Search similar:
|
uniqs 2155 |
|
|
|
GMLUSA join:2012-02-17 West Hartford, CT |
GMLUSA
Member
2012-Feb-17 5:12 pm
[Malware] Computer stops obeying the mouse but drives spin likeMy computer stops obeying clicks of the mouse or sometimes takes even longer than 5 min to respond. However, the drives keep spinning like crazy. If I disconnect from the network, things seem to work better. I am afraid my computer has been hijacked. I have run the tests and here are the logs: BD did not leave a log. It said the computer was clean. | actions · 2012-Feb-17 5:12 pm · (locked) | lilhurricaneCrunchin' For Cures Numquam oblita join:2003-01-11 Purple Zone |
MBAMMalwarebytes Anti-Malware (Trial) 1.60.1.1000 www.malwarebytes.org
Database version: v2012.02.17.03
Windows XP Service Pack 3 x86 NTFS Internet Explorer 7.0.5730.13 1Gustavo :: GUSTAVOS [limited]
Protection: Enabled
2/17/2012 12:51:33 PM mbam-log-2012-02-17 (12-51-33).txt
Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 642969 Time elapsed: 2 hour(s), 50 minute(s), 34 second(s)
Memory Processes Detected: 0 (No malicious items detected)
Memory Modules Detected: 0 (No malicious items detected)
Registry Keys Detected: 11 HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search| (Adware.Hotbar) -> Data: http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=GRfox000 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0 (No malicious items detected)
Folders Detected: 0 (No malicious items detected)
Files Detected: 5 E:\Avatars\MyWebFaceSetup2.3.50.57.GRfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully. E:\System Volume Information\_restore{557220F8-435B-4A6A-B267-B6A0E4589CC0}\RP1203\A0254992.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully. K:\Cosmi\Ecc\Template.dat (JokeApp.NotFunny) -> Quarantined and deleted successfully. K:\OldEdriveBKUP\WINDOWS\SYSTEM\HLINK.DLL (Trojan.FakeMS) -> Quarantined and deleted successfully. D:\Documents and Settings\1Gustavo\Desktop\Click to Find and Fix Errors.lnk (Rogue.Link) -> Quarantined and deleted successfully.
(end) | actions · 2012-Feb-17 5:35 pm · (locked) | lilhurricane |
to GMLUSA
OTLOTL logfile created on: 2/17/2012 4:34:26 PM - Run 1 OTL by OldTimer - Version 3.2.32.0 Folder = D:\Documents and Settings\1Gustavo\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 70.71% Memory free 4.69 Gb Paging File | 3.49 Gb Available in Paging File | 74.48% Paging File free Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive D: | 465.76 Gb Total Space | 325.62 Gb Free Space | 69.91% Space Free | Partition Type: NTFS Drive E: | 74.51 Gb Total Space | 70.11 Gb Free Space | 94.09% Space Free | Partition Type: FAT32 Drive F: | 12.73 Gb Total Space | 10.37 Gb Free Space | 81.44% Space Free | Partition Type: NTFS Drive K: | 465.76 Gb Total Space | 106.86 Gb Free Space | 22.94% Space Free | Partition Type: NTFS Drive M: | 2794.49 Gb Total Space | 2785.72 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Computer Name: GUSTAVOS | User Name: 1Gustavo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2012/02/17 16:33:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\1Gustavo\Desktop\OTL.exe PRC - [2012/02/17 11:32:24 | 003,409,872 | ---- | M] (Acronis) -- D:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/12/25 08:10:30 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- D:\Program Files\Real\RealPlayer\Update\realsched.exe PRC - [2011/11/14 19:47:28 | 000,670,792 | ---- | M] (Juniper Networks) -- D:\Program Files\Juniper Networks\Common Files\dsNcService.exe PRC - [2011/08/20 21:35:10 | 005,729,328 | ---- | M] (Acronis) -- D:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe PRC - [2011/08/20 21:32:40 | 000,403,096 | ---- | M] (Acronis) -- D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe PRC - [2011/08/20 21:32:36 | 000,808,704 | ---- | M] (Acronis) -- D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe PRC - [2011/08/20 21:31:28 | 005,932,256 | ---- | M] (Acronis) -- D:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe PRC - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) -- D:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- D:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe PRC - [2011/08/12 12:18:42 | 000,205,336 | ---- | M] (Logitech Inc.) -- D:\Program Files\Logitech\LWS\Webcam Software\LWS.exe PRC - [2011/08/12 12:18:30 | 000,265,240 | ---- | M] () -- D:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe PRC - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) -- D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe PRC - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- D:\Program Files\Norton 360\Engine\5.2.0.13\ccsvchst.exe PRC - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () -- D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe PRC - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () -- D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe PRC - [2011/03/09 11:09:54 | 003,986,944 | ---- | M] (Western Digital Technologies, Inc.) -- D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe PRC - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) -- D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe PRC - [2010/11/30 01:23:56 | 001,037,672 | ---- | M] (Symantec Corporation) -- D:\Program Files\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe PRC - [2010/11/30 01:23:56 | 000,406,888 | ---- | M] (Symantec Corporation) -- D:\Program Files\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrvProxy.exe PRC - [2010/11/30 01:23:44 | 001,029,480 | ---- | M] (Symantec Corporation) -- D:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe PRC - [2010/11/30 01:23:44 | 000,406,888 | ---- | M] (Symantec Corporation) -- D:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrvProxy.exe PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- D:\WINDOWS\system32\FsUsbExService.Exe PRC - [2009/12/17 06:42:06 | 000,105,632 | ---- | M] (Corel) -- D:\Program Files\Common Files\Corel\Standby\Standby.exe PRC - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\FlipShareService.exe PRC - [2009/06/18 12:00:10 | 000,077,824 | ---- | M] (Avid Technology, Inc.) -- D:\Program Files\Digidesign\Drivers\MMERefresh.exe PRC - [2009/02/05 10:51:12 | 000,388,768 | ---- | M] () -- D:\WINDOWS\system32\atwtusb.exe PRC - [2009/01/13 10:10:32 | 003,161,760 | ---- | M] () -- D:\WINDOWS\system32\WTMKM.exe PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- D:\WINDOWS\explorer.exe PRC - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- d:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe PRC - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) -- D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2005/11/22 09:28:38 | 000,864,256 | ---- | M] (Sonic Solutions) -- D:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe PRC - [2005/11/22 09:26:14 | 000,155,648 | ---- | M] (Sonic Solutions) -- D:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe PRC - [2005/10/27 16:17:36 | 008,740,864 | ---- | M] (Intel Corporation) -- D:\Program Files\Intel Audio Studio\IntelAudioStudio.exe PRC - [2004/04/28 14:02:22 | 000,042,496 | ---- | M] (Standard Microsystems Corp.) -- D:\Program Files\WDC\SetIcon.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2012/01/11 23:49:02 | 017,403,904 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\2dac4fc006596760cd4988d0bfd52ff0\System.ServiceModel.ni.dll MOD - [2012/01/11 23:46:54 | 000,771,584 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\3c272cad7afb127e2a2bdb8a5a808512\System.Runtime.Remoting.ni.dll MOD - [2012/01/11 23:40:46 | 003,182,592 | ---- | M] () -- D:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll MOD - [2012/01/11 23:40:42 | 002,933,248 | ---- | M] () -- D:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2012/01/11 23:40:22 | 000,261,632 | ---- | M] () -- D:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2011/12/19 11:23:18 | 000,998,400 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\90b90e700e59d73d6d692cf74e1ba16e\System.Management.ni.dll MOD - [2011/12/19 11:15:50 | 000,212,992 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\abef85f2fb8ba830eda73e2d12e8d41e\System.ServiceProcess.ni.dll MOD - [2011/12/19 11:15:50 | 000,141,312 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\29d7091f6eab0ec61c4eb625ed221b73\System.Configuration.Install.ni.dll MOD - [2011/12/19 11:15:39 | 000,627,712 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\69792bef8a100a055db88848836a7d88\System.EnterpriseServices.ni.dll MOD - [2011/12/19 11:15:37 | 000,627,200 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\8efcd633af87989355382b5039f1b7df\System.Transactions.ni.dll MOD - [2011/12/19 11:15:36 | 000,015,872 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualC\a140509b1342934fc5e58ae22ac9696c\Microsoft.VisualC.ni.dll MOD - [2011/12/19 11:14:21 | 000,971,264 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\bce0720436dc6cb76006377f295ea365\System.Configuration.ni.dll MOD - [2011/12/19 10:57:49 | 005,450,752 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\70cacc44f0b4257f6037eda7a59a0aeb\System.Xml.ni.dll MOD - [2011/12/18 20:06:29 | 006,616,576 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\ec323cf1df697cc0a45f67de685db90c\System.Data.ni.dll MOD - [2011/12/18 20:00:25 | 007,950,848 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\af39f6e644af02873b9bae319f2bfb13\System.ni.dll MOD - [2011/12/18 19:59:40 | 011,490,816 | ---- | M] () -- D:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll MOD - [2011/11/03 10:28:36 | 001,292,288 | ---- | M] () -- D:\WINDOWS\system32\quartz.dll MOD - [2011/11/03 10:28:36 | 000,386,048 | ---- | M] () -- D:\WINDOWS\system32\qdvd.dll MOD - [2011/08/22 15:47:44 | 000,336,408 | ---- | M] () -- D:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll MOD - [2011/08/20 21:37:40 | 000,018,784 | ---- | M] () -- D:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll MOD - [2011/08/20 20:56:00 | 000,435,552 | ---- | M] () -- D:\Program Files\Acronis\TrueImageHome\Common\ulxmlrpcpp.dll MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- D:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe MOD - [2011/08/12 12:18:30 | 000,265,240 | ---- | M] () -- D:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe MOD - [2011/03/09 11:29:38 | 000,886,272 | ---- | M] () -- D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\System.Data.SQLite.dll MOD - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () -- D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe MOD - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () -- D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe MOD - [2010/06/24 03:27:00 | 000,197,928 | ---- | M] () -- D:\Program Files\ManyCam\Bin\VideoSrc.dll MOD - [2010/05/07 17:37:40 | 000,126,808 | ---- | M] () -- D:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll MOD - [2010/05/07 17:37:40 | 000,027,480 | ---- | M] () -- D:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll MOD - [2010/05/07 17:36:54 | 000,340,824 | ---- | M] () -- D:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll MOD - [2010/05/07 17:35:56 | 007,954,776 | ---- | M] () -- D:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll MOD - [2010/05/07 17:35:44 | 002,143,576 | ---- | M] () -- D:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll MOD - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\FlipShareService.exe MOD - [2009/11/19 11:26:12 | 002,174,976 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\Core.dll MOD - [2009/11/19 11:18:16 | 000,708,608 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\qca2.dll MOD - [2009/11/19 11:14:38 | 006,443,008 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\QtGui4.dll MOD - [2009/11/19 11:14:38 | 000,356,352 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\QtXml4.dll MOD - [2009/11/19 11:14:38 | 000,188,416 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\QtSql4.dll MOD - [2009/11/19 11:14:36 | 001,581,056 | ---- | M] () -- D:\Program Files\Flip Video\FlipShare\QtCore4.dll MOD - [2009/02/05 10:51:12 | 000,388,768 | ---- | M] () -- D:\WINDOWS\system32\atwtusb.exe MOD - [2009/01/13 10:10:32 | 003,161,760 | ---- | M] () -- D:\WINDOWS\system32\WTMKM.exe MOD - [2008/04/13 19:12:03 | 000,192,512 | ---- | M] () -- D:\WINDOWS\system32\qcap.dll MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- D:\WINDOWS\system32\msdmo.dll MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- D:\WINDOWS\system32\devenum.dll MOD - [2006/08/29 08:29:00 | 000,180,224 | ---- | M] () -- D:\WINDOWS\system32\ATWTINK.DLL MOD - [2005/11/22 09:15:12 | 004,448,256 | ---- | M] () -- D:\Program Files\Common Files\Roxio Shared\DLLShared\ROXIPP4.dll
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
SRV - File not found [Auto | Stopped] -- -- (RoxWatch9) SRV - File not found [On_Demand | Stopped] -- -- (RoxMediaDB9) SRV - File not found [Disabled | Stopped] -- -- (RoxLiveShare9) SRV - [2012/02/17 11:32:24 | 003,409,872 | ---- | M] (Acronis) [Auto | Running] -- D:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv) SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/11/14 19:47:28 | 000,670,792 | ---- | M] (Juniper Networks) [Auto | Running] -- D:\Program Files\Juniper Networks\Common Files\dsNcService.exe -- (dsNcService) SRV - [2011/08/20 21:35:10 | 005,729,328 | ---- | M] (Acronis) [Auto | Running] -- D:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv) SRV - [2011/08/20 21:32:36 | 000,808,704 | ---- | M] (Acronis) [Auto | Running] -- D:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc) SRV - [2011/08/19 04:26:50 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- D:\Program Files\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv) SRV - [2011/04/22 07:21:10 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- D:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService) SRV - [2011/04/20 00:30:40 | 000,169,264 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- D:\Program Files\Retrospect\Retrospect 7.7\rthlpsvc.exe -- (Retrospect Helper) SRV - [2011/04/16 19:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- D:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe -- (N360) SRV - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME) SRV - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- D:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC) SRV - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService) SRV - [2010/11/30 01:23:56 | 001,037,672 | ---- | M] (Symantec Corporation) [Auto | Running] -- D:\Program Files\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe -- (SpeedDiskService) SRV - [2010/11/30 01:23:44 | 001,029,480 | ---- | M] (Symantec Corporation) [Auto | Running] -- D:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe -- (DiskDoctorService) SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- D:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2009/11/19 11:26:54 | 000,455,944 | ---- | M] () [Auto | Running] -- D:\Program Files\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service) SRV - [2009/10/14 18:59:54 | 000,099,688 | R--- | M] (Sony Corporation) [On_Demand | Stopped] -- D:\WINDOWS\system32\IcdSptSv.exe -- (ICDSPTSV) SRV - [2009/06/18 12:00:10 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- D:\Program Files\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh) SRV - [2009/06/18 11:24:42 | 000,159,744 | ---- | M] (Avid Technology, Inc.) [On_Demand | Stopped] -- D:\Program Files\Digidesign\Pro Tools\digiSPTIService.exe -- (digiSPTIService) SRV - [2009/02/05 10:51:12 | 000,388,768 | ---- | M] () [Auto | Running] -- D:\WINDOWS\System32\atwtusb.exe -- (WTService) SRV - [2007/07/24 11:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- d:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007/03/06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- D:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service) SRV - [2007/03/03 13:48:28 | 000,067,056 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2005/11/22 09:29:52 | 000,233,472 | ---- | M] (Sonic Solutions) [Disabled | Stopped] -- D:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxLiveShare.exe -- (RoxLiveShare) SRV - [2005/11/22 09:28:38 | 000,864,256 | ---- | M] (Sonic Solutions) [On_Demand | Running] -- D:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxMediaDB.exe -- (RoxMediaDB) SRV - [2005/11/22 09:26:14 | 000,155,648 | ---- | M] (Sonic Solutions) [Auto | Running] -- D:\Program Files\Common Files\Roxio Shared\SharedCOM8\RoxWatch.exe -- (RoxWatch) SRV - [2005/11/21 22:47:56 | 000,045,056 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- D:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe -- (RoxUPnPRenderer) SRV - [2005/11/21 22:47:10 | 000,409,600 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- D:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe -- (RoxUpnpServer) SRV - [2000/05/24 14:20:36 | 000,015,360 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- D:\WINDOWS\system32\ATMsrvc.exe -- (ATMsrvc)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV - [2012/02/17 11:32:32 | 000,234,752 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp) DRV - [2012/02/17 11:31:48 | 000,766,208 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\tdrpman.sys -- (tdrpman) DRV - [2012/02/17 11:31:32 | 000,609,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2012/02/17 11:30:56 | 000,126,112 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\vididr.sys -- (vididr) DRV - [2012/02/17 11:30:51 | 000,084,512 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\vsflt58.sys -- (vidsflt58) Acronis Disk Storage Filter (58) DRV - [2012/02/17 11:30:30 | 000,076,768 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\fltsrv.sys -- (fltsrv) DRV - [2012/02/04 07:44:55 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl) DRV - [2012/02/04 07:44:55 | 000,106,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv) DRV - [2011/12/23 20:58:18 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv) DRV - [2011/12/20 02:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService) DRV - [2011/12/19 11:10:26 | 001,576,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120216.033\NAVEX15.SYS -- (NAVEX15) DRV - [2011/12/19 11:10:26 | 000,086,136 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\VirusDefs\20120216.033\NAVENG.SYS -- (NAVENG) DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- D:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/12/05 22:42:18 | 007,490,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2011/11/30 21:25:03 | 000,820,344 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120215.001\BHDrvx86.sys -- (BHDrvx86) DRV - [2011/11/30 18:49:07 | 000,356,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120216.002\IDSXpx86.sys -- (IDSxpx86) DRV - [2011/11/14 19:14:44 | 000,026,624 | ---- | M] (Juniper Networks) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\dsNcAdpt.sys -- (dsNcAdpt) DRV - [2011/08/19 04:26:50 | 004,334,624 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech Webcam Pro 9000(UVC) DRV - [2011/08/19 04:26:46 | 000,315,808 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\lvrs.sys -- (LVRS) DRV - [2011/07/06 15:01:21 | 000,126,584 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent) DRV - [2011/04/20 20:37:49 | 000,369,784 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\System32\Drivers\N360\0502000.00D\SYMTDI.SYS -- (SYMTDI) DRV - [2011/03/30 22:00:09 | 000,516,216 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- D:\WINDOWS\System32\Drivers\N360\0502000.00D\SRTSP.SYS -- (SRTSP) DRV - [2011/03/30 22:00:09 | 000,050,168 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\N360\0502000.00D\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL) DRV - [2011/03/14 21:31:23 | 000,744,568 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- D:\WINDOWS\system32\drivers\N360\0502000.00D\SYMEFA.SYS -- (SymEFA) DRV - [2011/02/16 16:52:46 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM) DRV - [2011/01/27 01:47:10 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- D:\WINDOWS\system32\drivers\N360\0502000.00D\SYMDS.SYS -- (SymDS) DRV - [2011/01/27 00:07:05 | 000,136,312 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\N360\0502000.00D\Ironx86.SYS -- (SymIRON) DRV - [2010/11/30 01:24:00 | 000,108,800 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\SymSpeedDisk.sys -- (SYMSpeedDisk) DRV - [2010/11/30 01:23:58 | 000,128,248 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\SymDSMon.sys -- (SymDSMon) DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2010/05/14 17:04:20 | 000,023,904 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService) DRV - [2010/05/07 17:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon) DRV - [2009/12/11 22:20:37 | 000,033,848 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\nchssvad.sys -- (NCHSSVAD) SoundTap Recorder (32 Bit) DRV - [2009/08/24 23:10:52 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\BVRPMPR5.SYS -- (BVRPMPR5) DRV - [2009/05/21 14:39:54 | 000,090,472 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd) DRV - [2009/02/11 08:47:48 | 000,156,552 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\mausbft.sys -- (MAUSBFT) DRV - [2008/01/23 16:38:25 | 000,032,768 | ---- | M] (Acronis) [File_System | Auto | Running] -- D:\WINDOWS\system32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2008/01/23 16:38:06 | 000,120,992 | ---- | M] (Acronis) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2007/07/26 06:13:04 | 000,023,168 | ---- | M] () [Kernel | System | Running] -- D:\WINDOWS\system32\drivers\aiptektp.sys -- (aiptektp) DRV - [2007/06/18 20:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\motmodem.sys -- (motmodem) DRV - [2006/11/02 07:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB) DRV - [2005/11/22 00:49:40 | 000,050,176 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- D:\WINDOWS\system32\drivers\RxFilter.sys -- (RxFilter) DRV - [2005/10/22 07:05:00 | 000,311,680 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- D:\WINDOWS\System32\drivers\Cdudf_xp.sys -- (cdudf_xp) DRV - [2005/10/22 07:05:00 | 000,119,168 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- D:\WINDOWS\System32\drivers\Pwd_2k.sys -- (pwd_2k) DRV - [2005/10/22 07:05:00 | 000,027,264 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Running] -- D:\WINDOWS\System32\drivers\dvd_2k.sys -- (dvd_2K) DRV - [2005/10/22 07:05:00 | 000,027,136 | ---- | M] (Sonic Solutions) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\System32\drivers\mmc_2k.sys -- (mmc_2K) DRV - [2005/09/27 13:50:00 | 001,021,832 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\sthda.sys -- (STHDA) DRV - [2005/09/26 17:46:48 | 000,041,728 | ---- | M] (Sonic Focus, Inc) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\sfng32.sys -- (sfng32) DRV - [2005/04/27 22:24:20 | 000,120,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\USBAV191.SYS -- (USBAV191) DRV - [2005/03/31 11:32:42 | 000,175,104 | ---- | M] (Silicon Image, Inc) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\Si3114r5.sys -- (Si3114r5) DRV - [2004/11/01 12:21:32 | 000,010,368 | ---- | M] (Silicon Image, Inc.) [Kernel | Boot | Running] -- D:\WINDOWS\system32\DRIVERS\SiWinAcc.sys -- (SiFilter) DRV - [2003/12/09 05:53:06 | 000,009,728 | R--- | M] (Western Digital) [Kernel | On_Demand | Stopped] -- D:\WINDOWS\system32\drivers\inibtmgr.sys -- (inibtmgr) DRV - [2001/08/17 08:28:18 | 000,794,399 | ---- | M] (U.S. Robotics, Inc.) [Kernel | On_Demand | Running] -- D:\WINDOWS\system32\drivers\USR1806V.SYS -- (USR1806V)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=grupo&s={searchTerms}&f=4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://finalsite.ccsu.edu/page.cfm?p=2118 IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
[color=#E56717]========== FireFox ==========[/color]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: d:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: d:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: d:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: D:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: D:\Documents and Settings\All Users.WINDOWS\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: d:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: D:\Documents and Settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ [2012/02/02 06:07:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: D:\Documents and Settings\All Users.WINDOWS\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_5_2 [2012/02/17 15:53:27 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: D:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/02/09 22:42:01 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: D:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/02/09 22:42:01 | 000,000,000 | ---D | M]
[2012/02/07 09:43:42 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\1Gustavo\Application Data\Mozilla\Extensions [2010/12/25 15:20:52 | 000,000,000 | ---D | M] (No name found) -- D:\Documents and Settings\1Gustavo\Application Data\Mozilla\Extensions\home2@tomtom.com [2012/02/07 09:45:00 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files\Mozilla Firefox\extensions [2011/12/26 17:44:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- D:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2010/04/27 12:40:48 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010/09/27 05:06:56 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010/10/29 15:31:09 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010/12/27 11:14:56 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [2011/03/03 17:20:41 | 000,000,000 | ---D | M] (Java Console) -- D:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2009/03/31 21:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- D:\Program Files\mozilla firefox\components\coFFPlgn.dll [2009/06/10 11:20:12 | 000,027,976 | ---- | M] (WebEx Communications, Inc) -- D:\Program Files\mozilla firefox\plugins\atgpcdec.dll [2009/06/10 11:20:20 | 000,126,360 | ---- | M] (WebEx Communications, Inc) -- D:\Program Files\mozilla firefox\plugins\atgpcext.dll [2009/06/10 11:22:02 | 000,046,408 | ---- | M] () -- D:\Program Files\mozilla firefox\plugins\atmccli.dll [2009/07/13 14:01:10 | 000,098,712 | ---- | M] (WebEx Communications, Inc) -- D:\Program Files\mozilla firefox\plugins\ieatgpc.dll [2009/06/10 11:20:32 | 000,060,824 | ---- | M] (WebEx Communications, Inc) -- D:\Program Files\mozilla firefox\plugins\npatgpc.dll [2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2012/01/11 14:47:41 | 000,002,048 | ---- | M] () -- D:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
O1 HOSTS File: ([2012/02/07 12:49:35 | 000,000,734 | ---- | M]) - D:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (IE to GetRight Helper) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\Program Files\GetRight\free\xx2gr.dll (Headlight Software, Inc.) O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation) O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\Program Files\Norton 360\Engine\5.2.0.13\ips\ipsbho.dll (Symantec Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - D:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Norton 360\Engine\5.2.0.13\coieplg.dll (Symantec Corporation) O4 - HKLM..\Run: [Acronis Scheduler2 Service] D:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [atwtusb] D:\WINDOWS\System32\atwtusb.exe () O4 - HKLM..\Run: [IntelAudioStudio] D:\Program Files\Intel Audio Studio\IntelAudioStudio.exe (Intel Corporation) O4 - HKLM..\Run: [LWS] D:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.) O4 - HKLM..\Run: [MacrokeyManager] D:\WINDOWS\System32\WTMKM.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] D:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKLM..\Run: [SetIcon] \Program Files\WDC\SetIcon.exe () O4 - HKLM..\Run: [SigmatelSysTrayApp] sttray.exe File not found O4 - HKLM..\Run: [Standby] d:\Program Files\Common Files\Corel\Standby\Standby.exe (Corel) O4 - HKLM..\Run: [StartCCC] D:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TkBellExe] D:\Program Files\real\realplayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] D:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - Startup: D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\SATARAID5.lnk = File not found O4 - Startup: D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\WDDMStatus.lnk = D:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (Western Digital Technologies, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149 O8 - Extra context menu item: &Search - Reg Error: Value error. File not found O8 - Extra context menu item: Download with GetRight - D:\Program Files\GetRight\free\GRDownload.htm () O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\GetRight\free\GRBrowse.htm () O8 - Extra context menu item: Search the Web - D:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab (Office Genuine Advantage Validation Tool) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (BitDefender QuickScan Control) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1206439103687 (MUWebControl Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O16 - DPF: {F92211F4-3913-4DC2-A275-756374D848B0} http://mydeuce.kicks-ass.net/MP4DVR.cab (ERViewerOCX Control) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{01E5B241-C767-49E3-A932-9BC42255B22E}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\mctp - No CLSID value found O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - D:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - D:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (D:\WINDOWS\system32\userinit.exe) - D:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - D:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\MsMsgSrv: DllName - (MsMsgSrv.DLL) - File not found O24 - Desktop WallPaper: D:\Documents and Settings\1Gustavo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: D:\Documents and Settings\1Gustavo\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - D:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 | actions · 2012-Feb-17 5:35 pm · (locked) | lilhurricane |
O32 - AutoRun File - [2009/01/10 17:40:20 | 000,000,050 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2006/06/02 16:40:48 | 000,000,000 | ---- | M] () - K:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{1f4fe29c-df67-11dd-bc5a-0016761f2be5}\Shell\AutoRun\command - "" = H:\Setup_FlipShare.exe O33 - MountPoints2\{1f4fe29c-df67-11dd-bc5a-0016761f2be5}\Shell\Setup FlipShare\command - "" = H:\Setup_FlipShare.exe O33 - MountPoints2\{3c140f92-0cf9-11de-bc95-0016761f2be5}\Shell - "" = AutoRun O33 - MountPoints2\{3c140f92-0cf9-11de-bc95-0016761f2be5}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3c140f92-0cf9-11de-bc95-0016761f2be5}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{3c140f94-0cf9-11de-bc95-0016761f2be5}\Shell\Auto\command - "" = tel.xls.exe O33 - MountPoints2\{3c140f94-0cf9-11de-bc95-0016761f2be5}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{3c140f94-0cf9-11de-bc95-0016761f2be5}\Shell\AutoRun\command - "" = D:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL tel.xls.exe O33 - MountPoints2\{54c9ba1c-70c9-11de-ba0c-0016761f2be5}\Shell - "" = AutoRun O33 - MountPoints2\{54c9ba1c-70c9-11de-ba0c-0016761f2be5}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{54c9ba1c-70c9-11de-ba0c-0016761f2be5}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{54c9ba1e-70c9-11de-ba0c-0016761f2be5}\Shell - "" = AutoRun O33 - MountPoints2\{54c9ba1e-70c9-11de-ba0c-0016761f2be5}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{54c9ba1e-70c9-11de-ba0c-0016761f2be5}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{812628c4-7138-11de-ba0d-0016761f2be5}\Shell - "" = AutoRun O33 - MountPoints2\{812628c4-7138-11de-ba0d-0016761f2be5}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{812628c4-7138-11de-ba0d-0016761f2be5}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{ab54e614-c9f8-11dc-872f-0016761f2be5}\Shell - "" = AutoRun O33 - MountPoints2\{ab54e614-c9f8-11dc-872f-0016761f2be5}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{ab54e614-c9f8-11dc-872f-0016761f2be5}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O33 - MountPoints2\{bbbf7e65-c814-11dc-b3cc-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{bbbf7e65-c814-11dc-b3cc-806d6172696f}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{bbbf7e65-c814-11dc-b3cc-806d6172696f}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{cf650308-b2a9-11df-bb48-0016761f2be5}\Shell - "" = AutoRun O33 - MountPoints2\{cf650308-b2a9-11df-bb48-0016761f2be5}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{cf650308-b2a9-11df-bb48-0016761f2be5}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a O33 - MountPoints2\{f2ddbb13-5a9b-11dd-bbaf-0016761f2be5}\Shell\AutoRun\command - "" = G:\JDSecure\Windows\JDSecure31.exe O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %*
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2012/02/17 16:33:15 | 000,584,192 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\1Gustavo\Desktop\OTL.exe [2012/02/17 16:02:50 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Application Data\QuickScan [2012/02/17 12:47:53 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Application Data\Malwarebytes [2012/02/17 12:47:25 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/02/17 12:47:20 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes [2012/02/17 12:47:17 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- D:\WINDOWS\System32\drivers\mbam.sys [2012/02/17 12:47:17 | 000,000,000 | ---D | C] -- D:\Program Files\Malwarebytes' Anti-Malware [2012/02/17 12:45:15 | 009,502,424 | ---- | C] (Malwarebytes Corporation ) -- D:\Documents and Settings\1Gustavo\Desktop\mbam--setup-1.60.1.1000.exe [2012/02/17 12:02:21 | 000,446,464 | ---- | C] (OldTimer Tools) -- D:\Documents and Settings\1Gustavo\Desktop\TFC.exe [2012/02/17 11:32:32 | 000,234,752 | ---- | C] (Acronis) -- D:\WINDOWS\System32\drivers\afcdp.sys [2012/02/17 11:31:48 | 000,766,208 | ---- | C] (Acronis) -- D:\WINDOWS\System32\drivers\tdrpman.sys [2012/02/17 11:30:56 | 000,126,112 | ---- | C] (Acronis) -- D:\WINDOWS\System32\drivers\vididr.sys [2012/02/17 11:30:56 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Application Data\30E56105-8D4E-4EFE-B61C-1E55A5433C4F [2012/02/17 11:30:51 | 000,084,512 | ---- | C] (Acronis) -- D:\WINDOWS\System32\drivers\vsflt58.sys [2012/02/17 11:30:30 | 000,076,768 | ---- | C] (Acronis) -- D:\WINDOWS\System32\drivers\fltsrv.sys [2012/02/17 11:29:49 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Acronis [2012/02/17 11:29:43 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Start Menu\Programs\Acronis [2012/02/17 11:28:08 | 000,000,000 | ---D | C] -- D:\Program Files\Acronis [2012/02/17 11:28:06 | 000,000,000 | ---D | C] -- D:\Program Files\Common Files\Acronis [2012/02/17 11:05:59 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Application Data\Acronis [2012/02/17 11:05:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Acronis [2012/02/10 05:59:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\WEBREG [2012/02/10 05:54:04 | 000,123,904 | ---- | C] (Hewlett-Packard Company) -- D:\WINDOWS\System32\hpf3l70w.dll [2012/02/10 05:53:07 | 000,315,392 | R--- | C] (Hewlett-Packard Co.) -- D:\WINDOWS\System32\hpwvst01.dll [2012/02/10 05:53:06 | 000,966,656 | R--- | C] (Hewlett-Packard Co.) -- D:\WINDOWS\System32\hpwtiop5.dll [2012/02/10 05:53:06 | 000,749,568 | R--- | C] (Hewlett-Packard) -- D:\WINDOWS\System32\hpwwiax6.dll [2012/02/09 23:01:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Yahoo! Companion [2012/02/09 23:01:26 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Application Data\Yahoo! [2012/02/09 23:01:22 | 000,000,000 | ---D | C] -- D:\Program Files\Yahoo! [2012/02/09 20:44:58 | 000,000,000 | ---D | C] -- D:\WINDOWS\hpoj4500g510g-m [2012/01/26 13:52:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\ATI [2012/01/26 13:52:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Local Settings\Application Data\ATI [2012/01/26 13:52:40 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Application Data\ATI [2012/01/26 13:41:26 | 000,000,000 | ---D | C] -- D:\Program Files\AMD APP [2012/01/26 13:41:00 | 000,000,000 | ---D | C] -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Catalyst Control Center [2012/01/26 13:35:28 | 000,000,000 | ---D | C] -- D:\Program Files\ATI [2012/01/26 13:34:56 | 000,000,000 | ---D | C] -- D:\Program Files\ATI Technologies [2012/01/26 13:28:01 | 000,000,000 | ---D | C] -- D:\AMD [2012/01/26 08:30:57 | 000,311,296 | ---- | C] (ATI Technologies Inc.) -- D:\WINDOWS\System32\atiiiexx.dll [2012/01/26 08:30:40 | 000,466,944 | ---- | C] (Advanced Micro Devices, Inc.) -- D:\WINDOWS\System32\ATIDEMGX.dll [2012/01/26 08:28:52 | 000,100,368 | ---- | C] (Advanced Micro Devices) -- D:\WINDOWS\System32\drivers\AtihdXP3.sys [2012/01/23 21:08:58 | 000,000,000 | ---D | C] -- D:\Documents and Settings\1Gustavo\Application Data\Windows Search [2008/07/23 17:44:29 | 000,964,218 | ---- | C] (Click2learn, Inc.) -- D:\Program Files\OTSMENU.exe [2008/07/23 17:44:29 | 000,717,965 | ---- | C] (click2learn.com, inc.) -- D:\Program Files\InstallTest.exe [2008/07/23 17:44:28 | 002,036,730 | ---- | C] (click2learn.com, inc.) -- D:\Program Files\Givetest.EXE [2008/07/23 17:44:27 | 000,760,758 | ---- | C] (click2learn.com, inc.) -- D:\Program Files\EditTaskList.exe [2008/07/23 17:44:26 | 001,546,606 | ---- | C] (click2learn.com, inc.) -- D:\Program Files\CreateQuestions.exe [2008/07/23 17:44:26 | 000,943,546 | ---- | C] (click2learn.com, inc.) -- D:\Program Files\AssessResults.exe
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2012/02/17 16:33:20 | 000,584,192 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\1Gustavo\Desktop\OTL.exe [2012/02/17 16:33:00 | 000,000,890 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/02/17 15:51:00 | 000,002,422 | ---- | M] () -- D:\WINDOWS\System32\wpa.dbl [2012/02/17 15:50:03 | 000,000,284 | ---- | M] () -- D:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1220945662-1454471165-839522115-1003.job [2012/02/17 15:49:52 | 000,000,882 | ---- | M] () -- D:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/02/17 15:49:11 | 000,002,048 | --S- | M] () -- D:\WINDOWS\bootstat.dat [2012/02/17 15:48:38 | 3486,871,552 | -HS- | M] () -- D:\hiberfil.sys [2012/02/17 15:48:35 | 000,000,000 | ---- | M] () -- D:\WINDOWS\System32\drivers\lvuvc.hs [2012/02/17 12:47:29 | 000,000,793 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk [2012/02/17 12:45:35 | 009,502,424 | ---- | M] (Malwarebytes Corporation ) -- D:\Documents and Settings\1Gustavo\Desktop\mbam--setup-1.60.1.1000.exe [2012/02/17 12:02:32 | 000,772,954 | ---- | M] () -- D:\WINDOWS\System32\drivers\N360\0502000.00D\Cat.DB [2012/02/17 12:02:22 | 000,446,464 | ---- | M] (OldTimer Tools) -- D:\Documents and Settings\1Gustavo\Desktop\TFC.exe [2012/02/17 11:32:32 | 000,234,752 | ---- | M] (Acronis) -- D:\WINDOWS\System32\drivers\afcdp.sys [2012/02/17 11:31:48 | 000,766,208 | ---- | M] (Acronis) -- D:\WINDOWS\System32\drivers\tdrpman.sys [2012/02/17 11:31:32 | 000,609,760 | ---- | M] (Acronis) -- D:\WINDOWS\System32\drivers\timntr.sys [2012/02/17 11:30:56 | 000,126,112 | ---- | M] (Acronis) -- D:\WINDOWS\System32\drivers\vididr.sys [2012/02/17 11:30:51 | 000,084,512 | ---- | M] (Acronis) -- D:\WINDOWS\System32\drivers\vsflt58.sys [2012/02/17 11:30:30 | 000,076,768 | ---- | M] (Acronis) -- D:\WINDOWS\System32\drivers\fltsrv.sys [2012/02/17 11:29:44 | 000,000,873 | ---- | M] () -- D:\Documents and Settings\1Gustavo\Desktop\Acronis True Image Home 2012.lnk [2012/02/12 23:05:00 | 000,000,254 | ---- | M] () -- D:\WINDOWS\tasks\NUSchedule.job [2012/02/12 19:26:00 | 000,000,292 | ---- | M] () -- D:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1220945662-1454471165-839522115-1003.job [2012/02/10 05:57:58 | 000,205,440 | ---- | M] () -- D:\WINDOWS\hpwins26.dat [2012/02/09 21:11:11 | 000,001,817 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012/02/09 19:51:44 | 000,204,970 | ---- | M] () -- D:\WINDOWS\hpwins26.dat.temp [2012/02/07 09:07:36 | 000,000,508 | ---- | M] () -- D:\Documents and Settings\1Gustavo\Desktop\terminate.vbs [2012/02/06 20:48:03 | 000,000,290 | ---- | M] () -- D:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1220945662-1454471165-839522115-1006.job [2012/02/03 21:01:28 | 000,180,224 | ---- | M] () -- D:\Documents and Settings\1Gustavo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/02/03 05:59:56 | 000,028,401 | ---- | M] () -- D:\Documents and Settings\1Gustavo\Desktop\PlacementEntry.pub [2012/02/02 06:01:51 | 000,001,909 | ---- | M] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\Norton 360.LNK [2012/01/28 00:27:32 | 000,000,172 | ---- | M] () -- D:\WINDOWS\System32\drivers\N360\0502000.00D\isolate.ini [2012/01/26 08:25:08 | 000,001,324 | ---- | M] () -- D:\WINDOWS\System32\d3d9caps.dat [2012/01/26 07:55:33 | 000,000,059 | ---- | M] () -- D:\WINDOWS\WININIT.INI
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2012/02/17 12:47:28 | 000,000,793 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes Anti-Malware.lnk [2012/02/17 11:29:44 | 000,000,873 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Desktop\Acronis True Image Home 2012.lnk [2012/02/09 22:17:47 | 000,000,731 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\I.R.I.S. OCR Registration.lnk [2012/02/09 21:11:10 | 000,001,817 | ---- | C] () -- D:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2012/02/09 20:14:48 | 000,204,970 | ---- | C] () -- D:\WINDOWS\hpwins26.dat.temp [2012/02/09 20:14:48 | 000,000,370 | ---- | C] () -- D:\WINDOWS\hpwmdl26.dat.temp [2012/02/09 19:20:13 | 000,205,440 | ---- | C] () -- D:\WINDOWS\hpwins26.dat [2012/02/09 19:20:12 | 000,000,370 | ---- | C] () -- D:\WINDOWS\hpwmdl26.dat [2012/02/07 09:07:36 | 000,000,508 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Desktop\terminate.vbs [2012/01/26 08:30:58 | 000,036,338 | ---- | C] () -- D:\WINDOWS\atiogl.xml [2012/01/26 08:30:32 | 000,219,080 | ---- | C] () -- D:\WINDOWS\System32\atiapfxx.blb [2012/01/26 08:30:26 | 000,887,724 | ---- | C] () -- D:\WINDOWS\System32\ativva6x.dat [2012/01/26 08:30:25 | 000,608,507 | ---- | C] () -- D:\WINDOWS\System32\atiicdxx.dat [2012/01/26 08:30:25 | 000,000,003 | ---- | C] () -- D:\WINDOWS\System32\ativva5x.dat [2012/01/14 12:18:15 | 000,077,421 | ---- | C] () -- D:\WINDOWS\hpqins05.dat [2012/01/11 15:27:50 | 000,110,592 | ---- | C] () -- D:\WINDOWS\System32\FsUsbExDevice.Dll [2012/01/11 15:27:50 | 000,036,608 | ---- | C] () -- D:\WINDOWS\System32\FsUsbExDisk.Sys [2011/12/23 20:58:28 | 000,030,568 | ---- | C] () -- D:\WINDOWS\MusiccityDownload.exe [2011/12/23 20:58:24 | 000,974,848 | ---- | C] () -- D:\WINDOWS\System32\cis-2.4.dll [2011/12/23 20:58:24 | 000,081,920 | ---- | C] () -- D:\WINDOWS\System32\issacapi_bs-2.3.dll [2011/12/23 20:58:24 | 000,065,536 | ---- | C] () -- D:\WINDOWS\System32\issacapi_pe-2.3.dll [2011/12/23 20:58:24 | 000,057,344 | ---- | C] () -- D:\WINDOWS\System32\issacapi_se-2.3.dll [2011/12/05 22:04:00 | 000,059,904 | ---- | C] () -- D:\WINDOWS\System32\OpenVideo.dll [2011/12/05 22:03:52 | 000,054,784 | ---- | C] () -- D:\WINDOWS\System32\OVDecode.dll [2011/08/12 12:20:14 | 000,015,896 | ---- | C] () -- D:\WINDOWS\System32\drivers\iKeyLFT2.dll [2011/07/06 15:24:18 | 000,036,712 | ---- | C] () -- D:\WINDOWS\System32\CleanMFT32.exe [2011/04/07 07:20:36 | 000,000,754 | ---- | C] () -- D:\WINDOWS\WORDPAD.INI [2011/03/26 09:17:17 | 003,161,760 | ---- | C] () -- D:\WINDOWS\System32\WTMKM.exe [2011/03/26 09:17:17 | 000,180,224 | ---- | C] () -- D:\WINDOWS\System32\ATWTINK.DLL [2011/03/26 09:17:17 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\InstallService.exe [2011/03/26 09:17:16 | 000,010,251 | ---- | C] () -- D:\WINDOWS\System32\Vista.ini [2011/03/26 09:17:16 | 000,009,868 | ---- | C] () -- D:\WINDOWS\System32\XP_2000.ini [2011/03/26 09:17:16 | 000,000,593 | ---- | C] () -- D:\WINDOWS\System32\MKProfile.ini [2011/01/20 22:05:02 | 000,179,718 | ---- | C] () -- D:\WINDOWS\hpwins14.dat [2011/01/20 22:05:01 | 000,001,108 | R--- | C] () -- D:\WINDOWS\hpwmdl14.dat [2011/01/04 19:11:38 | 000,001,940 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini [2010/11/16 14:21:55 | 000,007,378 | ---- | C] () -- D:\WINDOWS\System32\makobbot.dll [2010/11/16 14:21:55 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\voxigker.dll [2010/11/16 14:21:55 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\mekires.exe [2010/11/16 14:21:55 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\delokapp.dll [2010/11/16 14:21:55 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\conansec.dll [2010/11/16 14:21:55 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\drivers\binuvmag.sys [2010/11/16 14:21:55 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\apixont.dll [2010/08/25 20:30:25 | 000,000,000 | ---- | C] () -- D:\WINDOWS\DVEdit.INI [2010/08/25 16:14:13 | 000,354,816 | ---- | C] () -- D:\WINDOWS\System32\psisdecd.dll [2010/08/25 16:13:12 | 000,124,264 | R--- | C] () -- D:\WINDOWS\System32\mp3dec.dll [2010/08/25 16:13:12 | 000,081,920 | R--- | C] () -- D:\WINDOWS\System32\dsp_trc.dll [2010/08/25 16:13:12 | 000,010,600 | R--- | C] () -- D:\WINDOWS\System32\IcdSptSvps.dll [2010/05/14 16:56:06 | 010,898,456 | ---- | C] () -- D:\WINDOWS\System32\LogiDPP.dll [2010/05/14 16:56:06 | 000,104,472 | ---- | C] () -- D:\WINDOWS\System32\LogiDPPApp.exe [2010/05/14 16:55:58 | 000,336,408 | ---- | C] () -- D:\WINDOWS\System32\DevManagerCore.dll [2010/05/14 16:47:00 | 000,028,418 | ---- | C] () -- D:\WINDOWS\System32\lvcoinst.ini [2010/05/07 17:43:30 | 000,025,824 | ---- | C] () -- D:\WINDOWS\System32\drivers\LVPr2Mon.sys [2010/02/22 18:34:16 | 000,001,324 | ---- | C] () -- D:\WINDOWS\System32\d3d9caps.dat [2010/02/12 10:40:36 | 006,344,704 | ---- | C] () -- D:\WINDOWS\System32\botavsec.exe [2010/02/11 13:41:56 | 006,631,424 | ---- | C] () -- D:\WINDOWS\System32\sndiwchk.exe [2010/02/11 12:02:20 | 000,017,959 | ---- | C] () -- D:\WINDOWS\System32\dskakdel.dll [2009/12/13 13:55:44 | 000,217,088 | ---- | C] () -- D:\WINDOWS\System32\qtmlClient.dll [2009/12/11 14:27:34 | 000,323,006 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Application Data\speech.wav [2009/11/07 17:47:47 | 000,000,437 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Application Data\spell.cfg [2009/11/07 17:47:47 | 000,000,145 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Application Data\userdata2.adl [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- D:\WINDOWS\System32\OGACheckControl.dll [2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- D:\WINDOWS\System32\OGAEXEC.exe [2009/04/30 04:54:51 | 000,000,035 | ---- | C] () -- D:\WINDOWS\A6W.INI [2009/04/25 11:34:39 | 000,012,717 | R--- | C] () -- D:\WINDOWS\hpwscr14.dat [2008/12/31 10:07:05 | 000,388,768 | ---- | C] () -- D:\WINDOWS\System32\atwtusb.exe [2008/12/31 10:07:05 | 000,102,048 | ---- | C] () -- D:\WINDOWS\RmTablet.exe [2008/12/31 10:07:05 | 000,061,440 | ---- | C] () -- D:\WINDOWS\System32\tblmouse.exe [2008/12/31 10:07:05 | 000,023,168 | ---- | C] () -- D:\WINDOWS\System32\drivers\aiptektp.sys [2008/12/31 10:07:05 | 000,007,323 | ---- | C] () -- D:\WINDOWS\aiptbl.ini [2008/12/31 10:04:54 | 000,000,046 | ---- | C] () -- D:\WINDOWS\RmFile.ini [2008/12/31 10:04:36 | 000,053,728 | ---- | C] () -- D:\WINDOWS\rmfile.exe [2008/12/31 10:04:36 | 000,043,664 | ---- | C] () -- D:\WINDOWS\addrun.exe [2008/12/26 22:25:20 | 000,000,256 | ---- | C] () -- D:\WINDOWS\System32\pool.bin [2008/12/02 18:06:11 | 000,000,000 | ---- | C] () -- D:\WINDOWS\flowview.INI [2008/10/22 19:50:31 | 000,000,237 | ---- | C] () -- D:\WINDOWS\swacnfg.ini [2008/09/30 11:00:04 | 000,088,536 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Local Settings\Application Data\rx_audio.Cache [2008/09/02 08:17:02 | 000,000,056 | -H-- | C] () -- D:\WINDOWS\System32\ezsidmv.dat [2008/08/26 05:37:17 | 000,001,304 | ---- | C] () -- D:\WINDOWS\checkip.dat [2008/07/29 15:30:48 | 000,480,688 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Local Settings\Application Data\rx_image.Cache [2008/07/23 17:44:47 | 000,000,233 | ---- | C] () -- D:\WINDOWS\asym.ini [2008/07/23 17:44:31 | 000,173,612 | ---- | C] () -- D:\Program Files\SNDTEST.WAV [2008/07/23 17:44:30 | 000,314,924 | ---- | C] () -- D:\Program Files\INSTRUCT.WAV [2008/07/23 17:44:30 | 000,226,860 | ---- | C] () -- D:\Program Files\ENDTEST.WAV [2008/07/23 17:44:30 | 000,004,640 | ---- | C] () -- D:\Program Files\NATURE.WAV [2008/07/23 17:44:25 | 000,009,757 | ---- | C] () -- D:\Program Files\DeIsL1.isu [2008/07/06 08:53:22 | 001,513,984 | ---- | C] () -- D:\WINDOWS\System32\Mgxrdr32.dll [2008/07/06 08:53:21 | 000,306,688 | ---- | C] () -- D:\WINDOWS\System32\LFFPX7.DLL [2008/07/06 08:53:21 | 000,095,232 | ---- | C] () -- D:\WINDOWS\System32\LFKODAK.DLL [2008/07/06 08:50:48 | 000,082,944 | ---- | C] () -- D:\WINDOWS\System32\Ppiv20.dll [2008/05/26 20:59:42 | 000,018,904 | ---- | C] () -- D:\WINDOWS\System32\structuredqueryschematrivial.bin [2008/05/26 20:59:40 | 000,106,605 | ---- | C] () -- D:\WINDOWS\System32\structuredqueryschema.bin [2008/03/24 20:53:22 | 000,002,528 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Application Data\$_hpcst$.hpc [2008/03/22 11:38:31 | 000,000,129 | ---- | C] () -- D:\WINDOWS\MSPublisher_Quark Converter.INI [2008/03/22 08:29:15 | 000,486,704 | ---- | C] () -- D:\WINDOWS\System32\FNTCACHE.DAT [2008/03/21 15:50:44 | 000,000,510 | ---- | C] () -- D:\WINDOWS\ODBC.INI [2008/03/21 15:42:08 | 000,042,483 | ---- | C] () -- D:\WINDOWS\ICCCODES.DAT [2008/03/21 15:42:08 | 000,039,095 | ---- | C] () -- D:\WINDOWS\Iccsigs.dat [2008/03/21 15:42:08 | 000,000,156 | ---- | C] () -- D:\WINDOWS\KPCMS.INI [2008/03/21 15:41:46 | 000,210,944 | ---- | C] () -- D:\WINDOWS\System32\MSVCRT10.DLL [2008/03/19 09:53:53 | 000,000,134 | ---- | C] () -- D:\WINDOWS\Readiris.ini [2008/03/19 09:53:44 | 000,023,040 | ---- | C] () -- D:\WINDOWS\System32\irisco32.dll [2008/03/13 14:58:31 | 000,002,071 | ---- | C] () -- D:\WINDOWS\panose.bin [2008/02/19 01:33:34 | 000,446,352 | ---- | C] () -- D:\WINDOWS\System32\OpenQuicktimeLib.dll [2008/02/03 10:52:13 | 000,000,207 | ---- | C] () -- D:\WINDOWS\cdplayer.ini [2008/02/03 09:19:07 | 000,180,224 | ---- | C] () -- D:\Documents and Settings\1Gustavo\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2008/01/31 18:05:01 | 000,000,035 | ---- | C] () -- D:\WINDOWS\webica.ini [2008/01/28 15:33:46 | 000,001,485 | ---- | C] () -- D:\WINDOWS\MTB30.INI [2008/01/26 15:06:50 | 000,000,059 | ---- | C] () -- D:\WINDOWS\WININIT.INI [2008/01/25 17:44:54 | 000,000,165 | ---- | C] () -- D:\WINDOWS\Quicken.ini [2008/01/25 16:08:08 | 000,210,456 | ---- | C] () -- D:\WINDOWS\System32\IVIresizeW7.dll [2008/01/25 16:08:08 | 000,206,360 | ---- | C] () -- D:\WINDOWS\System32\IVIresizeA6.dll [2008/01/25 16:08:08 | 000,198,168 | ---- | C] () -- D:\WINDOWS\System32\IVIresizeP6.dll [2008/01/25 16:08:08 | 000,198,168 | ---- | C] () -- D:\WINDOWS\System32\IVIresizeM6.dll [2008/01/25 16:08:08 | 000,194,072 | ---- | C] () -- D:\WINDOWS\System32\IVIresizePX.dll [2008/01/25 16:08:08 | 000,026,136 | ---- | C] () -- D:\WINDOWS\System32\IVIresize.dll [2008/01/24 19:21:14 | 000,001,167 | ---- | C] () -- D:\WINDOWS\mozver.dat [2008/01/21 21:53:53 | 000,000,063 | ---- | C] () -- D:\WINDOWS\sbwin.ini [2008/01/21 16:10:06 | 000,001,839 | ---- | C] () -- D:\WINDOWS\TT3.INI [2008/01/21 15:37:54 | 000,002,048 | --S- | C] () -- D:\WINDOWS\bootstat.dat [2008/01/21 15:26:21 | 000,021,640 | ---- | C] () -- D:\WINDOWS\System32\emptyregdb.dat [2008/01/21 15:02:25 | 000,000,000 | ---- | C] () -- D:\WINDOWS\nsreg.dat [2008/01/21 14:20:57 | 000,000,000 | ---- | C] () -- D:\WINDOWS\ativpsrm.bin [2008/01/21 07:02:34 | 000,004,346 | ---- | C] () -- D:\WINDOWS\ODBCINST.INI [2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- D:\WINDOWS\System32\drivers\StarOpen.sys [2007/09/27 09:51:02 | 000,020,698 | ---- | C] () -- D:\WINDOWS\System32\idxcntrs.ini [2007/09/27 09:48:48 | 000,030,628 | ---- | C] () -- D:\WINDOWS\System32\gsrvctr.ini [2007/09/27 09:48:28 | 000,031,698 | ---- | C] () -- D:\WINDOWS\System32\gthrctr.ini [2005/12/01 14:05:44 | 000,000,000 | ---- | C] () -- D:\WINDOWS\System32\px.ini [2005/11/14 14:40:28 | 000,204,800 | ---- | C] () -- D:\WINDOWS\System32\CddbFileTaggerRoxio.dll [2005/11/10 11:30:04 | 003,596,288 | R--- | C] () -- D:\WINDOWS\System32\qt-dx331.dll [2005/11/10 11:30:02 | 000,524,288 | R--- | C] () -- D:\WINDOWS\System32\divxsm.exe [2005/10/14 16:09:48 | 000,051,304 | ---- | C] () -- D:\WINDOWS\System32\drivers\atnt40k.sys [2005/07/15 13:35:56 | 000,831,488 | ---- | C] () -- D:\WINDOWS\System32\libeay32.dll [2005/07/15 13:35:56 | 000,159,744 | ---- | C] () -- D:\WINDOWS\System32\ssleay32.dll [2005/04/27 22:24:20 | 000,120,128 | ---- | C] () -- D:\WINDOWS\System32\drivers\USBAV191.SYS [2004/11/30 04:10:00 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\besch.exe [2004/11/30 04:10:00 | 000,028,672 | ---- | C] () -- D:\WINDOWS\System32\besched.dll [2004/08/04 07:00:00 | 013,107,200 | ---- | C] () -- D:\WINDOWS\System32\oembios.bin [2004/08/04 07:00:00 | 006,627,328 | ---- | C] () -- D:\WINDOWS\System32\verixget.exe [2004/08/04 07:00:00 | 001,691,648 | ---- | C] () -- D:\WINDOWS\System32\keraglib.dll [2004/08/04 07:00:00 | 001,683,456 | ---- | C] () -- D:\WINDOWS\System32\selesreg.dll [2004/08/04 07:00:00 | 000,755,200 | ---- | C] () -- D:\WINDOWS\System32\ir50_32.dll [2004/08/04 07:00:00 | 000,673,088 | ---- | C] () -- D:\WINDOWS\System32\mlang.dat [2004/08/04 07:00:00 | 000,457,016 | ---- | C] () -- D:\WINDOWS\System32\perfh009.dat [2004/08/04 07:00:00 | 000,338,432 | ---- | C] () -- D:\WINDOWS\System32\ir41_qcx.dll [2004/08/04 07:00:00 | 000,272,128 | ---- | C] () -- D:\WINDOWS\System32\perfi009.dat [2004/08/04 07:00:00 | 000,218,003 | ---- | C] () -- D:\WINDOWS\System32\dssec.dat [2004/08/04 07:00:00 | 000,200,192 | ---- | C] () -- D:\WINDOWS\System32\ir50_qc.dll [2004/08/04 07:00:00 | 000,183,808 | ---- | C] () -- D:\WINDOWS\System32\ir50_qcx.dll [2004/08/04 07:00:00 | 000,156,765 | ---- | C] () -- D:\WINDOWS\System32\mp4obver32.dll [2004/08/04 07:00:00 | 000,156,765 | ---- | C] () -- D:\WINDOWS\System32\kbdahxml32.dll [2004/08/04 07:00:00 | 000,153,765 | ---- | C] () -- D:\WINDOWS\System32\vipipkey32.dll [2004/08/04 07:00:00 | 000,120,320 | ---- | C] () -- D:\WINDOWS\System32\ir41_qc.dll [2004/08/04 07:00:00 | 000,075,922 | ---- | C] () -- D:\WINDOWS\System32\perfc009.dat [2004/08/04 07:00:00 | 000,046,258 | ---- | C] () -- D:\WINDOWS\System32\mib.bin [2004/08/04 07:00:00 | 000,028,626 | ---- | C] () -- D:\WINDOWS\System32\perfd009.dat [2004/08/04 07:00:00 | 000,004,569 | ---- | C] () -- D:\WINDOWS\System32\secupd.dat [2004/08/04 07:00:00 | 000,004,461 | ---- | C] () -- D:\WINDOWS\System32\oembios.dat [2004/08/04 07:00:00 | 000,001,804 | ---- | C] () -- D:\WINDOWS\System32\dcache.bin [2004/08/04 07:00:00 | 000,000,741 | ---- | C] () -- D:\WINDOWS\System32\noise.dat [2004/04/14 10:40:32 | 000,001,417 | ---- | C] () -- D:\WINDOWS\System32\WD.ini [2003/12/15 15:42:52 | 000,000,232 | ---- | C] () -- D:\WINDOWS\SwapDrvrSP3.ini [2003/12/15 15:42:36 | 000,000,233 | ---- | C] () -- D:\WINDOWS\SwapDrvrSP2.ini [2003/10/02 01:00:00 | 000,208,896 | ---- | C] () -- D:\WINDOWS\System32\lockout.dll [2003/10/02 01:00:00 | 000,045,056 | ---- | C] () -- D:\WINDOWS\System32\lockres.dll [1998/12/08 17:53:58 | 000,116,736 | ---- | C] () -- D:\WINDOWS\System32\PCDLIB32.DLL
[color=#E56717]========== LOP Check ==========[/color]
[2012/02/17 11:31:03 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\30E56105-8D4E-4EFE-B61C-1E55A5433C4F [2009/10/31 22:27:36 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Acapela Group [2012/02/17 11:05:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Acronis [2011/01/27 17:59:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Ahnenblatt [2010/10/10 11:39:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Alien Skin [2008/07/01 09:11:42 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Blender Foundation [2009/12/13 18:28:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Digidesign [2012/01/21 09:18:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Dropbox [2008/02/20 21:47:34 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\GetRight [2008/02/21 07:44:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\GetRightToGo [2008/03/10 15:11:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\gtk-2.0 [2009/12/05 17:54:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\hm8platform [2008/01/31 18:14:31 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\ICAClient [2008/07/01 11:38:22 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Inspiration Software [2012/01/13 15:33:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Juniper Networks [2011/01/27 18:24:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Lala Music Mover [2010/07/16 16:45:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Leadertech [2010/07/21 16:50:26 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\ManyCam [2009/03/01 12:20:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\MyHeritage [2009/12/11 22:20:37 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\NCH Swift Sound [2008/01/26 15:49:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Nvu [2010/09/08 06:28:51 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\OpenOffice.org [2008/03/20 11:51:12 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Org Professional [2009/12/13 15:04:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\PACE Anti-Piracy [2012/02/17 16:09:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\QuickScan [2011/03/26 13:46:01 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Research In Motion [2012/01/01 19:26:50 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\1Gustavo\Application Data\RPPrivate [2012/01/11 16:19:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Samsung [2009/07/21 17:53:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\SnapKast [2009/12/13 14:08:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Structure [2008/12/17 15:19:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\System Tweaker [2010/12/25 15:20:46 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\TomTom [2010/02/18 19:00:33 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Ulead Systems [2008/12/17 15:10:48 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Uniblue [2009/07/13 14:01:28 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\webex [2011/07/30 09:47:21 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Windows Desktop Search [2012/01/23 21:08:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Windows Search [2009/10/31 22:27:45 | 000,000,000 | ---D | M] -- D:\Documents and Settings\1Gustavo\Application Data\Xtranormal [2012/02/17 11:05:58 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Acronis [2008/07/01 09:11:14 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Blender Foundation [2011/05/16 12:46:30 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\FileCure [2009/11/04 17:39:56 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Flip Video [2008/03/08 17:21:10 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\GetRight [2009/09/19 11:52:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\GetRightToGo [2008/01/25 16:08:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\InterVideo [2012/01/13 15:31:40 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Juniper Networks [2009/01/10 17:45:15 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\muvee Technologies [2009/03/01 12:25:59 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\MyHeritage [2011/03/05 16:10:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\NCH Swift Sound [2008/01/21 23:26:35 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\OLYMPUS [2009/12/13 15:04:57 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\PACE Anti-Piracy [2009/09/24 17:45:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\PCSettings [2012/02/12 06:08:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Retrospect [2012/01/11 16:11:11 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Samsung [2008/01/23 18:07:05 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Seagate [2010/02/18 18:59:41 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\SmartSound Software Inc [2011/03/26 13:05:29 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Tablet [2012/02/12 23:05:00 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP [2010/12/25 15:27:23 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\TomTom [2011/03/26 13:56:07 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Ulead Systems [2012/01/09 16:13:55 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\Western Digital [2009/02/01 14:03:24 | 000,000,000 | ---D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} [2008/12/17 15:10:19 | 000,000,000 | -H-D | M] -- D:\Documents and Settings\All Users.WINDOWS\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} [2012/02/12 23:05:00 | 000,000,254 | ---- | M] () -- D:\WINDOWS\Tasks\NUSchedule.job
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Alternate Data Streams ==========[/color]
@Alternate Data Stream - 76 bytes -> D:\Documents and Settings\1Gustavo\My Documents\Ulead VideoStudio:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> D:\Documents and Settings\1Gustavo\My Documents\SPAN 336:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> D:\Documents and Settings\1Gustavo\My Documents\Retrospect Catalog Files:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> D:\Documents and Settings\1Gustavo\My Documents\My Webs:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> D:\Documents and Settings\1Gustavo\My Documents\My Videos:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> D:\Documents and Settings\1Gustavo\My Documents\My FormTool Forms:Roxio EMC Stream @Alternate Data Stream - 76 bytes -> D:\Documents and Settings\1Gustavo\My Documents\HotPotatoes:Roxio EMC Stream @Alternate Data Stream - 184 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D3A96964 @Alternate Data Stream - 180 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:DA868A70 @Alternate Data Stream - 1512 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft:Q7Abz9DjFukR9Xe1WEG @Alternate Data Stream - 1511 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft:2KQrSCYcI6F9PW5XV4DPYnQe6Z @Alternate Data Stream - 1368 bytes -> D:\Documents and Settings\1Gustavo\Local Settings\Application Data\oJGxA50O6HnN:eeSe0gjisR9Hvow9surbHxB @Alternate Data Stream - 1296 bytes -> D:\Program Files\Common Files\System:0qItaC4876ZsWaJlxnL @Alternate Data Stream - 1271 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft:TKjTVnyVfcMClvmLo3USazYjrey @Alternate Data Stream - 1256 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft:vfKkAgpy1Na8PP9mvg @Alternate Data Stream - 1251 bytes -> D:\Program Files\Common Files\System:xf3uajAjpZ4lDNvp4H7sn912GN @Alternate Data Stream - 1244 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft:zxc1xI1P4INzcPsDhu @Alternate Data Stream - 1200 bytes -> D:\Program Files\Outlook Express:RiGIYXjREiW8DiCuqREkxx @Alternate Data Stream - 102 bytes -> D:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP:D287FACF | actions · 2012-Feb-17 5:36 pm · (locked) | lilhurricane |
EXTRASOTL Extras logfile created on: 2/17/2012 4:34:26 PM - Run 1 OTL by OldTimer - Version 3.2.32.0 Folder = D:\Documents and Settings\1Gustavo\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 2.30 Gb Available Physical Memory | 70.71% Memory free 4.69 Gb Paging File | 3.49 Gb Available in Paging File | 74.48% Paging File free Paging file location(s): D:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = D: | %SystemRoot% = D:\WINDOWS | %ProgramFiles% = D:\Program Files Drive D: | 465.76 Gb Total Space | 325.62 Gb Free Space | 69.91% Space Free | Partition Type: NTFS Drive E: | 74.51 Gb Total Space | 70.11 Gb Free Space | 94.09% Space Free | Partition Type: FAT32 Drive F: | 12.73 Gb Total Space | 10.37 Gb Free Space | 81.44% Space Free | Partition Type: NTFS Drive K: | 465.76 Gb Total Space | 106.86 Gb Free Space | 22.94% Space Free | Partition Type: NTFS Drive M: | 2794.49 Gb Total Space | 2785.72 Gb Free Space | 99.69% Space Free | Partition Type: NTFS
Computer Name: GUSTAVOS | User Name: 1Gustavo | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[color=#E56717]========== Shell Spawning ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* http [open] -- Reg Error: Key error. https [open] -- Reg Error: Key error. InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "D:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[color=#E56717]========== Security Center Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[color=#E56717]========== System Restore Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore] "DisableSR" = 0 "DisableConfig" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "85:TCP" = 85:TCP:*:Enabled:BroadWave Web Server
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "D:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = D:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = D:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "D:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = D:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = D:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "D:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = D:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = D:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\HP Software Update\hpwucli.exe" = D:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "D:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = D:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "D:\Program Files\Retrospect\Retrospect 7.6\Retrospect.exe" = D:\Program Files\Retrospect\Retrospect 7.6\Retrospect.exe:*:Enabled:Retrospect "D:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe" = D:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe:*:Enabled:Roxio Upnp Service -- (Sonic Solutions) "D:\Program Files\Skype\Plugin Manager\skypePM.exe" = D:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager "D:\Program Files\Java\jre6\bin\java.exe" = D:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.) "D:\Program Files\Roxio\Easy Media Creator 8\Creator Classic\Creator8.exe" = D:\Program Files\Roxio\Easy Media Creator 8\Creator Classic\Creator8.exe:*:Enabled:Creator8 -- (Sonic Solutions) "D:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe" = D:\Program Files\Common Files\Roxio Shared\SharedCom\RoxUpnpRenderer.exe:*:Enabled:Roxio UPnP Renderer Service -- (Sonic Solutions) "L:\setup\HPZNUI01.EXE" = L:\setup\HPZNUI01.EXE:*:Enabled:hpznui01.exe "L:\setup\HPONICIFS01.EXE" = L:\setup\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe "D:\Program Files\Logitech\Vid\Vid.exe" = D:\Program Files\Logitech\Vid\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.) "D:\Documents and Settings\1Gustavo\Application Data\Dropbox\bin\Dropbox.exe" = D:\Documents and Settings\1Gustavo\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.) "D:\Program Files\Retrospect\Retrospect 7.7\Retrospect.exe" = D:\Program Files\Retrospect\Retrospect 7.7\Retrospect.exe:*:Enabled:Retrospect -- (Sonic Solutions) "D:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe" = D:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server -- (PeeringPortal) "D:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe" = D:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server -- (PeeringPortal) "D:\WINDOWS\system32\muzapp.exe" = D:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.) "D:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = D:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = D:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = D:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- () "D:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = D:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = D:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = D:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard) "D:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = D:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe" = D:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe:*:Enabled:hpofxs08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe:*:Enabled:hpqfxt08.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.) "D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe" = D:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe -- (Hewlett-Packard Co.) "D:\Program Files\HP\HP Software Update\hpwucli.exe" = D:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe -- (Hewlett-Packard) "D:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe" = D:\Program Files\HP\Digital Imaging\Smart Web Printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe -- (Hewlett-Packard Co.) "D:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe" = D:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe:*:Enabled:Acronis Sync Agent Service -- (Acronis)
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "_{F072CA07-A781-45E4-9975-C033A73019CF}" = Corel VideoStudio Pro X3 "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{06968636-3053-3474-9AF4-CC363F7C41C0}" = Strawberry Perl "{07B3B42B-18C1-4CA7-AFFB-2B0313BBFB7C}_is1" = Vizacc HelpMaker 7.4.4 (remove only) "{07D4A7C5-C55C-45B5-9E86-D8068D25EF40}" = Fast Track "{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video "{09C6A4C7-A2D2-1DD9-A81C-44C30042A00C}" = CCC Help Greek "{0A173336-214D-0609-4897-5E2547D0395D}" = CCC Help Dutch "{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}" = WD Diagnostics "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{10E78E61-CCB0-4E35-B216-763992F50409}" = Xtranormal State - Voicepack-English-US-Samantha "{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects "{15262012-213A-4f65-9019-C8A409EC0156}" = HP Officejet J6400 Series "{1551F75D-F27A-490A-8E5C-36DB06F0C453}" = Xtranormal State - Voicepack-English-US-Tom "{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi "{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main "{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate "{1B9E212F-DFDC-F1D4-D1FD-986149513125}" = CCC Help Russian "{1CAEFAE2-D12E-CA26-62BC-DF452004B3B1}" = CCC Help Swedish "{1D9B2B74-82B1-9CE7-0A9A-6234008D11EE}" = CCC Help Polish "{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin "{2254E64C-D2B1-4478-BD7E-37457D09FF39}" = QuickLink Desktop "{251554D7-F631-4CB3-8A81-12271E3678F1}" = Easy Grade Pro "{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x32 "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 24 "{279D3818-7287-4ab4-A927-542EBEA9E365}" = ProductContext "{28379381-B56A-43e1-B505-3098D82B1C30}" = 4500G510gm_Software_Min "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{2A1E27FF-BE53-45B4-950F-060236E98E3D}" = TMPGEnc Plus 2.5 "{2C0A655C-61E7-428A-8ED2-23A3D20E7DD2}" = Data Lifeguard Tools "{2ECA81CA-D932-4AD3-AD59-BF5CCF099C83}" = Catalyst Control Center - Branding "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager "{30BB4D60-81DB-11D5-BB77-00400536ABAC}" = OLYMPUS CAMEDIA Master 4.3 "{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7 "{329B7564-7E13-4A70-BC2B-F9870C82AAB6}" = Roxio Content 8 "{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{353B1E6D-7073-4450-8C80-699BD8FCFB49}" = MTP Porting Kit "{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup "{380CC749-8C28-4C74-BE01-45921D062302}" = BPDSoftware_Ini "{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX "{3D1B20A6-E31D-4BB5-BC5C-DDD3B0D91728}" = Intel Audio Studio 2.0 "{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT "{3F70FB44-FD00-4ED2-9154-661AA9DB0B28}" = WD Media Center Driver "{40399AFE-1B78-4617-A785-73A640132F99}" = Xtranormal State - Voicepack-English-UK-Daniel "{406AE7DC-5FD1-FC3A-00F5-024AD25DF01B}" = CCC Help Danish "{41853D20-40CC-4266-978D-F128BB97CA96}" = 6400_Help "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}" = Acronis True Image Home 2012 "{47A0C382-35D7-4A3A-B9AF-B2D38827A8A7}Visible" = Acronis True Image Home 2012 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4A742CBE-078E-03FF-C7D5-B3E1B676BDF2}" = CCC Help Czech "{4B6DD00B-BC05-185B-BE8B-997A23B367C4}" = CCC Help Chinese Traditional "{4F589FB5-02B8-43DD-8061-C6DADDE5775C}" = 3114 SATARAID5 "{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}" = Logitech Vid "{50206644-C226-498D-8273-9F5F300807E2}_is1" = NeoPaint 4.7a "{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService "{556F2137-B772-43BB-9A45-E0275234DD16}" = Free Notes & Office Ink "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan "{5D934326-165A-413b-B056-26BE1EC082AF}" = J6400 "{5F1AE198-965A-C65D-218A-B76F19B86BEC}" = CCC Help German "{5FEEB4D3-31F1-FF10-5F61-A988CD44CA59}" = CCC Help Hungarian "{62C2306F-8B71-453E-8996-3A5BFE2593BB}" = M-Audio Micro Driver 2.0.1 (x86) "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{651CD0A0-8B64-B3F1-23B9-294C39F09A31}" = CCC Help Finnish "{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2 "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3 "{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder "{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7148F0A8-6813-11D6-A77B-00B0D0142040}" = Java 2 Runtime Environment, SE v1.4.2_04 "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77514C51-66D9-2F7C-56D8-5495B8CFAF5E}" = CCC Help French "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{792A669E-71A6-9210-2C06-3FCF0DDFC4C5}" = Catalyst Control Center Localization All "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX "{82CA0A0C-A3EC-4167-B694-909205B2EDEC}" = muvee Plugin 1.0 "{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{85C8D391-0EAE-4492-8A0A-2EE8B0B6DA03}" = BPDSoftware "{860BD052-49CB-7220-8792-15523D08C2A2}" = CCC Help Korean "{868901EE-7807-4F89-A134-7C705D34F91F}" = Roxio Easy Media Creator 8 Suite "{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder "{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport "{8B4AB829-DFD3-436D-B808-D9733D76C590}" = Macromedia Dreamweaver MX "{8B4AE751-7055-4518-87B0-E148A8D50D0A}" = Macromedia FreeHand MX "{8C93615B-5333-B61B-625E-0D4DCD9E09CA}" = CCC Help Norwegian "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}_XWeb_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}_XWeb_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}_XWeb_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0045-0000-0000-0000000FF1CE}" = Microsoft Expression Web 2 "{90120000-0045-0000-0000-0000000FF1CE}_XWeb_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0045-0409-0000-0000000FF1CE}" = Microsoft Expression Web 2 MUI (English) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}_XWeb_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}_XWeb_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage "{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr "{930B2432-43D4-11D5-9871-00C04F8EEB39}" = Macromedia Fireworks MX "{981F1A21-7764-417F-90C3-795ABDCEF496}" = M-Audio Producer Driver 2.0.1 (x86) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9BD91669-25C9-43CD-9367-BF60591B837B}" = Camedia Master 4.3 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C2B41C5-919A-7037-F5E8-42A5E90873B8}" = Catalyst Control Center Graphics Previews Common "{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin "{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio "{A48E4951-D8E9-4FDF-82EF-46FB1C953F3E}" = Intel Audio Studio 2.0 "{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager "{A6991E11-AF13-652B-5736-C8800EF5527B}" = Catalyst Control Center "{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype 5.5 "{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder "{ABDDCBF9-D934-48B7-B09A-D208D6C4A2D6}" = Xtranormal State - Voicepack-English-UK-Serena "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2) "{AC76D478-1033-0000-3478-000000000001}" = Adobe Acrobat Distiller 6.0 "{ADD24D05-DDEA-39CB-0E92-AA371AEE2894}" = Catalyst Control Center InstallProxy "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B111977A-E61A-4EA3-9F19-605E69C06D14}_is1" = NeoBook 5.6.1 "{B1B99F39-0A1C-4790-A0C8-73537CF8CEDB}" = Easy Grade Pro "{B2420CAA-ADC1-8581-938A-2B25C22EF17A}" = ccc-utility "{B2455727-ED8F-4643-8A6E-F4AB8DE3633D}" = Network "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B5C314F7-928B-44E3-A8A3-169648B1077D}" = Xtranormal State - SoundPack-Starter Kit "{B6300A7D-C1B6-4A25-861D-4AED96202FCD}" = Readiris Pro 10 "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B81D9181-67D7-6A90-78EA-34108EBBCF7F}" = CCC Help Thai "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{BA314F9D-8401-1E44-11BF-F112E93F465E}" = CCC Help English "{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5 "{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare "{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}" = 4500G510gm "{BEB0B424-3692-E0DC-8D25-04A36C7AB580}" = CCC Help Portuguese "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C4186C0D-FB9F-5D83-21FB-A737A13EFAE6}" = AMD Catalyst Install Manager "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C4574477-C9FA-CF5F-B5AC-D379D655A962}" = CCC Help Chinese Standard "{CBA4DD0F-0871-39EB-A48B-03BC9E5E437B}" = CCC Help Japanese "{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software "{D491FEB0-3D6A-49DE-8C97-8D4D0036E07E}" = WebEx Meeting Manager for Firefox/Netscape/Chrome "{D648787C-3738-424C-AF24-EB4EA008473F}" = Retrospect 7.7 "{D7ADCF9A-1F30-4ECE-B40E-A155DEAD0FCD}" = Xtranormal State "{D8E363A7-88B7-446D-B2C0-E26CE4DC8E54}" = U3Launcher "{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DC24971E-1946-445D-8A82-CE685433FA7D}" = "{DE0C72A8-B4A3-4B80-3CF9-2DC45CF865D5}" = CCC Help Spanish "{DE958AD2-6235-45E6-AB3A-26FA5C7A9B0F}_is1" = NeoBookDBPro 1.1e "{DF0B357C-5874-47D0-81E7-79AA890B0CE0}" = 4500_G510gm_Help "{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows "{E5083D57-D93F-404C-A91F-1C50D67C2BEB}" = HP Officejet 4500 G510g-m "{E5B2C34F-BEDE-5AF8-DBD3-C05E8C030588}" = CCC Help Italian "{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009 "{E6C48B74-26ED-4EF8-A04C-42AFDE5E1CA3}" = Intel(R) PRO Network Connections "{EE89B00E-5295-4C01-887A-311DD090F71B}" = Xtranormal State - Showpak-Playgoz-Preview "{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker "{F069C491-69E6-4D9B-9A0C-B7894A1FA97C}" = Setup "{F072CA07-A781-45E4-9975-C033A73019CF}" = ICA "{F0A6D1C4-7E73-963B-C4C6-C97121B1992B}" = CCC Help Turkish "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F206FEC3-F5DD-43FD-A8CF-9C46B8A6A92C}" = VSPro "{F4E9851F-765E-40B7-9859-237C2724E62C}" = DeviceIO "{F5C63795-2708-4D15-BF18-5ABBFF7DFFC8}" = iTunes "{F6A76E9C-C299-4CFA-AD2A-57FE9DD68B70}" = Contents "{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}" = FlipShare "{F8423392-2296-4748-9B66-344432459632}" = PureHD "{F909BD3C-8684-4ACF-B7C3-33F4F9F901B7}" = Share "{F95C8C1F-25BB-44EC-A7E6-5C17ABC6BC71}" = VIO "{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio "{FB0B6DDD-DF3E-4CD6-927C-724AB854E322}" = VSClassic "{FD67D9F3-FED6-4A2E-9D6C-8C8C44DEF8FF}" = IPM_VS_Pro "{FE8CD9C9-7650-4B8D-928A-85D6CAB6CA59}" = Digidesign Pro Tools M-Powered Essential 8.0.2 "{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook "3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only) "ActiveTouchMeetingClient" = WebEx "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe PageMaker 7.0" = Adobe PageMaker 7.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Adobe Type Manager 4.1" = Adobe Type Manager 4.1 "Audacity_is1" = Audacity 1.2.5 "AURC_is1" = Audacity Recovery Utility "B991B020-2968-11D8-AF23-444553540000_is1" = FreeMind "Blender" = Blender (remove only) "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Editors Toolbox for NeoBook" = Editors Toolbox for NeoBook "ENTERPRISER" = Microsoft Office Enterprise 2007 "Finale NotePad 2008" = Finale NotePad 2008 "GetRight_is1" = GetRight "hotpot6_is1" = Hot Potatoes v 6.0.4.27 "HP Document Manager" = HP Document Manager 2.0 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 2.5 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "IHMC CmapTools v4.09" = IHMC CmapTools v4.09 "Inspiration 8" = Inspiration 8 "InstallShield_{2A1E27FF-BE53-45B4-950F-060236E98E3D}" = TMPGEnc Plus 2.5 "InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5 "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11 "Juniper Network Connect 7.1.0" = Juniper Networks Network Connect 7.1.0 "Juniper_Setup_Client Activex Control" = Juniper Networks, Inc. Setup Client Activex Control "Macromedia Director 7" = Macromedia Director 7 "Macromedia Shockwave Player" = Macromedia Shockwave Player "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000 "ManyCam" = ManyCam 2.5.48 (remove only) "MetaFrame Presentation Server Web Client for Win32" = MetaFrame Presentation Server Web Client for Win32 "Micrografx Designer 7" = Micrografx Designer 7 "Micrografx FlowCharter 7" = Micrografx FlowCharter 7 "Micrografx Graphics Suite 2 Enterprise" = Micrografx Graphics Suite 2 Enterprise "Micrografx Picture Publisher 7" = Micrografx Picture Publisher 7 "Micrografx QuickVector" = Micrografx QuickVector "Micrografx Simply 3D 2" = Micrografx Simply 3D 2 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MixPad" = MixPad Audio Mixer "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English) "MVApplication1" = Memorex exPressit Label Design Studio "N360" = Norton 360 "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Norton Utilities 15_is1" = Norton Utilities 15 "Oral Testing Software Enhanced" = Oral Testing Software Enhanced "Pensoft Pro" = Pensoft Pro "ProcessScanner_is1" = Uniblue ProcessScanner "quandary2_is1" = Quandary version 2.2.0.2 "Quicken WillMaker Plus 2008" = Quicken WillMaker Plus 2008 "RealPlayer 15.0" = RealPlayer "Rmtablet" = Pen Pad Driver with Macro Key Manager "R-Studio 3.8NSIS" = R-Studio 3.8 "Shop for HP Supplies" = Shop for HP Supplies "SnapKast Media Center_is1" = SnapKast Media Center 2.2 (1Gustavo) "ST6UNST #1" = MetaVox V3 "System Tweaker_is1" = Uniblue System Tweaker "Teacher's Toolbox 3.0" = Teacher's Toolbox 3.0 "TexToys3_is1" = TexToys v 3.1.0.7 "TomTom HOME" = TomTom HOME 2.8.2.2264 "Uniblue RegistryBooster 2009" = Uniblue RegistryBooster 2009 "VLC media player" = VLC media player 1.1.11 "WavePad" = WavePad Sound Editor "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinGimp-2.0_is1" = GIMP 2.4.5 "winusb0100" = Microsoft WinUsb 1.0 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XpsEPSC" = XML Paper Specification Shared Components Pack 1.0 "XWeb" = Microsoft Expression Web 2 "Yahoo! Companion" = Yahoo! Toolbar
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "f031ef6ac137efc5" = Dell Driver Download Manager "Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
[color=#E56717]========== Last 10 Event Log Errors ==========[/color]
[ Application Events ] Error - 2/9/2012 10:23:53 PM | Computer Name = GUSTAVOS | Source = Application Error | ID = 1000 Description = Faulting application WDFME.exe, version 1.4.5.2, faulting module msvcr90.dll, version 9.0.30729.6161, fault address 0x0006ccd5.
Error - 2/9/2012 11:54:40 PM | Computer Name = GUSTAVOS | Source = MsiInstaller | ID = 11905 Description = Product: DocMgr -- Error 1905. Module D:\Program Files\HP\Digital Imaging\help\hpqdummy.dll failed to unregister. HRESULT -2147220472. Contact your support personnel.
Error - 2/10/2012 12:06:37 AM | Computer Name = GUSTAVOS | Source = Windows Search Service | ID = 3024 Description = The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again. Context: Application, SystemIndex Catalog
Error - 2/14/2012 11:55:46 AM | Computer Name = GUSTAVOS | Source = Windows Search Service | ID = 3038 Description = The gatherer is unable to read the registry DocIdMapFile. Context: Application, SystemIndex Catalog Details: The system cannot find the file specified. (0x80070002)
Error - 2/14/2012 11:55:54 AM | Computer Name = GUSTAVOS | Source = Windows Search Service | ID = 3028 Description = The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)
Error - 2/14/2012 11:55:54 AM | Computer Name = GUSTAVOS | Source = Windows Search Service | ID = 3058 Description = The application cannot be initialized. Context: Windows Application
Details: The registry value cannot be read because the configuration is invalid. Recreate the content index configuration by removing the content index. (0x80040d03)
Error - 2/17/2012 11:48:32 AM | Computer Name = GUSTAVOS | Source = ESENT | ID = 489 Description = wuauclt (5932) An attempt to open the file "D:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error - 2/17/2012 11:48:32 AM | Computer Name = GUSTAVOS | Source = ESENT | ID = 455 Description = wuaueng.dll (5932) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile D:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.
Error - 2/17/2012 11:48:46 AM | Computer Name = GUSTAVOS | Source = ESENT | ID = 489 Description = wuauclt (5932) An attempt to open the file "D:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error - 2/17/2012 11:48:46 AM | Computer Name = GUSTAVOS | Source = ESENT | ID = 455 Description = wuaueng.dll (5932) SUS20ClientDataStore: Error -1032 (0xfffffbf8) occurred while opening logfile D:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.log.
[ OSession Events ] Error - 1/30/2008 4:03:52 PM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 617 seconds with 240 seconds of active time. This session ended with a crash.
Error - 11/6/2008 10:53:03 PM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 18610 seconds with 960 seconds of active time. This session ended with a crash.
Error - 12/29/2008 10:20:28 AM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 37 seconds with 0 seconds of active time. This session ended with a crash.
Error - 5/9/2009 12:00:32 PM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 17070 seconds with 2160 seconds of active time. This session ended with a crash.
Error - 10/13/2009 9:21:11 PM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 30605 seconds with 10860 seconds of active time. This session ended with a crash.
Error - 12/29/2009 8:46:12 AM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 172 seconds with 120 seconds of active time. This session ended with a crash.
Error - 5/6/2010 9:58:18 PM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15 seconds with 0 seconds of active time. This session ended with a crash.
Error - 12/19/2010 12:49:35 AM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 34629 seconds with 60 seconds of active time. This session ended with a crash.
Error - 12/20/2010 1:29:11 PM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 13019 seconds with 0 seconds of active time. This session ended with a crash.
Error - 1/14/2012 10:17:35 PM | Computer Name = GUSTAVOS | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17396 seconds with 5460 seconds of active time. This session ended with a crash.
[ System Events ] Error - 2/17/2012 1:04:38 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7034 Description = The WDDMService service terminated unexpectedly. It has done this 1 time(s).
Error - 2/17/2012 1:04:38 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7034 Description = The Ulead Burning Helper service terminated unexpectedly. It has done this 1 time(s).
Error - 2/17/2012 1:04:38 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7034 Description = The WD File Management Engine service terminated unexpectedly. It has done this 1 time(s).
Error - 2/17/2012 1:04:38 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7034 Description = The WD File Management Shadow Engine service terminated unexpectedly. It has done this 1 time(s).
Error - 2/17/2012 1:04:38 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7034 Description = The WTService service terminated unexpectedly. It has done this 1 time(s).
Error - 2/17/2012 1:04:41 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7034 Description = The Acronis Scheduler2 Service service terminated unexpectedly. It has done this 1 time(s).
Error - 2/17/2012 1:04:41 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7034 Description = The Acronis Nonstop Backup Service service terminated unexpectedly. It has done this 1 time(s).
Error - 2/17/2012 1:04:41 PM | Computer Name = GUSTAVOS | Source = Service Control Manager | ID = 7031 Description = The Acronis Sync Agent Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error - 2/17/2012 1:24:34 PM | Computer Name = GUSTAVOS | Source = NetBT | ID = 4321 Description = The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.21. The machine with the IP address 192.168.1.1 did not allow the name to be claimed by this machine.
Error - 2/17/2012 1:25:02 PM | Computer Name = GUSTAVOS | Source = NetBT | ID = 4321 Description = The name "WORKGROUP :1d" could not be registered on the Interface with IP address 192.168.1.21. The machine with the IP address 192.168.1.1 did not allow the name to be claimed by this machine. | actions · 2012-Feb-17 5:36 pm · (locked) | lilhurricane |
Sec Check Results of screen317's Security Check version 0.99.31 Windows XP Service Pack 3 x86 Internet Explorer 7 [color=red]Out of date![/color] `````````````````````````````` [u]Antivirus/Firewall Check:[/u] Norton 360 [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] ``````````````````````````````` [u]Anti-malware/Other Utilities Check:[/u] Java(TM) 6 Update 24 Java(TM) 6 Update 4 Java(TM) 6 Update 5 Java(TM) 6 Update 7 Java 2 Runtime Environment, SE v1.4.2_04 [color=red]Java version out of date![/color] Adobe Flash Player 11.1.102.55 Adobe Reader X (10.1.2) ```````````````````````````````` Process Check: [u]objlist.exe by Laurent[/u] Norton ccSvcHst.exe Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe ``````````End of Log```````````` | actions · 2012-Feb-17 5:37 pm · (locked) |
1 recommendation |
to GMLUSA
Re: [Malware] Computer stops obeying the mouse but drives spin lDownload and run Sophos AntiRootkit. Post the log in this thread, even if nothing is found. You find link(s) and instructions here: » Security Cleanup FAQ » Rootkit Detection Applications | actions · 2012-Feb-17 7:29 pm · (locked) |
your moderator at work
hidden :
|
|