boot | Stopped] -> C:\Windows\system32\drivers\is3srv.sys -> [2009/12/07 17:59:32 | 000,061,328 | R--- | M] (iS3 Inc.)
(SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\System32\drivers\scdemu.sys -> [2009/11/08 23:21:18 | 000,059,388 | ---- | M] (PowerISO Computing, Inc.)
(SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> C:\Windows\system32\drivers\NAV\1008000.029\SYMEFA.SYS -> [2009/08/22 02:37:16 | 000,310,320 | ---- | M] (Symantec Corporation)
(SRTSP) Symantec Real Time Storage Protection [File_System | System | Running] -> C:\Windows\System32\Drivers\NAV\1008000.029\SRTSP.SYS -> [2009/08/22 02:37:16 | 000,308,272 | ---- | M] (Symantec Corporation)
(BHDrvx86) Symantec Heuristics Driver [Kernel | System | Running] -> C:\Windows\System32\Drivers\NAV\1008000.029\BHDrvx86.sys -> [2009/08/22 02:37:16 | 000,259,632 | ---- | M] (Symantec Corporation)
(SYMTDI) Symantec Network Dispatch Driver [Kernel | System | Running] -> C:\Windows\System32\Drivers\NAV\1008000.029\SYMTDI.SYS -> [2009/08/22 02:37:16 | 000,217,136 | ---- | M] (Symantec Corporation)
(SYMFW) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\NAV\1008000.029\SYMFW.SYS -> [2009/08/22 02:37:16 | 000,089,904 | ---- | M] (Symantec Corporation)
(SYMNDISV) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\NAV\1008000.029\SYMNDISV.SYS -> [2009/08/22 02:37:16 | 000,048,688 | ---- | M] (Symantec Corporation)
(SRTSPX) Symantec Real Time Storage Protection (PEL) [Kernel | System | Running] -> C:\Windows\system32\drivers\NAV\1008000.029\SRTSPX.SYS -> [2009/08/22 02:37:16 | 000,043,696 | ---- | M] (Symantec Corporation)
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SYMEVENT.SYS -> [2009/08/20 07:35:49 | 000,124,976 | ---- | M] (Symantec Corporation)
(SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\SymIMV.sys -> [2009/08/18 14:59:24 | 000,025,648 | R--- | M] (Symantec Corporation)
(sptd) sptd [Kernel | Boot | Running] -> C:\Windows\System32\Drivers\sptd.sys -> [2009/05/18 18:28:16 | 000,721,904 | ---- | M] ()
(NuidFltr) NUID filter driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\nuidfltr.sys -> [2009/05/09 01:14:20 | 000,014,736 | ---- | M] (Microsoft Corporation)
(motccgpfl) MotCcgpFlService [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motccgpfl.sys -> [2008/08/21 19:49:56 | 000,008,320 | ---- | M] (Motorola)
(motccgp) Motorola USB Composite Device Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motccgp.sys -> [2008/08/21 19:49:22 | 000,018,688 | ---- | M] (Motorola)
(RsFx0102) RsFx0102 Driver [File_System | Disabled | Stopped] -> C:\Windows\System32\drivers\RsFx0102.sys -> [2008/07/10 02:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation)
(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\stwrt.sys -> [2008/06/26 07:10:08 | 000,380,928 | ---- | M] (IDT, Inc.)
(BVRPMPR5) BVRPMPR5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\BVRPMPR5.SYS -> [2008/05/13 19:08:04 | 000,049,904 | R--- | M] (Avanquest Software)
(R300) R300 [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\atikmdag.sys -> [2008/05/04 04:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.)
(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\atikmdag.sys -> [2008/05/04 04:42:18 | 003,548,672 | ---- | M] (ATI Technologies Inc.)
(itecir) ITECIR Infrared Receiver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\itecir.sys -> [2008/03/14 09:04:26 | 000,054,784 | ---- | M] (ITE Tech. Inc. )
(ATSwpWDF) AuthenTec TruePrint USB WDF Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ATSwpWDF.sys -> [2008/03/13 07:45:50 | 000,548,352 | ---- | M] (AuthenTec, Inc.)
(BCM43XX) Dell Wireless WLAN Card Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2008/03/11 10:25:46 | 001,205,240 | ---- | M] (Broadcom Corporation)
(BCM42RLY) BCM42RLY [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\bcm42rly.sys -> [2008/03/11 10:24:46 | 000,018,424 | ---- | M] (Broadcom Corporation)
(btwrchid) btwrchid [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwrchid.sys -> [2008/03/11 06:02:44 | 000,017,448 | ---- | M] (Broadcom Corporation.)
(btwl2cap) Bluetooth L2CAP Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwl2cap.sys -> [2008/03/11 06:02:34 | 000,029,736 | ---- | M] (Broadcom Corporation.)
(btwavdt) Bluetooth AVDT [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwavdt.sys -> [2008/03/11 06:02:30 | 000,100,392 | ---- | M] (Broadcom Corporation.)
(btwaudio) Bluetooth Audio Device Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwaudio.sys -> [2008/03/11 06:02:24 | 000,081,960 | ---- | M] (Broadcom Corporation.)
(OA001Ufd) Creative Camera OA001 Upper Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\OA001Ufd.sys -> [2008/03/11 02:53:02 | 000,149,208 | ---- | M] (Creative Technology Ltd.)
(OA001Vid) Creative Camera OA001 Function Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\OA001Vid.sys -> [2008/03/11 02:53:00 | 000,277,624 | ---- | M] (Creative Technology Ltd.)
(iaStor) Intel AHCI Controller [Kernel | Boot | Running] -> C:\Windows\system32\drivers\iastor.sys -> [2008/03/11 02:44:12 | 000,305,176 | ---- | M] (Intel Corporation)
(k57nd60x) Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0 [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\k57nd60x.sys -> [2008/03/11 02:42:24 | 000,203,264 | ---- | M] (Broadcom Corporation)
(rismxdp) Ricoh xD-Picture Card Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rixdptsk.sys -> [2008/03/11 02:24:46 | 000,038,400 | ---- | M] (REDC)
(rimmptsk) rimmptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimmptsk.sys -> [2008/03/11 02:24:44 | 000,046,592 | ---- | M] (REDC)
(rimsptsk) rimsptsk [Kernel | Auto | Running] -> C:\Windows\System32\drivers\rimsptsk.sys -> [2008/03/11 02:24:42 | 000,043,008 | ---- | M] (REDC)
(ApfiltrService) Alps Touch Pad Filter Driver for Windows 2000/XP/Vista [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Apfiltr.sys -> [2008/03/11 02:22:44 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.)
(VPCNetS2) Virtual Machine Network Services Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\VMNetSrv.sys -> [2008/02/05 02:50:44 | 000,059,960 | ---- | M] (Microsoft Corporation)
(MegaSR) MegaSR [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasr.sys -> [2008/01/20 22:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.)
(adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2008/01/20 22:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.)
(megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2008/01/20 22:23:27 | 000,031,288 | ---- | M] (LSI Corporation)
(adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2008/01/20 22:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.)
(SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2008/01/20 22:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems)
(HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2008/01/20 22:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company)
(adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2008/01/20 22:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.)
(e1express) Intel(R) PRO/1000 PCI Express Network Connection Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\e1e6032.sys -> [2008/01/20 22:23:25 | 000,220,672 | ---- | M] (Intel Corporation)
(LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2008/01/20 22:23:25 | 000,089,656 | ---- | M] (LSI Logic)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2008/01/20 22:23:24 | 001,122,360 | ---- | M] (QLogic Corporation)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2008/01/20 22:23:24 | 000,118,784 | ---- | M] (Intel Corporation)
(arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2008/01/20 22:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.)
(iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2008/01/20 22:23:23 | 000,235,064 | ---- | M] (Intel Corporation)
(vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2008/01/20 22:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd)
(ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2008/01/20 22:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic)
(LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2008/01/20 22:23:23 | 000,096,312 | ---- | M] (LSI Logic)
(arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2008/01/20 22:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.)
(elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2008/01/20 22:23:22 | 000,342,584 | ---- | M] (Emulex)
(adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2008/01/20 22:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.)
(nvraid) NVIDIA nForce RAID Driver    [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2008/01/20 22:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation)
(nvstor) nvstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvstor.sys -> [2008/01/20 22:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation)
(uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2008/01/20 22:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.)
(viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2008/01/20 22:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.)
(cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2008/01/20 22:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.)
(aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2008/01/20 22:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.)
(CVPNDRVA) Cisco Systems Inc. IPSec Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\CVPNDRVA.sys -> [2007/10/26 15:27:00 | 000,306,300 | ---- | M] (Cisco Systems, Inc.)
(MotDev) Motorola Inc. USB Device [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motodrv.sys -> [2007/10/10 17:41:50 | 000,042,112 | ---- | M] (Motorola Inc)
(motport) Motorola USB Diagnostic Port [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motport.sys -> [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola)
(motmodem) Motorola USB CDC ACM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\motmodem.sys -> [2007/06/18 15:18:26 | 000,023,680 | ---- | M] (Motorola)
(DNE) Deterministic Network Enhancer Miniport [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\dne2000.sys -> [2007/01/31 14:45:06 | 000,127,376 | ---- | M] (Deterministic Networks, Inc.)
(CVirtA) Cisco Systems VPN Adapter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\CVirtA.sys -> [2007/01/18 17:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation)
(UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.)
(nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation)
(iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic)
(Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation)
(Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies)
(IrCOMM2k) Virtual IR COM Port [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ircomm2k.sys -> [2002/03/25 01:12:10 | 000,016,026 | ---- | M] (Jan Kiszka)

[Registry - All]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  [binary data] ->
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons ->
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> C:\Windows\System32\blank.htm ->
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
HKEY_USERS\S-1-5-19\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\System32\ieframe.dll [Microsoft Url Search Hook] -> [2010/06/26 02:02:14 | 011,077,120 | ---- | M] (Microsoft Corporation)
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
HKEY_USERS\S-1-5-20\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\System32\ieframe.dll [Microsoft Url Search Hook] -> [2010/06/26 02:02:14 | 011,077,120 | ---- | M] (Microsoft Corporation)
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: Main\\"Default_Page_URL" -> http://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0080808 ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: Main\\"Local Page" -> C:\Windows\system32\blank.htm ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: Main\\"Page_Transitions" -> 1 ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: Main\\"Search Page" -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: Main\\"Start Page" -> http://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=0080808 ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: Main\\"StartPageCache" -> 1 ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: URLSearchHooks\\"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" [HKLM] -> C:\Windows\System32\ieframe.dll [Microsoft Url Search Hook] -> [2010/06/26 02:02:14 | 011,077,120 | ---- | M] (Microsoft Corporation)
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: "ProxyEnable" -> 0 ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\: "ProxyOverride" -> *.local ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  ->
HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b} -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\] -> [2009/06/24 18:49:24 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT] -> [2010/03/13 03:42:22 | 000,000,000 | ---D | M]
< FireFox Extensions [User Folders] > ->
  -> C:\Users\Jesse\AppData\Roaming\Mozilla\Extensions -> [2009/10/23 17:16:01 | 000,000,000 | ---D | M]
  -> C:\Users\Jesse\AppData\Roaming\Mozilla\Extensions\celtx@celtx.com -> [2009/10/23 17:16:01 | 000,000,000 | ---D | M]
  -> C:\Users\Jesse\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org -> [2009/02/27 16:55:47 | 000,000,000 | ---D | M]
< HOSTS File > ([2006/09/18 17:41:30 | 000,000,761 | ---- | M] - 20 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1       localhost
::1             localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [&Yahoo! Toolbar Helper] -> [2009/09/19 21:26:32 | 001,172,280 | ---- | M] (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/23 00:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated)
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [RealPlayer Download and Record Plugin for Internet Explorer] -> [2010/03/13 03:42:22 | 000,341,600 | ---- | M] (RealPlayer)
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} [HKLM] -> C:\Program Files\AVG\AVG8\avgssie.dll [AVG Safe Search] -> File not found
{6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Norton AntiVirus\Norton AntiVirus\Engine\16.8.0.41\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/08/22 02:37:14 | 000,107,896 | R--- | M] (Symantec Corporation)
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [SSVHelper Class] -> [2008/02/22 05:25:19 | 000,509,328 | ---- | M] (Sun Microsystems, Inc.)
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Skype add-on for Internet Explorer] -> File not found
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [Google Toolbar Notifier BHO] -> [2009/03/26 01:18:59 | 000,668,656 | ---- | M] (Google Inc.)
{CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Program Files\Dell\BAE\BAE.dll [CBrowserHelperObject Object] -> [2006/11/09 10:56:48 | 000,098,304 | ---- | M] (Dell Inc.)
{CC59E0F9-7E43-44FA-9FAA-8377850BF205} [HKLM] -> C:\Program Files\Free Download Manager\iefdm2.dll [FDMIECookiesBHO Class] -> [2008/12/30 02:03:26 | 000,098,304 | ---- | M] ()
{E3215F20-3212-11D6-9F8B-00D0B743919D} [HKLM] -> C:\Program Files\STOPzilla!\SZIEBHO.dll [STOPzilla Browser Helper Object] -> [2010/05/17 11:16:56 | 000,247,232 | R--- | M] (iS3, Inc.)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [SingleInstance Class] -> [2009/09/19 21:26:34 | 000,158,008 | ---- | M] (Yahoo! Inc)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar ->
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2009/09/19 21:26:32 | 001,172,280 | ---- | M] (Yahoo! Inc.)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\Software\Microsoft\Internet Explorer\Toolbar\ ->
WebBrowser\\"{A057A204-BACC-4D26-9990-79A187E2698E}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/10/15 02:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated)
"Apoint" -> C:\Program Files\DellTPad\Apoint.exe [C:\Program Files\DellTPad\Apoint.exe] -> [2008/03/11 02:22:46 | 000,163,840 | ---- | M] (Alps Electric Co., Ltd.)
"Dell Webcam Central" -> C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe ["C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe" /mode2] -> [2008/02/19 11:43:30 | 000,438,403 | ---- | M] (Creative Technology Ltd.)
"DpAgent" -> C:\Program Files\DigitalPersona\Bin\DpAgent.exe [C:\Program Files\DigitalPersona\Bin\dpagent.exe] -> [2008/03/25 22:53:16 | 000,699,456 | ---- | M] (DigitalPersona, Inc.)
"dscactivate" -> C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ["C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"] -> [2008/03/11 13:44:42 | 000,016,384 | ---- | M] ( )
"EfficientDiary" ->  [] -> File not found
"GrooveMonitor" -> C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe ["C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"] -> [2008/10/25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation)
"IAAnotif" -> C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe ["C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"] -> [2007/10/03 16:44:58 | 000,178,712 | ---- | M] (Intel Corporation)
"PCMService" -> C:\Program Files\Dell\MediaDirect\PCMService.exe ["C:\Program Files\Dell\MediaDirect\PCMService.exe"] -> [2008/01/14 11:13:02 | 000,132,392 | ---- | M] (CyberLink Corp.)
"QuickTime Task" -> C:\Program Files\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] -> [2010/03/17 21:53:36 | 000,421,888 | ---- | M] (Apple Inc.)
"StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"] -> [2008/01/21 13:17:18 | 000,061,440 | ---- | M] (Advanced Micro Devices, Inc.)
"Symantec PIF AlertEng" -> C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe ["C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"] -> [2008/01/29 17:38:31 | 000,583,048 | ---- | M] (Symantec Corporation)
"SysTrayApp" -> C:\Program Files\IDT\WDM\sttray.exe [%ProgramFiles%\IDT\WDM\sttray.exe] -> [2008/06/26 07:10:06 | 000,442,467 | ---- | M] (IDT, Inc.)
"TkBellExe" -> C:\Program Files\Common Files\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2010/03/13 03:41:19 | 000,202,256 | ---- | M] (RealNetworks, Inc.)
"Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/20 22:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 02:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 02:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"Sidebar" -> C:\Program Files\Windows Sidebar\Sidebar.exe [%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem] -> [2009/04/11 02:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"WindowsWelcomeCenter" -> C:\Windows\System32\oobefldr.dll [rundll32.exe oobefldr.dll,ShowWelcomeCenter] -> [2009/04/11 02:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation)
< Run [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"ehTray.exe" -> C:\Windows\ehome\ehtray.exe [C:\Windows\ehome\ehTray.exe] -> [2008/01/20 22:25:11 | 000,125,952 | ---- | M] (Microsoft Corporation)
"Sidebar" -> C:\Program Files\Windows Sidebar\sidebar.exe [C:\Program Files\Windows Sidebar\sidebar.exe /autoRun] -> [2009/04/11 02:28:03 | 001,233,920 | ---- | M] (Microsoft Corporation)
"wepaju" -> C:\Users\Jesse\AppData\Roaming\msafd1.DLL [rundll32 "C:\Users\Jesse\AppData\Roaming\msafd1.dll",ttpbt] -> [2010/08/10 20:42:01 | 000,057,344 | RHS- | M] ()
"WMPNSCFG" -> C:\Program Files\Windows Media Player\wmpnscfg.exe [C:\Program Files\Windows Media Player\WMPNSCFG.exe] -> [2008/01/20 22:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation)
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< Software Policy Settings [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Policies\Microsoft\Internet Explorer ->
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"BindDirectlyToPropertySetStorage" ->  [0] -> File not found
\\"NoActiveDesktopChanges" ->  [0] -> File not found
\\"NoSetActiveDesktop" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" ->  [2] -> File not found
\\"ConsentPromptBehaviorUser" ->  [1] -> File not found
\\"EnableInstallerDetection" ->  [1] -> File not found
\\"EnableLUA" ->  [1] -> File not found
\\"EnableSecureUIAPaths" ->  [1] -> File not found
\\"EnableVirtualization" ->  [1] -> File not found
\\"PromptOnSecureDesktop" ->  [1] -> File not found
\\"ValidateAdminCodeSignatures" ->  [0] -> File not found
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"scforceoption" ->  [0] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
\\"FilterAdministratorToken" ->  [0] -> File not found
\\"EnableUIADesktopToggle" ->  [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
\UIPI\Clipboard\ExceptionFormats\\"CF_TEXT" ->  [1] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_BITMAP" ->  [2] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_OEMTEXT" ->  [7] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIB" ->  [8] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_PALETTE" ->  [9] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_UNICODETEXT" ->  [13] -> File not found
\UIPI\Clipboard\ExceptionFormats\\"CF_DIBV5" ->  [17] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [149] -> File not found
\\"NoActiveDesktopChanges" ->  [0] -> File not found
\\"NoSetActiveDesktop" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableTaskMgr" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [149] -> File not found
\\"NoActiveDesktopChanges" ->  [0] -> File not found
\\"NoSetActiveDesktop" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"DisableTaskMgr" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [149] -> File not found
\\"NoActiveDesktopChanges" ->  [0] -> File not found
\\"NoSetActiveDesktop" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\Software\Microsoft\Internet Explorer\MenuExt\ ->
Add to AMV Converter... -> C:\Program Files\MP3 Player Utilities 4.17\AMVConverter\grab.html [C:\Program Files\MP3 Player Utilities 4.17\AMVConverter\grab.html] -> [2006/02/16 11:37:38 | 000,000,890 | ---- | M] ()
Download all with Free Download Manager -> C:\Program Files\Free Download Manager\dlall.htm [file://C:\Program Files\Free Download Manager\dlall.htm] -> [2007/06/02 14:25:02 | 000,000,893 | ---- | M] ()
Download selected with Free Download Manager -> C:\Program Files\Free Download Manager\dlselected.htm [file://C:\Program Files\Free Download Manager\dlselected.htm] -> [2007/06/02 14:25:02 | 000,000,463 | ---- | M] ()
Download video with Free Download Manager -> C:\Program Files\Free Download Manager\dlfvideo.htm [file://C:\Program Files\Free Download Manager\dlfvideo.htm] -> [2007/07/27 02:34:42 | 000,001,706 | ---- | M] ()
Download with Free Download Manager -> C:\Program Files\Free Download Manager\dllink.htm [file://C:\Program Files\Free Download Manager\dllink.htm] -> [2007/06/02 14:25:02 | 000,002,140 | ---- | M] ()
E&xport to Microsoft Excel -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000] -> [2010/04/24 08:25:04 | 018,352,488 | ---- | M] (Microsoft Corporation)
Send image to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 12:57:50 | 000,001,199 | ---- | M] ()
Send page to &Bluetooth Device... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll [Menu: Sun Java Console] -> [2008/02/22 05:25:19 | 000,509,328 | ---- | M] (Sun Microsystems, Inc.)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Button: Blog This] -> [2007/10/26 19:09:54 | 000,154,640 | ---- | M] (Microsoft Corporation)
{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}:{5F7B1267-94A9-47F5-98DB-E99415F33AEC} [HKLM] -> C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [Menu: &Blog This in Windows Live Writer] -> [2007/10/26 19:09:54 | 000,154,640 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2009/02/26 19:45:52 | 000,603,040 | ---- | M] (Microsoft Corporation)
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Button: Skype add-on for Internet Explorer] -> File not found
{898EA8C8-E7FF-479B-8935-AEC46303B9E5}:{898EA8C8-E7FF-479B-8935-AEC46303B9E5} [HKLM] -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [Menu: Skype add-on for Internet Explorer] -> File not found
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation)
{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] ()
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\Software\Microsoft\Internet Explorer\Extensions\ ->
CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] ->  [@btrez.dll,-4015] -> File not found
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ ->
{0CCA191D-13A6-4E29-B746-314DEE697D83} [HKLM] -> http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab [Facebook Photo Uploader 5 Control] ->
{166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab [Shockwave ActiveX Control] ->
{8100D56A-5661-482C-BEE8-AFECE305D968} [HKLM] -> http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab [Facebook Photo Uploader 5 Control] ->
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab [Reg Error: Key error.] ->
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.2.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{3C2BAFE1-F9D8-4DBE-A9E7-664F551DB661}\\DhcpNameServer -> 192.168.2.1   (Dell Wireless 1397 WLAN Mini-Card) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
c:\windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
rundll32 shell32 -> C:\Windows\System32\shell32.dll -> [2010/07/26 11:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation)
Control_RunDLL "sysdm.cpl" -> C:\Windows\System32\sysdm.cpl -> [2008/01/20 22:24:23 | 000,242,688 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
GoToAssist -> C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll -> [2008/08/07 22:33:15 | 000,010,536 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.)
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> C:\Windows\System32\webcheck.dll [WebCheck] -> [2009/03/08 07:34:47 | 000,236,544 | ---- | M] (Microsoft Corporation)
< SharedTaskScheduler [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler ->
"{8C7461EF-2B13-11d2-BE35-3078302C2030}" [HKLM] -> C:\Windows\System32\browseui.dll [Component Categories cache daemon] -> [2009/04/11 02:28:18 | 001,324,032 | ---- | M] (Microsoft Corporation)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation)
< SecurityProviders [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
*SecurityProviders* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders ->
credssp.dll -> C:\Windows\System32\credssp.dll -> [2008/01/20 22:24:37 | 000,015,872 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< LSA Authentication Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
*LSA Authentication Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Authentication Packages ->
msv1_0 -> C:\Windows\System32\msv1_0.dll -> [2009/09/10 12:48:01 | 000,218,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< LSA Security Packages [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
*LSA Security Packages* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\\Security Packages ->
kerberos -> C:\Windows\System32\kerberos.dll -> [2009/06/15 10:52:38 | 000,499,712 | ---- | M] (Microsoft Corporation)
msv1_0 -> C:\Windows\System32\msv1_0.dll -> [2009/09/10 12:48:01 | 000,218,624 | ---- | M] (Microsoft Corporation)
schannel -> C:\Windows\System32\schannel.dll -> [2010/06/11 12:16:20 | 000,274,944 | ---- | M] (Microsoft Corporation)
wdigest -> C:\Windows\System32\wdigest.dll -> [2009/06/15 10:54:00 | 000,175,104 | ---- | M] (Microsoft Corporation)
tspkg -> C:\Windows\System32\tspkg.dll -> [2008/01/20 22:24:37 | 000,062,464 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
"AlternateShell" -> cmd.exe ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> CD-ROM Driver ->
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/18 17:43:36 | 000,000,024 | ---- | M] ()
E:\Autorun.exe [MZ | ] -> E:\Autorun.exe [ UDF ] -> [2010/04/20 16:37:17 | 000,054,544 | R--- | M] (Electronic Arts)
E:\Autorun.inf [[autorun] | open=Autorun.exe | icon=Sims3EP02.ico | ] -> E:\Autorun.inf [ UDF ] -> [2010/03/27 00:03:00 | 000,000,049 | R--- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\F
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell
\F\shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F\shell\AutoRun\command
\F\shell\AutoRun\command\\"" -> F:\Autorun.exe [F:\Autorun.exe] -> File not found
\G
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\shell
\G\shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\shell\AutoRun\command
\G\shell\AutoRun\command\\"" -> G:\Autorun.exe [G:\Autorun.exe] -> File not found
\{0fa4f7c6-64c4-11dd-93e9-806e6f6e6963}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0fa4f7c6-64c4-11dd-93e9-806e6f6e6963}\shell
\{0fa4f7c6-64c4-11dd-93e9-806e6f6e6963}\shell\\"" ->  [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0fa4f7c6-64c4-11dd-93e9-806e6f6e6963}\shell\AutoRun\command
\{0fa4f7c6-64c4-11dd-93e9-806e6f6e6963}\shell\AutoRun\command\\"" -> E:\Autorun.exe [E:\Autorun.exe] -> [2010/04/20 16:37:17 | 000,054,544 | R--- | M] (Electronic Arts)
\{411329be-094b-11df-8e8c-0021707e11f8}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{411329be-094b-11df-8e8c-0021707e11f8}\shell\Auto\command
\{411329be-094b-11df-8e8c-0021707e11f8}\shell\Auto\command\\"" -> F:\launcher.exe [F:\launcher.exe] -> File not found
\{411329be-094b-11df-8e8c-0021707e11f8}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{411329be-094b-11df-8e8c-0021707e11f8}\shell\AutoRun\command
\{411329be-094b-11df-8e8c-0021707e11f8}\shell\AutoRun\command\\"" -> C:\Windows\System32\shell32.dll [C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\launcher.exe] -> [2010/07/26 11:51:48 | 011,584,512 | ---- | M] (Microsoft Corporation)
\{72acc015-3483-11df-acac-901e6c6e74a9}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72acc015-3483-11df-acac-901e6c6e74a9}\shell\AutoRun\command
\{72acc015-3483-11df-acac-901e6c6e74a9}\shell\AutoRun\command\\"" -> F:\RECYCLER\help.exe [F:\RECYCLER\help.exe] -> File not found
\{72acc015-3483-11df-acac-901e6c6e74a9}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{72acc015-3483-11df-acac-901e6c6e74a9}\shell\opEN\CoMmanD
\{72acc015-3483-11df-acac-901e6c6e74a9}\shell\opEN\CoMmanD\\"" -> F:\RECYCLER\help.exe [F:\RECYCLER\help.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Classes\<extension>\ ->
.exe [@ = exefile] -> Reg Error: Key error. -> File not found

[Registry - Additional Scans - Safe List]
< Desktop WallPaper > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General ->
BackupWallPaper -> C:\Users\Jesse\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg ->
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
FastUserSwitchingCompatibility ->  -> File not found
Ias ->  -> File not found
Nla ->  -> File not found
Ntmssvc ->  -> File not found
NWCWorkstation ->  -> File not found
Nwsapagent ->  -> File not found
SRService ->  -> File not found
Wmi -> C:\Windows\System32\wmi.dll -> [2006/11/02 05:44:15 | 000,005,120 | ---- | M] (Microsoft Corporation)
WmdmPmSp ->  -> File not found
LogonHours ->  -> File not found
PCAudit ->  -> File not found
helpsvc ->  -> File not found
uploadmgr ->  -> File not found
*MultiFile Done* -> ->
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
batfile [open] -> "%1" %* ->
cmdfile [open] -> "%1" %* ->
comfile [open] -> "%1" %* ->
cplfile [cplopen] -> %SystemRoot%\System32\control.exe "%1",%* -> [2006/11/02 05:44:59 | 000,211,968 | ---- | M] (Microsoft Corporation)
exefile [open] -> "%1" %* ->
hlpfile [open] -> %SystemRoot%\winhlp32.exe %1 -> [2006/11/02 05:45:57 | 000,009,216 | ---- | M] (Microsoft Corporation)
htmlfile [edit] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 10:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
htmlfile [print] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 -> [2008/11/10 10:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation)
inffile [install] -> %SystemRoot%\System32\InfDefaultInstall.exe "%1" -> [2008/01/20 22:24:35 | 000,011,776 | ---- | M] (Microsoft Corporation)
piffile [open] -> "%1" %* ->
scrfile [config] -> "%1" ->
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/01/20 22:23:50 | 000,368,640 | ---- | M] (Microsoft Corporation)
scrfile [open] -> "%1" /S ->
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 ->
Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/20 22:23:50 | 000,318,976 | ---- | M] (Microsoft Corporation)
Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
Directory [OneNote.Open] -> C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" -> [2009/02/26 15:24:50 | 001,001,840 | ---- | M] (Microsoft Corporation)
Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} -> PDFCreator
{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} -> Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
{00DBA47C-770C-47B9-907D-F4FC2809D569} -> Barcode Creator
{03D1988F-469F-4843-8E6E-E5FE9D17889D} -> WIDCOMM Bluetooth Software 6.1.0.4400
{044F9133-B8D7-4d11-BF39-803FA20F5C8B} -> Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
{048298C9-A4D3-490B-9FF9-AB023A9238F3} -> Steam
{055EE59D-217B-43A7-ABFF-507B966405D8} -> ATI Catalyst Control Center
{05A677ED-F6EB-C225-0852-C8EDA143F637} -> Catalyst Control Center Core Implementation
{08E81ABD-79F7-49C2-881F-FD6CB0975693} -> Roxio Creator Data
{09760D42-E223-42AD-8C3E-55B47D0DDAC3} -> Roxio Creator DE
{0C19D563-5F25-4621-BF10-01F741BD283F} -> Microsoft SQL Server Compact 3.5 SP1 Design Tools English
{1339C679-8EBD-A264-F51B-8AFF9E5178AB} -> Catalyst Control Center Localization Chinese Standard
{140BF0D0-E848-405C-9A01-D3256B918B6D} -> AuthenTec Fingerprint System
{15BC8CD0-A65B-47D0-A2DD-90A824590FA8} -> Microsoft Works
{184E7118-0295-43C4-B72C-1D54AA75AAF7} -> Windows Live Mail
{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7} -> Microsoft SQL Server 2008 Common Files
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4} -> Roxio Creator Tools
{2012098D-EEE9-4769-8DD3-B038050854D4} -> Microsoft Silverlight 3 SDK
{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD} -> QuickTime
{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C} -> Windows Live Photo Gallery
{30465B6C-B53F-49A1-9EBA-A3F187AD502E} -> Roxio Update Manager
{3248F0A8-6813-11D6-A77B-00B0D0160050} -> Java(TM) 6 Update 5
{33D38429-A417-2939-F2ED-68B02C60524B} -> CCC Help Italian
{348982C0-1053-041B-90E9-27E52C5CBAC4} -> Catalyst Control Center Localization Chinese Traditional
{34A5AD2C-1313-4FB5-8328-255F90DFF873} -> Additional Voices for XP
{3643EF5F-D28D-4B25-9FA1-8859FC303710} -> Coby Media Manager
{3683198D-D48D-8F78-D544-E0CEEDA9A5AD} -> Catalyst Control Center Localization Norwegian
{39874C29-6A64-A5E4-15E8-48CAB1630758} -> Catalyst Control Center Graphics Full New
{3B585A53-CC41-4969-A7CB-F0E5D34ACA08} -> Roleplaying City Map Generator 5.40
{3C3D696B-0DB7-3C6D-A356-3DB8CE541918} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
{42D68A86-DB1C-4256-B8C9-5D0D92919AF5} -> Banctec Service Agreement
{45B4747A-9B41-43B2-989A-B2771021911F} -> ArtifactMage
{4815BD99-96A4-49FE-A885-DCF06E9E4E78} -> Microsoft SQL Server 2008 Database Engine Shared
{497CDC20-F32E-B732-D5A7-C508832901B1} -> Catalyst Control Center Localization Italian
{4A6F34E2-09E5-4616-B227-4A26A488A6F9} -> Microsoft SQL Server 2008 Common Files
{4CA09BF7-1CFC-44B8-80EA-7B4D15D12DC5} -> Catalyst Control Center - Branding
{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED} -> Dell DataSafe Online
{4E8B4C51-20A4-A946-F2FD-361E1E64CBFE} -> Catalyst Control Center Localization Dutch
{53FA14B9-A754-4568-819E-BE4270FDEE13} -> SQL Server 2008 R2 Management Objects
{553255F3-78FD-40F1-A6F8-6882140265FE} -> Apple Application Support
{55D9E026-DCB0-46FF-B60A-68B972228CF6} -> Autodesk Design Review 2010
{57EC5BFE-7CB7-3057-8385-C9D72918511C} -> Microsoft .NET Framework 4 Client Profile Beta 2
{58721EC3-8D4E-4B79-BC51-1054E2DDCD10} -> Microsoft SQL Server 2008 Database Engine Services
{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D} -> Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
{5F686CBB-09AB-38F0-4F49-6FA3CA2F194E} -> ATI Catalyst Install Manager
{62230596-37E5-4618-A329-0D21F529A86F} -> Browser Address Error Redirector
{65D0C510-D7B6-4438-9FC8-E6B91115AB0D} -> Live! Cam Avatar Creator
{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} -> Roxio Express Labeler 3
{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E} -> Cisco PEAP Module
{66E07661-1C3B-EBB3-DDD7-CA2D9CF728E5} -> CCC Help Chinese Standard
{67192DDF-D12C-7C14-0891-1999A8322D9A} -> ccc-core-static
{693C5CAC-E43C-4A5F-0793-DB1A91576F00} -> Catalyst Control Center Localization Swedish
{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3} -> Power Tab Editor 1.7
{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22} -> EDocs
{6BA2D1B0-0892-AF53-1542-767C1B1B558F} -> CCC Help German
{6D3963B0-E13B-4FC3-B0FF-506A304BB043} -> Cisco EAP-FAST Module
{6E405B40-3879-3C9B-9286-8D5E71258C35} -> Microsoft .NET Framework 4 Extended Beta 2
{6F633E95-3196-4FAC-9BD0-7E90CED5057A} -> DigitalPersona Personal 3.0.1
{706136D4-648C-92B9-FF9E-BDAC45C977CB} -> CCC Help Norwegian
{7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable
{732784F2-BBB3-AF93-F0F8-2B28D93F023E} -> Catalyst Control Center Localization Finnish
{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83} -> Roxio Creator Audio
{75554025-5756-D2A8-E12A-3996A174E1AF} -> Catalyst Control Center Localization German
{7694E0B1-2332-448B-9235-929F84B41E3F} -> Active@ ISO Burner
{770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
{7842F022-6597-76DA-4DE4-DA3FBD82ECF2} -> Skins
{7A4CE9D2-DC5E-4B5B-0ED2-A2F66E76DD52} -> CCC Help Russian
{7BE855E5-8130-A624-1C47-D5EB13FA6DF2} -> Catalyst Control Center Graphics Previews Vista
{7C9AD221-994C-45B2-B46D-26F5735158CF} -> Sony Vegas Pro 8.0
{7D712AFE-2D7C-13B8-DEB7-BA8A28FED665} -> Catalyst Control Center Localization Danish
{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045} -> Dell Getting Started Guide
{7E00AAF2-89F3-F7FC-A8F2-8C651449671E} -> CCC Help English
{828816F4-629A-233E-DB02-A6F8BD004643} -> Catalyst Control Center Localization Portuguese
{83770D14-21B9-44B3-8689-F7B523F94560} -> Cisco LEAP Module
{837b34e3-7c30-493c-8f6a-2b0f04e2912c} -> Microsoft Visual C++ 2005 Redistributable
{842FAF7C-50EF-4463-9B8F-6222E1384D7D} -> Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries
{871DF2BE-41D2-4334-AC33-839AF16FC8FE} -> Cisco Systems VPN Client 5.0.02.0090
{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} -> Microsoft Silverlight
{8A253629-0511-4854-8B4E-46E57E66005C} -> Bonjour
{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9} -> MP3 Player Utilities 4.17
{90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007
{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007
{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007
{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007
{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007
{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007
{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007
{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007
{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007
{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
{90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system
{90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007
{90120000-0044-0409-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (English) 2007
{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007
{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007
{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-00BA-0409-0000-0000000FF1CE} -> Microsoft Office Groove MUI (English) 2007
{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0114-0409-0000-0000000FF1CE} -> Microsoft Office Groove Setup Metadata MUI (English) 2007
{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007
{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007
{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2)
{90601456-1F28-AD6C-C1CE-740526D3BC27} -> Catalyst Control Center Localization French
{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} -> Intel(R) Matrix Storage Manager
{910F4A29-1134-49E0-AD8B-56E4A3152BD1} -> The Sims 3 Ambitions
{91120000-002E-0000-0000-0000000FF1CE} -> Microsoft Office Ultimate 2007
{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2)
{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581)
{9176251A-4CC1-4DDB-B343-B487195EB397} -> Windows Live Writer
{95120000-00AF-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (English)
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{975F5675-8FC8-04A8-92CD-4653BD12282F} -> CCC Help French
{97900633-AADE-35DC-A424-21380BFC5431} -> Catalyst Control Center Graphics Previews Common
{981029E0-7FC9-4CF3-AB39-6F133621921A} -> Skype Toolbars
{98C948A6-5498-9DEE-BA4C-74B0A96CB521} -> CCC Help Danish
{9A25302D-30C0-39D9-BD6F-21E6EC160475} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
{9A9EB5FC-1155-497B-9AF9-D1AB20382B10} -> STOPzilla
{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745} -> MediaDirect
{9cc89170-000b-457d-91f1-53691f85b223} -> Python 2.6.1
{9D6D76A6-4328-49E8-97A7-531A74841DA5} -> Microsoft SQL Server 2008 Setup Support Files (English)
{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A} -> Apple Mobile Device Support
{9DF0196F-B6B8-4C3A-8790-DE42AA530101} -> SPORE
{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} -> Dell Touchpad
{A4418082-E601-3954-805B-D56A2B50EC8B} -> Microsoft Visual C# 2008 Express Edition with SP1 - ENU
{A49F249F-0C91-497F-86DF-B2585E8E76B7} -> Microsoft Visual C++ 2005 Redistributable
{A7969E95-7E39-A1AC-2D6F-85531D8A371D} -> CCC Help Japanese
{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116} -> SimCity 4 Deluxe
{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} -> Google Update Helper
{A9C78107-7CBC-B05B-083B-562FA9C1EA0B} -> CCC Help Portuguese
{AA74ED37-681C-4AE8-8D1D-5485EBB3ED3D} -> SQL Server System CLR Types
{AC76BA86-7AD7-1033-7B44-A81300000003} -> Adobe Reader 8.1.3
{AC76BA86-7AD7-5464-3428-800000000003} -> Spelling Dictionaries Support For Adobe Reader 8
{AC76BA86-7AD7-5760-0000-800000000003} -> Japanese Fonts Support For Adobe Reader 8
{AD483998-2E9A-4405-83FF-6E503AF49CBB} -> Microsoft Virtual PC 2007 SP1
{AE7CB755-7C0B-4D11-8E5D-D6B6C1090A7B} -> Victoria
{B194272D-1F92-46DF-99EB-8D5CE91CB4EC} -> Adobe AIR
{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2} -> Microsoft SQL Server 2008 Database Engine Services
{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD} -> Roxio Creator Copy
{B857D868-F8B0-43EE-BC2B-D9E5ED21F237} -> Microsoft SQL Server VSS Writer
{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC} -> The Sims 3 World Adventures
{BB883D70-5B1D-9430-E626-7F495925590D} -> Catalyst Control Center Localization Spanish
{C05D8CDB-417D-4335-A38C-A0659EDFD6B8} -> The Sims 3
{C325F588-D6B1-4A7F-B6A2-914C75DDA348} -> Morrowind
{C4124E95-5061-4776-8D5D-E3D931C778E1} -> Microsoft VC9 runtime libraries
{C41300B9-185D-475E-BFEC-39EF732F19B1} -> Apple Software Update
{C4972073-2BFE-475D-8441-564EA97DA161} -> QuickSet
{C49E407D-A6A0-6F9A-767D-67387EF5523F} -> CCC Help Finnish
{C688457E-03FD-4941-923B-A27F4D42A7DD} -> Microsoft SQL Server 2008 Browser
{C965F01C-76EA-4BD7-973E-46236AE312D7} -> Sql Server Customer Experience Improvement Program
{CBF91610-C661-3464-8831-DA8AE2589DB9} -> Catalyst Control Center Localization Japanese
{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1
{CE65493C-EA18-3458-AA58-EEDB9D671528} -> Visual Studio 2010 Tools for Office Runtime Beta 2 (x86)
{D103C4BA-F905-437A-8049-DB24763BBE36} -> Skype 4.2
{D1846BA1-6118-3EDF-8C57-6E1A04646738} -> Microsoft Visual C++ 2008 Express Edition - ENU
{D2BD3C8F-9D7F-472B-BDF9-7309A5CB813A} -> Motorola Internal Driver Installation 3.5.0
{D2DB5404-378B-2821-513E-A8F230A0E948} -> ccc-utility
{D5D92C28-42FB-5E24-DBFA-07232A50D670} -> CCC Help Dutch
{D9D937B0-E842-4130-9588-B948E876904A} -> Microsoft SQL Server 2008 Native Client
{D9DD6E03-ACE1-2503-205E-4FA74267CDC6} -> CCC Help Spanish
{DB3C800B-081B-4146-B4E3-EFB5B77AA913} -> TES Construction Set
{DB549485-9D94-E7AE-2FE7-DCB33A54FBD7} -> Catalyst Control Center Localization Russian
{DBA4DB9D-EE51-4944-A419-98AB1F1249C8} -> LiveUpdate Notice (Symantec Corporation)
{DCE6A2D9-9C0F-4F6B-BB74-59E1DFE32562} -> Motorola Software Update
{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0} -> Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
{DE200E10-45BD-E11E-EC8E-1DAD80EF8EA9} -> Catalyst Control Center Graphics Full Existing
{DEF19AE8-B330-CF2A-AEAA-1E23BBBC7B00} -> CCC Help Chinese Traditional
{E3BFEE55-39E2-4BE0-B966-89FE583822C1} -> Dell Support Center
{E3E71D07-CD27-46CB-8448-16D4FB29AA13} -> Microsoft WSE 3.0 Runtime
{E5BE4931-F31C-2BA0-F06E-4FEC56725673} -> CCC Help Swedish
{E69974C9-ECDC-4B02-97EB-FB1CE638CECB} -> Web Deployment Tool
{E89D78B8-28F7-412F-8B26-C684739CBBDC} -> Palm Desktop
{EC2C71BB-42DF-6F53-FB23-F7B3B160467B} -> Catalyst Control Center Graphics Light
{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B} -> Adobe Flash Player 10 Plugin
{ED439A64-F018-4DD4-8BA5-328D85AB09AB} -> Roxio Creator DE
{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} -> Microsoft SQL Server 2005 Compact Edition [ENU]
{F1465B68-4D9A-D412-2528-4F84A681F15C} -> Catalyst Control Center Localization Korean
{F1DC7648-8623-442F-92B7-E118DF61872E} -> Microsoft SQL Server 2008 RsFx Driver
{F1E18790-4053-4031-483B-80E932CE3910} -> CCC Help Korean
{F226C1DA-66D7-4ABC-86B5-3F978A660EBF} -> AOL Mail and AIM Gadget
{F3494AB6-6900-41C6-AF57-823626827ED8} -> Microsoft SQL Server 2008 Database Engine Shared
{F4F4F84E-804F-4E9A-84D7-C34283F0088F} -> RealUpgrade 1.0
{F6CB42B9-F033-4152-8813-FF11DA8E6A78} -> Dell Dock
{F7B0939E-58DF-11DF-B3A6-005056806466} -> Google Earth
{F849775B-F39D-4EDD-A266-1A3E258F0498} -> Microsoft SQL Server Compact 3.5 SP2 Beta English
{FCED9B62-34FF-4C15-8A23-F65221F7874D} -> ITECIR Driver
{FF29527A-44CD-3422-945E-981A13584000} -> VC Runtimes MSI
{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Adobe AIR -> Adobe AIR
Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX
Adobe Photoshop 7.0 -> Adobe Photoshop 7.0
Adobe Shockwave Player -> Adobe Shockwave Player 11.5
Advanced Audio FX Engine -> Advanced Audio FX Engine
AIM_7 -> AIM 7
Arachnophilia 5.4_is1 -> Arachnophilia 5.4
AsUninst.exe -> Anvil Studio
Audacity_is1 -> Audacity 1.2.6
Autodesk Design Review 2010 -> Autodesk Design Review 2010
Borland C++BuilderX -> Borland C++BuilderX
Broadcom 802.11b Network Adapter -> Dell Wireless WLAN Card Utility
Celtx (2.0.2) -> Celtx (2.0.2)
Creative OA001 -> Integrated Webcam Driver (1.00.08.0216)  
Dell Video Chat -> Dell Video Chat (remove only)
Dell Webcam Central -> Dell Webcam Central
Democracy 2 Patcher 1.16-1.17_is1 -> Democracy 2 Patcher 1.16-1.17
Democracy 2 Patcher 1.23_is1 -> Democracy 2 Patcher 1.23
Democracy 2_is1 -> Democracy 2
DVD Flick_is1 -> DVD Flick 1.3.0.7
EADM -> EA Download Manager
Ease Audio Converter_is1 -> Ease Audio Converter 4.80
Efficient Diary_is1 -> Efficient Diary 1.70
Europa Universalis 2 -> Europa Universalis 2
Finale 2008 -> Finale 2008
Firebird SQL Server US -> Firebird SQL Server - MAGIX Edition
Flight Simulator 9.0 -> Microsoft Flight Simulator 2004 A Century of Flight
Free Download Manager_is1 -> Free Download Manager 3.0
Free FLV Converter_is1 -> Free FLV Converter V 6.7.4
Free Mp3 Wma Converter_is1 -> Free Mp3 Wma Converter V 1.7.3
GameSpy Arcade -> GameSpy Arcade
Google Updater -> Google Updater
GoToAssist -> GoToAssist 8.0.0.514
Guitar Pro 5_is1 -> Guitar Pro 5.2
IrCOMM2k -> IrCOMM2k 1.2.1
LiveUpdate -> LiveUpdate 3.2 (Symantec Corporation)
Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile Beta 2 -> Microsoft .NET Framework 4 Client Profile Beta 2
Microsoft .NET Framework 4 Extended Beta 2 -> Microsoft .NET Framework 4 Extended Beta 2
Microsoft SQL Server 10 -> Microsoft SQL Server 2008
Microsoft SQL Server 10 Release -> Microsoft SQL Server 2008
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU -> Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual C# 2008 Express Edition with SP1 - ENU -> Microsoft Visual C# 2008 Express Edition with SP1 - ENU
Microsoft Visual C++ 2008 Express Edition - ENU -> Microsoft Visual C++ 2008 Express Edition - ENU
MSTTS -> Microsoft Text-to-Speech Engine 4.0 (English)
NAV -> Norton AntiVirus
NBFree Mp3 to Wav Converter v2_is1 -> NBFree Mp3 to Wav Converter v2
Network Addon Mod -> Network Addon Mod Version January 2009
Parmen -> Parmen
PowerISO -> PowerISO
Pyware 3D -> Pyware 3D
Qianhong -> Qianhong 3.5.1
RADVideo -> RAD Video Tools
RealPlayer 12.0 -> RealPlayer
Recuva -> Recuva
RPG Maker VX RTP_is1 -> RPG Maker VX RTP
RPG Maker VX_is1 -> RPG Maker VX
Shuangs WAV to MP3 Converter_is1 -> Shuangs WAV to MP3 Converter 2.2
Sibelius Scorch Plugin_is1 -> Sibelius Scorch Plugin 5.2.5.48
SimPE_is1 -> SimPE 0.68 (alpha)
SoftwareUpdUtility -> Download Updater (AOL LLC)
Son of WinGreek32 -> Son of WinGreek32
Space Empires V_is1 -> Space Empires V
Steam App 10500 -> Empire: Total War
Trillian -> Trillian
ULTIMATER -> Microsoft Office Ultimate 2007
Victoria Revolutions_is1 -> Victoria Revolutions 1.0
ViewpointMediaPlayer -> Viewpoint Media Player
Visual Studio 2010 Tools for Office Runtime Beta 2 (x86) -> Visual Studio 2010 Tools for Office Runtime Beta 2 (x86)
WebSite Downloader -> WebSite Downloader 1.1
WinRAR archiver -> WinRAR archiver
wxPython2.8-ansi-py25_is1 -> wxPython 2.8.9.1 (ansi) for Python 2.5
wxPython2.8-ansi-py26_is1 -> wxPython 2.8.9.1 (ansi) for Python 2.6
Xvid_is1 -> Xvid 1.1.2 final uninstall
Yahoo! Companion -> Yahoo! Toolbar
Yahoo! Messenger -> Yahoo! Messenger
Yahoo! Software Update -> Yahoo! Software Update
< Uninstall List [HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\] > -> HKEY_USERS\S-1-5-21-79719960-931426039-44730089-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
comtypes-py2.6 -> Python 2.6 comtypes-0.6.0
s3pe -> Sims3 Package Editor
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Jesse\Desktop\OTS.exe -> [2010/08/22 01:30:22 | 000,641,536 | ---- | C] (OldTimer Tools)
SITEguard -> C:\ProgramData\SITEguard -> [2010/08/22 00:32:53 | 000,000,000 | ---D | C]
STOPzilla! -> C:\Program Files\STOPzilla! -> [2010/08/22 00:31:41 | 000,000,000 | ---D | C]
iS3 -> C:\Program Files\Common Files\iS3 -> [2010/08/22 00:31:41 | 000,000,000 | ---D | C]
STOPzilla! -> C:\ProgramData\STOPzilla! -> [2010/08/22 00:31:40 | 000,000,000 | ---D | C]
SmitfraudFix -> C:\Users\Jesse\Desktop\SmitfraudFix -> [2010/08/22 00:21:45 | 000,000,000 | ---D | C]
Electronic Arts -> C:\ProgramData\Electronic Arts -> [2010/08/19 00:30:23 | 000,000,000 | ---D | C]
Adobe AIR -> C:\Program Files\Common Files\Adobe AIR -> [2010/08/18 17:53:04 | 000,000,000 | ---D | C]
ATI -> C:\Program Files\ATI -> [2010/08/18 17:27:38 | 000,000,000 | ---D | C]
swsetup -> C:\swsetup -> [2010/08/18 17:21:41 | 000,000,000 | ---D | C]
3.5 -> C:\Users\Jesse\Desktop\3.5 -> [2010/08/17 16:50:17 | 000,000,000 | ---D | C]
Electronic Arts -> C:\Users\Jesse\Documents\Electronic Arts -> [2010/08/13 11:45:30 | 000,000,000 | ---D | C]
D3DX9_41.dll -> C:\Windows\System32\D3DX9_41.dll -> [2010/08/11 15:45:27 | 004,178,264 | ---- | C] (Microsoft Corporation)
RPGVX -> C:\Users\Jesse\Documents\RPGVX -> [2010/08/10 20:43:15 | 000,000,000 | ---D | C]
Enterbrain -> C:\Program Files\Common Files\Enterbrain -> [2010/08/10 20:34:12 | 000,000,000 | ---D | C]
Enterbrain -> C:\Program Files\Enterbrain -> [2010/08/10 20:33:05 | 000,000,000 | ---D | C]
RPGMakerVX102 -> C:\Users\Jesse\Desktop\RPGMakerVX102 -> [2010/08/10 20:31:46 | 000,000,000 | ---D | C]
Softwrap -> C:\Users\Public\Documents\Softwrap -> [2010/08/10 20:24:06 | 000,000,000 | ---D | C]
Fonts -> C:\Users\Public\Documents\Fonts -> [2010/08/10 20:24:06 | 000,000,000 | ---D | C]
Config -> C:\Users\Public\Documents\Config -> [2010/08/10 20:24:06 | 000,000,000 | ---D | C]
inetcpl.cpl -> C:\Windows\System32\inetcpl.cpl -> [2010/08/10 15:03:01 | 001,469,440 | ---- | C] (Microsoft Corporation)
mstime.dll -> C:\Windows\System32\mstime.dll -> [2010/08/10 15:03:01 | 000,611,840 | ---- | C] (Microsoft Corporation)
msfeeds.dll -> C:\Windows\System32\msfeeds.dll -> [2010/08/10 15:03:01 | 000,599,040 | ---- | C] (Microsoft Corporation)
iedkcs32.dll -> C:\Windows\System32\iedkcs32.dll -> [2010/08/10 15:03:01 | 000,387,584 | ---- | C] (Microsoft Corporation)
ie4uinit.exe -> C:\Windows\System32\ie4uinit.exe -> [2010/08/10 15:03:01 | 000,173,056 | ---- | C] (Microsoft Corporation)
ieui.dll -> C:\Windows\System32\ieui.dll -> [2010/08/10 15:03:00 | 000,164,352 | ---- | C] (Microsoft Corporation)
iepeers.dll -> C:\Windows\System32\iepeers.dll -> [2010/08/10 15:02:59 | 000,184,320 | ---- | C] (Microsoft Corporation)
ieUnatt.exe -> C:\Windows\System32\ieUnatt.exe -> [2010/08/10 15:02:59 | 000,133,632 | ---- | C] (Microsoft Corporation)
iesysprep.dll -> C:\Windows\System32\iesysprep.dll -> [2010/08/10 15:02:59 | 000,109,056 | ---- | C] (Microsoft Corporation)
iesetup.dll -> C:\Windows\System32\iesetup.dll -> [2010/08/10 15:02:59 | 000,071,680 | ---- | C] (Microsoft Corporation)
mshtml.tlb -> C:\Windows\System32\mshtml.tlb -> [2010/08/10 15:02:58 | 001,638,912 | ---- | C] (Microsoft Corporation)
iernonce.dll -> C:\Windows\System32\iernonce.dll -> [2010/08/10 15:02:58 | 000,055,808 | ---- | C] (Microsoft Corporation)
msfeedsbs.dll -> C:\Windows\System32\msfeedsbs.dll -> [2010/08/10 15:02:58 | 000,055,296 | ---- | C] (Microsoft Corporation)
jsproxy.dll -> C:\Windows\System32\jsproxy.dll -> [2010/08/10 15:02:58 | 000,025,600 | ---- | C] (Microsoft Corporation)
msfeedssync.exe -> C:\Windows\System32\msfeedssync.exe -> [2010/08/10 15:02:58 | 000,013,312 | ---- | C] (Microsoft Corporation)
iccvid.dll -> C:\Windows\System32\iccvid.dll -> [2010/08/10 15:02:56 | 000,081,920 | ---- | C] (Radius Inc.)
win32k.sys -> C:\Windows\System32\win32k.sys -> [2010/08/10 15:02:49 | 002,037,760 | ---- | C] (Microsoft Corporation)
rtutils.dll -> C:\Windows\System32\rtutils.dll -> [2010/08/10 15:02:47 | 000,036,864 | ---- | C] (Microsoft Corporation)
ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2010/08/10 15:02:23 | 003,600,768 | ---- | C] (Microsoft Corporation)
ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2010/08/10 15:02:22 | 003,548,040 | ---- | C] (Microsoft Corporation)
Warcraft III -> C:\Users\Jesse\Desktop\Warcraft III -> [2010/07/27 19:22:57 | 000,000,000 | ---D | C]
2 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->

[Files/Folders - Modified Within 30 Days]
NTUSER.DAT -> C:\Users\Jesse\NTUSER.DAT -> [2010/08/22 01:47:13 | 010,747,904 | -HS- | M] ()
kgpcpy.cfg -> C:\Windows\System32\drivers\kgpcpy.cfg -> [2010/08/22 01:43:06 | 000,001,064 | ---- | M] ()
0efvlc3v.exe -> C:\Users\Jesse\Desktop\0efvlc3v.exe -> [2010/08/22 01:33:33 | 000,293,376 | ---- | M] ()
OTS.exe -> C:\Users\Jesse\Desktop\OTS.exe -> [2010/08/22 01:30:38 | 000,641,536 | ---- | M] (OldTimer Tools)
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2010/08/22 01:01:04 | 000,000,886 | ---- | M] ()
Google Software Updater.job -> C:\Windows\tasks\Google Software Updater.job -> [2010/08/22 00:48:02 | 000,000,868 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2010/08/22 00:44:39 | 000,000,882 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/08/22 00:44:15 | 000,003,744 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/08/22 00:44:15 | 000,003,744 | -H-- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/08/22 00:44:12 | 000,000,006 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2010/08/22 00:43:59 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/08/22 00:43:54 | 3219,103,744 | -HS- | M] ()
bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2010/08/22 00:42:43 | 000,000,012 | ---- | M] ()
NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms -> C:\Users\Jesse\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms -> [2010/08/22 00:42:26 | 000,524,288 | -HS- | M] ()
NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> C:\Users\Jesse\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> [2010/08/22 00:42:26 | 000,065,536 | -HS- | M] ()
IconCache.db -> C:\Users\Jesse\AppData\Local\IconCache.db -> [2010/08/22 00:41:50 | 004,088,374 | -H-- | M] ()
SZKGFS.dat -> C:\SZKGFS.dat -> [2010/08/22 00:37:12 | 000,024,576 | -H-- | M] ()
d3d9caps.dat -> C:\Users\Jesse\AppData\Local\d3d9caps.dat -> [2010/08/20 16:20:35 | 000,006,944 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2010/08/19 19:54:03 | 000,847,056 | ---- | M] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2010/08/19 19:54:03 | 000,707,130 | ---- | M] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2010/08/19 19:54:03 | 000,143,478 | ---- | M] ()
The Sims 3 Ambitions.lnk -> C:\Users\Public\Desktop\The Sims 3 Ambitions.lnk -> [2010/08/19 01:27:44 | 000,001,975 | ---- | M] ()
EA Download Manager.lnk -> C:\Users\Public\Desktop\EA Download Manager.lnk -> [2010/08/19 00:29:55 | 000,000,926 | ---- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Jesse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/08/17 16:49:07 | 000,056,832 | ---- | M] ()
Stormwrackbard.xlsm -> C:\Users\Jesse\Desktop\Stormwrackbard.xlsm -> [2010/08/17 13:32:10 | 001,756,558 | ---- | M] ()
Democracy 2.lnk -> C:\Users\Jesse\Desktop\Democracy 2.lnk -> [2010/08/11 15:44:28 | 000,000,830 | ---- | M] ()
msafd1.dll -> C:\Users\Jesse\AppData\Roaming\msafd1.dll -> [2010/08/10 20:42:01 | 000,057,344 | RHS- | M] ()
KGyGaAvL.sys -> C:\ProgramData\KGyGaAvL.sys -> [2010/08/10 20:34:33 | 000,000,952 | -HS- | M] ()
26BFE02F4B.sys -> C:\ProgramData\26BFE02F4B.sys -> [2010/08/10 20:34:33 | 000,000,088 | RHS- | M] ()
Global.sw2 -> C:\Users\Public\Documents\Global.sw2 -> [2010/08/10 20:24:07 | 000,002,645 | ---- | M] ()
SwSys2.bmp -> C:\Windows\SwSys2.bmp -> [2010/08/10 20:24:07 | 000,000,000 | -H-- | M] ()
SwSys1.bmp -> C:\Windows\SwSys1.bmp -> [2010/08/10 20:24:07 | 000,000,000 | -H-- | M] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2010/08/10 19:52:21 | 000,491,560 | ---- | M] ()
MJ.celtx -> C:\Users\Jesse\MJ.celtx -> [2010/07/29 15:33:41 | 000,003,878 | ---- | M] ()
2481 C:\Users\Jesse\AppData\Local\Temp\*.tmp files -> C:\Users\Jesse\AppData\Local\Temp\*.tmp ->
2481 C:\Users\Jesse\AppData\Local\Temp\*.tmp files -> C:\Users\Jesse\AppData\Local\Temp\*.tmp ->
2481 C:\Users\Jesse\AppData\Local\Temp\*.tmp files -> C:\Users\Jesse\AppData\Local\Temp\*.tmp ->
2481 C:\Users\Jesse\AppData\Local\Temp\*.tmp files -> C:\Users\Jesse\AppData\Local\Temp\*.tmp ->
200 C:\Users\Jesse\AppData\Local\Temp\Low\*.tmp files -> C:\Users\Jesse\AppData\Local\Temp\Low\*.tmp ->
2 C:\Windows\*.tmp files -> C:\Windows\*.tmp ->

[Files - No Company Name]
0efvlc3v.exe -> C:\Users\Jesse\Desktop\0efvlc3v.exe -> [2010/08/22 01:33:28 | 000,293,376 | ---- | C] ()
kgpcpy.cfg -> C:\Windows\System32\drivers\kgpcpy.cfg -> [2010/08/22 00:47:53 | 000,001,064 | ---- | C] ()
SZKGFS.dat -> C:\SZKGFS.dat -> [2010/08/22 00:37:12 | 000,024,576 | -H-- | C] ()
The Sims 3 Ambitions.lnk -> C:\Users\Public\Desktop\The Sims 3 Ambitions.lnk -> [2010/08/19 01:27:44 | 000,001,975 | ---- | C] ()
EA Download Manager.lnk -> C:\Users\Public\Desktop\EA Download Manager.lnk -> [2010/08/19 00:29:55 | 000,000,926 | ---- | C] ()
Stormwrackbard.xlsm -> C:\Users\Jesse\Desktop\Stormwrackbard.xlsm -> [2010/08/16 23:27:48 | 001,756,558 | ---- | C] ()
msafd1.dll -> C:\Users\Jesse\AppData\Roaming\msafd1.dll -> [2010/08/10 20:42:01 | 000,057,344 | RHS- | C] ()
KGyGaAvL.sys -> C:\ProgramData\KGyGaAvL.sys -> [2010/08/10 20:34:30 | 000,000,952 | -HS- | C] ()
26BFE02F4B.sys -> C:\ProgramData\26BFE02F4B.sys -> [2010/08/10 20:34:30 | 000,000,088 | RHS- | C] ()
Global.sw2 -> C:\Users\Public\Documents\Global.sw2 -> [2010/08/10 20:24:07 | 000,002,645 | ---- | C] ()
SwSys2.bmp -> C:\Windows\SwSys2.bmp -> [2010/08/10 20:24:07 | 000,000,000 | -H-- | C] ()
SwSys1.bmp -> C:\Windows\SwSys1.bmp -> [2010/08/10 20:24:07 | 000,000,000 | -H-- | C] ()
MJ.celtx -> C:\Users\Jesse\MJ.celtx -> [2010/07/29 15:33:41 | 000,003,878 | ---- | C] ()
IconCache.db -> C:\Users\Jesse\AppData\Local\IconCache.db -> [2010/03/13 04:00:18 | 004,088,374 | -H-- | C] ()
d3d9caps.dat -> C:\Users\Jesse\AppData\Local\d3d9caps.dat -> [2010/02/20 21:03:09 | 000,006,944 | ---- | C] ()
pdfcmnnt.dll -> C:\Windows\System32\pdfcmnnt.dll -> [2009/09/18 23:23:28 | 000,116,224 | ---- | C] ()
mgxasio2.dll -> C:\Windows\System32\mgxasio2.dll -> [2009/09/08 23:30:21 | 000,053,248 | ---- | C] ()
DLLDEV32i.dll -> C:\Windows\System32\DLLDEV32i.dll -> [2009/09/08 23:28:22 | 000,120,200 | ---- | C] ()
mgxoschk.ini -> C:\Windows\mgxoschk.ini -> [2009/09/08 23:27:37 | 000,005,937 | ---- | C] ()
xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2009/08/18 13:02:40 | 000,765,952 | ---- | C] ()
xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2009/08/18 13:02:40 | 000,180,224 | ---- | C] ()
EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/07/22 05:13:05 | 000,117,248 | ---- | C] ()
LUUnInstall.LiveUpdate -> C:\ProgramData\LUUnInstall.LiveUpdate -> [2009/04/28 15:41:58 | 000,003,034 | ---- | C] ()
sptd.sys -> C:\Windows\System32\drivers\sptd.sys -> [2009/02/23 01:52:36 | 000,721,904 | ---- | C] ()
7THLEVEL.INI -> C:\Windows\7THLEVEL.INI -> [2009/02/15 15:03:53 | 000,000,197 | ---- | C] ()
AudioConverter.INI -> C:\Windows\AudioConverter.INI -> [2009/01/19 20:25:47 | 000,000,398 | ---- | C] ()
entpack.ini -> C:\Windows\entpack.ini -> [2008/12/04 19:15:08 | 000,000,742 | ---- | C] ()
civ.ini -> C:\Windows\civ.ini -> [2008/12/01 14:04:00 | 000,000,117 | ---- | C] ()
d3d8caps.dat -> C:\Users\Jesse\AppData\Local\d3d8caps.dat -> [2008/11/28 19:17:58 | 000,000,552 | ---- | C] ()
NemuVideo.ini -> C:\Windows\System32\NemuVideo.ini -> [2008/11/06 13:32:21 | 000,000,065 | ---- | C] ()
wklnhst.dat -> C:\Users\Jesse\AppData\Roaming\wklnhst.dat -> [2008/10/18 20:57:44 | 000,000,040 | ---- | C] ()
lame_enc.dll -> C:\Windows\System32\lame_enc.dll -> [2008/10/06 12:47:47 | 000,237,568 | ---- | C] ()
cdplayer.ini -> C:\Windows\cdplayer.ini -> [2008/10/05 19:03:47 | 000,000,025 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Jesse\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/09/27 23:30:30 | 000,056,832 | ---- | C] ()
GDIPFONTCACHEV1.DAT -> C:\Users\Jesse\AppData\Local\GDIPFONTCACHEV1.DAT -> [2008/09/27 21:41:58 | 000,145,464 | ---- | C] ()
atitmmxx.dll -> C:\Windows\System32\atitmmxx.dll -> [2008/08/08 01:00:58 | 000,159,744 | ---- | C] ()
bcmwlrmt.dll -> C:\Windows\System32\bcmwlrmt.dll -> [2008/08/07 22:20:52 | 000,055,808 | ---- | C] ()
vpnapi.dll -> C:\Windows\System32\vpnapi.dll -> [2007/10/26 15:28:18 | 000,197,408 | ---- | C] ()
EaseAudioConverter.ini -> C:\Windows\EaseAudioConverter.ini -> [2007/01/30 19:31:46 | 000,002,372 | ---- | C] ()
desktop.ini -> C:\Program Files\desktop.ini -> [2006/11/02 08:50:50 | 000,000,174 | -HS- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 08:37:35 | 000,037,665 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 08:37:35 | 000,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 08:37:35 | 000,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 08:37:35 | 000,026,040 | ---- | C] ()
sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 08:35:32 | 000,005,632 | ---- | C] ()
pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 03:40:29 | 000,013,750 | ---- | C] ()
Readme.txt -> C:\Program Files\Readme.txt -> [2006/09/25 16:14:54 | 000,000,430 | ---- | C] ()
aceg.ini -> C:\Windows\aceg.ini -> [2006/04/14 10:37:26 | 000,000,055 | ---- | C] ()
AMV_DecDLL.dll -> C:\Windows\System32\AMV_DecDLL.dll -> [2006/03/06 11:41:02 | 000,073,728 | ---- | C] ()
ADFUUD.SYS -> C:\Windows\System32\drivers\ADFUUD.SYS -> [2004/09/16 14:26:40 | 000,012,634 | ---- | C] ()
asutl8.dll -> C:\Windows\System32\asutl8.dll -> [2002/06/06 02:01:58 | 000,029,696 | ---- | C] ()
lcppn21.dll -> C:\Windows\System32\lcppn21.dll -> [2001/11/14 13:56:00 | 001,802,240 | ---- | C] ()

[File - Lop Check]
acccore -> C:\Users\Jesse\AppData\Roaming\acccore -> [2008/09/28 19:26:33 | 000,000,000 | ---D | M]
Anvil Studio -> C:\Users\Jesse\AppData\Roaming\Anvil Studio -> [2010/02/17 14:26:52 | 000,000,000 | ---D | M]
Atari -> C:\Users\Jesse\AppData\Roaming\Atari -> [2009/05/05 00:32:35 | 000,000,000 | ---D | M]
Autodesk -> C:\Users\Jesse\AppData\Roaming\Autodesk -> [2009/10/25 21:45:46 | 000,000,000 | ---D | M]
CiscoCAA -> C:\Users\Jesse\AppData\Roaming\CiscoCAA -> [2008/09/28 19:06:50 | 000,000,000 | ---D | M]
Coby -> C:\Users\Jesse\AppData\Roaming\Coby -> [2010/01/24 20:58:56 | 000,000,000 | ---D | M]
DAEMON Tools -> C:\Users\Jesse\AppData\Roaming\DAEMON Tools -> [2009/02/23 01:56:44 | 000,000,000 | ---D | M]
DAEMON Tools Lite -> C:\Users\Jesse\AppData\Roaming\DAEMON Tools Lite -> [2009/02/23 01:57:18 | 000,000,000 | ---D | M]
DAEMON Tools Pro -> C:\Users\Jesse\AppData\Roaming\DAEMON Tools Pro -> [2009/02/23 01:56:44 | 000,000,000 | ---D | M]
DigitalPersona -> C:\Users\Jesse\AppData\Roaming\DigitalPersona -> [2008/09/27 21:43:12 | 000,000,000 | ---D | M]
Firaxis Games -> C:\Users\Jesse\AppData\Roaming\Firaxis Games -> [2008/09/29 15:21:27 | 000,000,000 | ---D | M]
Free Download Manager -> C:\Users\Jesse\AppData\Roaming\Free Download Manager -> [2010/08/22 01:45:34 | 000,000,000 | ---D | M]
FreeFLVConverter -> C:\Users\Jesse\AppData\Roaming\FreeFLVConverter -> [2010/01/14 01:29:12 | 000,000,000 | ---D | M]
Greyfirst -> C:\Users\Jesse\AppData\Roaming\Greyfirst -> [2009/10/23 17:15:57 | 000,000,000 | ---D | M]
JPEGsnoop -> C:\Users\Jesse\AppData\Roaming\JPEGsnoop -> [2010/02/22 02:18:09 | 000,000,000 | ---D | M]
Leadertech -> C:\Users\Jesse\AppData\Roaming\Leadertech -> [2009/05/05 00:20:55 | 000,000,000 | ---D | M]
LimeWire -> C:\Users\Jesse\AppData\Roaming\LimeWire -> [2009/02/27 17:07:54 | 000,000,000 | ---D | M]
MAGIX -> C:\Users\Jesse\AppData\Roaming\MAGIX -> [2009/09/08 23:32:06 | 000,000,000 | ---D | M]
My Games -> C:\Users\Jesse\AppData\Roaming\My Games -> [2008/09/29 15:39:16 | 000,000,000 | ---D | M]
OfficeRecovery -> C:\Users\Jesse\AppData\Roaming\OfficeRecovery -> [2010/02/21 02:33:11 | 000,000,000 | ---D | M]
Publish Providers -> C:\Users\Jesse\AppData\Roaming\Publish Providers -> [2010/07/05 02:49:21 | 000,000,000 | ---D | M]
SecondLife -> C:\Users\Jesse\AppData\Roaming\SecondLife -> [2009/04/23 17:23:04 | 000,000,000 | ---D | M]
SmartDraw -> C:\Users\Jesse\AppData\Roaming\SmartDraw -> [2008/12/05 22:33:41 | 000,000,000 | ---D | M]
Sony -> C:\Users\Jesse\AppData\Roaming\Sony -> [2010/07/05 02:53:34 | 000,000,000 | ---D | M]
SPORE -> C:\Users\Jesse\AppData\Roaming\SPORE -> [2009/05/20 12:31:25 | 000,000,000 | ---D | M]
Stardock -> C:\Users\Jesse\AppData\Roaming\Stardock -> [2010/02/21 00:34:08 | 000,000,000 | ---D | M]
Template -> C:\Users\Jesse\AppData\Roaming\Template -> [2008/10/18 20:57:47 | 000,000,000 | ---D | M]
The Creative Assembly -> C:\Users\Jesse\AppData\Roaming\The Creative Assembly -> [2010/02/07 00:43:43 | 000,000,000 | ---D | M]
UDP Software -> C:\Users\Jesse\AppData\Roaming\UDP Software -> [2010/05/11 02:24:31 | 000,000,000 | ---D | M]
uTorrent -> C:\Users\Jesse\AppData\Roaming\uTorrent -> [2008/12/04 17:50:12 | 000,000,000 | ---D | M]
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/08/22 00:42:43 | 000,032,592 | ---- | M] ()

[File - Purity Scan]


[Files/Folders - Unicode - All]
C:\Users\Jesse\Documents\??.docx -> C:\Users\Jesse\Documents\食譜.docx -> [2008/12/17 15:52:27 | 000,011,172 | ---- | C] ()
C:\Users\Jesse\Documents\??.docx -> C:\Users\Jesse\Documents\食譜.docx -> [2008/12/20 19:26:20 | 000,011,172 | ---- | M] ()
C:\Users\Jesse\Documents\????????.docx -> C:\Users\Jesse\Documents\罪のふちに陥りて.docx -> [2009/01/21 22:17:51 | 000,015,049 | ---- | C] ()
C:\Users\Jesse\Documents\????.docx -> C:\Users\Jesse\Documents\千歳の巖.docx -> [2009/01/22 10:00:45 | 000,012,895 | ---- | C] ()
C:\Users\Jesse\Documents\????.docx -> C:\Users\Jesse\Documents\千歳の巖.docx -> [2009/01/22 10:00:46 | 000,012,895 | ---- | M] ()
C:\Users\Jesse\Documents\????????.docx -> C:\Users\Jesse\Documents\罪のふちに陥りて.docx -> [2009/04/27 17:08:24 | 000,015,049 | ---- | M] ()
C:\Users\Jesse\Documents\?.docx -> C:\Users\Jesse\Documents\夜.docx -> [2010/04/09 15:52:29 | 000,024,541 | ---- | C] ()
C:\Users\Jesse\Documents\?.docx -> C:\Users\Jesse\Documents\夜.docx -> [2010/04/09 15:52:30 | 000,024,541 | ---- | M] ()

[Alternate Data Streams]
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:888AFB86
< End of report >

Edited by boopme, 22 August 2010 - 05:19 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 27 August 2010 - 04:47 PM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.
  1. Do not run any other tool untill instructed to do so!
  2. Please Do not Attach logs or put in code boxes.
  3. Tell me about any problems that have occurred during the fix.
  4. Tell me of any other symptoms you may be having as these can help also.
  5. Do not run anything while running a fix.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. By doing this and then choosing Immediate E-Mail notification and then clicking on Proceed you will be advised when we respond to your topic and facilitate the cleaning of your machine.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:
    Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
    • The application window will appear
    • Click the Disable button to disable your CD Emulation drivers
    • Click Yes to continue
    • A 'Finished!' message will appear
    • Click OK
    • DeFogger may ask you to reboot the machine, if it does - click OK
    Do not re-enable these drivers until otherwise instructed.

Download DDS:
    Please download DDS by sUBs from one of the links below and save it to your desktop:


    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.
    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
      • DDS.txt
      • Attach.txt
    • A window will open instructing you save & post the logs
    • Save the logs to a convenient place such as your desktop
    • Copy the contents of both logs & post in your next reply

Scan With RKUnHooker
  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


MBRCheck

Please also download MBRCheck to your desktop
  • Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)
  • It will show a Black screen with some data on it
  • a report called MBRcheck will be on your desktop
  • open this report
  • Right click on the screen and select > Select All
  • Press Control+C
  • now please copy that report to this thread


information and logs:
    In your next post I need the following
      1.logs from DDS
      2.log from RKUnHooker
      3. report from MBRchecker
      4.let me know of any problems you may have had

Gringo


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 30 August 2010 - 01:27 AM

Hello

three day bump

It has been Three days since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 mellohero

mellohero
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 30 August 2010 - 01:50 AM

Hello. Sorry I didn't reply more quickly; I didn't receive the notification of your reply as a few days ago, my computer met an unfortunate end and I have thus been without email and Internet access until today. Thank you very much for your timely response, however.

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 30 August 2010 - 01:53 AM

Hello

Sorry to here about your computer.


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:53 AM

Posted 01 September 2010 - 11:58 PM

Since the issue is resolved, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

The fixes and advice in this thread are for this machine only.
Do not apply the instructions from this thread to your own machine.
Please start a new thread describing your issue and someone will be along to assist you.


With Regards,
Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users