Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Help: FTP Password possibly stolen; computer slow

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 19th, 2011, 5:35 pm

I'm not sure whether I am in trouble; my server account was compromised in a possible (probable) FTP password theft; my computer has been running very slow, and I noticed on Wireshark the other weird things happening (e.g. it looked like files were being downloaded by FTP when they shouldn't have been). Any help is much appreciated.

HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:29:32, on 19/01/2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\xampp\apache\bin\httpd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\dldfserv.exe
C:\WINDOWS\system32\dldfcoms.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\xampp\mysql\bin\mysqld.exe
C:\Program Files\NVDA\nvda_service.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\PROGRA~1\MI4F93~1\webtool.exe
C:\Program Files\TightVNC\WinVNC.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\xampp\apache\bin\httpd.exe
C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
C:\Program Files\VisualCron 4\VisualCronService.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe
C:\Program Files\Windows Home Server\WHSConnector.exe
C:\Program Files\DynDNS Updater\DynDNS.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\Process Lasso\processlasso.exe
C:\Program Files\Process Lasso\processgovernor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Dell AIO Printer 948\dldfmon.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\WINDOWS\system32\mdm.exe
C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
C:\Program Files\AirPort\APAgent.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Robust IT\Taskix\Taskix32.exe
C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Launchy\Launchy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Home Server\WHSTrayApp.exe
C:\Documents and Settings\David\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\NetBeans 6.9\bin\netbeans.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
C:\Program Files\GitExtensions\PuTTY\pageant.exe
C:\Program Files\FileZilla Client\filezilla.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Last.fm\LastFM.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\MySQL\MySQL Tools for 5.0\MySQLQueryBrowser.exe
C:\Program Files\KDiff3\kdiff3.exe
C:\Program Files\Notepad++\notepad++.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.uk/hws/sb/dell-usu ... channel=uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
O1 - Hosts: # Copyright (c) 1993-1999 Microsoft Corp.
O1 - Hosts: 72.47.224.154 greatmooglygoogly.com
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BrowserHelper Class - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: DebugBar - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll
O3 - Toolbar: Home Server Banner - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\processlasso.exe
O4 - HKLM\..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\processgovernor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [dldfmon.exe] "C:\Program Files\Dell AIO Printer 948\dldfmon.exe"
O4 - HKLM\..\Run: [StartupDelayer] "C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VisualCron Tray Client] C:\Program Files\VisualCron 4\VCTray.exe
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [AirPort Base Station Agent] "C:\Program Files\AirPort\APAgent.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\David\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Taskix] "C:\Program Files\Robust IT\Taskix\Taskix32.exe" start
O4 - HKCU\..\Run: [Taskbar Shuffle] C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Windows Home Server.lnk = ?
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll
O9 - Extra button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra 'Tools' menuitem: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler2\Fiddler.exe" (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 9375557631
O17 - HKLM\System\CCS\Services\Tcpip\..\{ABD3AA98-92AE-4279-8964-C717CDA2577E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{ABD3AA98-92AE-4279-8964-C717CDA2577E}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{ABD3AA98-92AE-4279-8964-C717CDA2577E}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,AirfoilInject3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apache2.2 - Apache Software Foundation - c:\xampp\apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CarboniteService - Carbonite, Inc. (http://www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: CVSNT Locking Service 2.5.03.2382 (cvslock) - Unknown owner - C:\Program Files\CVSNT\cvslock.exe
O23 - Service: CVSNT Dispatch service 2.5.03.2382 (cvsnt) - March Hare Software Ltd - C:\Program Files\CVSNT\cvsservice.exe
O23 - Service: dldfCATSCustConnectService - Unknown owner - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe
O23 - Service: dldf_device - - C:\WINDOWS\system32\dldfcoms.exe
O23 - Service: DynDNS Updater Service (DynDNS_Updater_Service) - Kana Solution - C:\Program Files\DynDNS Updater\DynDNS.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: Google Update Service (gupdate1c8c49a2fac94ca) (gupdate1c8c49a2fac94ca) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: MRMonitor (MegaMonitorSrv) - Unknown owner - C:\Program Files\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe
O23 - Service: SSMFramework (MSMFramework) - Unknown owner - C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
O23 - Service: MySQL - Unknown owner - c:\xampp\mysql\bin\mysqld.exe
O23 - Service: nonVisual Desktop Access (nvda) - Unknown owner - C:\Program Files\NVDA\nvda_service.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: VisualCron 4 (VisualCron4) - neteject.com - C:\Program Files\VisualCron 4\VisualCronService.exe
O23 - Service: VNC Server (winvnc) - TightVNC Group - C:\Program Files\TightVNC\WinVNC.exe

--
End of file - 18475 bytes


Uninstall List

µTorrent
2007 Microsoft Office system
3ivx MPEG-4 5.0.3 (remove only)
7-Zip 4.65
ABBYY FineReader 6.0 Sprint
Acrobat.com
ActiveState Komodo Edit 5.1.3
Adobe Air
Adobe AIR
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Dreamweaver CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash CS3 Professional
Adobe Flash Media Live Encoder 3.2
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 9.4.0
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Shockwave Player 11.5
Adobe Stock Photos CS3
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Airfoil
AirPort
Amazon MP3 Downloader 1.0.9
AnalogX SimpleServer:Shout
AnalogX SimpleServer:WWW
Analytics Reporting Suite - beta 3.2
Analytics Reporting Suite - beta 3.2
AnjLab.SqlProfiler
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Aptana Studio 2.0
Aqua Data Studio 6.5
Audacity 1.2.6
AusLogics Disk Defrag
AviSynth 2.5
Blaze Media Pro
Boks
Bonjour
Box.net add-in for MS Office
Broadcom Advanced Control Suite
Browser Address Error Redirector
Business Contact Manager for Outlook 2007 SP2
Business Contact Manager for Outlook 2007 SP2
Carbonite
CCleaner (remove only)
CD & DVD Label Maker 1.2
CDisplay 1.7
ClearType Tuning Control Panel Applet
Clockmaker Icon Generator
Clockmaker Icon Generator
CloudBerry Explorer for Amazon S3 1.7
ColorPic
Corel Paint Shop Pro 9
CVSNT 2.5.03.2382
dBpoweramp FLAC Codec
dBpoweramp m4a Codec
dBpoweramp Music Converter
DebugBar v5.0.2 for Internet Explorer (remove only)
Dell AIO Printer 948
Dell SAS RAID Storage Manager
Dell SAS RAID Storage Manager v2.16-00
Digital Rowing RowPro
Doctor Who: The Adventure Games
DynDNS Updater 3.1
Fiddler2
Files Search Assistant 3.1
FileZilla Client 3.1.0.1
FlashGet 1.9.6.1073
Flickr Uploadr 3.1.3
FlipShare
FLV Player 2.0 (build 25)
foobar2000 v1.0.3
Foxit Reader
Git 1.6.5.1-preview20091022
Git Extensions 1.98
Google Calendar Sync
Google Earth
Google Gears
Google Talk (remove only)
Google Update Helper
Google Updater
GrabBee
GTK+ Runtime 2.14.7 rev a (remove only)
HelloWorld
High Definition Audio Driver Package - KB835221
Highlight Viewer (Windows Live Toolbar)
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Scrawlr
Image Resizer Powertoy for Windows XP
Inkscape 0.46
Intel(R) Matrix Storage Manager
Internet Explorer Developer Toolbar
Internet Information Services (IIS) 7.0 Manager
iPhone Configuration Utility
IrfanView (remove only)
ISAPI_Rewrite Lite
iTunes
iTunes Library Updater
iTunesFolderWatch
J2SE Development Kit 5.0 Update 14
J2SE Runtime Environment 5.0 Update 14
Java(TM) 6 Update 17
Kaspersky Internet Security 2011
Kaspersky Internet Security 2011
KDiff3 (remove only)
K-Lite Codec Pack 3.7.0 Full
LADSPA_plugins-win-0.4.15
LAME v3.98.2 for Audacity
Last.fm 1.5.4.27091
Launchy 2.0
LogCard Utility Uninstaller 1.0
LogMeIn
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
MeeBone
MeGUI modern media encoder (remove only)
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Help Viewer 1.0
Microsoft Help Viewer 1.0
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional Hybrid 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
Microsoft Office Small Business Connectivity Components
Microsoft Office Visual Web Developer 2007
Microsoft Office Visual Web Developer MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft OpenType Font File Properties Extension
Microsoft Script Debugger
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2000
Microsoft SQL Server 2008
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Management Studio
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 Policies
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files (English)
Microsoft SQL Server Compact 3.5 SP1 Query Tools English
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Database Publishing Wizard 1.3
Microsoft SQL Server Native Client
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Runtime v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Sync Framework Services v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual Basic 2010 Express - ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Web Authoring Component
Microsoft Web Application Stress Tool
Microsoft Web Platform Installer 2.0
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - enu
mIRC
Monitor Calibration Wizard 1.0
Mozilla Firefox (3.6.10)
MSN
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
MultipleIEs
MyFonts Order M1471128
MySQL Tools for 5.0
MySQL Workbench 5.2 CE
NetBeans IDE 6.9
NI-DAQ 6.9.3
Notepad++
NVDA 2010.1
NVIDIA Drivers
OGA Notifier 2.0.0048.0
OpenDNS Updater 2.2
Opera 9.25
PDF Settings
pdfsam
PE Explorer 1.99 R2
phpDesigner 7 version 7.2.1
Picasa 3
Pidgin
PixiePack Codec Pack
Pixus
Pixus
PNGGauntlet
Polaris
PowerDVD
PowerISO
Preconfigured PHP Package 5.2.2
PrimoPDF -- brought to you by Nitro PDF Software
Process Lasso
Proxifier version 2.91
QuickTime
R for Windows 2.12.0
Random Generator for Excel 2.0
ReadAir
RealPlayer
RichFLV
RichFLV
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Drag-to-Disc
Roxio Express Labeler
Roxio Update Manager
S3 Backup
S3 Webmaster
S3Safe
Safari
SearchAssist
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
seliSoft ActiveHTML 1.04.0002
SHOUTcast DNAS (remove only)
SHOUTcast Source DSP 1.9.0 (remove only)
Skype web features
Skype™ 4.1
Smart Defrag
Smart Menus (Windows Live Toolbar)
SmartFTP Client
SmartFTP Client 3.0 Setup Files (remove only)
Snippage
Snippage
Sonic Activation Module
Sony Vegas Pro 8.0
Sorenson Squeeze 4.2
Spotify
Spybot - Search & Destroy
Sql Server Customer Experience Improvement Program
SQL Server Upgrade Assistant 2008
Stanza
Startup Delayer v2.3 (build 134)
SWiSHmax
SyncToy 2.0 (x86)
Taskbar Shuffle version 2.5
Taskix 2.1
TeamViewer 5
Tidy (February 16th, 2006)
TightVNC 1.3.10
TomTom HOME 2.7.5.2014
TomTom HOME Visual Studio Merge Modules
TortoiseCVS 1.10.10
TortoiseSVN 1.6.2.16344 (32 bit)
TreeSize Free V2.2.1
TuneRanger
Tweak UI
TweetDeck
TweetDeck
Ulead GIF Animator 5
Uninstall Startup Inspector
Unlocker 1.8.7
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Visual Studio Web Authoring Component (KB945140)
Update for Outlook 2007 Junk Email Filter (KB2483110)
Update for Windows Internet Explorer 8 (KB968220)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual C++ 8.0 CRT (x86) WinSXS MSM
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
VisualCron 4.9.40
WebEx
Winamp
Windows Driver Package - OMNIKEY (cxbu0wdm) SmartCardReader (12/05/2005 1.1.1.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Home Server Connector
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Favorites for Windows Live Toolbar
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Upload Tool
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Media Tools 4.0
Windows PowerShell(TM) 1.0
Windows Presentation Foundation
Windows Search 4.0
Windows XP Service Pack 3
WinMerge 2.12.4
WinPcap 4.1.2
WinRAR archiver
Wireshark 1.4.2
XAMPP 1.7.1
Last edited by apemantus on January 23rd, 2011, 3:04 pm, edited 1 time in total.
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm
Advertisement
Register to Remove

Re: Help: FTP Password possibly stolen; computer slow

Unread postby deltalima » January 20th, 2011, 2:52 pm

Checking your log - back soon.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help: FTP Password possibly stolen; computer slow

Unread postby deltalima » January 20th, 2011, 2:57 pm

Hi apemantus,

Welcome to the forum.

My nickname is deltalima and I will be helping you with your malware issue.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.


Please note the following:
  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.

Remove P2P Programs

  • I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

    µTorrent


  • Please read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.
  • Note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

  • Click on start
  • Then Run
  • In the open text entry box please copy/paste appwiz.cpl Then click enter.
  • Press the "Remove" or "Change/Remove"...button to uninstall the programs listed above (in red) and any other P2P you have installed NOW.
  • Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.

Please let me know if the computer is used for home or for business use.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 21st, 2011, 5:21 am

Thanks a lot for your help, much appreciated. I have removed uTorrent. I use my computer for home/education purposes.
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm

Re: Help: FTP Password possibly stolen; computer slow

Unread postby deltalima » January 21st, 2011, 6:03 am

Hi apemantus,

Please uninstall Spybot - Search & Destroy as it may interfere with our scans and fixes.

CKScanner

  • Please download CKScanner from here to your Desktop.
  • Make sure that CKScanner.exe is on the your Desktop before running the application!
  • Double-click on CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify the file saved
  • Double-click on the CKFiles.txt icon on your Desktop and copy/paste the contents in your next reply.

Next

  • Please download this tool from Microsoft.
  • Double click on MGADiag.exe to run it.
  • Click Continue.
  • The program will run. It takes a while to finish the diagnosis, please be patient.
  • Once done, click on Copy.
  • Open Notepad and paste the contents in the window.
  • Save this file and copy/paste it in your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 21st, 2011, 8:34 am

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\corel\paint shop pro 9\bump maps\cracked desert.pspimage
c:\program files\corel\paint shop pro 9\patterns\cracked paint.pspimage
c:\program files\git\bin\ssh-keygen.exe
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.py
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.pyc
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.pyo
c:\xampp\php\ext\php_crack.dll
scanner sequence 3.ED.11
----- EOF -----


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-T6DFB-Y934T-YD4YT
Windows Product Key Hash: 3g4CZGFEDgbKmn/oB4pa2FZsssU=
Windows Product ID: 76487-OEM-2211906-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010100.3.0.pro
ID: {F0905761-5B4F-4688-98A8-1A9BFC659552}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.9.40.0
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: 0
File Exists: Yes
Version: 1.9.40.0
WgaTray.exe Signed By: Microsoft
WgaLogon.dll Signed By: Microsoft

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: 2.0.48.0
OGAExec.exe Signed By: Microsoft
OGAAddin.dll Signed By: Microsoft

OGA Data-->
Office Status: 100 Genuine
2007 Microsoft Office system - 100 Genuine
OGA Version: Registered, 2.0.48.0
Signed By: Microsoft
Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-230-1_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_70AFE6BE-656-80070057_E2AD56EA-815-80070057

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{F0905761-5B4F-4688-98A8-1A9BFC659552}</UGUID><Version>1.9.0027.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-YD4YT</PKey><PID>76487-OEM-2211906-00102</PID><PIDType>2</PIDType><SID>S-1-5-21-3970506798-2062240868-3501328355</SID><SYSTEM><Manufacturer>Dell Inc. </Manufacturer><Model>Precision WorkStation 690 </Model></SYSTEM><BIOS><Manufacturer>Dell Inc. </Manufacturer><Version>A06</Version><SMBIOSVersion major="2" minor="3"/><Date>20070820000000.000000+000</Date><SLPBIOS>Dell System,Dell Computer,Dell System,Dell System</SLPBIOS></BIOS><HWID>7BD6337F0184257A</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>2</stat><msppid></msppid><name>Dell Precision PWS690</name><model></model></SBID><OEM/><GANotification><File Name="WgaTray.exe" Version="1.9.40.0"/><File Name="WgaLogon.dll" Version="1.9.40.0"/><File Name="OGAAddin.dll" Version="2.0.48.0"/></GANotification></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{91120000-0031-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>2007 Microsoft Office system</Name><Ver>12</Ver><Val>A3E53F6473315AE</Val><Hash>hCOq72Ca0r2VhLtcvk9E0z8+25Y=</Hash><Pid>89451-OEM-6672734-54287</Pid><PidType>4</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/></Applications></Office></Software></GenuineResults>

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1AB4C:Dell Inc|1AB4C:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm

Re: Help: FTP Password possibly stolen; computer slow

Unread postby deltalima » January 21st, 2011, 9:01 am

Please post the full log from CKScanner.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 21st, 2011, 9:14 am

Heh: I redacted two files of my own that were pages for a website that had crackers (as in slang for crazy) in the filename. Deleting those files as the website is several years defunct anyway gives:

CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\corel\paint shop pro 9\bump maps\cracked desert.pspimage
c:\program files\corel\paint shop pro 9\patterns\cracked paint.pspimage
c:\program files\git\bin\ssh-keygen.exe
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.py
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.pyc
c:\program files\inkscape\python\lib\site-packages\numpy\f2py\crackfortran.pyo
c:\xampp\php\ext\php_crack.dll
scanner sequence 3.GL.11
----- EOF -----
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm

Re: Help: FTP Password possibly stolen; computer slow

Unread postby deltalima » January 21st, 2011, 9:23 am

Hi apemantus,

Download and run OTL
Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
    • Extras.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Please download GMER Rootkit Scanner from here.
  • Double click the .exe file. If asked to allow gmer.sys driver to load, please consent
  • If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO.
  • Run Gmer again and click on the Rootkit tab.
  • Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive.
  • Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All".
  • Click on the "Scan" and wait for the scan to finish.
    Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan.
  • When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply.
  • Note: If you have any problems, try running GMER in SAFE MODE
Important! Please do not select the "Show all" checkbox during the scan..

Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 23rd, 2011, 3:17 pm

I've had to attach the gmer file as a zip file (uncompressed it was too large for the forum limit) and split it up into two posts, again due to forum limits, sorry.

OTL logfile created on: 22/01/2011 13:13:45 - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = F:\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 74.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.93 Gb Total Space | 64.68 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive D: | 394.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 931.51 Gb Total Space | 511.11 Gb Free Space | 54.87% Space Free | Partition Type: NTFS
Drive M: | 911.50 Gb Total Space | 149.57 Gb Free Space | 16.41% Space Free | Partition Type: NTFS
Drive N: | 911.50 Gb Total Space | 149.57 Gb Free Space | 16.41% Space Free | Partition Type: NTFS
Drive P: | 911.50 Gb Total Space | 149.57 Gb Free Space | 16.41% Space Free | Partition Type: NTFS

Computer Name: DAVIDDESKTOP | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - F:\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (http://www.carbonite.com))
PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files\NVDA\nvda_service.exe ()
PRC - C:\Documents and Settings\David\Application Data\Dropbox\bin\Dropbox.exe ()
PRC - C:\Program Files\AirPort\APAgent.exe (Apple Inc.)
PRC - C:\Program Files\Robust IT\Taskix\Taskix32.exe (Robust IT)
PRC - C:\Program Files\Windows Home Server\WHSTrayApp.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Home Server\WHSConnector.exe (Microsoft Corporation)
PRC - C:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
PRC - C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
PRC - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (http://tortoisesvn.net)
PRC - c:\xampp\mysql\bin\mysqld.exe ()
PRC - C:\Program Files\TightVNC\WinVNC.exe (TightVNC Group)
PRC - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files\VisualCron 4\VisualCronService.exe (neteject.com)
PRC - C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
PRC - C:\Program Files\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe (Jay Elaraj)
PRC - C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\cmd.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
PRC - C:\Program Files\Launchy\Launchy.exe ()
PRC - C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfserv.exe ()
PRC - C:\WINDOWS\system32\dldfcoms.exe ( )
PRC - C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe ()
PRC - C:\WINDOWS\system32\PSIService.exe ()
PRC - C:\Program Files\DynDNS Updater\DynDNS.exe (Kana Solution)
PRC - C:\Program Files\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe ()
PRC - C:\Program Files\Microsoft Web Application Stress Tool\webtool.exe (Microsoft Corporation)
PRC - C:\WINDOWS\system32\mdm.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - F:\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll (Microsoft Corporation)
MOD - C:\Program Files\Robust IT\Taskix\Taskix32.dll (Robust IT)
MOD - C:\WINDOWS\system32\AirfoilInject3.dll ()
MOD - C:\Program Files\Unlocker\UnlockerHook.dll ()
MOD - C:\WINDOWS\system32\dsound.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (HidServ) -- File not found
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe (Carbonite, Inc. (http://www.carbonite.com))
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AVP) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (nvda) -- C:\Program Files\NVDA\nvda_service.exe ()
SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (Microsoft Corporation)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (WHSConnector) -- C:\Program Files\Windows Home Server\WHSConnector.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (MySQL) -- c:\xampp\mysql\bin\mysqld.exe ()
SRV - (winvnc) -- C:\Program Files\TightVNC\WinVNC.exe (TightVNC Group)
SRV - (FlipShare Service) -- C:\Program Files\Flip Video\FlipShare\FlipShareService.exe ()
SRV - (Apache2.2) -- c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (VisualCron4) -- C:\Program Files\VisualCron 4\VisualCronService.exe (neteject.com)
SRV - (W3SVC) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (SMTPSVC) Simple Mail Transfer Protocol (SMTP) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (IISADMIN) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe (Microsoft Corporation)
SRV - (BcmSqlStartupSvc) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (MegaMonitorSrv) -- C:\Program Files\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe ()
SRV - (dldfCATSCustConnectService) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe ()
SRV - (dldf_device) -- C:\WINDOWS\System32\dldfcoms.exe ( )
SRV - (MSMFramework) -- C:\Program Files\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe ()
SRV - (ProtexisLicensing) -- C:\WINDOWS\system32\PSIService.exe ()
SRV - (DynDNS_Updater_Service) -- C:\Program Files\DynDNS Updater\DynDNS.exe (Kana Solution)
SRV - (cvslock) -- C:\Program Files\CVSNT\cvslock.exe ()
SRV - (cvsnt) -- C:\Program Files\CVSNT\cvsservice.exe (March Hare Software Ltd)
SRV - (WebTool) -- C:\Program Files\Microsoft Web Application Stress Tool\webtool.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (NPF) -- C:\WINDOWS\system32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (KLIF) -- C:\WINDOWS\system32\drivers\klif.sys (Kaspersky Lab)
DRV - (kl2) -- C:\WINDOWS\system32\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV - (kl1) -- C:\WINDOWS\system32\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (klmouflt) -- C:\WINDOWS\system32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (USB28xxBGA) -- C:\WINDOWS\system32\drivers\emBDA.sys (eMPIA Technology, Inc.)
DRV - (USB28xxOEM) -- C:\WINDOWS\system32\drivers\emOEM.sys (eMPIA Technology, Inc.)
DRV - (klim5) -- C:\WINDOWS\system32\drivers\klim5.sys (Kaspersky Lab)
DRV - (BackupReader) -- C:\WINDOWS\system32\drivers\BackupReader.sys (Microsoft Corporation)
DRV - (RsFx0102) -- C:\WINDOWS\system32\drivers\RsFx0102.sys (Microsoft Corporation)
DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation)
DRV - (amdagp) -- C:\WINDOWS\system32\DRIVERS\amdagp.sys (Advanced Micro Devices, Inc.)
DRV - (sisagp) -- C:\WINDOWS\system32\DRIVERS\sisagp.sys (Silicon Integrated Systems Corporation)
DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows (R) Server 2003 DDK provider)
DRV - (tbhsd) -- C:\WINDOWS\system32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (iaStor) -- C:\WINDOWS\system32\drivers\iaStor.sys (Intel Corporation)
DRV - (SYMMPI) -- C:\WINDOWS\system32\drivers\symmpi.sys (LSI Logic)
DRV - (SCDEmu) -- C:\WINDOWS\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (tapvpn) -- C:\WINDOWS\system32\drivers\tapvpn.sys (The OpenVPN Project)
DRV - (DLADResM) -- C:\WINDOWS\system32\DLA\DLADResM.SYS (Roxio)
DRV - (DLABMFSM) -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS (Roxio)
DRV - (DLAUDF_M) -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS (Roxio)
DRV - (DLAUDFAM) -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS (Roxio)
DRV - (DLAOPIOM) -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS (Roxio)
DRV - (DLABOIOM) -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS (Roxio)
DRV - (DLAIFS_M) -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS (Roxio)
DRV - (DLAPoolM) -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS (Roxio)
DRV - (DRVNDDM) -- C:\WINDOWS\system32\drivers\DRVNDDM.SYS (Roxio)
DRV - (DLACDBHM) -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS (Roxio)
DRV - (DLARTL_M) -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS (Roxio)
DRV - (DRVMCDB) -- C:\WINDOWS\System32\Drivers\DRVMCDB.SYS (Sonic Solutions)
DRV - (STHDA) -- C:\WINDOWS\system32\drivers\sthda.sys (SigmaTel, Inc.)
DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)
DRV - (b57w2k) -- C:\WINDOWS\system32\drivers\b57xp32.sys (Broadcom Corporation)
DRV - (cxbu0wdm) -- C:\WINDOWS\system32\drivers\cxbu0wdm.sys (OMNIKEY)
DRV - (BCM42RLY) -- C:\WINDOWS\system32\bcm42rly.sys (Broadcom Corporation)
DRV - (BCM43XX) -- C:\WINDOWS\system32\drivers\BCMWL5.SYS (Broadcom Corporation)
DRV - (GTNDIS5) -- C:\WINDOWS\system32\GTNDIS5.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (nidmmk) -- C:\WINDOWS\system32\drivers\nidmmk.dll (National Instruments Corporation)
DRV - (Nidaq32k) -- C:\WINDOWS\System32\drivers\nidaq32k.sys (National Instruments Corporation)
DRV - (nistck) -- C:\WINDOWS\system32\drivers\niSTCk.dll (National Instruments Corporation)
DRV - (nimdsk) -- C:\WINDOWS\system32\drivers\nimdsk.dll (National Instruments Corporation)
DRV - (niarbk) -- C:\WINDOWS\system32\drivers\niarbk.dll (National Instruments Corporation)
DRV - (nibffrk) -- C:\WINDOWS\system32\drivers\nibffrk.dll (National Instruments Corporation)
DRV - (Sparrow) -- C:\WINDOWS\system32\DRIVERS\sparrow.sys (Adaptec, Inc.)
DRV - (sym_u3) -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys (LSI Logic)
DRV - (sym_hi) -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys (LSI Logic)
DRV - (symc8xx) -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys (LSI Logic)
DRV - (symc810) -- C:\WINDOWS\system32\DRIVERS\symc810.sys (Symbios Logic Inc.)
DRV - (ultra) -- C:\WINDOWS\system32\DRIVERS\ultra.sys (Promise Technology, Inc.)
DRV - (ql12160) -- C:\WINDOWS\system32\DRIVERS\ql12160.sys (QLogic Corporation)
DRV - (ql1080) -- C:\WINDOWS\system32\DRIVERS\ql1080.sys (QLogic Corporation)
DRV - (ql1280) -- C:\WINDOWS\system32\DRIVERS\ql1280.sys (QLogic Corporation)
DRV - (dac2w2k) -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys (Mylex Corporation)
DRV - (mraid35x) -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys (American Megatrends Inc.)
DRV - (asc) -- C:\WINDOWS\system32\DRIVERS\asc.sys (Advanced System Products, Inc.)
DRV - (asc3550) -- C:\WINDOWS\system32\DRIVERS\asc3550.sys (Advanced System Products, Inc.)
DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (CmdIde) -- C:\WINDOWS\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.co.uk/hws/sb/dell-usu ... channel=uk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&c ... bd=1071212
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>

========== FireFox ==========


FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/06 03:49:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler2.com: C:\Program Files\Fiddler2\FiddlerHook [2010/11/18 13:45:22 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/15 12:21:07 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/15 12:21:06 | 000,000,000 | ---D | M]

[2009/09/18 15:35:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Extensions
[2009/09/18 15:35:22 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Extensions\home2@tomtom.com
[2009/02/27 11:14:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Extensions\uploadr@flickr.com
[2011/01/21 21:03:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions
[2011/01/08 10:46:04 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010/10/06 22:12:37 | 000,000,000 | ---D | M] (URL Fixer) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{0fa2149e-bb2c-4ac2-a8d3-479599819475}
[2010/05/06 10:01:15 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/09/02 18:08:36 | 000,000,000 | ---D | M] ("Delicious Bookmarks") -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{2fa4ed95-0317-4c6a-a74c-5f3e3912c1f9}
[2011/01/17 14:10:39 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/01/29 16:48:45 | 000,000,000 | ---D | M] (Gmail Manager) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{582195F5-92E7-40a0-A127-DB71295901D7}
[2010/03/26 09:20:46 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2010/09/13 10:42:57 | 000,000,000 | ---D | M] (ColorZilla) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326}
[2011/01/08 10:46:05 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2010/05/06 10:01:15 | 000,000,000 | ---D | M] ("S3 Firefox Organizer(S3Fox)") -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{7CEA821D-3DAB-4238-B424-BF7324531750}
[2010/02/17 14:03:38 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2011/01/14 09:41:36 | 000,000,000 | ---D | M] (Selenium IDE) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}
[2010/12/31 12:39:40 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/20 18:16:30 | 000,000,000 | ---D | M] ("Tab Mix Plus") -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2011/01/08 10:46:04 | 000,000,000 | ---D | M] (Page Speed) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{e3f6c2cc-d8db-498c-af6c-499fb211db97}
[2010/04/12 09:26:17 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2010/08/27 16:06:03 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2010/01/06 11:37:53 | 000,000,000 | ---D | M] (QuickRestart) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{F645A8C9-E969-42D9-B3F3-F325537222FD}
[2008/11/03 16:18:04 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2010/05/21 08:14:18 | 000,000,000 | ---D | M] ("Better Gmail 2") -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\bettergmail2@ginatrapani.org
[2011/01/14 09:41:35 | 000,000,000 | ---D | M] (Selenium IDE: C# Formatters) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\csharpformatters@seleniumhq.org
[2010/07/20 16:46:35 | 000,000,000 | ---D | M] (Aptana Debugger) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\debugger@aptana.com
[2010/05/06 10:01:15 | 000,000,000 | ---D | M] (DrupalForFirebug) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\DrupalForFirebug@drupal.org
[2011/01/08 10:45:49 | 000,000,000 | ---D | M] (Firebug) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\firebug@software.joehewitt.com
[2010/11/05 07:58:04 | 000,000,000 | ---D | M] (Firecookie) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\firecookie@janodvarko.cz
[2009/10/27 11:28:42 | 000,000,000 | ---D | M] ("Firefinder for Firebug") -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\firefinder@robertnyman.com
[2010/11/05 07:58:00 | 000,000,000 | ---D | M] (FirePHP) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\FirePHPExtension-Build@firephp.org
[2011/01/21 12:13:49 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\foxyproxy@eric.h.jung
[2011/01/14 09:41:36 | 000,000,000 | ---D | M] (Selenium IDE: Groovy Formatters) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\groovyformatters@seleniumhq.org
[2011/01/14 09:41:37 | 000,000,000 | ---D | M] (Selenium IDE: Java Formatters) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\javaformatters@seleniumhq.org
[2010/06/11 08:40:29 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\LogMeInClient@logmein.com
[2011/01/14 09:41:36 | 000,000,000 | ---D | M] (Selenium IDE: Perl Formatter) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\perlformatters@seleniumhq.org
[2011/01/14 09:41:36 | 000,000,000 | ---D | M] (Selenium IDE: PHP Formatters) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\phpformatters@seleniumhq.org
[2011/01/14 09:41:35 | 000,000,000 | ---D | M] (Selenium IDE: Python Formatters) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\pythonformatters@seleniumhq.org
[2011/01/14 09:41:37 | 000,000,000 | ---D | M] (Selenium IDE: Ruby Formatters) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\rubyformatters@seleniumhq.org
[2010/10/18 10:48:26 | 000,000,000 | ---D | M] (YSlow) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\yslow@yahoo-inc.com
[2010/11/05 07:58:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\FirePHPExtension-Build@firephp.org\__MACOSX
[2010/11/05 07:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\FirePHPExtension-Build@firephp.org\chrome
[2010/11/05 07:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\David\Application Data\Mozilla\Firefox\Profiles\rtdwb0xn.default\extensions\FirePHPExtension-Build@firephp.org\defaults
[2011/01/18 20:28:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/28 23:16:07 | 000,000,000 | ---D | M] (Kaspersky Anti-Banner) -- C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010/07/28 23:16:08 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010/03/22 17:25:21 | 000,028,472 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcdec.dll
[2010/03/22 17:25:21 | 000,185,224 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\atgpcext.dll
[2010/03/22 17:25:19 | 000,061,832 | ---- | M] (WebEx Communications, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npatgpc.dll

O1 HOSTS File: ([2011/01/19 19:11:23 | 000,429,648 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 72.47.224.154 greatmooglygoogly.com
O1 - Hosts: 127.0.0.1 http://www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 http://www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 14775 more lines...
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (http://www.flashget.com)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DebugBar BHO) - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files\Core Services\DebugBar\DebugInfoBar.dll (Core Services)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (IE Developer Toolbar BHO) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (http://www.flashget.com)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (DebugBar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll (Core Services)
O3 - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\..\Toolbar\ShellBrowser: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\..\Toolbar\WebBrowser: (DebugBar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files\Core Services\DebugBar\DebugToolBar.dll (Core Services)
O4 - HKLM..\Run: [AirPort Base Station Agent] C:\Program Files\AirPort\APAgent.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [dldfmon.exe] C:\Program Files\Dell AIO Printer 948\dldfmon.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ProcessGovernor] C:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
O4 - HKLM..\Run: [ProcessSupervisorGUI] C:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher GUI.exe (r2 studios)
O4 - HKLM..\Run: [VisualCron Tray Client] C:\Program Files\VisualCron 4\VCTray.exe (NetCart)
O4 - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008..\Run: [Taskbar Shuffle] C:\Program Files\Taskbar Shuffle\taskbarshuffle.exe (Jay Elaraj)
O4 - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008..\Run: [Taskix] C:\Program Files\Robust IT\Taskix\Taskix32.exe (Robust IT)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Launchy.lnk = C:\Program Files\Launchy\Launchy.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Home Server.lnk = C:\WINDOWS\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll (Microsoft Corporation)
O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra 'Tools' menuitem : Fiddler2 - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files\Fiddler2\Fiddler.exe (Eric Lawrence)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\PrxerNsp.dll (Initex Software)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\PrxerDrv.dll (Initex Software)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\PrxerDrv.dll (Initex Software)
O15 - HKU\S-1-5-21-3970506798-2062240868-3501328355-1008\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... vc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {41564D57-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/ ... mvadvd.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windows ... 9375557631 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_17)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL) - File not found
O20 - AppInit_DLLs: (AirfoilInject3.dll) - C:\WINDOWS\System32\AirfoilInject3.dll ()
O20 - AppInit_DLLs: (C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop WallPaper: C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\David\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (setuid) - C:\WINDOWS\System32\setuid.dll (March-Hare Software Ltd)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/11 17:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/09/29 08:33:32 | 002,447,360 | R--- | M] (VideoHome ) - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2009/09/29 08:33:32 | 000,019,790 | R--- | M] () - D:\autorun.ico -- [ CDFS ]
O32 - AutoRun File - [2009/09/29 08:33:32 | 000,000,047 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2009/09/29 08:32:57 | 013,130,197 | R--- | M] () - D:\autorun.tgt -- [ CDFS ]
O32 - AutoRun File - [2009/09/10 09:35:41 | 000,000,000 | ---D | M] - N:\Automatically Add to iTunes -- [ NTFS ]
O33 - MountPoints2\{1e6857ff-1d0c-11de-97b4-001d7e954401}\Shell\AutoRun\command - "" = E:\Setup_FlipShare.exe
O33 - MountPoints2\{1e6857ff-1d0c-11de-97b4-001d7e954401}\Shell\Setup FlipShare\command - "" = E:\Setup_FlipShare.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/22 01:18:53 | 000,000,000 | ---D | C] -- C:\Windows Home Server Drivers for Restore
[2011/01/21 13:29:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- F:\Desktop\OTL.exe
[2011/01/20 13:03:55 | 002,000,936 | ---- | C] (Dominik Reichl ) -- F:\Desktop\KeePass-2.14-Setup.exe
[2011/01/19 21:58:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Sophos
[2011/01/19 21:58:02 | 000,000,000 | ---D | C] -- C:\Program Files\Sophos
[2011/01/14 12:19:50 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2011/01/14 12:19:49 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys
[2011/01/14 12:19:49 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2011/01/14 12:19:47 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2011/01/14 12:19:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2011/01/14 12:19:46 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2011/01/14 12:19:46 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2011/01/14 12:19:44 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2011/01/14 12:19:42 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2011/01/14 12:19:40 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2011/01/14 12:19:39 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2011/01/14 12:19:23 | 000,361,728 | R--- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\drivers\emBDA.sys
[2011/01/14 12:19:23 | 000,106,496 | R--- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\emPRP.ax
[2011/01/14 12:19:23 | 000,061,440 | R--- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\emMON.exe
[2011/01/14 12:19:23 | 000,039,680 | R--- | C] (eMPIA Technology, Inc.) -- C:\WINDOWS\System32\drivers\emOEM.sys
[2011/01/14 12:19:22 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2011/01/14 12:19:22 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2011/01/14 12:19:22 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2011/01/14 12:19:22 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2011/01/14 12:19:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2011/01/14 12:19:22 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2011/01/14 12:19:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2011/01/14 12:19:20 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2011/01/14 12:19:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys
[2011/01/14 12:19:19 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2011/01/14 12:19:18 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2011/01/14 12:19:18 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax
[2011/01/14 11:50:04 | 000,424,960 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\MSMS001.vwp
[2011/01/14 11:50:04 | 000,281,600 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\Mvoice.vwp
[2011/01/14 11:50:04 | 000,278,016 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\VCT3216.dll
[2011/01/14 11:50:04 | 000,261,632 | ---- | C] (AccuSoft Corporation) -- C:\WINDOWS\System32\accuimr5.dll
[2011/01/14 11:50:04 | 000,082,944 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\vct3216.acm
[2011/01/14 11:50:04 | 000,078,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nscomdlg.ocx
[2011/01/14 11:50:04 | 000,063,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\NSCMPS.dll
[2011/01/14 11:50:04 | 000,056,320 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\VoxMVDec.ax
[2011/01/14 11:50:04 | 000,056,320 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\System32\VoxMSDec.ax
[2011/01/14 11:50:04 | 000,036,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\lhacm.acm
[2011/01/14 11:50:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Media
[2011/01/14 11:50:03 | 000,206,336 | ---- | C] (Vivo Software) -- C:\WINDOWS\System32\ivvideo.dll
[2011/01/14 11:50:03 | 000,140,800 | ---- | C] (VDOnet Corp.) -- C:\WINDOWS\System32\encvw_32.dll
[2011/01/14 11:50:03 | 000,104,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\wavtoasf.exe
[2011/01/14 11:50:03 | 000,088,464 | ---- | C] (VDOnet Corp.) -- C:\WINDOWS\System32\decvw_32.dll
[2011/01/14 11:50:03 | 000,082,432 | ---- | C] (VDOnet LTD..) -- C:\WINDOWS\System32\vdowave.drv
[2011/01/14 11:50:03 | 000,079,360 | ---- | C] (VDOnet Corp.) -- C:\WINDOWS\System32\vdodec32.dll
[2011/01/14 11:50:03 | 000,078,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\vidtoasf.exe
[2011/01/14 11:50:03 | 000,069,120 | ---- | C] (VDOnet Corp) -- C:\WINDOWS\System32\vdoenc32.dll
[2011/01/14 11:50:03 | 000,067,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\asfcheck.exe
[2011/01/14 11:50:03 | 000,066,560 | ---- | C] (The Duck Corporation) -- C:\WINDOWS\System32\tr2032.dll
[2011/01/14 11:50:03 | 000,034,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\nserror.dll
[2011/01/14 11:50:03 | 000,023,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\asx3test.exe
[2011/01/14 11:50:03 | 000,017,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\asfchop.exe
[2011/01/14 11:50:02 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2011/01/14 11:49:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoHome GrabBee
[2011/01/14 11:49:14 | 000,000,000 | ---D | C] -- C:\Program Files\VideoHome
[2011/01/14 11:49:14 | 000,000,000 | ---D | C] -- C:\GrabBeeCap
[2011/01/14 11:40:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Adobe
[2011/01/13 14:05:01 | 000,000,000 | ---D | C] -- C:\php5
[2011/01/11 19:19:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\David\Application Data\Wireshark
[2011/01/11 16:41:56 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/01/11 16:41:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/01/11 16:39:13 | 007,866,472 | ---- | C] (Microsoft Corporation) -- F:\Desktop\mseinstall.exe
[2011/01/11 16:17:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap
[2011/01/11 16:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2011/01/11 16:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\Wireshark
[2010/12/23 15:07:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Apple Computer
[2010/05/20 20:42:51 | 000,434,176 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhcp.dll
[2010/05/20 20:42:51 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfinpa.dll
[2010/05/20 20:42:51 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfiesc.dll
[2010/05/20 20:42:50 | 001,200,128 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfserv.dll
[2010/05/20 20:42:50 | 000,950,272 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfusb1.dll
[2010/05/20 20:42:50 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfprox.dll
[2010/05/20 20:42:49 | 000,647,168 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfpmui.dll
[2010/05/20 20:42:49 | 000,565,248 | ---- | C] ( ) -- C:\WINDOWS\System32\dldflmpm.dll
[2010/05/20 20:42:48 | 000,663,552 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfhbn3.dll
[2010/05/20 20:42:47 | 000,860,160 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomc.dll
[2010/05/20 20:42:47 | 000,364,544 | ---- | C] ( ) -- C:\WINDOWS\System32\dldfcomm.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 F:\Desktop\*.tmp files -> F:\Desktop\*.tmp -> ]
[3 F:\My Documents\*.tmp files -> F:\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/22 13:09:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3970506798-2062240868-3501328355-1008UA.job
[2011/01/22 13:04:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/22 11:05:04 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{88EB32CE-3B59-4DDC-81D6-5B81A4F4B892}.job
[2011/01/22 11:01:30 | 000,002,299 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Home Server.lnk
[2011/01/22 11:00:38 | 000,063,671 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2011/01/22 11:00:18 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/22 11:00:17 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/22 08:08:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2011/01/22 04:29:21 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2011/01/22 02:30:08 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\Update Photos.job
[2011/01/22 02:30:01 | 062,672,896 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\filesync.metadata
[2011/01/22 02:08:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2011/01/22 01:27:56 | 000,000,334 | ---- | M] () -- C:\WINDOWS\tasks\Update Music To Server.job
[2011/01/22 00:15:10 | 000,000,336 | ---- | M] () -- C:\WINDOWS\tasks\Update Comics to Server.job
[2011/01/22 00:09:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3970506798-2062240868-3501328355-1008Core.job
[2011/01/22 00:05:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/22 00:04:58 | 3487,195,136 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/21 21:05:05 | 000,000,386 | ---- | M] () -- C:\WINDOWS\tasks\SyncToy Flip Video.job
[2011/01/21 20:08:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2011/01/21 18:03:44 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\PUTTY.RND
[2011/01/21 14:08:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2011/01/21 13:51:15 | 000,000,086 | -H-- | M] () -- F:\Desktop\.picasa.ini
[2011/01/21 13:36:43 | 000,004,974 | ---- | M] () -- C:\Documents and Settings\All Users\dldf
[2011/01/21 13:30:06 | 000,296,448 | ---- | M] () -- F:\Desktop\mb4no8cn.exe
[2011/01/21 13:29:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- F:\Desktop\OTL.exe
[2011/01/21 10:28:48 | 000,000,126 | ---- | M] () -- C:\WINDOWS\JascCmdFile.INI
[2011/01/20 17:43:44 | 006,572,437 | ---- | M] () -- F:\Desktop\You_'re Short, Bald and Ugly Charlie Brown.pdf
[2011/01/20 16:16:16 | 000,002,902 | ---- | M] () -- C:\Documents and Settings\David\.kdiff3rc
[2011/01/20 13:54:08 | 000,001,858 | -H-- | M] () -- F:\My Documents\Default.rdp
[2011/01/20 13:04:06 | 002,000,936 | ---- | M] (Dominik Reichl ) -- F:\Desktop\KeePass-2.14-Setup.exe
[2011/01/19 22:00:04 | 000,000,384 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag.job
[2011/01/19 19:11:23 | 000,429,648 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/01/19 14:08:00 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/01/19 09:26:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/18 13:08:30 | 000,000,100 | ---- | M] () -- C:\Documents and Settings\David\box_buddy_list2
[2011/01/14 12:30:53 | 000,105,472 | ---- | M] () -- C:\Documents and Settings\David\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/14 12:23:37 | 000,002,383 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GrabBee.lnk
[2011/01/14 11:50:08 | 000,000,000 | ---- | M] () -- C:\WINDOWS\nsrex.INI
[2011/01/14 11:49:23 | 000,001,884 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Record.lnk
[2011/01/14 11:49:22 | 000,001,884 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Snapshot.lnk
[2011/01/14 11:40:54 | 000,000,887 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Flash Media Live Encoder 3.2.lnk
[2011/01/14 11:40:54 | 000,000,869 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Flash Media Live Encoder 3.2.lnk
[2011/01/13 19:19:29 | 000,000,213 | ---- | M] () -- C:\WINDOWS\pear.ini
[2011/01/13 13:28:31 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2011/01/11 16:42:30 | 000,002,052 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2011/01/11 16:40:52 | 007,866,472 | ---- | M] (Microsoft Corporation) -- F:\Desktop\mseinstall.exe
[2011/01/11 16:17:32 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\-1
[2011/01/11 16:17:19 | 000,001,493 | ---- | M] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2011/01/07 17:26:01 | 000,002,220 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20110111-170245.backup
[2011/01/06 16:16:28 | 000,022,240 | ---- | M] () -- F:\My Documents\Expenses.xlsx
[2011/01/05 11:24:49 | 000,253,080 | ---- | M] () -- F:\My Documents\Holiday Pins 2010.xlsx
[2010/12/30 13:08:33 | 003,423,368 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/12/30 11:29:54 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 F:\Desktop\*.tmp files -> F:\Desktop\*.tmp -> ]
[3 F:\My Documents\*.tmp files -> F:\My Documents\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/21 13:44:41 | 000,000,086 | -H-- | C] () -- F:\Desktop\.picasa.ini
[2011/01/21 13:30:05 | 000,296,448 | ---- | C] () -- F:\Desktop\mb4no8cn.exe
[2011/01/20 17:42:40 | 006,572,437 | ---- | C] () -- F:\Desktop\You_'re Short, Bald and Ugly Charlie Brown.pdf
[2011/01/18 13:08:30 | 000,000,100 | ---- | C] () -- C:\Documents and Settings\David\box_buddy_list2
[2011/01/14 12:19:23 | 000,016,382 | R--- | C] () -- C:\WINDOWS\System32\drivers\merlinC.rom
[2011/01/14 12:19:22 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/01/14 12:19:22 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2011/01/14 12:19:22 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2011/01/14 12:19:22 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2011/01/14 12:19:22 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2011/01/14 12:19:22 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2011/01/14 11:50:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsrex.INI
[2011/01/14 11:49:23 | 000,002,383 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GrabBee.lnk
[2011/01/14 11:49:23 | 000,001,884 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Record.lnk
[2011/01/14 11:49:22 | 000,001,884 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Snapshot.lnk
[2011/01/14 11:40:54 | 000,000,887 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Flash Media Live Encoder 3.2.lnk
[2011/01/14 11:40:54 | 000,000,869 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Flash Media Live Encoder 3.2.lnk
[2011/01/13 14:04:56 | 000,000,213 | ---- | C] () -- C:\WINDOWS\pear.ini
[2011/01/11 16:42:30 | 000,002,052 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2011/01/11 16:17:31 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\-1
[2011/01/11 16:17:19 | 000,001,493 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Microsoft\Internet Explorer\Quick Launch\Wireshark.lnk
[2010/08/18 21:05:46 | 000,074,240 | ---- | C] () -- C:\WINDOWS\System32\zlibwapi.dll
[2010/07/21 10:38:30 | 000,027,691 | ---- | C] () -- C:\Documents and Settings\David\Application Data\phpdesigner.xml
[2010/06/25 17:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2010/05/20 21:03:57 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dldfvs.dll
[2010/05/20 21:03:55 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfcoin.dll
[2010/05/20 21:03:33 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\dldfdrs.dll
[2010/05/20 21:03:33 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\dldfcaps.dll
[2010/05/20 21:03:32 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\dldfcnv4.dll
[2010/05/20 21:02:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMON.DLL
[2010/05/20 21:02:28 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\DLDFFXPU.DLL
[2010/05/20 21:02:08 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\dldfoem.dll
[2010/05/20 21:02:08 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DLDFPMRC.DLL
[2010/05/20 20:42:51 | 000,348,160 | ---- | C] () -- C:\WINDOWS\System32\dldfinst.dll
[2010/05/20 20:42:50 | 000,499,712 | ---- | C] () -- C:\WINDOWS\System32\dldfutil.dll
[2010/05/20 20:42:49 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfinsb.dll
[2010/05/20 20:42:49 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\dldfjswr.dll
[2010/05/20 20:42:49 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\dldfinsr.dll
[2010/05/20 20:42:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\dldfgrd.dll
[2010/05/20 20:42:48 | 000,176,128 | ---- | C] () -- C:\WINDOWS\System32\dldfins.dll
[2010/05/20 20:42:47 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dldfcub.dll
[2010/05/20 20:42:47 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\dldfcu.dll
[2010/05/20 20:42:47 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\dldfcur.dll
[2010/05/20 20:42:46 | 000,077,906 | ---- | C] () -- C:\WINDOWS\System32\dldfcfg.dll
[2010/05/20 08:54:36 | 001,353,296 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
[2010/04/27 16:08:39 | 000,000,179 | ---- | C] () -- C:\Documents and Settings\David\Application Data\Current.prx
[2009/09/24 12:07:50 | 000,165,584 | ---- | C] () -- C:\WINDOWS\System32\AirfoilInject3.dll
[2009/08/13 15:36:26 | 000,006,347 | ---- | C] () -- C:\Documents and Settings\David\Application Data\PrimoPDFSet.xml
[2009/08/13 15:36:24 | 000,000,222 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\PrimoPDFSet.xml
[2009/08/13 15:30:18 | 000,176,235 | ---- | C] () -- C:\WINDOWS\System32\Primomonnt.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009/04/27 04:13:36 | 000,000,314 | ---- | C] () -- C:\WINDOWS\primopdf.ini
[2009/04/15 14:58:37 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2009/03/10 13:59:09 | 000,000,427 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2009/03/04 14:33:01 | 000,002,330 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ITFW.log
[2009/03/04 10:20:55 | 062,672,896 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\filesync.metadata
[2008/07/10 10:16:20 | 000,000,588 | ---- | C] () -- C:\Documents and Settings\David\Application Data\TheLastRipper.xml
[2008/04/14 10:31:49 | 000,021,791 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2008/04/14 10:31:49 | 000,001,037 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2008/04/14 10:31:36 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2008/04/14 10:31:36 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2008/04/14 10:31:36 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2008/04/02 15:43:04 | 000,163,840 | ---- | C] () -- C:\WINDOWS\System32\cmabout.dll
[2008/04/02 15:43:04 | 000,010,090 | ---- | C] () -- C:\WINDOWS\System32\cmdiag.ini
[2008/04/02 15:43:04 | 000,000,143 | ---- | C] () -- C:\WINDOWS\System32\cmabout.ini
[2008/03/14 11:14:05 | 000,000,126 | ---- | C] () -- C:\WINDOWS\JascCmdFile.INI
[2008/02/19 13:06:00 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.INI
[2008/02/19 06:33:34 | 000,446,352 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll
[2008/02/15 12:24:47 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\PUTTY.RND
[2008/01/31 10:39:57 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2008/01/31 10:39:55 | 001,559,040 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2008/01/31 10:39:55 | 000,282,624 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2008/01/31 10:39:54 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/01/30 13:51:10 | 000,000,347 | ---- | C] () -- C:\Documents and Settings\David\Application Data\DropSend Prefs
[2008/01/30 13:51:01 | 000,000,061 | ---- | C] () -- C:\Documents and Settings\David\Application Data\DropSend Log
[2008/01/14 12:46:22 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\GTW32N50.dll
[2008/01/14 12:46:00 | 000,004,283 | ---- | C] () -- C:\WINDOWS\System32\WLAN.INI
[2008/01/03 13:11:04 | 000,105,472 | ---- | C] () -- C:\Documents and Settings\David\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/01/03 12:51:55 | 000,010,857 | ---- | C] () -- C:\Program Files\Dreamweaver CS3 Read Me.html
[2007/12/11 23:21:16 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2007/12/11 23:08:26 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2007/12/11 23:08:26 | 000,000,120 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2007/12/11 22:32:18 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2007/12/11 22:30:46 | 000,001,206 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2007/08/23 19:30:00 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2007/07/05 18:13:10 | 000,073,728 | R--- | C] () -- C:\WINDOWS\System32\AlertStrings.dll
[2007/05/11 08:54:12 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\chksvrn.dll
[2006/11/07 04:25:58 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/09/12 18:16:11 | 000,262,144 | ---- | C] () -- C:\WINDOWS\System32\Manipulate.dll
[2006/07/08 03:31:02 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2006/07/08 03:30:34 | 000,066,048 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2006/07/08 03:29:34 | 000,045,568 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2006/07/08 03:29:30 | 000,023,552 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2006/06/07 09:09:42 | 000,433,678 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-parse.dll
[2006/06/07 09:09:14 | 002,559,762 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-enc.dll
[2006/06/07 09:06:48 | 000,023,757 | ---- | C] () -- C:\WINDOWS\System32\erdmpg-int.dll
[2006/06/01 14:39:30 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\LDECMPG22.dll
[2006/06/01 14:39:20 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\LENCMPG22.dll
[2006/06/01 14:38:36 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\LENCMPG2KRN2.dll
[2006/05/31 15:52:54 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\LDECMPG2KRN2.dll
[2006/05/28 22:31:26 | 000,405,504 | ---- | C] () -- C:\WINDOWS\System32\LEncMPG4Krn.dll
[2006/05/23 12:35:22 | 001,814,528 | ---- | C] () -- C:\WINDOWS\System32\ltmm15_n.dll
[2005/11/17 17:57:30 | 000,258,560 | ---- | C] () -- C:\WINDOWS\System32\MusicTagsAX.dll
[2005/10/15 02:10:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\comLyricGetter.dll
[2004/08/11 17:24:19 | 000,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/11 17:11:31 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/11 17:07:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/07/10 18:55:38 | 000,252,416 | ---- | C] () -- C:\WINDOWS\System32\wsiShared.dll
[2004/02/01 19:21:56 | 000,097,280 | ---- | C] () -- C:\WINDOWS\System32\Uncommon.dll
[2003/09/15 08:55:53 | 000,014,843 | ---- | C] () -- C:\WINDOWS\System32\mingwm10.dll
[2003/08/07 19:01:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2002/07/09 17:51:40 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\nipxiini.dll
[2002/07/09 17:30:04 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\niidaqlv.dll
[1999/11/04 10:00:38 | 000,001,840 | ---- | C] () -- C:\WINDOWS\System32\niidaqs.dll

========== Alternate Data Streams ==========

@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:888AFB86

< End of report >
You do not have the required permissions to view the files attached to this post.
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm

Re: Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 23rd, 2011, 3:18 pm

OTL Extras logfile created on: 22/01/2011 13:13:46 - Run 1
OTL by OldTimer - Version 3.2.20.3 Folder = F:\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 74.00% Memory free
6.00 Gb Paging File | 5.00 Gb Available in Paging File | 86.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.93 Gb Total Space | 64.68 Gb Free Space | 43.43% Space Free | Partition Type: NTFS
Drive D: | 394.79 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 931.51 Gb Total Space | 511.11 Gb Free Space | 54.87% Space Free | Partition Type: NTFS
Drive M: | 911.50 Gb Total Space | 149.57 Gb Free Space | 16.41% Space Free | Partition Type: NTFS
Drive N: | 911.50 Gb Total Space | 149.57 Gb Free Space | 16.41% Space Free | Partition Type: NTFS
Drive P: | 911.50 Gb Total Space | 149.57 Gb Free Space | 16.41% Space Free | Partition Type: NTFS

Computer Name: DAVIDDESKTOP | User Name: David | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_USERS\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [git_gui] -- "C:\Program Files\Git\bin\wish.exe" "C:\Program Files\Git\libexec\git-core\git-gui" "--working-dir" "%1" (ActiveState Corporation)
Directory [git_shell] -- "C:\WINDOWS\system32\cmd.exe" /c "pushd "%1" && "C:\Program Files\Git\bin\sh.exe" --login -i" (Microsoft Corporation)
Directory [Search with Files Search Assistant] -- "C:\Program Files\Files Search Assistant\fsa.exe" "%1" (AKS-Labs)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5353:UDP" = 5353:UDP:*:Enabled:Bonjour

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\popup.exe" = C:\Program Files\Dell SAS RAID Storage Manager\MegaPopup\popup.exe:*:Disabled:popup -- ( )
"C:\Program Files\Orb Networks\Orb\bin\Orb.exe" = C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb
"C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" = C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray
"C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe" = C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client
"C:\Program Files\Orb Networks\Orb\bin\xmltv.exe" = C:\Program Files\Orb Networks\Orb\bin\xmltv.exe:*:Enabled:OrbTVGuide
"C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe" = C:\Program Files\Orb Networks\Orb\bin\OrbChannelScan.exe:*:Enabled:OrbChannelScan
"C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe" = C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3 -- (Adobe Systems, Inc.)
"C:\WINDOWS\system32\dldfcoms.exe" = C:\WINDOWS\system32\dldfcoms.exe:*:Enabled:Dell Communications System -- ( )
"C:\Program Files\Grisoft\AVG7\avginet.exe" = C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe" = C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe
"C:\Program Files\Grisoft\AVG7\avgcc.exe" = C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe
"C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe" = C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe:*:Enabled:VideoAccelerator
"C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe" = C:\Program Files\SpeedBit Video Accelerator\VideoAcceleratorEngine.exe:*:Enabled:VideoAcceleratorService
"C:\Program Files\AnalogX\SimpleServer\WWW\http.exe" = C:\Program Files\AnalogX\SimpleServer\WWW\http.exe:*:Enabled:http -- ()
"C:\Program Files\Abyss Web Server\abyssws.exe" = C:\Program Files\Abyss Web Server\abyssws.exe:*:Enabled:Abyss Web Server X1 -- (Aprelium Technologies)
"C:\Program Files\AnalogX\SimpleServer\Shout\shout.exe" = C:\Program Files\AnalogX\SimpleServer\Shout\shout.exe:*:Enabled:shout -- ()
"C:\Program Files\Sorenson Media\Sorenson Squeeze\Squeeze.exe" = C:\Program Files\Sorenson Media\Sorenson Squeeze\Squeeze.exe:*:Disabled:Squeeze Application -- (Sorenson Media Inc.)
"C:\Program Files\Aqua Data Studio 6.5\jre\bin\javaw.exe" = C:\Program Files\Aqua Data Studio 6.5\jre\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe" = C:\Program Files\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe:*:Enabled:javaw -- ()
"C:\Program Files\TightVNC\WinVNC.exe" = C:\Program Files\TightVNC\WinVNC.exe:*:Enabled:TightVNC Win32 Server -- (TightVNC Group)
"C:\Program Files\Simplify Media\SimplifyPeer.exe" = C:\Program Files\Simplify Media\SimplifyPeer.exe:*:Enabled:Simplify Media Peer
"C:\Program Files\Google\Google Talk\googletalk.exe" = C:\Program Files\Google\Google Talk\googletalk.exe:*:Enabled:Google Talk -- (Google)
"C:\Program Files\Simplify Media\SimplifyMedia.exe" = C:\Program Files\Simplify Media\SimplifyMedia.exe:*:Enabled:Simplify Media
"C:\Program Files\FileZilla Client\filezilla.exe" = C:\Program Files\FileZilla Client\filezilla.exe:*:Enabled:FileZilla FTP Client -- (FileZilla Project)
"C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0 -- (SmartSoft Ltd.)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\Spotify\spotify.exe" = C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify -- (Spotify Ltd)
"C:\Program Files\Windows Home Server\Discovery.exe" = C:\Program Files\Windows Home Server\Discovery.exe:*:Enabled:Windows Home Server Connector -- (Microsoft Corporation)
"C:\Program Files\Acertant\TuneRanger\TuneRangerHelper.exe" = C:\Program Files\Acertant\TuneRanger\TuneRangerHelper.exe:*:Enabled:TuneRangerHelper -- (Acertant)
"C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation)
"C:\WINDOWS\system32\ftp.exe" = C:\WINDOWS\system32\ftp.exe:*:Enabled:File Transfer Program -- (Microsoft Corporation)
"C:\Program Files\Research In Motion\BlackBerry Smartphone Simulators 4.7.0\4.7.0.75 (9530-Verizon)\fledge.exe" = C:\Program Files\Research In Motion\BlackBerry Smartphone Simulators 4.7.0\4.7.0.75 (9530-Verizon)\fledge.exe:*:Enabled:BlackBerry Handheld Simulator
"C:\WINDOWS\system32\java.exe" = C:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Airfoil\Airfoil.exe" = C:\Program Files\Airfoil\Airfoil.exe:*:Enabled:Airfoil -- (Rogue Amoeba)
"C:\Program Files\Airfoil\AirfoilSpeakers.exe" = C:\Program Files\Airfoil\AirfoilSpeakers.exe:*:Enabled:Airfoil Speakers -- (Rogue Amoeba)
"C:\Program Files\Dell AIO Printer 948\dldfmon.exe" = C:\Program Files\Dell AIO Printer 948\dldfmon.exe:*:Enabled:Printer Device Monitor -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfpswx.exe:*:Enabled:Printer Status Window Interface -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldftime.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldftime.exe:*:Enabled:Time Executable -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfjswx.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfjswx.exe:*:Enabled:Job Status Window Interface -- ()
"C:\Program Files\Dell AIO Printer 948\dldfaiox.exe" = C:\Program Files\Dell AIO Printer 948\dldfaiox.exe:*:Enabled:AIOC exe -- ()
"C:\Documents and Settings\David\Local Settings\Temp\dldf\wireless\ENGLISH\dldfwpss.exe" = C:\Documents and Settings\David\Local Settings\Temp\dldf\wireless\ENGLISH\dldfwpss.exe:*:Enabled:
"C:\WINDOWS\system32\dldfcfg.exe" = C:\WINDOWS\system32\dldfcfg.exe:*:Enabled:Printer Communication System -- ( )
"C:\Program Files\Dell AIO Printer 948\Wireless\dldfwpss.exe" = C:\Program Files\Dell AIO Printer 948\Wireless\dldfwpss.exe:*:Enabled: -- ()
"C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfwbgw.exe" = C:\WINDOWS\system32\spool\drivers\w32x86\3\dldfwbgw.exe:*:Enabled:Dell Web Gateway -- ()
"C:\Program Files\TeamViewer\Version5\TeamViewer.exe" = C:\Program Files\TeamViewer\Version5\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\Dell AIO Printer 948\dldfafcn.exe" = C:\Program Files\Dell AIO Printer 948\dldfafcn.exe:*:Enabled: -- ()
"C:\Program Files\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe" = C:\Program Files\MySQL\MySQL Workbench 5.2 CE\MySQLWorkbench.exe:LocalSubNet:Enabled:MySQL Workbench -- (Oracle Corporation)
"C:\Program Files\AirPort\APAgent.exe" = C:\Program Files\AirPort\APAgent.exe:*:Enabled:AirPort -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{01C5A10F-AD9B-405B-853A-6659841A1242}" = Microsoft SQL Server 2008 Policies
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{0650BB10-BCF4-400A-85EE-04097E3046C6}" = Adobe Setup
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{065C4136-6B49-4EDB-8915-F9E91312B1A5}" = HP Scrawlr
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{09A02B7A-45A5-4E24-9AF3-14B8A86E18CA}" = Dell SAS RAID Storage Manager
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B7A06BF-E642-4D31-B524-49763C8492D1}" = Sorenson Squeeze 4.2
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DFA4A38-D176-4137-B347-DA7A19675291}" = ISAPI_Rewrite Lite
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15EFEBF6-E414-33EB-8710-A04AD1302BF8}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Web - enu
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1BD07DF4-FB06-41BA-B896-B2DA59000C96}" = Windows Live Toolbar
"{1CB92574-96F2-467B-B793-5CEB35C40C29}" = Image Resizer Powertoy for Windows XP
"{2020045B-8DCF-4449-8D5C-EB5BA37440F1}" = Microsoft SQL Server 2008 Management Studio
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21E49794-7C13-4E84-8659-55BD378267D5}" = Windows Home Server Connector
"{225EDDF0-2FF9-12EC-78B7-3B77602835F9}" = Polaris
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{2274624C-5B38-41AD-AD27-CEC0924EB628}" = Adobe Setup
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2349E6AA-CFCA-4D17-B633-3ECDA92E38CD}" = Internet Information Services (IIS) 7.0 Manager
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java(TM) 6 Update 17
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Advanced Control Suite
"{27F00C63-449B-2FAB-CBE8-24AB80E17449}" = Acrobat.com
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A290549-4638-4E74-BF42-22F9DBB93B4E}" = Digital Rowing RowPro
"{2A2F3AE8-246A-4252-BB26-1BEB45627074}" = Microsoft SQL Server System CLR Types
"{2B1D468C-FE3F-445D-A508-654249C6A355}" = S3Safe
"{2C840375-F02D-15D3-CFEC-812B4E0F54F7}" = Pixus
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0150140}" = J2SE Runtime Environment 5.0 Update 14
"{32A3A4F4-B792-11D6-A78A-00B0D0150140}" = J2SE Development Kit 5.0 Update 14
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{38EE230F-F631-451F-8800-E29F5E5C9E7D}" = iTunes Library Updater
"{39C3542E-7587-4C57-8DB1-56C23B0FC862}" = Box.net add-in for MS Office
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D4493FA-1931-4F38-9F0B-5EE4976A0A44}" = NI-DAQ 6.9.3
"{41E57D2A-F778-4183-B1F7-A4A5FDF0E896}" = GrabBee
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{4475560E-9418-4908-A158-472D873AE139}" = LogMeIn
"{45EA11B5-874D-480E-89B9-2545505BBE3E}" = Microsoft OpenType Font File Properties Extension
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4C0F8A40-2273-43E1-8C61-40D7F0573EDE}" = AirPort
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E968D9C-21A7-4915-B698-F7AEB913541D}" = Microsoft SQL Server 2008 R2 Management Objects
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{55053FBC-D021-AD5B-632B-5F41030642E7}" = Adobe Air
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5A15771A-83C4-4EB5-9F8A-385C88681123}" = MySQL Workbench 5.2 CE
"{5CE8DE46-1D95-786A-A666-AAC564BC9200}" = TweetDeck
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{621FCD24-4498-4324-A81E-07D331376EDF}" = PixiePack Codec Pack
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63540631-B30B-B375-A8C4-BCDFCA6A1861}" = Analytics Reporting Suite - beta 3.2
"{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup
"{64CDE8F2-3791-46F5-BAD2-72FFF5252FAB}" = Microsoft SQL Server Compact 3.5 SP1 Query Tools English
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A143FF0-BB9A-4A9C-A318-1688BA366BAE}" = Sorenson Squeeze 4.2
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6BF12DD6-A424-33BB-1F54-67DD1E7ED2A6}" = HelloWorld
"{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{6F7F59D5-12F6-4571-9935-A2921AA17F78}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{77D2A9D3-5800-43E3-B274-87841BC87DB2}" = Adobe ExtendScript Toolkit 2
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7C480BB2-42A9-40C6-AA5F-7AA20FC7C7F3}" = CVSNT 2.5.03.2382
"{7C9AD221-994C-45B2-B46D-26F5735158CF}" = Sony Vegas Pro 8.0
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{848139E5-DC9D-44E6-934E-F64BB648ED6E}_is1" = CD & DVD Label Maker 1.2
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8AE03988-8C8C-40EE-BDC7-76781BEF1B1D}" = Adobe Setup
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5
"{8C3F3C27-D003-44D0-D864-A4B66AF1A7FD}" = RichFLV
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0021-0000-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer 2007
"{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0021-0409-0000-0000000FF1CE}" = Microsoft Office Visual Web Developer MUI (English) 2007
"{90120000-0021-0409-0000-0000000FF1CE}_VisualWebDeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_VisualWebDeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9889A710-7060-079C-FD40-4E2E438A4150}" = Snippage
"{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}" = Visual C++ 8.0 CRT (x86) WinSXS MSM
"{9A325E77-FFFB-42AE-BC52-A38B98E8059B}" = VisualCron 4.9.40
"{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}" = Microsoft SQL Server Database Publishing Wizard 1.3
"{9BAB546A-EB11-7A59-6DC4-B98876BC3CC2}" = FlipShare
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9F73FDEF-DDC1-4307-9D96-13AB3254641A}_is1" = Doctor Who: The Adventure Games
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A44CB3FF-2F66-7CC8-DD3A-ED1E3C840C02}" = MyFonts Order M1471128
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AFDFC350-C142-4790-BE12-8357AECD028F}" = SyncToy 2.0 (x86)
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3DB0F20-3390-4E3A-BE0D-A93B67ADB35C}" = Git Extensions 1.98
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}" = Microsoft Web Platform Installer 2.0
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BE8D6BFC-FE20-44B2-ABD4-C1C0CBC001DC}" = ActiveState Komodo Edit 5.1.3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3E068F9-A076-441A-93F1-BC86B7116300}" = SQL Server Upgrade Assistant 2008
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C49E87AC-2A1B-4A11-B9F2-A75316319215}" = PNGGauntlet
"{C619B312-19F3-460A-9F7B-443248379F18}" = Opera 9.25
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C8C8387B-A98B-44E8-807A-1A9B7F51FFDA}" = Blaze Media Pro
"{C92A5A89-B218-46F7-8898-77C52113FFE0}" = Adobe Setup
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2B3C6AF-6D0E-4C3A-9F08-8B47973DBEDE}" = Aqua Data Studio 6.5
"{D672B3BC-0C07-4F36-8D0B-94144F31E7C8}" = iTunesFolderWatch
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE114695-AE58-4B66-8E0F-2505188602FB}_is1" = Uninstall Startup Inspector
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = AusLogics Disk Defrag
"{E12D5739-8AAA-1080-19B5-3A2AAF1ACC15}" = MeeBone
"{E138FEA5-D1D4-4805-AD20-0903529CBD05}" = AnjLab.SqlProfiler
"{E42E4BE8-326D-C905-2E4A-C4B8620F03F3}" = ReadAir
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E7081891-BC7F-43F9-9CE6-B5DD2F497156}" = Internet Explorer Developer Toolbar
"{E80F9F48-86F8-447D-8CDC-A98B1870C1D4}" = Taskix 2.1
"{E824A28B-342F-B1C0-D90D-7EB4C668C083}" = Clockmaker Icon Generator
"{EC561602-C0B9-4FAA-A175-1B3273639AC3}" = MySQL Tools for 5.0
"{ED784556-66AA-3F17-9B58-7246ACB5C7E4}" = Microsoft Visual Basic 2010 Express - ENU
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F80A72C9-B18B-4FE7-BB03-DA3619DB5691}" = TuneRanger
"{F843C6A3-224D-4615-94F8-3C461BD9AEA0}" = Corel Paint Shop Pro 9
"{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}" = Microsoft SQL Server Native Client
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FA9C3624-C693-4423-8A8B-2BC2B9F607AB}" = Microsoft SQL Server 2008 Management Studio
"{FCA37CD2-7BA4-4A5A-8979-B64EA712F4CB}" = TortoiseSVN 1.6.2.16344 (32 bit)
"{FDBD0873-EC12-38A1-2E86-2745FE481CAB}" = Boks
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"5012ED431B10CBE16790619DF08F819B049659C0" = Windows Driver Package - OMNIKEY (cxbu0wdm) SmartCardReader (12/05/2005 1.1.1.0)
"7-Zip" = 7-Zip 4.65
"ActiveHTML" = seliSoft ActiveHTML 1.04.0002
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings
"Adobe_7328fdfcb73660ec8b11d5a3d5c6232" = Adobe Dreamweaver CS3
"Adobe_bbef028176efa5abf0233d3e1747be8" = Adobe Fireworks CS3
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Adobe_cbb2ea61da9c780bd7e47a5230a9ed7" = Adobe Stock Photos CS3
"Airfoil" = Airfoil
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9
"AnalogX SimpleServer:Shout" = AnalogX SimpleServer:Shout
"AnalogX SimpleServer:WWW" = AnalogX SimpleServer:WWW
"Aptana Studio 2.0" = Aptana Studio 2.0
"Audacity_is1" = Audacity 1.2.6
"AviSynth" = AviSynth 2.5
"be.boulevart.labs.google.gas.45760F0F8DCD5D07542C1ED0B6EC67F01FF0B30E.1" = Analytics Reporting Suite - beta 3.2
"Blaze Media Pro" = Blaze Media Pro
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"Carbonite Backup" = Carbonite
"CCleaner" = CCleaner (remove only)
"CDisplay_is1" = CDisplay 1.7
"CloudBerry Explorer for Amazon S3" = CloudBerry Explorer for Amazon S3 1.7
"ColorPic" = ColorPic
"com.codeplay.pixus.DB7AA8189F523B9BDBF51D68823FB21527A4FE69.1" = Pixus
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp m4a Codec" = dBpoweramp m4a Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"de.benz.RichFLV.A73E9F89A0F07611DDC8DCF9F06D33E089C383B6.1" = RichFLV
"DebugBar" = DebugBar v5.0.2 for Internet Explorer (remove only)
"Dell AIO Printer 948" = Dell AIO Printer 948
"DynDNS Updater_is1" = DynDNS Updater 3.1
"Fiddler2" = Fiddler2
"Files Search Assistant_is1" = Files Search Assistant 3.1
"FileZilla Client" = FileZilla Client 3.1.0.1
"FlashGet" = FlashGet 1.9.6.1073
"Flickr Uploadr" = Flickr Uploadr 3.1.3
"FLV Player" = FLV Player 2.0 (build 25)
"foobar2000" = foobar2000 v1.0.3
"Foxit Reader" = Foxit Reader
"Git_is1" = Git 1.6.5.1-preview20091022
"Google Calendar Sync" = Google Calendar Sync
"Google Updater" = Google Updater
"GTK 2.0" = GTK+ Runtime 2.14.7 rev a (remove only)
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"IE4Dev" = Microsoft Script Debugger
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Inkscape" = Inkscape 0.46
"InstallShield_{09A02B7A-45A5-4E24-9AF3-14B8A86E18CA}" = Dell SAS RAID Storage Manager v2.16-00
"InstallShield_{41E57D2A-F778-4183-B1F7-A4A5FDF0E896}" = GrabBee
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"IrfanView" = IrfanView (remove only)
"jp.clockmaker.AirIconGenerator.785ADFA7D3F9CF50A24CBFF5B86AB182B877B02C.1" = Clockmaker Icon Generator
"KDiff3" = KDiff3 (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.7.0 Full
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"LastFM_is1" = Last.fm 1.5.4.27091
"Launchy_21344213_is1" = Launchy 2.0
"LogCard Utility Uninstaller_is1" = LogCard Utility Uninstaller 1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MeGUI modern media encoder" = MeGUI modern media encoder (remove only)
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft NetShow Tools 2.0" = Windows Media Tools 4.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft SQL Server 2000" = Microsoft SQL Server 2000
"Microsoft Visual Basic 2010 Express - ENU" = Microsoft Visual Basic 2010 Express - ENU
"Microsoft Web Application Stress Tool" = Microsoft Web Application Stress Tool
"mIRC" = mIRC
"Monitor Calibration Wizard" = Monitor Calibration Wizard 1.0
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"MultipleIEs_is1" = MultipleIEs
"nbi-nb-base-6.9.0.0.0" = NetBeans IDE 6.9
"NI-DAQ 6.9.3" = NI-DAQ 6.9.3
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Notepad++" = Notepad++
"NVDA" = NVDA 2010.1
"NVIDIA Drivers" = NVIDIA Drivers
"OpenDNS Updater" = OpenDNS Updater 2.2
"pdfsam" = pdfsam
"PE Explorer_is1" = PE Explorer 1.99 R2
"phpDesigner7.2.1_is1" = phpDesigner 7 version 7.2.1
"Picasa 3" = Picasa 3
"Pidgin" = Pidgin
"PowerISO" = PowerISO
"Preconfigured PHP Package" = Preconfigured PHP Package 5.2.2
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"ProcessLasso" = Process Lasso
"PROHYBRIDR" = 2007 Microsoft Office system
"Proxifier_is1" = Proxifier version 2.91
"R for Windows 2.12.0_is1" = R for Windows 2.12.0
"Random Generator for Microsoft Excel_is1" = Random Generator for Excel 2.0
"RealPlayer 6.0" = RealPlayer
"S3 Backup" = S3 Backup
"S3 Webmaster" = S3 Webmaster
"SCDNAS" = SHOUTcast DNAS (remove only)
"SearchAssist" = SearchAssist
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.0 (remove only)
"Smart Defrag_is1" = Smart Defrag
"SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only)
"Snippage.B28FB424FD6880E47B18D7D649F6CC93BDE9B29B.1" = Snippage
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.4
"Spotify" = Spotify
"Stanza" = Stanza
"Startup Delayer" = Startup Delayer v2.3 (build 134)
"SWiSHmax" = SWiSHmax
"Taskbar Shuffle_is1" = Taskbar Shuffle version 2.5
"TeamViewer 5" = TeamViewer 5
"Tidy_is1" = Tidy (February 16th, 2006)
"TightVNC_is1" = TightVNC 1.3.10
"TomTom HOME" = TomTom HOME 2.7.5.2014
"TortoiseCVS_is1" = TortoiseCVS 1.10.10
"TreeSize Free_is1" = TreeSize Free V2.2.1
"Tweak UI 2.10" = Tweak UI
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Unlocker" = Unlocker 1.8.7
"VisualWebDeveloper" = Microsoft Visual Studio Web Authoring Component
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinMerge_is1" = WinMerge 2.12.4
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR archiver
"Wireshark" = Wireshark 1.4.2
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"xampp" = XAMPP 1.7.1
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3970506798-2062240868-3501328355-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"AbyssWebServer" = Abyss Web Server X1 (remove only)
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.0.0.320

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 21/01/2011 04:39:25 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 280: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 21/01/2011 16:39:27 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 480: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 21/01/2011 20:01:51 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 268: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 21/01/2011 20:01:57 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 580: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 21/01/2011 20:01:57 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 592: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 21/01/2011 20:01:57 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 604: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 21/01/2011 20:01:57 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 616: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 21/01/2011 21:29:28 | Computer Name = DAVIDDESKTOP | Source = HomeServer | ID = 268370690
Description = Backup set 482 on SERVER failed: Microsoft.HomeServer.Backup.VSS.ShadowVolumeException:
Exception from HRESULT: 0x80042317 ---> System.Runtime.InteropServices.COMException
(0x80042317): Exception from HRESULT: 0x80042317 at Microsoft.HomeServer.Backup.VSS.IVssBackupComponents.AddToSnapshotSet(String
pwszVolumeName, Guid ProviderId) at Microsoft.HomeServer.Backup.VSS.ShadowVolumeSet.CreateShadowVolume(VolumeInfo[]
volumes) --- End of inner exception stack trace --- at Microsoft.HomeServer.Backup.VSS.ShadowVolumeSet.CreateShadowVolume(VolumeInfo[]
volumes) at Microsoft.HomeServer.Backup.VSS.ShadowVolumeSet..ctor(VolumeInfo[]
volumes) at Microsoft.HomeServer.Backup.BackupOp.BackupSetOperation.RunWithoutCatch()

at Microsoft.HomeServer.Backup.BackupOp.BackupSetOperation.Run()

Error - 22/01/2011 08:05:03 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 536: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

Error - 22/01/2011 08:05:07 | Computer Name = DAVIDDESKTOP | Source = Bonjour Service | ID = 100
Description = 476: ERROR: read_msg errno 10054 (An existing connection was forcibly
closed by the remote host.)

[ OSession Events ]
Error - 06/09/2009 07:02:40 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 442329
seconds with 9720 seconds of active time. This session ended with a crash.

Error - 02/10/2009 04:57:05 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 163941
seconds with 3000 seconds of active time. This session ended with a crash.

Error - 15/01/2010 05:19:44 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 169796
seconds with 8580 seconds of active time. This session ended with a crash.

Error - 27/01/2010 06:48:16 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4580
seconds with 1020 seconds of active time. This session ended with a crash.

Error - 25/02/2010 09:43:47 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11724
seconds with 2160 seconds of active time. This session ended with a crash.

Error - 02/10/2010 07:23:33 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 183252
seconds with 3840 seconds of active time. This session ended with a crash.

Error - 05/10/2010 04:02:02 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 232441
seconds with 1200 seconds of active time. This session ended with a crash.

Error - 17/10/2010 04:04:40 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 338488
seconds with 9960 seconds of active time. This session ended with a crash.

Error - 26/10/2010 04:01:26 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 82209
seconds with 3360 seconds of active time. This session ended with a crash.

Error - 17/11/2010 01:42:51 | Computer Name = DAVIDDESKTOP | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6539.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 124610
seconds with 3900 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 21/01/2011 20:08:21 | Computer Name = DAVIDDESKTOP | Source = Service Control Manager | ID = 7022
Description = The MySQL service hung on starting.

Error - 21/01/2011 20:08:22 | Computer Name = DAVIDDESKTOP | Source = Service Control Manager | ID = 7031
Description = The CarboniteService service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.

Error - 21/01/2011 23:16:30 | Computer Name = DAVIDDESKTOP | Source = Schannel | ID = 36871
Description = A fatal error occurred while creating an SSL server credential.

Error - 21/01/2011 23:16:34 | Computer Name = DAVIDDESKTOP | Source = smtpsvc | ID = 402
Description = Virtual Server 1: 81.196.57.81 maximum number of connections has been
reached. Connection being closed.

Error - 21/01/2011 23:16:35 | Computer Name = DAVIDDESKTOP | Source = smtpsvc | ID = 402
Description = Virtual Server 1: 81.196.57.81 maximum number of connections has been
reached. Connection being closed.

Error - 21/01/2011 23:16:35 | Computer Name = DAVIDDESKTOP | Source = smtpsvc | ID = 402
Description = Virtual Server 1: 81.196.57.81 maximum number of connections has been
reached. Connection being closed.

Error - 21/01/2011 23:16:35 | Computer Name = DAVIDDESKTOP | Source = smtpsvc | ID = 402
Description = Virtual Server 1: 81.196.57.81 maximum number of connections has been
reached. Connection being closed.

Error - 21/01/2011 23:16:35 | Computer Name = DAVIDDESKTOP | Source = smtpsvc | ID = 402
Description = Virtual Server 1: 81.196.57.81 maximum number of connections has been
reached. Connection being closed.

Error - 21/01/2011 23:16:35 | Computer Name = DAVIDDESKTOP | Source = smtpsvc | ID = 402
Description = Virtual Server 1: 81.196.57.81 maximum number of connections has been
reached. Connection being closed.

Error - 22/01/2011 08:05:01 | Computer Name = DAVIDDESKTOP | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.9 for the Network Card with network
address 001AA0D38E28 has been denied by the DHCP server 192.168.0.1 (The DHCP Server
sent a DHCPNACK message).


< End of report >
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm

Re: Help: FTP Password possibly stolen; computer slow

Unread postby deltalima » January 23rd, 2011, 4:49 pm

Hi apemantus,

Please run a quick scan with Malwarebytes and post the log in your next reply.

ESET online scannner

  • Please go Here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 25th, 2011, 4:24 am

Here's the Malwarebytes Log. The Eset one is taking a long time to run: i ran it over night, forgot about it this morning and interrupted it after 13 hours it looked like...I'll try it again tonight.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5556

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24/01/2011 09:30:52
mbam-log-2011-01-24 (09-30-52).txt

Scan type: Quick scan
Objects scanned: 196660
Time elapsed: 21 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm

Re: Help: FTP Password possibly stolen; computer slow

Unread postby deltalima » January 25th, 2011, 5:11 am

OK, please post ESET log when ready.
User avatar
deltalima
Admin/Teacher
Admin/Teacher
 
Posts: 7614
Joined: February 28th, 2009, 4:38 pm
Location: UK

Re: Help: FTP Password possibly stolen; computer slow

Unread postby apemantus » January 27th, 2011, 3:15 pm

Apologies for the delay: here's the Eset log. The files on the desktop I know about: they're the infected files I downloaded from my webserver.

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6419
# api_version=3.0.2
# EOSSerial=d48b42c3baec554e96982ed8c3d4cf1c
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2011-01-26 11:11:51
# local_time=2011-01-26 11:11:51 (+0000, GMT Standard Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 58740044 58740044 0 0
# compatibility_mode=1026 16777214 0 2 21602813 21602813 0 0
# compatibility_mode=1280 16777175 100 0 15622063 15622063 0 0
# compatibility_mode=8192 67108863 100 0 121754 121754 0 0
# scanned=553253
# found=4
# cleaned=0
# scan_time=59433
F:\Desktop\forum-hack.zip PHP/PhpSpy.A trojan (unable to clean) 00000000000000000000000000000000 I
F:\Desktop\web_backup.tgz PHP/PhpSpy.A trojan (unable to clean) 00000000000000000000000000000000 I
F:\Desktop\forum hacked\language\en\acp\inc.php PHP/PhpSpy.A trojan (unable to clean) 00000000000000000000000000000000 I
F:\Desktop\site-hacked\docs\pdf\inc.php PHP/PhpSpy.A trojan (unable to clean) 00000000000000000000000000000000 I
apemantus
Active Member
 
Posts: 9
Joined: January 19th, 2011, 5:27 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 41 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware