PDA

View Full Version : Infected Desktop--Spybot Won't Launch



saltherring
2010-10-13, 18:37
Greetings... My computer is infected pretty bad and seems to be getting worse. Initially it began with redirects occuring after using Google but now it seems to be preventing me from loading web pages and launching programs completely.

I cannot run Spybot or download DDS. When I click on Spybot which I already had installed it simply doesn't launch at all. I had anti-virus software (webroot) which obviously doesn't detect anything.

I was able to download ERUNT and run that.

But I'm not sure what to do at this point. Any help will be much appreciated. Thanks!

I should have said I am running Vista.

saltherring
2010-10-13, 21:54
I was able to run OTL and here is the report in two parts:

OTL logfile created on: 10/13/2010 1:18:38 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Joel\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.02 Gb Total Space | 20.69 Gb Free Space | 9.28% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.71 Gb Free Space | 58.47% Space Free | Partition Type: NTFS

Computer Name: JOEL-PC | User Name: Joel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Joel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe (Webroot Software, Inc. )
PRC - C:\Program Files\Webroot\Security\Current\Framework\WRFrame.exe (Webroot Software Inc)
PRC - C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe (Webroot Software, Inc. )
PRC - C:\Program Files\Webroot\Security\Current\Plugins\AntiMalware\AEI.exe (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Program Files\Webroot\Security\Current\Plugins\AntiMalware\SSU.exe (Webroot Software, Inc. (www.webroot.com))
PRC - C:\Program Files\IObit\IObit Security 360\is360tray.exe (IObit)
PRC - C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Program Files\TRENDnet\802.11n Wireless Client Utility\UMCCfg.exe ()
PRC - C:\Windows\System32\audiodg.exe (Microsoft Corporation)
PRC - C:\Program Files\Security Task Manager\SpyProtector.exe (Neuber Software GmbH - www.neuber.com)


========== Modules (SafeList) ==========

MOD - C:\Users\Joel\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\IObit\IObit Security 360\is360mon.dll (IObit)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (WRConsumerService) -- C:\Program Files\Webroot\Security\Current\Framework\WRConsumerService.exe (Webroot Software, Inc. )
SRV - (WebrootSpySweeperService) -- C:\Program Files\Webroot\Security\current\plugins\antimalware\AEI.exe (Webroot Software, Inc. (www.webroot.com))
SRV - (IS360service) -- C:\Program Files\IObit\IObit Security 360\is360srv.exe (IObit)
SRV - (getPlusHelper) getPlus(R) -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (GoToAssist) -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (SPLITCAM) -- C:\Windows\System32\DRIVERS\splitcam.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (ssidrv) -- C:\Windows\system32\DRIVERS\ssidrv.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (ssfmonm) -- C:\Windows\System32\drivers\ssfmonm.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (sshrmd) -- C:\Windows\system32\DRIVERS\sshrmd.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (trackcam) -- C:\Windows\System32\drivers\trackcam.sys (Eagletron Inc.)
DRV - (WmXlCore) -- C:\Windows\System32\drivers\WmXlCore.sys (Logitech Inc.)
DRV - (WmVirHid) -- C:\Windows\System32\drivers\WmVirHid.sys (Logitech Inc.)
DRV - (WmFilter) -- C:\Windows\System32\drivers\WmFilter.sys (Logitech Inc.)
DRV - (WmBEnum) -- C:\Windows\System32\drivers\WmBEnum.sys (Logitech Inc.)
DRV - (adfs) -- C:\Windows\System32\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (igfx) -- C:\Windows\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (e1express) Intel(R) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (iaStor) -- C:\Windows\system32\drivers\iastor.sys (Intel Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (PDIHWCTL) -- C:\Windows\System32\drivers\pdihwctl.sys (Portrait Displays, Inc.)
DRV - (eyeonedp) -- C:\Windows\System32\drivers\EyeOneDp.sys ()
DRV - (i1) -- C:\Windows\System32\drivers\i1.sys (GretagMacbeth)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=5081219
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.guardian.co.uk
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :0

========== FireFox ==========

FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.guardian.co.uk/world"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.63
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.4.3
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: {46868735-c3fa-47ce-8ce7-cce51a66aceb}:1.2

FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/10/01 16:07:12 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/16 23:02:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files\Mozilla Sunbird\components [2010/09/22 12:20:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files\Mozilla Sunbird\plugins

[2010/09/22 12:20:37 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Extensions
[2010/09/22 12:20:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Joel\AppData\Roaming\Mozilla\Extensions\{718e30fb-e89b-41dd-9da7-e25a45638b28}
[2009/03/05 13:38:56 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Extensions\songbird@songbirdnest.com
[2009/03/23 23:07:50 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Extensions\uploadr@flickr.com
[2010/10/13 11:15:19 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\fod8v48d.default\extensions
[2009/08/24 23:34:04 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\fod8v48d.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/03/02 12:34:27 | 000,000,000 | ---D | M] (oldbar) -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\fod8v48d.default\extensions\{46868735-c3fa-47ce-8ce7-cce51a66aceb}
[2010/10/13 11:14:07 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\fod8v48d.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/06/10 23:49:00 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\fod8v48d.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2009/09/30 09:49:15 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\fod8v48d.default\extensions\firebug@software.joehewitt.com
[2010/09/22 12:20:37 | 000,000,000 | ---D | M] -- C:\Users\Joel\AppData\Roaming\Mozilla\Sunbird\Profiles\86zrgics.default\extensions
[2009/09/09 01:36:01 | 000,002,172 | ---- | M] () -- C:\Users\Joel\AppData\Roaming\Mozilla\Firefox\Profiles\fod8v48d.default\searchplugins\bing.xml
[2010/10/13 11:15:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions

O1 HOSTS File: ([2010/04/15 21:20:19 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Booyah\SDHelper.dll (Safer Networking Limited)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [IObit Security 360] C:\Program Files\IObit\IObit Security 360\IS360tray.exe (IObit)
O4 - HKLM..\Run: [Spy Protector] C:\Program Files\Security Task Manager\SpyProtector.exe (Neuber Software GmbH - www.neuber.com)
O4 - HKLM..\Run: [WebrootTrayApp] C:\Program Files\Webroot\Security\Current\Framework\WRTray.exe (Webroot Software, Inc. )
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [EPSON Stylus Photo 1400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIBUA.EXE (SEIKO EPSON CORPORATION)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Booyah\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {8714912E-380D-11D5-B8AA-00D0B78F3D48} http://chat.yahoo.com/cab/yuplapp.cab (Yahoo! Webcam Upload Wrapper)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Joel\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Joel\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O30 - LSA: Authentication Packages - (ows\s) - File not found
O30 - LSA: Security Packages - (.common-controls_6595b64144ccf1df_6.0) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{cf157a45-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157a77-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157adf-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157b71-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157b81-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157bd1-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157bf1-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157c01-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157c61-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = I:\CA_EdgeLitemobile.exe -- File not found
O33 - MountPoints2\{cf157c73-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157c85-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157ccd-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157ce5-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157cfd-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157d1d-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O33 - MountPoints2\{cf157d65-de56-11de-a155-00219b1c0931}\Shell\AutoRun\command - "" = CA_EdgeLitemobile.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2010/10/13 12:51:58 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
[2010/10/13 10:13:00 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/10/13 10:08:35 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/10/06 15:53:21 | 000,000,000 | ---D | C] -- C:\Users\Joel\Desktop\Gallery 2 Files
[2010/10/06 15:19:43 | 000,000,000 | ---D | C] -- C:\Users\Joel\Desktop\gallery-3.0
[2010/10/03 17:54:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2010/10/03 17:51:31 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010/10/03 17:51:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010/10/03 17:50:54 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010/10/03 17:50:54 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010/10/03 17:50:54 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010/10/03 17:50:54 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010/10/03 17:50:54 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010/10/03 17:50:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010/10/03 17:50:53 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010/10/03 17:50:53 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010/10/03 17:50:53 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010/10/03 17:50:51 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010/10/03 17:50:51 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/10/03 17:50:51 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/10/03 17:50:51 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010/10/03 17:50:49 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010/10/03 17:50:49 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010/10/01 23:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Booyah
[2010/10/01 22:35:26 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\IObit
[2010/10/01 22:33:55 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2010/10/01 22:31:46 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2010/10/01 22:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2010/09/22 14:28:50 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\Apps
[2010/09/22 14:10:50 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\Quintessential Media Player
[2010/09/22 14:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\Quintessential Media Player
[2010/09/22 12:42:37 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Roaming\XemiComputers
[2010/09/22 12:20:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Sunbird
[2010/09/15 23:30:34 | 000,045,072 | ---- | C] (Webroot Software, Inc. (www.webroot.com)) -- C:\Windows\System32\drivers\ssfmonm.sys
[2010/09/15 23:30:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010/09/15 23:28:03 | 000,000,000 | -H-D | C] -- C:\ProgramData\{5D7316EC-0EDC-4C87-A589-9244C286BC92}
[2010/09/15 23:27:44 | 000,000,000 | ---D | C] -- C:\ProgramData\webroot
[2010/09/15 23:25:31 | 000,000,000 | ---D | C] -- C:\Users\Joel\AppData\Local\PackageAware
[2010/09/13 14:43:49 | 000,000,000 | ---D | C] -- C:\Users\Joel\Desktop\precious blood

========== Files - Modified Within 30 Days ==========

[2010/10/13 13:16:33 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/10/13 13:16:33 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/10/13 13:12:07 | 000,001,033 | ---- | M] () -- C:\Users\Joel\AppData\Local\WUB375L_TW001_{67001314-1CC3-4465-AE8E-19A668C80BDD}.bin
[2010/10/13 13:11:35 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/10/13 13:11:33 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/10/13 13:10:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/10/13 13:10:24 | 2136,133,632 | -HS- | M] () -- C:\hiberfil.sys
[2010/10/13 13:06:01 | 192,801,305 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/10/13 12:51:59 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe
[2010/10/13 11:20:28 | 000,544,768 | ---- | M] () -- C:\Users\Joel\Desktop\dds.scr
[2010/10/13 03:32:30 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2010/10/13 02:50:32 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3351545934-2328214429-1858582809-1000UA.job
[2010/10/08 13:54:32 | 000,026,112 | ---- | M] () -- C:\Users\Joel\Documents\press club letters.doc
[2010/10/06 11:37:20 | 000,163,328 | ---- | M] () -- C:\Users\Joel\Documents\Curie Joel 10.02.10.xls
[2010/10/04 22:49:01 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3351545934-2328214429-1858582809-1000Core.job
[2010/10/04 17:50:42 | 000,108,032 | ---- | M] () -- C:\Users\Joel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/03 09:08:00 | 000,002,053 | ---- | M] () -- C:\Users\Joel\Desktop\Google Chrome.lnk
[2010/10/01 16:14:13 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/09/30 22:49:56 | 000,419,840 | ---- | M] () -- C:\Users\Joel\Documents\cc_20100930_224927.reg
[2010/09/29 12:40:59 | 000,145,223 | ---- | M] () -- C:\Users\Joel\Desktop\joel&me.jpg
[2010/09/24 00:41:49 | 000,000,668 | ---- | M] () -- C:\Users\Joel\AppData\Roaming\vso_ts_preview.xml
[2010/09/22 14:10:26 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Quintessential Media Player.lnk
[2010/09/22 13:41:42 | 000,030,424 | ---- | M] () -- C:\Windows\System32\wrLZMA.dll
[2010/09/22 13:41:30 | 000,017,472 | ---- | M] () -- C:\Windows\System32\SsiEfr.exe
[2010/09/22 12:20:16 | 000,001,726 | ---- | M] () -- C:\Users\Joel\Desktop\Mozilla Sunbird.lnk
[2010/09/21 23:20:29 | 000,674,837 | ---- | M] () -- C:\Users\Joel\Desktop\taxonomyofrapnames.jpg
[2010/09/19 16:59:32 | 000,007,862 | -HS- | M] () -- C:\Users\Joel\Desktop\FOLDER.jpg
[2010/09/19 16:59:32 | 000,002,167 | -HS- | M] () -- C:\Users\Joel\Desktop\AlbumArtSmall.jpg
[2010/09/17 01:02:03 | 000,326,444 | ---- | M] () -- C:\Users\Joel\Desktop\moscow_metra.gif
[2010/09/17 01:01:12 | 005,753,646 | ---- | M] () -- C:\Users\Joel\Desktop\harlem_nightclubs.jpg

========== Files Created - No Company Name ==========

[2010/10/13 11:20:25 | 000,544,768 | ---- | C] () -- C:\Users\Joel\Desktop\dds.scr
[2010/10/13 03:31:26 | 192,801,305 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/10/08 13:48:59 | 000,026,112 | ---- | C] () -- C:\Users\Joel\Documents\press club letters.doc
[2010/10/06 11:37:20 | 000,163,328 | ---- | C] () -- C:\Users\Joel\Documents\Curie Joel 10.02.10.xls
[2010/10/03 09:08:00 | 000,002,053 | ---- | C] () -- C:\Users\Joel\Desktop\Google Chrome.lnk
[2010/10/01 21:42:06 | 2136,133,632 | -HS- | C] () -- C:\hiberfil.sys
[2010/09/30 22:49:31 | 000,419,840 | ---- | C] () -- C:\Users\Joel\Documents\cc_20100930_224927.reg
[2010/09/29 12:40:54 | 000,145,223 | ---- | C] () -- C:\Users\Joel\Desktop\joel&me.jpg
[2010/09/22 14:10:26 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\Quintessential Media Player.lnk
[2010/09/22 12:20:16 | 000,001,726 | ---- | C] () -- C:\Users\Joel\Desktop\Mozilla Sunbird.lnk
[2010/09/21 23:20:26 | 000,674,837 | ---- | C] () -- C:\Users\Joel\Desktop\taxonomyofrapnames.jpg
[2010/09/17 01:02:02 | 000,326,444 | ---- | C] () -- C:\Users\Joel\Desktop\moscow_metra.gif
[2010/09/17 01:01:10 | 005,753,646 | ---- | C] () -- C:\Users\Joel\Desktop\harlem_nightclubs.jpg
[2010/09/15 23:30:36 | 000,030,424 | ---- | C] () -- C:\Windows\System32\wrLZMA.dll
[2010/09/15 23:30:36 | 000,017,472 | ---- | C] () -- C:\Windows\System32\SsiEfr.exe
[2010/08/17 05:53:10 | 000,000,151 | ---- | C] () -- C:\Windows\PhotoSnapViewer.INI
[2010/04/09 17:47:55 | 000,001,033 | ---- | C] () -- C:\Users\Joel\AppData\Local\WUB375L_TW001_{67001314-1CC3-4465-AE8E-19A668C80BDD}.bin
[2010/04/09 17:47:55 | 000,000,031 | ---- | C] () -- C:\Users\Joel\AppData\Local\WUB375L_TW001_{67001314-1CC3-4465-AE8E-19A668C80BDD}.wsc
[2010/04/06 20:55:15 | 000,000,083 | ---- | C] () -- C:\Windows\EPSP1400.ini
[2010/03/07 10:56:48 | 000,044,344 | ---- | C] () -- C:\Windows\System32\drivers\EyeOneDp.sys
[2010/03/04 22:30:20 | 000,000,030 | ---- | C] () -- C:\Windows\AutoRun.ini
[2009/09/29 21:50:12 | 000,921,600 | ---- | C] () -- C:\Windows\System32\vorbisenc.dll
[2009/09/29 21:50:12 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2009/09/29 21:50:12 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2009/09/29 21:50:12 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2009/06/28 22:42:15 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009/06/10 00:59:12 | 000,056,880 | ---- | C] () -- C:\Windows\System32\scvideo.dll
[2009/06/08 00:00:06 | 000,000,668 | ---- | C] () -- C:\Users\Joel\AppData\Roaming\vso_ts_preview.xml
[2009/05/10 17:21:18 | 000,000,680 | ---- | C] () -- C:\Users\Joel\AppData\Local\d3d9caps.dat
[2009/04/11 10:59:53 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/04/01 21:10:10 | 000,020,531 | -H-- | C] () -- C:\ProgramData\T09F8
[2009/04/01 21:04:47 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/04/01 21:00:30 | 000,000,044 | ---- | C] () -- C:\Windows\PERFV700SERIES.ini
[2009/03/04 01:59:05 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2009/03/02 23:42:19 | 000,108,032 | ---- | C] () -- C:\Users\Joel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/08 22:02:27 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/12/19 18:54:05 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/12/19 18:54:05 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/12/19 18:54:05 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/12/19 18:54:05 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005/11/11 05:43:28 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libssl32.dll
[2005/11/11 05:43:24 | 000,887,296 | ---- | C] () -- C:\Windows\System32\libeay32.dll
[2005/08/31 03:20:00 | 000,233,557 | ---- | C] () -- C:\Windows\System32\esint54.dll

========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/18 16:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2008/01/20 21:34:29 | 000,333,203 | RHS- | M] () -- C:\bootmgr
[2006/09/18 16:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2008/12/19 18:54:19 | 000,003,258 | RH-- | M] () -- C:\dell.sdr
[2010/10/13 13:10:24 | 2136,133,632 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/09 00:19:34 | 000,001,325 | ---- | M] () -- C:\LGSInst.Log
[2010/04/09 09:24:23 | 000,000,827 | ---- | M] () -- C:\net_save.dna
[2010/10/13 13:10:15 | 2449,948,672 | -HS- | M] () -- C:\pagefile.sys

< %systemroot%\Fonts\*.com >
[2006/11/02 07:35:34 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 07:35:34 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 07:35:34 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2006/11/02 07:35:34 | 000,030,808 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/18 16:37:34 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/20 21:57:01 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:31:11 | 015,716,352 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 22:31:01 | 000,102,400 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 22:31:12 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2010/09/03 21:43:47 | 000,000,221 | -HS- | M] () -- C:\Users\Joel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2010/10/13 12:51:59 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Joel\Desktop\OTL.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2009/01/08 21:56:25 | 000,000,402 | -HS- | M] () -- C:\Users\Joel\Favorites\desktop.ini

< %systemroot%\System32\Wbem\*.* >
[2006/09/18 16:26:19 | 000,001,097 | ---- | M] () -- C:\Windows\System32\wbem\aaclient.mof
[2008/01/20 21:34:43 | 000,004,352 | ---- | M] () -- C:\Windows\System32\wbem\audiocore.mof
[2006/09/18 16:35:02 | 000,001,092 | ---- | M] () -- C:\Windows\System32\wbem\authfwcfg.mof
[2008/01/20 21:34:04 | 000,003,007 | ---- | M] () -- C:\Windows\System32\wbem\auxiliarydisplayapi.mof
[2008/01/20 21:34:06 | 000,009,307 | ---- | M] () -- C:\Windows\System32\wbem\bcd.mof
[2006/09/18 16:29:37 | 000,001,260 | ---- | M] () -- C:\Windows\System32\wbem\CbsCore.mof
[2008/01/20 21:33:13 | 001,363,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\cimwin32.dll
[2008/01/20 21:34:26 | 002,703,098 | ---- | M] () -- C:\Windows\System32\wbem\cimwin32.mof
[2006/09/18 16:38:57 | 000,003,472 | ---- | M] () -- C:\Windows\System32\wbem\clfs.mof
[2006/09/18 16:39:00 | 000,000,123 | ---- | M] () -- C:\Windows\System32\wbem\clfsUninstall.mof
[2006/11/02 01:27:38 | 000,029,290 | ---- | M] () -- C:\Windows\System32\wbem\cli.mof
[2006/11/02 01:27:38 | 002,815,350 | ---- | M] () -- C:\Windows\System32\wbem\cliegaliases.mof
[2008/01/20 21:33:11 | 000,066,511 | ---- | M] () -- C:\Windows\System32\wbem\dfsrprov.mof
[2006/09/18 16:42:48 | 000,001,239 | ---- | M] () -- C:\Windows\System32\wbem\dimsjob.mof
[2006/09/18 16:42:50 | 000,001,284 | ---- | M] () -- C:\Windows\System32\wbem\dimsroam.mof
[2008/01/20 21:34:03 | 000,006,072 | ---- | M] () -- C:\Windows\System32\wbem\dot3.mof
[2006/09/18 16:45:56 | 000,003,685 | ---- | M] () -- C:\Windows\System32\wbem\drvinst.mof
[2008/01/20 21:34:37 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\dsprov.dll
[2006/11/02 01:27:35 | 000,018,398 | ---- | M] () -- C:\Windows\System32\wbem\dsprov.mof
[2006/09/18 16:40:27 | 000,001,300 | ---- | M] () -- C:\Windows\System32\wbem\eaimeapi.mof
[2008/01/20 21:33:24 | 000,263,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\esscli.dll
[2009/03/02 23:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\fastprox.dll
[2006/09/18 16:38:51 | 000,000,719 | ---- | M] () -- C:\Windows\System32\wbem\fdPHost.mof
[2006/09/18 16:38:53 | 000,000,736 | ---- | M] () -- C:\Windows\System32\wbem\fdrespub.mof
[2006/09/18 16:46:01 | 000,000,656 | ---- | M] () -- C:\Windows\System32\wbem\fdSSDP.mof
[2008/01/20 21:33:08 | 000,000,705 | ---- | M] () -- C:\Windows\System32\wbem\fdwcn.mof
[2006/09/18 16:38:53 | 000,000,716 | ---- | M] () -- C:\Windows\System32\wbem\fdWNet.mof
[2006/09/18 16:46:02 | 000,000,656 | ---- | M] () -- C:\Windows\System32\wbem\fdWSD.mof
[2006/09/18 16:39:15 | 000,017,935 | ---- | M] () -- C:\Windows\System32\wbem\filetrace.mof
[2006/09/18 16:35:44 | 000,001,100 | ---- | M] () -- C:\Windows\System32\wbem\Firewall.mof
[2006/09/18 16:36:01 | 000,001,913 | ---- | M] () -- C:\Windows\System32\wbem\firewallapi.mof
[2006/09/18 16:38:51 | 000,000,702 | ---- | M] () -- C:\Windows\System32\wbem\FunDisc.mof
[2006/09/18 16:35:54 | 000,001,081 | ---- | M] () -- C:\Windows\System32\wbem\fwcfg.mof
[2008/01/20 21:34:03 | 000,240,536 | ---- | M] () -- C:\Windows\System32\wbem\hbaapi.mof
[2006/09/18 16:29:52 | 000,008,404 | ---- | M] () -- C:\Windows\System32\wbem\hnetcfg.mof
[2006/09/18 16:31:55 | 000,026,255 | ---- | M] () -- C:\Windows\System32\wbem\IMAPIv2-Base.mof
[2006/09/18 16:31:55 | 000,002,073 | ---- | M] () -- C:\Windows\System32\wbem\IMAPIv2-FileSystemSupport.mof
[2006/09/18 16:31:55 | 000,000,759 | ---- | M] () -- C:\Windows\System32\wbem\IMAPIv2-LegacyShim.mof
[2006/11/02 07:34:05 | 000,002,263 | ---- | M] () -- C:\Windows\System32\wbem\InkObj.mof
[2006/09/18 16:46:01 | 000,000,672 | ---- | M] () -- C:\Windows\System32\wbem\IPBusEnum.mof
[2006/09/18 16:35:37 | 000,001,278 | ---- | M] () -- C:\Windows\System32\wbem\ipsecsvc.mof
[2006/09/18 16:32:37 | 000,003,615 | ---- | M] () -- C:\Windows\System32\wbem\irda.mof
[2006/09/18 16:32:27 | 000,002,211 | ---- | M] () -- C:\Windows\System32\wbem\irmon.mof
[2006/11/02 01:35:19 | 000,019,872 | ---- | M] () -- C:\Windows\System32\wbem\iscsidsc.mof
[2006/11/02 01:35:18 | 000,111,599 | ---- | M] () -- C:\Windows\System32\wbem\iscsihba.mof
[2006/11/02 01:35:20 | 000,046,042 | ---- | M] () -- C:\Windows\System32\wbem\iscsiprf.mof
[2006/11/02 01:35:21 | 000,004,503 | ---- | M] () -- C:\Windows\System32\wbem\iscsirem.mof
[2006/11/02 07:34:05 | 000,002,287 | ---- | M] () -- C:\Windows\System32\wbem\journal.mof
[2006/09/18 16:39:25 | 000,008,758 | ---- | M] () -- C:\Windows\System32\wbem\kerberos.mof
[2006/11/02 04:46:05 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\KrnlProv.dll
[2006/11/02 02:15:21 | 000,015,170 | ---- | M] () -- C:\Windows\System32\wbem\krnlprov.mof
[2006/09/18 16:32:48 | 000,001,367 | ---- | M] () -- C:\Windows\System32\wbem\l2gpstore.mof
[2008/01/20 21:34:05 | 000,002,334 | ---- | M] () -- C:\Windows\System32\wbem\L2SecHC.mof
[2006/09/18 16:30:13 | 000,001,242 | ---- | M] () -- C:\Windows\System32\wbem\lltdio.mof
[2006/09/18 16:30:11 | 000,001,688 | ---- | M] () -- C:\Windows\System32\wbem\lltdsvc.mof
[2008/01/20 21:33:54 | 000,013,780 | ---- | M] () -- C:\Windows\System32\wbem\lsasrv.mof
[2006/11/02 07:34:59 | 000,003,018 | ---- | M] () -- C:\Windows\System32\wbem\mblctr.mof
[2006/09/18 16:41:14 | 000,000,677 | ---- | M] () -- C:\Windows\System32\wbem\Microsoft-Windows-Remote-FileSystem.mof
[2006/09/18 16:26:23 | 000,000,698 | ---- | M] () -- C:\Windows\System32\wbem\mmc.mof
[2006/11/02 04:46:05 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\MMFUtil.dll
[2008/01/20 21:33:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\mofcomp.exe
[2008/01/20 21:33:24 | 000,191,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\mofd.dll
[2008/01/20 21:33:36 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\mofinstall.dll
[2006/09/18 16:35:23 | 000,001,088 | ---- | M] () -- C:\Windows\System32\wbem\mpsdrv.mof
[2006/09/18 16:35:54 | 000,001,900 | ---- | M] () -- C:\Windows\System32\wbem\mpssvc.mof
[2006/09/18 16:38:01 | 000,001,876 | ---- | M] () -- C:\Windows\System32\wbem\msfeeds.mof
[2006/09/18 16:38:01 | 000,001,938 | ---- | M] () -- C:\Windows\System32\wbem\msfeedsbs.mof
[2006/11/02 01:27:38 | 000,172,294 | ---- | M] () -- C:\Windows\System32\wbem\msi.mof
[2008/01/20 21:34:39 | 000,311,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\msiprov.dll
[2006/09/18 16:31:59 | 000,004,599 | ---- | M] () -- C:\Windows\System32\wbem\msiscsi.mof
[2006/09/18 16:28:06 | 000,001,110 | ---- | M] () -- C:\Windows\System32\wbem\mstsc.mof
[2006/09/18 16:27:27 | 000,001,967 | ---- | M] () -- C:\Windows\System32\wbem\mstscax.mof
[2006/09/18 16:39:39 | 000,007,721 | ---- | M] () -- C:\Windows\System32\wbem\msv1_0.mof
[2006/11/02 07:34:54 | 000,001,710 | ---- | M] () -- C:\Windows\System32\wbem\mswmdm.mof
[2008/01/20 21:34:45 | 000,000,640 | ---- | M] () -- C:\Windows\System32\wbem\NAPCLIENTPROV.MOF
[2008/01/20 21:34:45 | 000,003,992 | ---- | M] () -- C:\Windows\System32\wbem\NAPCLIENTSCHEMA.MOF
[2006/09/18 16:36:02 | 000,001,259 | ---- | M] () -- C:\Windows\System32\wbem\nci.mof
[2008/01/20 21:33:24 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\NCProv.dll
[2006/11/02 03:41:18 | 000,002,964 | ---- | M] () -- C:\Windows\System32\wbem\ncprov.mof
[2006/09/18 16:28:21 | 000,001,131 | ---- | M] () -- C:\Windows\System32\wbem\ncsi.mof
[2006/09/18 16:36:03 | 000,001,306 | ---- | M] () -- C:\Windows\System32\wbem\ndishc.mof
[2006/09/18 16:36:26 | 000,004,548 | ---- | M] () -- C:\Windows\System32\wbem\ndistrace.mof
[2006/09/18 16:38:14 | 000,001,117 | ---- | M] () -- C:\Windows\System32\wbem\netprofm.mof
[2006/09/18 16:29:57 | 000,000,683 | ---- | M] () -- C:\Windows\System32\wbem\networkitemfactory.mof
[2006/09/18 16:30:03 | 000,000,631 | ---- | M] () -- C:\Windows\System32\wbem\networkmap.mof
[2006/09/18 16:45:56 | 000,003,681 | ---- | M] () -- C:\Windows\System32\wbem\newdev.mof
[2006/09/18 16:38:28 | 000,003,914 | ---- | M] () -- C:\Windows\System32\wbem\nlasvc.mof
[2008/01/20 21:33:41 | 000,002,873 | ---- | M] () -- C:\Windows\System32\wbem\nlsvc.mof
[2006/09/18 16:35:29 | 000,001,266 | ---- | M] () -- C:\Windows\System32\wbem\nshipsec.mof
[2008/01/20 21:34:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\ntevt.dll
[2006/11/02 01:27:39 | 000,030,348 | ---- | M] () -- C:\Windows\System32\wbem\ntevt.mof
[2006/09/18 16:39:46 | 000,000,308 | ---- | M] () -- C:\Windows\System32\wbem\ntfs.mof
[2008/01/20 21:33:23 | 000,002,952 | ---- | M] () -- C:\Windows\System32\wbem\onex.mof
[2006/11/02 07:34:47 | 000,001,836 | ---- | M] () -- C:\Windows\System32\wbem\p2p-collab.mof
[2006/11/02 07:34:47 | 000,002,564 | ---- | M] () -- C:\Windows\System32\wbem\p2p-meetings.mof
[2006/11/02 07:34:47 | 000,002,380 | ---- | M] () -- C:\Windows\System32\wbem\p2p-mesh.mof
[2006/11/02 07:34:47 | 000,002,297 | ---- | M] () -- C:\Windows\System32\wbem\p2p-pnrp.mof
[2006/09/18 16:45:56 | 000,001,060 | ---- | M] () -- C:\Windows\System32\wbem\pnpsetup.mof
[2006/09/18 16:46:02 | 000,000,665 | ---- | M] () -- C:\Windows\System32\wbem\PNPXAssoc.mof
[2006/09/18 16:35:35 | 000,001,275 | ---- | M] () -- C:\Windows\System32\wbem\polstore.mof
[2006/11/02 07:34:55 | 000,003,912 | ---- | M] () -- C:\Windows\System32\wbem\portabledeviceapi.mof
[2006/11/02 07:34:55 | 000,003,193 | ---- | M] () -- C:\Windows\System32\wbem\portabledeviceclassextension.mof
[2006/11/02 07:34:55 | 000,003,097 | ---- | M] () -- C:\Windows\System32\wbem\portabledevicetypes.mof
[2006/11/02 07:34:55 | 000,001,760 | ---- | M] () -- C:\Windows\System32\wbem\portabledevicewiacompat.mof
[2006/11/02 07:34:55 | 000,003,092 | ---- | M] () -- C:\Windows\System32\wbem\portabledevicewmdrm.mof
[2006/09/18 16:49:01 | 000,002,601 | ---- | M] () -- C:\Windows\System32\wbem\PrintFilterPipelineSvc.mof
[2006/09/18 16:34:46 | 000,002,302 | ---- | M] () -- C:\Windows\System32\wbem\qmgr.mof
[2006/09/18 16:39:30 | 000,000,623 | ---- | M] () -- C:\Windows\System32\wbem\rawxml.xsl
[2006/09/18 16:30:56 | 000,001,066 | ---- | M] () -- C:\Windows\System32\wbem\rdpencom.mof
[2006/11/02 02:15:20 | 000,111,686 | ---- | M] () -- C:\Windows\System32\wbem\regevent.mof
[2008/01/20 21:33:39 | 000,264,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\repdrvfs.dll
[2006/09/18 16:46:10 | 000,001,688 | ---- | M] () -- C:\Windows\System32\wbem\RestartManager.mof
[2006/09/18 16:46:10 | 000,000,090 | ---- | M] () -- C:\Windows\System32\wbem\RestartManagerUninstall.mof
[2006/11/02 02:22:17 | 000,100,388 | ---- | M] () -- C:\Windows\System32\wbem\rsop.mof
[2006/09/18 16:30:16 | 000,002,221 | ---- | M] () -- C:\Windows\System32\wbem\rspndr.mof
[2008/01/20 21:34:21 | 000,061,288 | ---- | M] () -- C:\Windows\System32\wbem\samsrv.mof
[2006/09/18 16:41:58 | 000,001,241 | ---- | M] () -- C:\Windows\System32\wbem\sapi.mof
[2006/09/18 16:41:24 | 000,004,357 | ---- | M] () -- C:\Windows\System32\wbem\scersop.mof
[2006/09/18 16:39:53 | 000,001,064 | ---- | M] () -- C:\Windows\System32\wbem\schannel.mof
[2006/09/18 16:37:09 | 000,002,250 | ---- | M] () -- C:\Windows\System32\wbem\SchedSvc.mof
[2006/09/18 16:46:11 | 000,020,158 | ---- | M] () -- C:\Windows\System32\wbem\scm.mof
[2008/01/20 21:33:53 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\scrcons.exe
[2006/09/18 16:39:42 | 000,005,744 | ---- | M] () -- C:\Windows\System32\wbem\scrcons.mof
[2006/09/18 16:29:35 | 000,003,767 | ---- | M] () -- C:\Windows\System32\wbem\sdbus.mof
[2006/11/02 01:27:39 | 000,064,142 | ---- | M] () -- C:\Windows\System32\wbem\secrcw32.mof
[2008/01/20 21:34:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\ServDeps.dll
[2010/08/23 23:12:24 | 000,084,985 | ---- | M] () -- C:\Windows\System32\wbem\ServiceModel.mof
[2006/11/02 07:35:34 | 000,000,896 | ---- | M] () -- C:\Windows\System32\wbem\ServiceModel.mof.uninstall
[2006/09/18 16:46:11 | 000,002,866 | ---- | M] () -- C:\Windows\System32\wbem\services.mof
[2006/09/18 16:45:57 | 000,003,689 | ---- | M] () -- C:\Windows\System32\wbem\setupapi.mof
[2008/01/20 21:34:50 | 000,025,060 | ---- | M] () -- C:\Windows\System32\wbem\slwmi.mof
[2006/11/02 04:46:13 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\SMTPCons.dll
[2006/09/18 16:39:42 | 000,004,280 | ---- | M] () -- C:\Windows\System32\wbem\smtpcons.mof
[2006/11/02 07:33:48 | 000,016,973 | ---- | M] () -- C:\Windows\System32\wbem\speechux.mof
[2006/11/02 07:33:47 | 000,001,229 | ---- | M] () -- C:\Windows\System32\wbem\sptip.mof
[2006/11/02 07:35:02 | 000,003,834 | ---- | M] () -- C:\Windows\System32\wbem\sr.mof
[2006/09/18 16:42:35 | 000,002,583 | ---- | M] () -- C:\Windows\System32\wbem\ssdpsrv.mof
[2008/01/20 21:34:56 | 000,002,604 | ---- | M] () -- C:\Windows\System32\wbem\sstpsvc.mof
[2008/01/20 21:34:34 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\stdprov.dll
[2006/09/18 16:31:16 | 000,017,937 | ---- | M] () -- C:\Windows\System32\wbem\stortrace.mof
[2006/09/18 16:39:38 | 000,000,668 | ---- | M] () -- C:\Windows\System32\wbem\subscrpt.mof
[2006/11/02 01:27:35 | 000,126,686 | ---- | M] () -- C:\Windows\System32\wbem\system.mof
[2006/11/02 07:33:46 | 000,002,295 | ---- | M] () -- C:\Windows\System32\wbem\tabbtn.mof
[2006/11/02 07:34:40 | 000,002,845 | ---- | M] () -- C:\Windows\System32\wbem\TabSvc.mof
[2006/09/18 16:37:10 | 000,002,254 | ---- | M] () -- C:\Windows\System32\wbem\TaskEng.mof
[2006/09/18 16:36:40 | 000,003,066 | ---- | M] () -- C:\Windows\System32\wbem\tcpip.mof
[2006/09/18 16:39:30 | 000,006,000 | ---- | M] () -- C:\Windows\System32\wbem\texttable.xsl
[2006/09/18 16:39:30 | 000,002,766 | ---- | M] () -- C:\Windows\System32\wbem\textvaluelist.xsl
[2006/09/18 16:39:20 | 000,000,964 | ---- | M] () -- C:\Windows\System32\wbem\tspkg.mof
[2006/09/18 16:46:02 | 000,000,646 | ---- | M] () -- C:\Windows\System32\wbem\umb.mof
[2006/09/18 16:45:41 | 000,002,459 | ---- | M] () -- C:\Windows\System32\wbem\umbus.mof
[2006/09/18 16:45:42 | 000,002,462 | ---- | M] () -- C:\Windows\System32\wbem\umpass.mof
[2006/09/18 16:46:00 | 000,003,692 | ---- | M] () -- C:\Windows\System32\wbem\umpnpmgr.mof
[2008/01/20 21:33:24 | 000,037,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\unsecapp.exe
[2008/01/20 21:33:40 | 000,010,702 | ---- | M] () -- C:\Windows\System32\wbem\UserProfileWmiProvider.mof
[2006/11/02 01:35:15 | 000,060,994 | ---- | M] () -- C:\Windows\System32\wbem\vds.mof
[2008/01/20 21:33:14 | 000,160,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\vdswmi.dll
[2008/01/20 21:34:00 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\viewprov.dll
[2006/11/02 01:35:15 | 000,055,846 | ---- | M] () -- C:\Windows\System32\wbem\vss.mof
[2008/01/20 21:33:43 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\vsswmi.dll
[2008/01/20 21:34:32 | 000,250,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemcntl.dll
[2008/01/20 21:33:53 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemcons.dll
[2006/09/18 16:39:42 | 000,018,580 | ---- | M] () -- C:\Windows\System32\wbem\WBEMCons.mof
[2008/01/20 21:34:38 | 000,742,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemcore.dll
[2008/01/20 21:34:47 | 000,188,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.dll
[2006/11/02 02:14:20 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemdisp.tlb
[2008/01/20 21:33:39 | 000,347,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemess.dll
[2008/01/20 21:33:24 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemprox.dll
[2008/01/20 21:33:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemsvc.dll
[2008/01/20 21:34:08 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wbemtest.exe
[2006/11/02 07:33:51 | 000,003,980 | ---- | M] () -- C:\Windows\System32\wbem\wcncsvc.mof
[2006/11/02 07:33:45 | 000,001,007 | ---- | M] () -- C:\Windows\System32\wbem\wcnwiz.mof
[2006/09/18 16:43:14 | 000,004,052 | ---- | M] () -- C:\Windows\System32\wbem\Wdf01000.mof
[2006/09/18 16:43:14 | 000,000,118 | ---- | M] () -- C:\Windows\System32\wbem\Wdf01000Uninstall.mof
[2006/09/18 16:39:24 | 000,001,103 | ---- | M] () -- C:\Windows\System32\wbem\wdigest.mof
[2006/09/18 16:36:01 | 000,001,083 | ---- | M] () -- C:\Windows\System32\wbem\WFAPIGP.mof
[2008/01/20 21:33:28 | 000,000,814 | ---- | M] () -- C:\Windows\System32\wbem\WFP.MOF
[2006/11/02 07:33:57 | 000,004,388 | ---- | M] () -- C:\Windows\System32\wbem\WgxInstalledGame.mof
[2006/11/02 02:03:34 | 000,004,120 | ---- | M] () -- C:\Windows\System32\wbem\whqlprov.mof
[2006/09/18 16:46:36 | 000,004,003 | ---- | M] () -- C:\Windows\System32\wbem\Win32_OsBaseline.mof
[2006/11/02 01:27:38 | 000,097,278 | ---- | M] () -- C:\Windows\System32\wbem\win32_printer.mof
[2008/01/20 21:34:33 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\Win32_Tpm.dll
[2006/09/18 16:44:14 | 000,017,012 | ---- | M] () -- C:\Windows\System32\wbem\Win32_Tpm.mof
[2006/09/18 16:34:14 | 000,016,503 | ---- | M] () -- C:\Windows\System32\wbem\WindowsMobileTracing.mof
[2006/09/18 16:41:56 | 000,001,333 | ---- | M] () -- C:\Windows\System32\wbem\wininit.mof
[2006/09/18 16:35:37 | 000,001,270 | ---- | M] () -- C:\Windows\System32\wbem\winipsec.mof
[2006/09/18 16:41:56 | 000,002,794 | ---- | M] () -- C:\Windows\System32\wbem\winlogon.mof
[2008/01/20 21:34:49 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WinMgmt.exe
[2006/11/02 02:14:23 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WinMgmtR.dll
[2006/11/02 07:33:51 | 000,001,545 | ---- | M] () -- C:\Windows\System32\wbem\Winsat.mof
[2006/11/02 07:33:51 | 000,000,487 | ---- | M] () -- C:\Windows\System32\wbem\WinsatUninstall.mof
[2008/01/20 21:32:55 | 000,012,880 | ---- | M] () -- C:\Windows\System32\wbem\wlan.mof
[2006/11/02 07:33:50 | 000,001,311 | ---- | M] () -- C:\Windows\System32\wbem\WLanHC.mof
[2006/11/02 02:15:20 | 000,012,030 | ---- | M] () -- C:\Windows\System32\wbem\wmi.mof
[2008/01/20 21:33:24 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIADAP.exe
[2006/11/02 02:15:27 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiApRes.dll
[2008/01/20 21:34:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiApRpl.dll
[2008/01/20 21:33:24 | 000,137,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiApSrv.exe
[2008/01/20 21:34:36 | 000,625,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIC.exe
[2008/01/20 21:33:24 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMICOOKR.dll
[2009/03/02 23:40:16 | 000,129,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiDcPrv.dll
[2008/01/20 21:34:04 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmipcima.dll
[2006/11/02 02:15:20 | 000,041,902 | ---- | M] () -- C:\Windows\System32\wbem\wmipcima.mof
[2006/11/02 04:46:14 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmipdfs.dll
[2006/11/02 02:15:19 | 000,014,780 | ---- | M] () -- C:\Windows\System32\wbem\wmipdfs.mof
[2008/01/20 21:34:04 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmipdskq.dll
[2006/11/02 02:15:19 | 000,013,500 | ---- | M] () -- C:\Windows\System32\wbem\wmipdskq.mof
[2008/01/20 21:34:26 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPerfClass.dll
[2006/09/18 16:37:06 | 000,000,980 | ---- | M] () -- C:\Windows\System32\wbem\WmiPerfClass.mof
[2008/01/20 21:34:29 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPerfInst.dll
[2006/09/18 16:37:07 | 000,000,804 | ---- | M] () -- C:\Windows\System32\wbem\WmiPerfInst.mof
[2008/01/20 21:34:36 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIPICMP.dll
[2006/11/02 02:15:21 | 000,020,340 | ---- | M] () -- C:\Windows\System32\wbem\wmipicmp.mof
[2008/01/20 21:33:27 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIPIPRT.dll
[2006/11/02 02:15:21 | 000,024,154 | ---- | M] () -- C:\Windows\System32\wbem\wmipiprt.mof
[2008/01/20 21:33:27 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIPJOBJ.dll
[2006/11/02 02:15:20 | 000,061,364 | ---- | M] () -- C:\Windows\System32\wbem\wmipjobj.mof
[2008/01/20 21:33:59 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiprov.dll
[2009/03/02 23:40:16 | 000,499,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSD.dll
[2009/03/02 21:16:04 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WmiPrvSE.exe
[2006/11/02 04:46:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIPSESS.dll
[2006/11/02 02:15:19 | 000,014,024 | ---- | M] () -- C:\Windows\System32\wbem\wmipsess.mof
[2008/01/20 21:34:49 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\WMIsvc.dll
[2006/11/02 04:46:14 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmitimep.dll
[2006/11/02 03:41:17 | 000,006,494 | ---- | M] () -- C:\Windows\System32\wbem\wmitimep.mof
[2008/01/20 21:33:24 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wbem\wmiutils.dll
[2006/09/18 16:39:56 | 000,001,682 | ---- | M] () -- C:\Windows\System32\wbem\WMI_Tracing.mof
[2006/11/02 07:34:49 | 000,004,887 | ---- | M] () -- C:\Windows\System32\wbem\wmp.mof
[2006/11/02 07:34:59 | 000,004,628 | ---- | M] () -- C:\Windows\System32\wbem\wmpnetwk.mof
[2006/11/02 07:34:44 | 000,001,368 | ---- | M] () -- C:\Windows\System32\wbem\wpc.mof
[2006/11/02 07:34:44 | 000,021,677 | ---- | M] () -- C:\Windows\System32\wbem\wpcsprov.mof
[2006/11/02 07:34:44 | 000,000,470 | ---- | M] () -- C:\Windows\System32\wbem\wpcuninst.mof
[2006/11/02 07:34:55 | 000,002,792 | ---- | M] () -- C:\Windows\System32\wbem\wpdbusenum.mof
[2006/11/02 07:34:55 | 000,002,737 | ---- | M] () -- C:\Windows\System32\wbem\wpdfs.mof
[2006/11/02 07:34:55 | 000,005,346 | ---- | M] () -- C:\Windows\System32\wbem\wpdmtp.mof
[2006/11/02 07:34:55 | 000,003,184 | ---- | M] () -- C:\Windows\System32\wbem\wpdshext.mof
[2006/11/02 07:34:55 | 000,003,063 | ---- | M] () -- C:\Windows\System32\wbem\WPDShServiceObj.mof
[2006/11/02 07:34:55 | 000,002,987 | ---- | M] () -- C:\Windows\System32\wbem\wpdsp.mof
[2006/11/02 07:34:55 | 000,003,740 | ---- | M] () -- C:\Windows\System32\wbem\wpdwcn.mof
[2006/09/18 16:51:12 | 000,003,000 | ---- | M] () -- C:\Windows\System32\wbem\wpd_ci.mof
[2008/01/20 21:33:06 | 000,003,332 | ---- | M] () -- C:\Windows\System32\wbem\wscenter.mof
[2006/09/18 16:41:39 | 000,001,072 | ---- | M] () -- C:\Windows\System32\wbem\wscmisetup.mof
[2006/09/18 16:47:40 | 000,002,348 | ---- | M] () -- C:\Windows\System32\wbem\WSDApi.mof
[2006/09/18 16:40:05 | 000,004,430 | ---- | M] () -- C:\Windows\System32\wbem\WsmAuto.mof
[2006/09/18 16:44:23 | 000,048,262 | ---- | M] () -- C:\Windows\System32\wbem\WUDFx.mof
[2006/09/18 16:44:23 | 000,000,475 | ---- | M] () -- C:\Windows\System32\wbem\WUDFxUninstall.mof
[2008/01/20 21:32:58 | 000,000,723 | ---- | M] () -- C:\Windows\System32\wbem\wzcdlg.mof
[2006/09/18 16:39:31 | 000,002,866 | ---- | M] () -- C:\Windows\System32\wbem\xsl-mappings.xml
[2006/09/18 16:43:11 | 000,001,050 | ---- | M] () -- C:\Windows\System32\wbem\xwizards.mof

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-03 23:03:36

< End of report >

saltherring
2010-10-13, 21:55
part two, the extras:

OTL Extras logfile created on: 10/13/2010 1:18:38 PM - Run 1
OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\Joel\Desktop
Windows Vista Home Basic Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18943)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 59.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 77.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.02 Gb Total Space | 20.69 Gb Free Space | 9.28% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 5.71 Gb Free Space | 58.47% Space Free | Partition Type: NTFS

Computer Name: JOEL-PC | User Name: Joel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{036B6B80-A001-4217-B1F0-2089A324217C}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3051C4CE-84B1-4666-AED8-BD04D3CB4C97}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{41E859F6-47F2-4106-A4BB-50AEFC201992}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{7D3AF655-419A-49F9-89F4-CC67E0665E07}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A253C0EB-B3C4-40EB-B258-36AC37F1F550}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CAEF0294-7AD4-4523-A6C5-53C50700DD00}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DB923E6D-55BA-4A9A-909D-EA07DDC9AA0F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FD0C2C45-D5E7-4033-B4F3-E7519FBC87B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042A8510-F1B5-43BC-955A-0433C8974CEB}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{2474B156-E8AA-408B-8B8A-5B05DD0D99B1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{2ABB01B8-0107-4720-B767-D6C0C0D3EDF2}" = protocol=6 | dir=in | app=c:\program files\trendnet\802.11n wireless client utility\umccfg.exe |
"{3689C36C-81C0-4C5B-836C-82E25B5F225B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{55CDE0AE-156A-47CF-81CB-07329F80BB4C}" = protocol=17 | dir=in | app=c:\program files\trendnet\802.11n wireless client utility\umccfg.exe |
"{79BD2C0C-558B-4C37-A00F-6A79EA0F5F27}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{79F9BC8B-0434-4518-840B-45932A3F42D6}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{A3DED91D-DDDA-4C1C-9EE2-15FCF01B2D1F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"TCP Query User{637639B0-AA7B-4313-8391-89C1C5235176}C:\program files\eagletron\trackercam\eyewdm.exe" = protocol=6 | dir=in | app=c:\program files\eagletron\trackercam\eyewdm.exe |
"TCP Query User{6A56791C-7CE6-4519-B155-AFEB728F18EC}C:\program files\quintessential media player\qmplayer.exe" = protocol=6 | dir=in | app=c:\program files\quintessential media player\qmplayer.exe |
"TCP Query User{A8B7EAF5-FCEC-48A8-B853-C9E317AD561C}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{05409A26-9EC4-41CF-8618-836CAB0FE15D}C:\program files\quintessential media player\qmplayer.exe" = protocol=17 | dir=in | app=c:\program files\quintessential media player\qmplayer.exe |
"UDP Query User{0CC03176-CBF7-409D-8F25-714FE46B3162}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{8A3DFFCA-AE03-4717-8735-4025CCD76C5E}C:\program files\eagletron\trackercam\eyewdm.exe" = protocol=17 | dir=in | app=c:\program files\eagletron\trackercam\eyewdm.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{06A1BE8A-4CA4-4A39-B9E4-E815AA8FE05C}" = Sony Noise Reduction Plug-In 2.0h
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{26A24AE4-039D-4CA4-87B4-2F83216018FF}" = Java(TM) 6 Update 18
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3A6829EF-0791-4FDD-9382-C690DD0821B9}" = Adobe Flash Player 10 ActiveX
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4AEA9A23-D627-4699-8A0F-FC474308C2E6}" = Sony Sound Forge 9.0
"{531BC138-F1F7-496B-879C-F039ECEF438D}" = Adobe Photoshop Lightroom 2
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ADD0603-16EF-400D-9F9E-486432835002}" = OpenOffice.org 3.2
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.11.0
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{84C7A433-CED3-4410-9D69-0BF5486B9631}" = Sony CD Architect 5.2
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B287B75-DF8D-40C8-9620-8E4492C38EF1}" = Webroot Software
"{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{903679E8-44C8-4C07-9600-05C92654FC50}" = QualXServ Service Agreement
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{958DE2CC-E767-405F-91EA-B0E899AB582C}" = 802.11n Wireless Client Utility
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A128921B-D03F-4BFB-8141-C365AA48D660}" = Adobe Setup
"{A2881E09-38DB-4F79-9135-00FDA01768A7}" = Adobe Creative Suite 4 Design Premium
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B935C985-A17F-484B-8470-09E4FC27DC26}" = Dell-eBay
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD9047E3-1510-4522-BB7F-D0C1B196C4D6}_is1" = ConvertXtoDVD3
"{C39A4E1F-9AF1-4FE1-A80E-A5B867FABB42}" = Dell Best of Web
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CF097717-F174-4144-954A-FBC4BF301033}" = Nero 7 Ultra Edition
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EDD235BB-9FB4-4604-85ED-1B14A256F4E0}" = Adobe Photoshop Lightroom 3.2
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F6CB42B9-F033-4152-8813-FF11DA8E6A78}" = Dell Dock
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}" = EPSON Print CD
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_55230b0b70661df0f212e88f0b655f7" = Adobe Creative Suite 4 Design Premium
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.7 (Unicode)
"BookSmart® 2.8.0 2.8.0" = BookSmart® 2.8.0 2.8.0
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"dBpoweramp FLAC Codec" = dBpoweramp FLAC Codec
"dBpoweramp Music Converter" = dBpoweramp Music Converter
"dBpoweramp Windows Media Audio 10 Codec" = dBpoweramp Windows Media Audio 10 Codec
"EPSON Printer and Utilities" = EPSON Printer Software
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"Eye-One Match_is1" = Eye-One Match 3.6
"FileZilla Client" = FileZilla Client 3.3.2.1
"foobar2000" = foobar2000 v1.1
"GoToAssist" = GoToAssist 8.0.0.514
"HijackThis" = HijackThis 2.0.2
"i1ColorPoint 1.0" = i1ColorPoint 1.0
"Impulse" = Impulse
"IObit Security 360_is1" = IObit Security 360
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox (3.5.13)" = Mozilla Firefox (3.5.13)
"Notepad++" = Notepad++
"PROSetDX" = Intel(R) PRO Network Connections 12.1.11.0
"Quintessential Media Player" = Quintessential Media Player
"Security Task Manager" = Security Task Manager 1.7e
"Silent Package Run-Time Sample" = EPSON Perf V700-V750 Guide
"SilverFast Epson-SE" = SilverFast Epson-SE 6.6.2r1
"The KMPlayer" = The KMPlayer (remove only)
"Webroot Software" = Webroot Software
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >

saltherring
2010-10-13, 22:15
I ran the uninstall for Utorrent but I got errors at the end of the process. Subsequent attempts to uninstall said that there was an error in previous attempts to uninstall. So I just deleted the program folder and removed the program from my firewall.

tashi
2010-10-13, 22:57
Hello saltherring,

Due to the volume of posts to your own topic, it would appear to volunteer analysts that you are already being assisted as they look for topics with 0 response. :eek:

Please start a new topic and provide a link back to this one.

If the infection prevents DDS from running, please start a topic anyway and make note of the situation. Don't post other logs. :)
"BEFORE you POST"(READ this Procedure BEFORE Requesting Assistance) (http://forums.spybot.info/showthread.php?t=288)

Best regards.