Here are the logs that you requested.
A note about GMER: A window popped up saying that xpuwv8m3.exe (gmer.exe) has stopped working and that a problem caused the program to stop working correctly. Windows closed the program.
I ran it again and here's the log output:
=================================================================================
GMER 1.0.15.15530 -
http://www.gmer.netRootkit quick scan 2011-01-05 18:28:18
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK8046GSX rev.LB312D
Running: 41qpurd9.exe; Driver: C:\Users\Aaron\AppData\Local\Temp\pglcrpog.sys
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----
=================================================================================
OTL.txt
OTL logfile created on: 1/5/2011 4:58:52 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Aaron\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.00 Mb Total Physical Memory | 392.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.44 Gb Total Space | 26.70 Gb Free Space | 41.43% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.05 Gb Free Space | 60.47% Space Free | Partition Type: NTFS
Computer Name: AARON-PC | User Name: Aaron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - C:\Users\Aaron\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
PRC - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc)
PRC - C:\Windows\sttray.exe (SigmaTel, Inc.)
PRC - C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
PRC - C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe (ATI Technologies Inc.)
========== Modules (SafeList) ========== MOD - C:\Users\Aaron\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (McSysmon) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe File not found
SRV - (McShield) -- C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe File not found
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (DigiRefresh) -- C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (digiSPTIService) -- C:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe (Digidesign, A Division of Avid Technology, Inc.)
SRV - (aawservice) -- C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (Lavasoft AB)
SRV - (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (utvdyuwa) -- C:\Windows\System32\drivers\utvdyuwa.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (catchme) -- C:\Users\Aaron\AppData\Local\Temp\catchme.sys File not found
DRV - (blbdrive) -- C:\Windows\System32\drivers\blbdrive.sys File not found
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (TPkd) -- C:\Windows\System32\drivers\TPkd.sys (PACE Anti-Piracy, Inc.)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (YMIDUSBW) Yamaha USB-MIDI Driver (WDM) -- C:\Windows\System32\drivers\ymidusbw.sys (Yamaha Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (rimsptsk) -- C:\Windows\system32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\Windows\system32\drivers\rixdptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (BCM43XX) -- C:\Windows\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (HSF_DPV) -- C:\Windows\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\Windows\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (Point32) -- C:\Windows\System32\drivers\point32k.sys (Microsoft Corporation)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (BANTExt) -- C:\Windows\System32\Drivers\BANTExt.sys ()
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
IE - HKU\S-1-5-21-1271755778-601456851-151212410-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-1271755778-601456851-151212410-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-1271755778-601456851-151212410-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1271755778-601456851-151212410-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1271755778-601456851-151212410-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-1271755778-601456851-151212410-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.6.20090220
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 5555
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/14 06:16:50 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/05 10:12:54 | 000,000,000 | ---D | M]
[2010/05/09 09:51:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aaron\AppData\Roaming\Mozilla\Extensions
[2011/01/05 10:21:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\tnhe4pes.default\extensions
[2010/06/25 12:01:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\tnhe4pes.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/05 10:14:23 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\tnhe4pes.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/01/05 10:12:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/01/05 10:12:57 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010/11/12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
O1 HOSTS File: ([2011/01/04 21:51:35 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (cpmsky browser optimizer) - {6ff7cd9f-8183-16a2-4245-4d88dd54f36f} - C:\Windows\System32\{f053e74d-b418-5f0d-f69c-198f54f619e6}.dll ( )
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1271755778-601456851-151212410-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICCC] C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe ()
O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files\Digidesign\Drivers\MMERefresh.exe (Digidesign, A Division of Avid Technology, Inc.)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKU\.DEFAULT..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-18..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe ()
O4 - HKU\S-1-5-21-1271755778-601456851-151212410-1000..\Run: [DellSupportCenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKU\S-1-5-21-1271755778-601456851-151212410-1000..\Run: [Ilayuhaku] C:\Users\Aaron\AppData\Local\isojacuq.DLL File not found
O4 - HKU\S-1-5-21-1271755778-601456851-151212410-1000..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-21-1271755778-601456851-151212410-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe File not found
O4 - HKU\S-1-5-21-1271755778-601456851-151212410-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\NPSWF32_FlashUtil.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1271755778-601456851-151212410-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1271755778-601456851-151212410-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1271755778-601456851-151212410-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll (YInstStarter Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Aaron\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Aaron\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ========== [2011/01/05 16:54:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Aaron\Desktop\OTL.exe
[2011/01/05 10:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/01/05 10:12:53 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/01/05 10:12:53 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/01/05 10:12:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/01/05 10:12:53 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/01/04 21:56:00 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011/01/04 21:56:00 | 000,000,000 | ---D | C] -- C:\Users\Aaron\AppData\Local\temp
[2011/01/04 21:55:19 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/01/04 21:40:32 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/01/04 21:40:32 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/01/04 21:40:32 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/01/04 21:40:20 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/01/04 21:39:42 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/01/04 21:39:25 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2011/01/04 21:39:23 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
[2011/01/02 18:09:35 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Aaron\Desktop\SuckOnThis.exe
[2011/01/01 19:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/01/01 19:18:34 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/12/17 10:43:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\MpEngineStore
[2010/12/16 15:43:48 | 002,038,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010/12/16 15:43:39 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/12/16 15:43:37 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/12/16 15:43:37 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/12/16 15:43:36 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/12/16 15:43:36 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/12/16 15:43:36 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/12/16 15:43:34 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010/12/16 15:43:34 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/12/16 15:43:34 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/12/16 15:43:34 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/12/16 15:43:34 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/12/16 15:43:33 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/12/16 15:43:33 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/12/16 15:43:33 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/12/16 15:43:33 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/12/16 15:43:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010/12/16 15:43:33 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/12/16 15:43:23 | 000,352,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2010/12/16 15:43:20 | 000,345,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2010/12/16 15:43:19 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2010/12/16 15:43:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2010/12/16 15:43:05 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010/12/16 15:43:05 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/12/16 15:43:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010/12/16 15:41:49 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/12/11 18:03:01 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2009/01/11 17:01:07 | 000,040,960 | ---- | C] (Analog Devices Inc.) -- C:\Users\Aaron\AppData\Local\Mcegocadisayik.dll
[2008/04/08 07:24:40 | 000,327,680 | ---- | C] ( ) -- C:\Windows\System32\{f053e74d-b418-5f0d-f69c-198f54f619e6}.dll
========== Files - Modified Within 30 Days ========== [2011/01/05 16:55:43 | 000,296,448 | ---- | M] () -- C:\Users\Aaron\Desktop\xpuwv8m3.exe
[2011/01/05 16:54:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Aaron\Desktop\OTL.exe
[2011/01/05 15:58:17 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 15:58:17 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/01/05 14:02:42 | 000,061,522 | ---- | M] () -- C:\Users\Aaron\Desktop\bioshock_lolcat_3_by_afairjudgement.jpg
[2011/01/05 10:01:54 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/01/05 10:01:54 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/01/05 09:54:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/01/05 09:54:36 | 937,476,096 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/04 21:51:35 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2011/01/04 21:37:05 | 004,013,176 | ---- | M] () -- C:\Users\Aaron\Documents\ComboFix.exe
[2011/01/04 21:36:42 | 004,013,176 | R--- | M] () -- C:\Users\Aaron\Desktop\ComboFix.exe
[2011/01/04 20:16:15 | 005,439,163 | ---- | M] () -- C:\Users\Aaron\Documents\mwym11.zip
[2011/01/03 23:55:25 | 000,296,448 | ---- | M] () -- C:\Users\Aaron\Desktop\41qpurd9.exe
[2011/01/03 21:57:24 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/01/03 21:52:54 | 000,000,000 | ---- | M] () -- C:\Users\Aaron\AppData\Local\Aqewexi.bin
[2011/01/03 19:26:09 | 000,158,720 | ---- | M] () -- C:\Users\Aaron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/02 22:52:04 | 000,780,283 | ---- | M] () -- C:\Users\Aaron\Desktop\rkill.exe
[2011/01/01 19:48:09 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/01/01 19:48:07 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Aaron\Desktop\SuckOnThis.exe
[2011/01/01 19:31:53 | 000,007,944 | ---- | M] () -- C:\Users\Aaron\AppData\Local\d3d9caps.dat
[2010/12/27 20:01:05 | 016,561,671 | ---- | M] () -- C:\Users\Aaron\Documents\BWV 582.wmv
[2010/12/27 15:42:36 | 001,981,281 | ---- | M] () -- C:\Users\Aaron\Documents\32in24-4final.zip
[2010/12/26 22:26:44 | 011,804,129 | ---- | M] () -- C:\Users\Aaron\Documents\BWV 548_Fugue.wmv
[2010/12/26 20:08:58 | 009,442,882 | ---- | M] () -- C:\Users\Aaron\Documents\BWV 548.wmv
[2010/12/26 19:30:36 | 000,008,866 | ---- | M] () -- C:\Users\Aaron\AppData\Roaming\wklnhst.dat
[2010/12/20 18:30:04 | 000,608,150 | ---- | M] () -- C:\Users\Aaron\Documents\FUNNY BAN MESSAGES.rtf
[2010/12/17 12:11:09 | 000,349,848 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/17 10:43:45 | 000,000,127 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2010/12/11 18:04:15 | 000,001,889 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
========== Files Created - No Company Name ========== [2011/01/05 16:55:42 | 000,296,448 | ---- | C] () -- C:\Users\Aaron\Desktop\xpuwv8m3.exe
[2011/01/05 14:02:35 | 000,061,522 | ---- | C] () -- C:\Users\Aaron\Desktop\bioshock_lolcat_3_by_afairjudgement.jpg
[2011/01/05 09:54:36 | 937,476,096 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/04 21:40:32 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/01/04 21:40:32 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/01/04 21:40:32 | 000,089,088 | ---- | C] () -- C:\Windows\MBR.exe
[2011/01/04 21:40:32 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/01/04 21:40:32 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/01/04 21:37:05 | 004,013,176 | ---- | C] () -- C:\Users\Aaron\Documents\ComboFix.exe
[2011/01/04 21:36:25 | 004,013,176 | R--- | C] () -- C:\Users\Aaron\Desktop\ComboFix.exe
[2011/01/04 20:14:58 | 005,439,163 | ---- | C] () -- C:\Users\Aaron\Documents\mwym11.zip
[2011/01/03 20:24:52 | 000,296,448 | ---- | C] () -- C:\Users\Aaron\Desktop\41qpurd9.exe
[2011/01/02 18:08:57 | 000,780,283 | ---- | C] () -- C:\Users\Aaron\Desktop\rkill.exe
[2011/01/01 19:48:09 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
[2010/12/27 19:55:47 | 016,561,671 | ---- | C] () -- C:\Users\Aaron\Documents\BWV 582.wmv
[2010/12/27 15:42:12 | 001,981,281 | ---- | C] () -- C:\Users\Aaron\Documents\32in24-4final.zip
[2010/12/26 22:14:13 | 011,804,129 | ---- | C] () -- C:\Users\Aaron\Documents\BWV 548_Fugue.wmv
[2010/12/26 19:28:23 | 009,442,882 | ---- | C] () -- C:\Users\Aaron\Documents\BWV 548.wmv
[2010/12/11 18:04:15 | 000,001,889 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2010/10/08 14:54:58 | 000,000,163 | ---- | C] () -- C:\Users\Aaron\AppData\Roaming\asdsada.bat
[2010/07/20 16:48:05 | 000,217,088 | ---- | C] () -- C:\Windows\System32\qtmlClient.dll
[2010/04/11 06:41:08 | 000,000,000 | ---- | C] () -- C:\Users\Aaron\AppData\Local\Aqewexi.bin
[2010/04/11 06:41:07 | 000,000,120 | ---- | C] () -- C:\Users\Aaron\AppData\Local\Ntejujiqi.dat
[2010/04/06 17:03:34 | 000,010,466 | -HS- | C] () -- C:\Users\Aaron\AppData\Local\C6158646
[2010/04/06 17:03:34 | 000,010,466 | -HS- | C] () -- C:\ProgramData\C6158646
[2009/09/24 17:24:22 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/06/11 03:06:26 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2008/12/26 15:38:34 | 000,007,944 | ---- | C] () -- C:\Users\Aaron\AppData\Local\d3d9caps.dat
[2008/09/20 11:01:46 | 000,000,882 | ---- | C] () -- C:\Windows\DC.ini
[2008/07/21 17:50:06 | 000,000,054 | ---- | C] () -- C:\Windows\Composer.INI
[2008/02/06 12:21:56 | 000,233,472 | ---- | C] () -- C:\Windows\System32\nscB855.dll
[2008/01/07 20:20:11 | 000,008,866 | ---- | C] () -- C:\Users\Aaron\AppData\Roaming\wklnhst.dat
[2008/01/07 14:52:32 | 000,003,840 | ---- | C] () -- C:\Windows\System32\drivers\BANTExt.sys
[2008/01/06 23:27:49 | 000,158,720 | ---- | C] () -- C:\Users\Aaron\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/16 07:13:02 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007/12/16 07:13:01 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/12/16 07:12:52 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/12/15 23:40:13 | 000,065,536 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2006/11/07 14:25:58 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/17 00:36:50 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
========== Alternate Data Streams ========== @Alternate Data Stream - 64 bytes -> C:\Users\Aaron\Documents\lol.mpg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Aaron\Documents\Explosive Impact - Cyber Bullies Hackers.mp3:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Aaron\Documents\clip0045.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Aaron\Documents\clip0039.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Aaron\Documents\Alice in Chains God Smack.mp3:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Aaron\Desktop\WAVE0001.WAV:TOC.WMV
@Alternate Data Stream - 1326 bytes -> C:\Users\Aaron\AppData\Local\ZBmpryHWj:y848GBFMpyP0qdK0pH07wxi
@Alternate Data Stream - 1289 bytes -> C:\ProgramData\Microsoft:y98ascon5PANdUG4DGiG4oXlWS
@Alternate Data Stream - 1197 bytes -> C:\ProgramData\Microsoft:rcAtvThhWVLuORUwIKagaT
@Alternate Data Stream - 1093 bytes -> C:\Users\Aaron\AppData\Local\LMeeS4wmLIB:0smQLv1TqtzpAGsn0CI2FD
< End of report >
=================================================================================
Extras.txt
OTL Extras logfile created on: 1/5/2011 4:58:52 PM - Run 1
OTL by OldTimer - Version 3.2.20.1 Folder = C:\Users\Aaron\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
893.00 Mb Total Physical Memory | 392.00 Mb Available Physical Memory | 44.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 51.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 64.44 Gb Total Space | 26.70 Gb Free Space | 41.43% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.05 Gb Free Space | 60.47% Space Free | Partition Type: NTFS
Computer Name: AARON-PC | User Name: Aaron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1271755778-601456851-151212410-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01B5B37C-AAE1-4AC8-821D-6E0118FF1EF9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{05FA470E-D198-480B-AE3B-81797C8CE509}" = lport=445 | protocol=6 | dir=in | app=system |
"{1F1D327E-4CA0-4418-ABAE-FD8C8086614F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1FCC2F43-B961-40D0-B04A-A0CC89B28B85}" = lport=139 | protocol=6 | dir=in | app=system |
"{21370580-F6A5-4689-98B9-88B89967D976}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2700B6B4-C9B5-4F23-99A1-79208ACD5981}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{374F15A2-1E2A-4354-B8D7-FBB13C8E4E59}" = lport=138 | protocol=17 | dir=in | app=system |
"{3E311F69-5893-46E3-8511-B40C0EEEE1E9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3EB0910B-26B7-4ED7-9808-72E69B5A36D2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{5609C4BB-DCD5-4CDA-BEBA-8D531B257B1E}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E51B1E5-7B1A-43BB-A9A1-D33EA1655B6E}" = rport=139 | protocol=6 | dir=out | app=system |
"{71D656A7-E82A-4904-B318-68E6365EA9D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{79C80685-F77B-4B6F-A9C6-763C4ACF0024}" = rport=137 | protocol=17 | dir=out | app=system |
"{82A3D11C-784F-4FCC-B5C0-D58D3659B6C3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8923382C-8AFC-424F-A1FC-4607344B8585}" = lport=137 | protocol=17 | dir=in | app=system |
"{9011C896-1108-41C9-9F7D-6EA2C0DAF0FB}" = rport=445 | protocol=6 | dir=out | app=system |
"{A92FD0F9-2F99-4A7F-8160-865781407339}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6CB3F33-32EF-406F-9F11-2E8ED35B3E72}" = rport=138 | protocol=17 | dir=out | app=system |
"{F07A01B5-D61E-4B81-98C2-7D9816687E81}" = rport=10243 | protocol=6 | dir=out | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02337090-5604-483B-9C16-9F5ADFA4CCAF}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{0836C1F4-E4F1-4553-9DFD-C03CA9062503}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0884C863-7831-4DD1-A0F6-F9BB2B6FCAB0}" = protocol=17 | dir=in | app=c:\program files\skulltag\idese.exe |
"{1D818489-8C4A-4B87-B297-FCC7130E1542}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2800B986-693D-4E97-BBE5-367101EFD309}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2F88A7CF-FD91-422E-A48B-9B97FC3BA04B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{330E9471-C419-430E-A5FB-CBAAD5E88F0E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{344F9BD6-1C5E-4C2E-B5BF-603139C4C453}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{37F13A76-9A27-46E8-83D5-92736334E358}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{42F2AFA4-09EE-40AC-8930-FDD6FF5A4F3E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{446BC096-33AB-4B3D-B13F-0688970088CC}" = protocol=6 | dir=in | app=c:\program files\skulltag\idese.exe |
"{481DDA6C-A3BE-4977-9232-826B290CECF0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{49E50AD1-2381-4C39-BC59-F01329C99052}" = protocol=6 | dir=in | app=c:\program files\skulltag\rcon_utility.exe |
"{4B763526-9D37-4741-A3D2-7CBEA6852295}" = protocol=17 | dir=in | app=c:\program files\skulltag\skulltag.exe |
"{573968ED-E079-45A1-9742-2F59AF505BB6}" = protocol=6 | dir=out | app=system |
"{5802CA74-648D-4450-932A-60CA436F1155}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5885C609-D305-4D8B-9270-923ACE98396B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5C95452B-A83F-4E40-8F8F-E2931E78B570}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{5F48E0D8-82FE-4CE3-9422-3407764A3F5A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{60F6922D-BB59-4C81-AA99-891EED27508A}" = protocol=6 | dir=in | app=c:\program files\skulltag\skulltag.exe |
"{7202BFC6-34CC-4693-8FCE-FCF72712191D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{83BFF618-EE55-479D-AB1D-B71E419ACAA3}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{86AE4B85-6ABB-4428-AEA9-F3B0EC9965C2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8E3EE34F-F488-46BA-8345-F729B9D1B347}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{99998D88-4D5E-4BF3-B761-97B668A4B053}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A4400CA8-C234-474C-9F3F-9858E99529C1}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{AC3A3CE3-438E-4F40-A388-7BBF67C71E9B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B9A48AA5-2E34-4031-8DAD-92644A1BAC7A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BAD51CE0-076D-441B-A35D-29928E4C52FD}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BB1C37FB-B1E7-438F-9B0A-A6D99C6E2F84}" = protocol=17 | dir=in | app=c:\program files\skulltag\rcon_utility.exe |
"{C65E2B84-0A00-4184-A62C-5C64DA3B2347}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{DEE8D291-B7AB-477B-A7F8-5F9D755D66A6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E3B016E7-67FE-49E2-B922-B5E0051AAC4A}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{E96827E4-331F-42E2-844D-2B1F4F47BDDE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FC1C57A6-CF5A-4AFD-9F40-AFF1DEED7346}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"TCP Query User{19093DF3-A5CA-4913-923D-68BF9219819E}C:\program files\zdaemon\zserv32.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zserv32.exe |
"TCP Query User{1E1BCCE9-6C22-422B-AE42-0FFE7AB7A8FF}C:\program files\zdaemon\zdaemon.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zdaemon.exe |
"TCP Query User{203D2425-FC1D-4B11-B3DC-E6D528A68E2C}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{271B2C46-21F9-43D3-96C4-C62FF3AA4F30}C:\zdaemon\zlauncher.exe" = protocol=6 | dir=in | app=c:\zdaemon\zlauncher.exe |
"TCP Query User{2776AA13-CFFF-4D2F-8582-BE1ECA5300BC}C:\users\aaron\desktop\zdoom\idese.exe" = protocol=6 | dir=in | app=c:\users\aaron\desktop\zdoom\idese.exe |
"TCP Query User{2A4795A5-B2E3-435D-A3C0-248D16FB7E33}C:\program files\zdaemon\zserv32.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zserv32.exe |
"TCP Query User{2DD515C2-D126-461F-BBDC-D8F98835E4BF}C:\zdaemon\zdaemon.exe" = protocol=6 | dir=in | app=c:\zdaemon\zdaemon.exe |
"TCP Query User{3C432DF6-3336-4C73-A5F6-DD17C10626A1}C:\program files\zdaemon\zserv.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zserv.exe |
"TCP Query User{3C8EF1B3-F1E0-49E1-9750-DCA921A86A8A}C:\program files\zdaemon\zlauncher.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zlauncher.exe |
"TCP Query User{3E3B83EB-0396-49EB-8AB6-E0357E7461C8}C:\users\aaron\desktop\zdoom\skulltag.exe" = protocol=6 | dir=in | app=c:\users\aaron\desktop\zdoom\skulltag.exe |
"TCP Query User{56D8EBB5-A90D-443A-BB81-68CF1D66F8FB}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"TCP Query User{6F55220F-1E2E-44B0-8F41-901CEE69914B}C:\users\aaron\desktop\ide\ide.exe" = protocol=6 | dir=in | app=c:\users\aaron\desktop\ide\ide.exe |
"TCP Query User{8454ADDD-8234-4AF7-B155-E16D2DE05042}C:\zdaemon\zdaemon.exe" = protocol=6 | dir=in | app=c:\zdaemon\zdaemon.exe |
"TCP Query User{846B2A41-D187-472F-9CA5-9BE4D7A85864}C:\program files\doom collector's edition\final doom\doom95.exe" = protocol=6 | dir=in | app=c:\program files\doom collector's edition\final doom\doom95.exe |
"TCP Query User{8717B6C3-8CDF-4C82-B955-649176AF5BF0}C:\program files\skulltag\idese.exe" = protocol=6 | dir=in | app=c:\program files\skulltag\idese.exe |
"TCP Query User{A51373DA-9D3F-4BDD-8168-BA8CD59B4DC6}C:\program files\zdaemon\zdaemon.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zdaemon.exe |
"TCP Query User{A88AE5B8-983F-40E2-8DC3-6769A8F228F7}C:\zdaemon\zlauncher.exe" = protocol=6 | dir=in | app=c:\zdaemon\zlauncher.exe |
"TCP Query User{AB6A0E07-EAA1-46A9-93F8-63A8F5A6F856}C:\users\aaron\desktop\idese.exe" = protocol=6 | dir=in | app=c:\users\aaron\desktop\idese.exe |
"TCP Query User{C28504A8-B119-4B21-A8A9-5AABCBF16B1C}C:\program files\zdaemon\zlauncher.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zlauncher.exe |
"TCP Query User{D2A07C5E-77CA-4E93-8541-A14C524C4FE6}C:\program files\zdaemon\zsl\zsllite.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zsl\zsllite.exe |
"TCP Query User{DAFBB312-47AA-4303-B28D-73BDCD5A4C8E}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{F613BB9C-AF88-4C0E-8ACD-2366CB9D833D}C:\program files\zdaemon\zsl\zsllite.exe" = protocol=6 | dir=in | app=c:\program files\zdaemon\zsl\zsllite.exe |
"TCP Query User{F8214718-A3A8-4466-844F-D9CAE6E02D4D}C:\users\aaron\desktop\idese.exe" = protocol=6 | dir=in | app=c:\users\aaron\desktop\idese.exe |
"UDP Query User{0175F8BF-750B-4578-A456-2DD9938D8772}C:\users\aaron\desktop\idese.exe" = protocol=17 | dir=in | app=c:\users\aaron\desktop\idese.exe |
"UDP Query User{03043559-C084-48E1-9FF4-CE1287D9964E}C:\program files\zdaemon\zsl\zsllite.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zsl\zsllite.exe |
"UDP Query User{115820D4-8CFF-43F2-BB3B-8B26FD8256D1}C:\zdaemon\zlauncher.exe" = protocol=17 | dir=in | app=c:\zdaemon\zlauncher.exe |
"UDP Query User{1DA7B263-0E35-4B06-94F0-380EF7119042}C:\users\aaron\desktop\idese.exe" = protocol=17 | dir=in | app=c:\users\aaron\desktop\idese.exe |
"UDP Query User{21B1C3ED-062F-4AD9-8105-C365B0E58502}C:\program files\zdaemon\zserv32.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zserv32.exe |
"UDP Query User{2819A26D-7EB1-440A-BED2-492D6033FCBA}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{2E5FE3EC-A83F-4961-BF38-E691FFF1C5DC}C:\users\aaron\desktop\ide\ide.exe" = protocol=17 | dir=in | app=c:\users\aaron\desktop\ide\ide.exe |
"UDP Query User{3D97FDB6-C0F6-48E4-82F1-E52E91AB57EB}C:\program files\doom collector's edition\final doom\doom95.exe" = protocol=17 | dir=in | app=c:\program files\doom collector's edition\final doom\doom95.exe |
"UDP Query User{46F47F32-676D-4495-917A-A1141915031E}C:\users\aaron\desktop\zdoom\skulltag.exe" = protocol=17 | dir=in | app=c:\users\aaron\desktop\zdoom\skulltag.exe |
"UDP Query User{493967A6-E60C-4EC5-9A9C-4D912371C347}C:\users\aaron\desktop\zdoom\idese.exe" = protocol=17 | dir=in | app=c:\users\aaron\desktop\zdoom\idese.exe |
"UDP Query User{4D5E47C2-F209-4894-BF66-F992BC4158A7}C:\program files\zdaemon\zserv.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zserv.exe |
"UDP Query User{4F471E55-E27A-4249-9D7B-9C7C1DAB4F21}C:\program files\zdaemon\zlauncher.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zlauncher.exe |
"UDP Query User{560A5988-356C-4B5D-AF4D-BD0F8BB06AF4}C:\zdaemon\zdaemon.exe" = protocol=17 | dir=in | app=c:\zdaemon\zdaemon.exe |
"UDP Query User{80DDF58A-F0D8-4055-8A65-C0AF4A599E9F}C:\program files\zdaemon\zdaemon.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zdaemon.exe |
"UDP Query User{90A74413-1DDA-4520-B933-70842EFD6A30}C:\zdaemon\zlauncher.exe" = protocol=17 | dir=in | app=c:\zdaemon\zlauncher.exe |
"UDP Query User{ACD6B8E6-D6DD-46CC-B232-09E5AA9C9ABA}C:\zdaemon\zdaemon.exe" = protocol=17 | dir=in | app=c:\zdaemon\zdaemon.exe |
"UDP Query User{BA8BFBEB-822A-4FFF-831D-17DAED9C371F}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{BEBF5586-6A64-4E75-BC18-64647BCE1442}C:\program files\skulltag\idese.exe" = protocol=17 | dir=in | app=c:\program files\skulltag\idese.exe |
"UDP Query User{C4C84C44-51A0-43B0-8894-6D0F55C45173}C:\program files\zdaemon\zdaemon.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zdaemon.exe |
"UDP Query User{D3E2E55B-39AC-4C82-8160-5862893E9AD6}C:\program files\zdaemon\zlauncher.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zlauncher.exe |
"UDP Query User{DAC3B79B-F7F5-41CE-BB6B-638A2863F662}C:\program files\zdaemon\zserv32.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zserv32.exe |
"UDP Query User{DC7D523C-FAE7-486A-96F7-F96CFA5EC05C}C:\program files\zdaemon\zsl\zsllite.exe" = protocol=17 | dir=in | app=c:\program files\zdaemon\zsl\zsllite.exe |
"UDP Query User{EFC52844-E685-47B8-B8A0-0B185D9DE1FD}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0E4BC542-9CFD-4E97-B586-9F1E5516E7B9}" = Microsoft IntelliPoint 6.1
"{14AA664E-9BFA-44C4-A083-83A2998679BA}" = Digidesign Pro Tools M-Powered Demo 7.4
"{15CC668C-F37C-CE24-9047-40EC8034E29D}" = ATI Catalyst Control Center Ex
"{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 23
"{2F29D6D2-824E-4FEF-8AED-7013F39F642A}" = OpenOffice.org 2.3
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7F0C4457-8E64-491B-8D7B-991504365D1E}" = QuickSet
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AFE354A5-640F-4A23-94C8-0B441E8967CA}" = Digidesign Shared Plug-Ins 7.4
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CCFF1E13-77A2-4032-8B12-7566982A27DF}" = Internet Service Offers Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D5395E5F-4D45-4665-8F00-234FA33678AF}" = SlimDX Redistributable (March 2009)
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E713653C-8312-4BC6-AFC9-ADE1F2F04AB9}" = ATI PCI Express (3GIO) Filter Driver
"{EF53DD60-C4E2-11DB-3D6C-167690F54AE1}" = Notation Composer 2.5 (Trial Version)
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FC572E6B-1511-4C53-929A-469D49E1C576}" = MidiNotate Composer
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Belarc Advisor 2.0" = Belarc Advisor 7.2
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner (remove only)
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"DeePsea" = DeePsea
"Doom Builder 2_is1" = Doom Builder 2.1
"Doom Builder_is1" = Doom Builder
"DOOM Collector's Edition" = DOOM Collector's Edition
"Doom II for Windows 95" = Doom II for Windows 95
"Doomsday Engine_is1" = Doomsday Engine 1.9.0-beta5
"Google Desktop" = Google Desktop
"Guitar Pro 5_is1" = Guitar Pro 5.0
"HyperCam 2" = HyperCam 2
"LilyPond" = LilyPond
"Live 6.0.1" = Live 6.0.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
"MySpaceIM" = MySpaceIM
"RPG Maker 2000 ColumbineRPG" = RPG Maker 2000 - Super Columbine Massacre RPG!
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Ultimate Doom for Windows 95" = Ultimate Doom for Windows 95
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"ZDaemon" = ZDaemon (remove only)
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 1/4/2011 10:54:44 PM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/4/2011 10:55:24 PM | Computer Name = Aaron-PC | Source = EventSystem | ID = 4609
Description =
Error - 1/5/2011 10:56:53 AM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/5/2011 11:01:37 AM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/5/2011 11:02:28 AM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/5/2011 11:02:33 AM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/5/2011 11:05:40 AM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/5/2011 11:13:51 AM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/5/2011 11:15:08 AM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 1/5/2011 5:24:25 PM | Computer Name = Aaron-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 4/15/2008 8:33:24 PM | Computer Name = Aaron-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 4/18/2008 5:04:15 PM | Computer Name = Aaron-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 5/31/2008 8:56:35 AM | Computer Name = Aaron-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 4/29/2009 7:51:09 PM | Computer Name = Aaron-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/11/2009 11:29:32 PM | Computer Name = Aaron-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/6/2009 4:44:42 PM | Computer Name = Aaron-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 3/1/2010 6:55:29 AM | Computer Name = Aaron-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 1/4/2011 4:39:17 PM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 1/4/2011 4:39:24 PM | Computer Name = Aaron-PC | Source = DCOM | ID = 10005
Description =
Error - 1/4/2011 9:54:21 PM | Computer Name = Aaron-PC | Source = DCOM | ID = 10005
Description =
Error - 1/4/2011 10:39:41 PM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 1/4/2011 10:43:24 PM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 1/4/2011 10:51:37 PM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7030
Description =
Error - 1/5/2011 10:55:05 AM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/5/2011 10:55:05 AM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/5/2011 10:57:46 AM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 1/5/2011 10:58:54 AM | Computer Name = Aaron-PC | Source = Service Control Manager | ID = 7011
Description =
< End of report >
=================================================================================