Hello Hotroc, My computer runs ok, i no longer get the BSoD when i start up. The only issue is that both symantic and SAS freeze up on the windows/system32/com/comempty.dat. So i have none of the logs. I had to stop the scan before it got to the file in order to remove the spyware. Does it still create a log? Here are the other logs you requested.
OTL logfile created on: 11/5/2009 6:06:59 PM - Run 1
OTL by OldTimer - Version 3.1.3.3 Folder = C:\Users\Jorge\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 50.43% Memory free
4.00 Gb Paging File | 2.89 Gb Available in Paging File | 72.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 53.30 Gb Free Space | 39.05% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.09 Gb Free Space | 60.91% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TRAVELPC
Current User Name: Jorge
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Processes (SafeList) ========== PRC - C:\Users\Jorge\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
PRC - C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\AIM\aim.exe (AOL LLC)
PRC - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Windows\System32\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - c:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation)
PRC - C:\Windows\System32\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Windows\OEM04Mon.exe (Creative Technology Ltd.)
PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
PRC - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
PRC - C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
PRC - C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
PRC - C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
PRC - C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
========== Modules (SafeList) ========== MOD - C:\Users\Jorge\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ========== SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (iPod Service) -- C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Apple Mobile Device) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FontCache3.0.0.0) -- C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation)
SRV - (idsvc) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation)
SRV - (Bonjour Service) -- C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (hpqcxs08) -- C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (Hewlett-Packard Co.)
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (Pml Driver HPZ12) -- C:\Windows\System32\HPZipm12.dll (Hewlett-Packard)
SRV - (Net Driver HPZ12) -- C:\Windows\System32\HPZinw12.dll (Hewlett-Packard)
SRV - (hpqddsvc) -- C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (Hewlett-Packard Co.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ehRecvr) -- C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation)
SRV - (GoogleDesktopManager-091907-194040) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
SRV - (Creative ALchemy AL1 Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL1Licensing.exe (Creative Labs)
SRV - (STacSV) -- C:\Windows\System32\stacsv.exe (IDT, Inc.)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (AESTFilters) -- C:\Windows\System32\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (EvtEng) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation)
SRV - (RegSrvc) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation)
SRV - (DSBrokerService) -- C:\Program Files\DellSupport\brkrsvc.exe ()
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (RoxMediaDB9) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (Sonic Solutions)
SRV - (RoxWatch9) -- C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (Sonic Solutions)
SRV - (ehSched) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation)
SRV - (ehstart) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation)
SRV - (stllssvr) -- C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (MicroVision Development, Inc.)
SRV - (IDriverT) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
========== Driver Services (SafeList) ========== DRV - (SASENUM) -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS ( SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20091104.025\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20091104.025\NAVENG.SYS (Symantec Corporation)
DRV - (USBAAPL) -- C:\Windows\System32\drivers\usbaapl.sys (Apple, Inc.)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (GEARAspiWDM) -- C:\Windows\System32\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (PxHelp20) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (COH_Mon) -- C:\Windows\System32\drivers\COH_Mon.sys (Symantec Corporation)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (OEM04Vid) -- C:\Windows\System32\drivers\OEM04Vid.sys (Creative Technology Ltd.)
DRV - (NETw4v32) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (OEM04Vfx) -- C:\Windows\System32\drivers\OEM04Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (t3) -- C:\Windows\System32\drivers\t3.sys (Creative Technology Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (dsunidrv) -- C:\Windows\System32\drivers\dsunidrv.sys (Gteko Ltd.)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (Brserid) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (E1G60) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
DRV - (DSproct) -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys (Gteko Ltd.)
DRV - (ASPI32) -- C:\Windows\System32\drivers\ASPI32.SYS (Adaptec)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhomeIE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.microsoft.com/isapi/redir.dl ... ar=msnhomeIE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://www.google.com/ieIE - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft.com/isapi/redir.dl ... r=iesearchIE - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig/dell?hl=en&cli ... bd=4071110IE - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\S-1-5-21-3089091829-2956336828-4128492945-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\S-1-5-21-3089091829-2956336828-4128492945-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.igoogle.com"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.4
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems:
moveplayer@movenetworks.com:1.0.0.071301000019
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.0
FF - prefs.js..extensions.enabledItems: unplug@compunach:2.023
FF - prefs.js..extensions.enabledItems:
foxmarks@kei.com:3.3.2
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.4
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/06/24 11:24:28 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/29 18:53:52 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/29 18:53:53 | 00,000,000 | ---D | M]
[2009/07/24 20:00:42 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Extensions
[2008/09/01 10:50:02 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/07/24 20:00:42 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2009/11/04 19:44:14 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\extensions
[2009/06/24 11:39:24 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/10/08 19:04:38 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/11/04 19:44:13 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2009/08/19 10:06:44 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\extensions\foxmarks@kei.com
[2009/06/02 16:17:54 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\extensions\moveplayer@movenetworks.com
[2009/08/25 06:47:02 | 00,000,000 | ---D | M] -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\extensions\unplug@compunach
[2008/05/28 15:20:39 | 00,002,386 | ---- | M] () -- C:\Users\Jorge\AppData\Roaming\Mozilla\Firefox\Profiles\75jpntn2.default\searchplugins\siteadvisor.xml
[2009/07/01 14:10:29 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/10/29 18:53:52 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/10/29 18:53:36 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2009/10/29 18:53:37 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2007/11/22 13:36:17 | 00,135,680 | ---- | M] (Google) -- C:\Program Files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
[2009/05/01 16:02:48 | 01,044,480 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\libdivx.dll
[2007/04/10 17:21:08 | 00,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
[2009/01/16 19:17:04 | 00,114,688 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
[2009/05/12 13:46:20 | 01,650,992 | ---- | M] (DivX,Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll
[2009/05/18 17:41:32 | 00,098,304 | ---- | M] (DivX, Inc) -- C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll
[2009/07/07 16:20:42 | 00,061,440 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
[2009/07/07 16:20:42 | 00,065,536 | ---- | M] (AOL LLC) -- C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
[2009/10/29 18:53:40 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2007/03/22 19:23:30 | 00,017,248 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
[2009/02/27 11:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
[2009/09/11 15:51:53 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009/09/11 15:51:54 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009/09/11 15:51:54 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009/09/11 15:51:54 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009/09/11 15:51:54 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009/09/11 15:51:54 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009/09/11 15:51:54 | 00,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2007/04/16 12:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll
[2009/05/01 16:02:48 | 00,200,704 | ---- | M] (The OpenSSL Project,
http://www.openssl.org/) -- C:\Program Files\Mozilla Firefox\plugins\ssldivx.dll
[2009/08/10 09:54:27 | 00,001,394 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom.xml
[2009/08/10 09:54:27 | 00,002,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\answers.xml
[2009/08/10 09:54:27 | 00,001,534 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\creativecommons.xml
[2009/08/10 09:54:27 | 00,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay.xml
[2009/08/10 09:54:27 | 00,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2009/08/10 09:54:27 | 00,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia.xml
[2009/08/10 09:54:27 | 00,000,792 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo.xml
O1 HOSTS File: (306760 bytes) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1
http://www.007guard.comO1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1
http://www.008k.comO1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1
http://www.00hq.comO1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1
http://www.032439.comO1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1
http://www.0scan.comO1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1
http://www.1-2005-search.comO1 - Hosts: 127.0.0.1 1-domains-registrations.com
O1 - Hosts: 127.0.0.1
http://www.1-domains-registrations.comO1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1
http://www.1000gratisproben.comO1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1
http://www.1001namen.comO1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1
http://www.100888290cs.comO1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 10561 more lines...
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe (Google Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DELL Webcam Manager] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [dscactivate] c:\dell\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\Windows\System32\nvHotkey.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [OEM04Mon.exe] C:\Windows\OEM04Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SPIRunE] C:\Windows\System32\SpiRunE.dll (Creative Technology Ltd.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000..\Run: [Aim] C:\Program Files\AIM\aim.exe (AOL LLC)
O4 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000..\Run: [Google Update] C:\Users\Jorge\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\.DEFAULT\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-18\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-19\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-20\..Trusted Domains: 48 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKU\S-1-5-21-3089091829-2956336828-4128492945-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {C190FF32-96D0-445F-9F60-5CF288FD3D0F}
https://register.resnet.stonybrook.edu/CAT/CNICAT.cab (ActiveFormX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 30 Days ========== [2009/11/04 19:10:07 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/11/04 19:10:03 | 00,000,000 | ---D | C] -- C:\Program Files\iTunes
[2009/11/04 18:36:46 | 05,939,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/11/04 18:36:45 | 01,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/10/29 18:39:51 | 00,000,000 | ---D | C] -- C:\Users\Jorge\Documents\music tv
[2009/10/29 18:32:47 | 00,000,000 | ---D | C] -- C:\ProgramData\AIM
[2009/10/29 18:32:47 | 00,000,000 | ---D | C] -- C:\ProgramData\AIM
[2009/10/29 18:32:42 | 00,000,000 | ---D | C] -- C:\Program Files\AIM
[2009/10/29 18:32:37 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2009/10/29 15:57:47 | 00,396,288 | ---- | C] (Trend Micro Inc.) -- C:\Users\Jorge\Desktop\HijackThis.exe
[2009/10/29 15:57:47 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/10/29 00:49:56 | 00,000,000 | ---D | C] -- C:\Windows\temp
[2009/10/29 00:49:56 | 00,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\temp
[2009/10/29 00:37:35 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe
[2009/10/29 00:37:35 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2009/10/29 00:37:35 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2009/10/29 00:37:35 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2009/10/29 00:37:29 | 00,000,000 | ---D | C] -- C:\Windows\ERDNT
[2009/10/28 21:55:33 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/10/28 21:55:33 | 00,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2009/10/28 21:55:20 | 00,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Roaming\SUPERAntiSpyware.com
[2009/10/28 21:55:20 | 00,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2009/10/28 21:54:31 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2009/10/28 20:21:20 | 10,627,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmp.dll
[2009/10/28 20:21:14 | 00,310,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unregmp2.exe
[2009/10/28 20:21:10 | 08,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2009/10/28 19:59:09 | 02,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2009/10/28 19:59:09 | 01,929,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuaueng.dll
[2009/10/28 19:59:09 | 00,053,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuauclt.exe
[2009/10/28 19:59:09 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2009/10/28 19:58:06 | 00,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2009/10/28 19:58:06 | 00,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2009/10/28 19:58:06 | 00,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2009/10/28 19:57:39 | 00,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2009/10/28 19:57:39 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2009/10/28 19:50:05 | 00,000,000 | ---D | C] -- C:\Windows\Minidump
[2009/10/28 17:52:45 | 00,000,000 | ---D | C] -- C:\Ad-Aware
[2009/10/28 17:47:00 | 00,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\temp(37)
[2009/10/22 23:55:04 | 00,000,000 | ---D | C] -- C:\Qoobox
[2009/10/22 23:52:44 | 00,000,000 | ---D | C] -- C:\Users\Jorge\Desktop\Spyware_Tools
[2009/10/22 21:18:36 | 00,000,000 | -HSD | C] -- C:\Users\Jorge\AppData\Roaming\Windows System Defender
[2009/10/17 21:42:44 | 00,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msv1_0.dll
[2009/10/17 21:42:31 | 03,548,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2009/10/17 21:42:30 | 03,600,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2009/10/17 21:41:30 | 00,060,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
[2009/10/17 21:41:25 | 11,069,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
[2009/10/17 21:41:23 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
[2009/10/17 21:41:22 | 01,208,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
[2009/10/17 21:41:22 | 00,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
[2009/10/17 21:41:21 | 01,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2009/10/17 21:41:21 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2009/10/17 21:41:21 | 00,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2009/10/17 21:41:21 | 00,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll
[2009/10/17 21:41:20 | 00,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2009/10/17 21:41:19 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2009/10/17 21:41:19 | 00,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2009/10/17 21:41:19 | 00,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2009/10/17 21:41:19 | 00,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2009/10/17 21:41:19 | 00,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2009/10/17 21:41:19 | 00,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2009/10/17 21:41:19 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2009/10/17 21:41:19 | 00,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2009/10/17 21:41:19 | 00,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2009/10/17 21:41:15 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\srv2.sys
[2009/10/17 21:41:10 | 00,604,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMSPDMOD.DLL
[2009/10/17 21:23:00 | 00,000,000 | ---D | C] -- C:\Users\Jorge\AppData\Local\AIM
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2009/11/05 18:02:32 | 05,242,880 | -HS- | M] () -- C:\Users\Jorge\ntuser.dat
[2009/11/05 17:49:58 | 00,595,684 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2009/11/05 17:49:57 | 00,690,960 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2009/11/05 17:49:57 | 00,101,350 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2009/11/05 17:45:58 | 00,027,839 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/11/05 17:45:58 | 00,027,839 | ---- | M] () -- C:\ProgramData\nvModes.001
[2009/11/05 17:43:31 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2009/11/05 17:43:29 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2009/11/05 17:43:28 | 00,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2009/11/05 17:43:21 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2009/11/05 17:42:55 | 21,434,98240 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/05 00:25:14 | 00,524,288 | -HS- | M] () -- C:\Users\Jorge\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009/11/05 00:25:14 | 00,065,536 | -HS- | M] () -- C:\Users\Jorge\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2009/11/05 00:24:53 | 00,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2009/11/05 00:24:33 | 02,214,020 | -H-- | M] () -- C:\Users\Jorge\AppData\Local\IconCache.db
[2009/11/05 00:16:00 | 00,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3089091829-2956336828-4128492945-1000UA.job
[2009/11/04 19:16:00 | 00,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3089091829-2956336828-4128492945-1000Core.job
[2009/11/04 19:11:19 | 00,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/10/29 18:32:54 | 00,001,114 | -H-- | M] () -- C:\IPH.PH
[2009/10/29 18:32:47 | 00,001,700 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2009/10/29 18:32:20 | 00,027,839 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/29 18:32:20 | 00,027,839 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2009/10/29 15:57:47 | 00,396,288 | ---- | M] (Trend Micro Inc.) -- C:\Users\Jorge\Desktop\HijackThis.exe
[2009/10/29 00:47:49 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini
[2009/10/29 00:36:29 | 03,440,628 | ---- | M] () -- C:\Users\Jorge\Desktop\ComboFix.exe
[2009/10/28 21:55:22 | 00,000,904 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2009/10/28 21:44:59 | 43,040,6986 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2009/10/25 05:11:34 | 00,077,312 | ---- | M] () -- C:\Windows\MBR.exe
[2009/10/22 23:35:43 | 00,001,356 | ---- | M] () -- C:\Users\Jorge\AppData\Local\d3d9caps.dat
[2009/10/22 21:12:48 | 00,000,120 | ---- | M] () -- C:\Users\Jorge\AppData\Local\Qjerakukaka.dat
[2009/10/22 21:12:48 | 00,000,000 | ---- | M] () -- C:\Users\Jorge\AppData\Local\Qlubazove.bin
[2009/10/21 05:40:08 | 05,939,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
[2009/10/21 03:19:16 | 01,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2009/10/11 07:10:09 | 00,236,544 | ---- | M] () -- C:\Windows\PEV.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ========== [2009/11/04 19:11:19 | 00,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2009/10/29 18:32:47 | 00,001,700 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2009/10/29 01:02:44 | 02,214,020 | -H-- | C] () -- C:\Users\Jorge\AppData\Local\IconCache.db
[2009/10/29 00:37:35 | 00,236,544 | ---- | C] () -- C:\Windows\PEV.exe
[2009/10/29 00:37:35 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2009/10/29 00:37:35 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2009/10/29 00:37:35 | 00,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2009/10/29 00:37:35 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2009/10/29 00:36:26 | 03,440,628 | ---- | C] () -- C:\Users\Jorge\Desktop\ComboFix.exe
[2009/10/28 23:58:32 | 21,434,98240 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/28 21:55:22 | 00,000,904 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
[2009/10/28 19:49:49 | 43,040,6986 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2009/10/22 21:12:48 | 00,000,120 | ---- | C] () -- C:\Users\Jorge\AppData\Local\Qjerakukaka.dat
[2009/10/22 21:12:48 | 00,000,000 | ---- | C] () -- C:\Users\Jorge\AppData\Local\Qlubazove.bin
[2009/06/01 21:37:33 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/04/10 16:33:04 | 00,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009/01/24 21:37:13 | 00,001,694 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/10/31 21:54:53 | 00,001,356 | ---- | C] () -- C:\Users\Jorge\AppData\Local\d3d9caps.dat
[2008/09/20 14:04:54 | 00,027,839 | ---- | C] () -- C:\ProgramData\nvModes.001
[2008/09/20 14:04:15 | 00,027,839 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2007/11/17 12:35:57 | 00,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/11/14 19:49:26 | 00,115,835 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\nvModes.001
[2007/11/14 19:49:25 | 00,115,835 | ---- | C] () -- C:\Users\Jorge\AppData\Roaming\nvModes.dat
[2007/11/14 16:59:09 | 00,001,436 | ---- | C] () -- C:\Windows\CfgHPSp.ini
[2007/11/14 16:59:09 | 00,001,434 | ---- | C] () -- C:\Windows\Cfg05Sp.ini
[2007/11/14 16:59:09 | 00,001,434 | ---- | C] () -- C:\Windows\Cfg04Sp.ini
[2007/11/14 16:59:09 | 00,000,932 | ---- | C] () -- C:\Windows\CfgHPHp.ini
[2007/11/14 16:59:09 | 00,000,932 | ---- | C] () -- C:\Windows\CfgHPDO.ini
[2007/11/14 16:59:09 | 00,000,932 | ---- | C] () -- C:\Windows\Cfg05DO.ini
[2007/11/14 16:59:09 | 00,000,930 | ---- | C] () -- C:\Windows\Cfg05Hp.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\CfgHPRMi.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\CfgHPRLI.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\CfgHPFMi.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\CfgHPDI.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg05RMi.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg05RLI.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg05FMi.ini
[2007/11/14 16:59:09 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg05DI.ini
[2007/11/14 16:59:08 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg04RMi.ini
[2007/11/14 16:59:07 | 00,000,932 | ---- | C] () -- C:\Windows\Cfg04DO.ini
[2007/11/14 16:59:07 | 00,000,930 | ---- | C] () -- C:\Windows\Cfg04Hp.ini
[2007/11/14 16:59:07 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg04RLI.ini
[2007/11/14 16:59:07 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg04FMi.ini
[2007/11/14 16:59:07 | 00,000,453 | ---- | C] () -- C:\Windows\Cfg04DI.ini
[2007/11/14 16:35:51 | 00,004,472 | ---- | C] () -- C:\Windows\System32\AudioDrv.ini
[2007/11/14 16:35:24 | 00,000,049 | R--- | C] () -- C:\Windows\System32\ctzapxx.ini
[2007/11/14 16:35:24 | 00,000,000 | ---- | C] () -- C:\Windows\System32\t3.ini
[2007/11/14 16:34:21 | 00,150,016 | ---- | C] () -- C:\Windows\System32\OemSpiE.dll
[2007/11/14 16:34:21 | 00,001,091 | ---- | C] () -- C:\Windows\Cfg03Sp.ini
[2007/11/14 16:34:21 | 00,001,091 | ---- | C] () -- C:\Windows\Cfg02Sp.ini
[2007/11/14 16:34:21 | 00,001,000 | ---- | C] () -- C:\Windows\Cfg01Sp.ini
[2007/11/14 16:34:21 | 00,000,818 | ---- | C] () -- C:\Windows\Cfg01APR.ini
[2007/11/14 16:34:21 | 00,000,725 | ---- | C] () -- C:\Windows\Cfg03Hp.ini
[2007/11/14 16:34:21 | 00,000,725 | ---- | C] () -- C:\Windows\Cfg03DO.ini
[2007/11/14 16:34:21 | 00,000,725 | ---- | C] () -- C:\Windows\Cfg02Hp.ini
[2007/11/14 16:34:21 | 00,000,725 | ---- | C] () -- C:\Windows\Cfg02DO.ini
[2007/11/14 16:34:21 | 00,000,725 | ---- | C] () -- C:\Windows\Cfg01Hp.ini
[2007/11/14 16:34:21 | 00,000,725 | ---- | C] () -- C:\Windows\Cfg01DO.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg03RMi.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg03RLI.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg03FMi.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg03DI.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg02RMi.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg02RLI.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg02FMi.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg02DI.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg01Mic.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg01LI.ini
[2007/11/14 16:34:21 | 00,000,453 | R--- | C] () -- C:\Windows\Cfg01DI.ini
[2007/11/14 16:33:59 | 00,105,472 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2007/11/14 16:33:59 | 00,067,072 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2007/11/14 16:31:22 | 00,173,568 | ---- | C] () -- C:\Users\Jorge\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/11/14 16:10:08 | 00,093,496 | ---- | C] () -- C:\Users\Jorge\AppData\Local\GDIPFONTCACHEV1.DAT
[2007/11/10 07:49:21 | 00,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007/11/10 07:49:11 | 01,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007/07/25 17:40:02 | 00,999,424 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll
[2006/11/07 14:25:58 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/03 18:25:56 | 00,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006/11/02 07:50:50 | 00,000,174 | -HS- | C] () -- C:\Program Files\desktop.ini
[2006/11/02 07:37:35 | 00,037,665 | ---- | C] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
[2006/11/02 07:37:35 | 00,029,779 | ---- | C] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:37:35 | 00,026,489 | ---- | C] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:37:35 | 00,026,040 | ---- | C] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:25:44 | 00,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini
[2006/11/02 05:23:31 | 00,000,179 | ---- | C] () -- C:\Windows\win.ini
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/17 00:36:50 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/09/17 00:36:50 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2005/10/14 05:56:50 | 00,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005/10/14 05:56:50 | 00,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005/10/14 05:56:50 | 00,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005/10/14 05:56:50 | 00,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005/10/14 05:56:50 | 00,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005/10/14 05:56:50 | 00,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005/10/14 05:56:50 | 00,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2001/11/14 13:56:00 | 01,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
< End of report >
OTL Extras logfile created on: 11/5/2009 6:06:59 PM - Run 1
OTL by OldTimer - Version 3.1.3.3 Folder = C:\Users\Jorge\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18828)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.01 Gb Available Physical Memory | 50.43% Memory free
4.00 Gb Paging File | 2.89 Gb Available in Paging File | 72.19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.47 Gb Total Space | 53.30 Gb Free Space | 39.05% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 6.09 Gb Free Space | 60.91% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: TRAVELPC
Current User Name: Jorge
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- "%SystemRoot%\hh.exe" %1
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SystemRoot%\hh.exe" %1 File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8C034884-ACEC-449A-AC7E-7B3DB0630969}" = lport=6112 | protocol=17 | dir=in | name=war34 |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CAC75C8-9BDB-476A-AA93-2AA2D047DF33}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{107140D9-2908-460A-A19F-B30B7AF6FAD0}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{129D1597-D1DE-4E9B-BBD0-0AAD043CB533}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{13E64896-719D-4B39-9884-021D18BDBE69}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{14F63641-9542-430B-A320-A9C7F7DB9A3B}" = protocol=1 | dir=in | name=networking - echo request (icmpv4-in) |
"{155A536E-B5A5-4467-8D95-27C0CF792792}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{1675CABD-E196-4D0D-9E04-992F46A2A942}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{18A88D61-6D0D-4B42-9CF5-71057D04D465}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1ADB8B98-1B35-4AFA-BC7E-388D9FD78607}" = protocol=6 | dir=in | app=c:\users\jorge\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{1D95E940-FC78-4046-834D-2215A63F48FE}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{1E1D5BFE-2C6C-4851-9AA9-19F73375CDF3}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{237988B9-46CA-482A-8CA5-0DD3CE184644}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{27FBB3E8-151B-46B0-BFC6-F0B34F5B4CA0}" = protocol=17 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{2ACF3037-ECE8-4992-B1C0-9385A2470D14}" = protocol=58 | dir=in | name=networking - echo request (icmpv6-in) |
"{2F09C145-1658-4256-82F5-F921ED648A7D}" = dir=in | app=c:\program files\dell\mediadirect\powercinema.exe |
"{3244F4C0-9AC5-4F5C-BDA3-DE23A021BDC8}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{3517EF22-2106-4777-8FE1-181BB353DEB7}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{353CC734-65D9-4979-8828-F577BDB526C9}" = protocol=6 | dir=in | app=c:\program files\stardock games\sins of a solar empire\sins of a solar empire.exe |
"{4933EAA2-FA74-4340-86E8-D0C4A651781C}" = protocol=1 | dir=in | name=@firewallapi.dll,-26140 |
"{53589936-F02E-4E7A-A05A-4BF2EF9A638C}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{54179699-CC98-4108-976D-4301C08B81E5}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{58885CA3-E349-4B1D-BA6B-029239D65599}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{66183981-B538-4312-ADD5-A0D061428C6E}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{6835AEB0-869A-4BAE-AD3B-CF0693A74686}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6E82282C-E127-431C-BBAD-60B64DE6220E}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{7213D170-70D5-4D5F-AC59-8FDC557087B2}" = protocol=6 | dir=in | app=c:\users\jorge\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{78202401-5512-40CF-BC4B-898824672E64}" = protocol=58 | dir=in | name=@firewallapi.dll,-26142 |
"{7A30FD96-7B24-4C31-A9F0-AC097A751496}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{84545E30-A33A-4DE8-8065-40EDDE38D062}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{8B39C4BE-49F9-4197-B5D5-ED0C5FF7A900}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{8C54EE6B-AC54-4E08-879D-6D8FB28EEEA7}" = protocol=17 | dir=in | app=c:\users\jorge\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{91DBFA55-2C90-4939-9B97-C0EBB28064D1}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{AB63C930-6445-4AC9-992D-5FFB55CC8CE9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{ACA6EDB2-5D03-468D-BC04-14C665B97BA7}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{AD2D174C-B33B-4BF0-8C54-2D8A8BB03485}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |
"{B10AA8CF-FB97-4F8A-B9E1-897F914BA131}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{B4EB0D6F-F15C-456D-9397-0CEEC1E3D726}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CB6145CC-9333-4285-9A25-70F8D47708E8}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CDF6A403-E738-4187-AEB3-F58B7A5A4E96}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\srcds.exe |
"{CE74F8BA-881C-49B2-AA45-22093027C340}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{D406B738-66B7-45C2-9B4A-A1878B72910E}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\left 4 dead\left4dead.exe |
"{D977572A-F064-409C-AC42-D5A2ACEBB872}" = protocol=17 | dir=in | app=c:\users\jorge\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{E0C56D9A-98E6-4C22-9C51-9482990B8DE3}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{E81E209F-F379-4FCC-8965-25643C630CCA}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{E9486F28-51CA-44DF-8B50-601B57FFAE30}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{EBA3D9FB-BD96-40D7-A853-C2646E847E4A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{EDC29C32-EC78-4BC7-B1F6-066F2E1ADE7E}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\frozen throne.exe |
"{F7E764A9-0A55-4594-9DC8-D4D8289AB33B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"TCP Query User{08304741-1E7C-4DF9-9E29-4424FA6C06FE}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{3DD835FA-E15F-4E0B-880D-8EE185553160}C:\program files\electronic arts\eadm\core.exe" = protocol=6 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"TCP Query User{408048A1-506F-471E-8FD8-43153E1FA0A7}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{4DE6937C-D52D-4117-925E-E7C06DC0D217}C:\program files\steam\steamapps\gokutrunks86\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\gokutrunks86\team fortress 2\hl2.exe |
"TCP Query User{4FB57FEE-BB12-49BA-A0FF-281D088BFF90}C:\program files\electronic arts\red alert 3\data\ra3_1.4.game" = protocol=6 | dir=in | app=c:\program files\electronic arts\red alert 3\data\ra3_1.4.game |
"TCP Query User{5C00C126-389C-4B1E-8E44-55B7C6D93411}C:\program files\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"TCP Query User{6645B19B-49CE-4613-BA73-BB871121C189}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"TCP Query User{74B9D28B-FF80-4610-8F40-E3C870CC9A50}C:\program files\azureus\azureus.exe" = protocol=6 | dir=in | app=c:\program files\azureus\azureus.exe |
"TCP Query User{86FCD9DF-14D5-4EBB-9169-D01A78000656}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"TCP Query User{9B39B4D6-386C-4DE8-BD15-9AE8DBBC80B4}C:\program files\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=6 | dir=in | app=c:\program files\electronic arts\red alert 3\data\ra3_1.10.game |
"TCP Query User{A0564439-07C8-4759-9C0D-AD68E7E34949}C:\program files\electronic arts\red alert 3\data\ra3_1.3.game" = protocol=6 | dir=in | app=c:\program files\electronic arts\red alert 3\data\ra3_1.3.game |
"TCP Query User{D40CC04D-082F-4AE9-BE44-B48916D91677}C:\program files\dc++\dcplusplus.exe" = protocol=6 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"TCP Query User{D66574E7-D26F-4709-9E8C-45084C944620}C:\program files\aim6\aim6.exe" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"TCP Query User{DBFD9A43-FA29-4EA6-A618-5126B04E8DD7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F1598E59-2393-4239-A195-C2738BBB9A77}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{0195C76E-A930-4F78-9313-C32DA724B231}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{0B92A37C-09A9-444E-8D11-B36B25CD4A44}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{1DDD7E74-2BE3-48D5-B63F-6B7694860ED5}C:\program files\electronic arts\eadm\core.exe" = protocol=17 | dir=in | app=c:\program files\electronic arts\eadm\core.exe |
"UDP Query User{3A3FADD6-DFE6-421E-9A97-0FE87F0A3637}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"UDP Query User{49913166-C904-4A6F-92BB-7B621A654B15}C:\program files\electronic arts\red alert 3\data\ra3_1.10.game" = protocol=17 | dir=in | app=c:\program files\electronic arts\red alert 3\data\ra3_1.10.game |
"UDP Query User{4C207759-E47F-41F3-9C2C-7DFE7443091F}C:\program files\aim6\aim6.exe" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"UDP Query User{56F34F62-6EA3-4508-9344-2F682A7ECA9C}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{B20A3A84-182E-4D1D-A8CE-2EB39F7630F4}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{BF0E55C4-453F-49E1-85DB-D877B7F44A84}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe |
"UDP Query User{CF1F1EE5-C73D-4E6C-A704-8C55F26403BA}C:\program files\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files\quicktime\quicktimeplayer.exe |
"UDP Query User{D0D66633-2D59-4A7A-A143-F51400213158}C:\program files\azureus\azureus.exe" = protocol=17 | dir=in | app=c:\program files\azureus\azureus.exe |
"UDP Query User{D67DBCCB-BAA9-4344-9EC6-E05466989015}C:\program files\dc++\dcplusplus.exe" = protocol=17 | dir=in | app=c:\program files\dc++\dcplusplus.exe |
"UDP Query User{DAE73B8D-2BEF-4830-BB90-97837B11FC75}C:\program files\electronic arts\red alert 3\data\ra3_1.4.game" = protocol=17 | dir=in | app=c:\program files\electronic arts\red alert 3\data\ra3_1.4.game |
"UDP Query User{F2177EB9-A9C2-451C-B14F-E940D6C02D80}C:\program files\steam\steamapps\gokutrunks86\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\gokutrunks86\team fortress 2\hl2.exe |
"UDP Query User{F9FE5C22-9B87-4D03-8F74-5A08D8F3EE59}C:\program files\electronic arts\red alert 3\data\ra3_1.3.game" = protocol=17 | dir=in | app=c:\program files\electronic arts\red alert 3\data\ra3_1.3.game |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}" = Google Gmail Notifier
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0F95AA42-0FF6-4D48-9CA1-64C8D0777500}" = QuickSet
"{13BA7B44-B712-4DEE-A7B8-1DD564F37AE5}" = Dell System Customization Wizard
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar v1.0
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{25771101-7948-4591-ABF3-B1ECE7A7F45F}" = HP Update
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3
"{2C6C74C2-042F-4D36-B7B0-0C538FCF01AB}" = Dell DataSafe Online
"{2E2966EA-2169-4E42-8A8A-CC1749D80088}" = Symantec Endpoint Protection
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{38B39865-D988-4945-9A22-6107B8B40953}" = C4200
"{39CB30DB-27F8-4dd4-A294-CB4AE3B584FD}" = Copy
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3E25E350-949F-4DB7-8288-2A60E018B4C1}" = Games, Music, & Photos Launcher
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}" = Banctec Service Agreement
"{50CE21D8-0F44-4f3f-A392-7F9AD3194DEF}" = PS_AIO_Software
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}" = User's Guides
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{8641C1CB-03B3-41d4-8DEC-79826A4B5C0E}" = HP Photosmart All-In-One Software 8.0
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}" = WIDCOMM Bluetooth Software 6.0.1.3100
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A88F2CDC-E615-4C3E-BD14-0936B59F8481}" = Sound Blaster X-Fi
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B607C354-CD79-4D22-86D1-92DC94153F42}" = Apple Application Support
"{B668B2B8-70D4-4754-A890-17C1DDDA9418}" = PS_AIO_Software_min
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B8C54AB1-7E1A-40E8-B794-EDB6E8921F3A}" = Dell Support Center
"{BBC783B7-8725-3B1C-B49A-BA7F09391251}" = Google Talk Plugin
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Professional
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D1A74FBB-CA8D-4CCA-9B89-BAAA436DB178}" = iTunes
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E65CA2A8-1F2A-4400-AE55-FFD43D3B6980}" = c4200_Help
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FE0C305A-37EE-4499-B4CF-0182E37B20C4}" = PS_AIO_ProductContext
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AIM_7" = AIM 7
"ALchemy X-Fi" = Creative ALchemy (X-Fi Edition)
"AudioCS" = Creative Audio Console
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"Creative OEM004" = Laptop Integrated Webcam Driver (1.03.01.1011)
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DVD Shrink_is1" = DVD Shrink 3.2
"EADM" = EA Download Manager
"Google Desktop" = Google Desktop
"Hamachi" = Hamachi 1.0.3.0
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.4)" = Mozilla Firefox (3.5.4)
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"PowerISO" = PowerISO
"ProInst" = Intel(R) PROSet/Wireless Software
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 440" = Team Fortress 2
"Steam App 500" = Left 4 Dead
"Steam App 510" = Left 4 Dead Dedicated Server
"SynTPDeinstKey" = Dell Touchpad
"SysInfo" = Creative System Information
"SystemRequirementsLab" = System Requirements Lab
"TomTom HOME" = TomTom HOME 2.7.0.1785
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.0.1
"Warcraft III" = Warcraft III
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3089091829-2956336828-4128492945-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Warcraft III" = Warcraft III: All Products
========== Last 10 Event Log Errors ========== Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >