Microsoft Office

gunnner · Jan 15, 2010

WELL THIS IS THE TEST FILE THAT I COULD NOT POST PREVIOUSLY. CHF would not let it attach. I don't know why I can do it now. I have sent it to 2 other members 2 days ago & they could not open it. I also sent it to myself at the same time & I could open it( I have M Office ).
Now the only thing I have done since is to organize my photos etc.
I'm shure I put in my files the same as all the rest of the coppies of tests (pings)(. But somehow it seams M office took over that one----but why not now? So that it does not happen again I'm thinkin of

of disabling M Office--I don't think I need it. Could it be that I did not have M Office completly installed the first time? :unsure: Can anyone explain this----Do many use M Office?------------------------gunnner :huh:

Match · Jan 15, 2010

I use Word and Excel, but wouldn't class my self an expert on it. as to why M$ Office would take over an Image file I'm Puzzled, normally Word will claim all text files, but that's not a problem as it's what I use it for.

The only thing I can think of if you printed it to a file with the XPS Document writer instead of saving it?

BeeCeeBee · Jan 15, 2010

The "file" has nothing to do with Outlook. It is an HTML page and is restricted. That is why I could not open it (I was one of those members) If you look at the address it is to your modem. Don't worry about it Gunnner it really has nothing to do with Office.

AS for the screenshot itself says nothing about why you are having a problem. Your issue is not with your modem but with the Server being used by the network.

gunnner · Jan 15, 2010

In the process of doing a scan to send in a email--once scaned it went to Microsoft Office---never did that before enabled it.Aaaaarrh--
SO I HAVE REMOVED MICROSOFT OFFICE---It kinda takes over like Photo shop Pro--Which I also removed---no like programs that take over ----gunnner :huh:

BeeCeeBee · Jan 15, 2010

It looks to me like you are trying to use band aids when surgery is needed. There seems to be a lot of things going on with that machine that should not be. I am going to suggest that before you start deleting things in order to solve problems you work with one of the malware specialists and have them look things over. What they ask seems complicated but if you take your time and follow step by step it is not all that hard to do.

gunnner · Jan 15, 2010

Will do---THANKS-------------------gunnner

starbuck · Jan 15, 2010

Hi Gunner,
Before we get into anything too complicated, let's see what security you are running.
This sometimes says more than you think.

Download Security Check from here or here.

Save it to your Desktop.

Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please copy and paste the contents of that document in your next reply.

Thanks.

gunnner · Jan 16, 2010

starbuck said: ↑

Hi Gunner,
Before we get into anything too complicated, let's see what security you are running.
This sometimes says more than you think.

Download Security Check from here or here.

Save it to your Desktop.

Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.

A Notepad document should open automatically called checkup.txt; please copy and paste the contents of that document in your next reply.

Thanks.
Click to expand...

----------- Results of screen317's Security Check version 0.99.1
Windows Vista Service Pack 2 (UAC is

disabled!)
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
ESET NOD32 Antivirus
WMIC entry does not exist for antivirus; attempting

automatic update.
``````````````````````````````
Anti-malware/Other Utilities Check:
WinPatrol 2009
McAfee SiteAdvisor
Java(TM) 6 Update 17
Adobe Flash Player 10
Adobe Reader 9.1.3
``````````````````````````````
Process Check:
objlist.exe by Laurent
Windows Defender MSASCui.exe
WinPatrol winpatrol.exe is disabled!

-----------THANKS FOR TAKIN A LOOK---HOPE I DID IT RITE :unsure: -------------gunnner

starbuck · Jan 16, 2010

HOPE I DID IT RITE
Click to expand...

Yep, nice work.
Security isn't too bad, but could be better:

I see you are running the Windows Vista Firewall:
Vista's build-in firewall is a two-way firewall that has outbound filtering disabled by default. The best explanation was that it was too complicated for end-users to use so they had that feature turned off as well as hidden. To turn on outbound filtering and configure:

Click on the Start button and type in wf.msc then hit Enter ( the 'Return' key).

This operation needs allowance: click on Continue.

The comprehensive Windows Firewall with Advanced Security management interface pops up.

Turn on outbound filtering and configure rules for incoming and outgoing connections.

Also see BleepingComputer's excellent tutorial to help using and understanding a firewall: Understanding and Using Firewalls.

As you don't have MBAM installed, let's do a scan.
You can post the results here as a reply.
If there's any cause for concern after the scan, i'll move this thread.
If it's clear, then your problem may not be malware related.

Please download Malwarebytes Anti-Malware and save it to your desktop.

Make sure you are connected to the Internet.

Double-click on Download_mbam-setup.exe to install the application.

When the installation begins, follow the prompts and do not make any changes to default settings.

When installation has finished, make sure you leave both of these checked:

Update Malwarebytes' Anti-Malware

Launch Malwarebytes' Anti-Malware

Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

Make sure the "Perform Full Scan" option is selected.

Then click on the Scan button.

If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.

The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.

When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".

Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.

Make sure that everything is checked, and click Remove Selected.

When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)

The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.

Copy and paste the contents of that report in your next reply and exit MBAM.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

gunnner · Jan 16, 2010

HEY STARBUCK----THANKS FOR WATCHING OUT FOR ME-----I have printed out your directions (I never could go back to have a look---always loose what I was doing---Newbee thing). So, though it looks complicated :unsure: (Aaaah-another challenge) ,I will give it a try. But as my satellite is acting up (no sound & videos stop) I will wait till this weather clears,may take till Monday. If ya don't see it by Tues.,give me a BLAST.----------gunnner

starbuck · Jan 16, 2010

Ok, will do.
It all seems a lot, but is quite easy really.
Post when you're ready.... any problems just give me a shout.

gunnner · Jan 18, 2010

STRARBUCK-----------HERE IS A START----Is this the first part of what ya want to see?----will do the rest soon--------------------gunnner

starbuck · Jan 18, 2010

Hi gunnner,

Nice one.
That'll increase your Firewall security.

Copy and paste the MBAM report when you have it.

Thanks.

gunnner · Jan 21, 2010

starbuck said: ↑

Hi gunnner,

Nice one.
That'll increase your Firewall security.

Copy and paste the MBAM report when you have it.

Thanks.
Click to expand...

Malwarebytes' Anti-Malware 1.44
Database version: 3607
Windows 6.0.6002 Service Pack 2
Internet Explorer 7.0.6002.18005

1/21/2010 9:03:49 AM
mbam-log-2010-01-21 (09-03-49).txt

Scan type: Full Scan (C:\|)
Objects scanned: 187993
Time elapsed: 42 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

starbuck · Feb 2, 2014

That's odd,
I replied to your post yesterday..... but the post isn't showing!
It doesn't look as though malware is to blame here.
MBAM will search for a lot of stuff.... but it shows nothing found.
We can try another type of scan, which will give us a more in depth look at your system.
It will show us a lot more than just malware.
If you want to run the following, i'll glady take a look for you.

Download OTL to your desktop.
if you have problems, try this download link:
OTL

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

When the window appears, underneath Output at the top change it to Minimal Output.

Check the boxes beside LOP Check and Purity Check

.

.
.
Now copy the lines in the codebox below.
Code:
%SYSTEMDRIVE%\*.exe
%systemroot%\*. /mp /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
/md5stop
CREATERESTOREPOINT
right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.

.
.

Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.

gunnner · Jan 22, 2010

THANKS STARBUCK----I'LL Give it a go-----may not be for 2 or 3 days----but I will do it.
I do seem to have some kind of problem as my puta LOCKS up some times & have to re-start---maybe thats a normal thing :unsure: or maybe this test can tell me why.
--Have printed your directions-----Thank ya much---------gunnner

starbuck · Jan 22, 2010

You are more than welcome.
Hopefully we'll get to the bottom of things.

gunnner · Jan 24, 2010

OTL logfile created on: 1/24/2010 8:57:40 AM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Users\Skip\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 217.00 Mb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 35.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.97 Gb Total Space | 113.03 Gb Free Space | 75.87% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SKIP-PC
Current User Name: Skip
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Processes (SafeList) ==========

PRC - C:\Users\Skip\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
PRC - C:\Program Files\TechSmith\Jing\Jing.exe (TechSmith Corporation)
PRC - C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
PRC - C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
PRC - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
PRC - C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\WUDFHost.exe (Microsoft Corporation)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation)
PRC - C:\Program Files\Google\Google Talk\googletalk.exe (Google)
PRC - C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
PRC - C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
PRC - C:\Windows\System32\dlcxcoms.exe ( )

========== Modules (SafeList) ==========

MOD - C:\Users\Skip\Downloads\OTL.exe (OldTimer Tools)
MOD - c:\Program Files\McAfee\SiteAdvisor\sahook.dll (McAfee, Inc.)
MOD - C:\Program Files\Ad Muncher\AM31318.dll (Murray Hurps Corp Pty Ltd)
MOD - C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll (BillP Studios)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll (Microsoft Corporation)

========== Win32 Services (SafeList) ==========

SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (gupdate1c9d41019f82f0) Google Update Service (gupdate1c9d41019f82f0) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)
SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)
SRV - (EhttpSrv) -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (ESET)
SRV - (ekrn) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ESET)
SRV - (nvsvc) -- C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (dlcx_device) -- C:\Windows\System32\dlcxcoms.exe ( )

========== Driver Services (SafeList) ==========

DRV - (usbaudio) USB Audio Driver (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (epfwwfpr) -- C:\Windows\System32\drivers\epfwwfpr.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (eamon) -- C:\Windows\System32\drivers\eamon.sys (ESET)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (VST_DPV) -- C:\Windows\System32\drivers\VSTDPV3.SYS (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\Windows\System32\drivers\VSTCNXT3.SYS (Conexant Systems, Inc.)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor32) -- C:\Windows\system32\DRIVERS\nvstor32.sys (NVIDIA Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (secdrv) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..extensions.enabledItems: {3ED591BC-7CC7-495B-A526-B2431356EDC1}:2.0
FF - prefs.js..extensions.enabledItems: kodak-companion@mozilla.com:1.7
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009/11/21 23:25:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2009/10/22 18:44:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2010/01/21 16:47:50 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/01/12 06:39:48 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/01/21 16:28:06 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\SeaMonkey\Extensions\\{3ED591BC-7CC7-495B-A526-B2431356EDC1}: C:\Program Files\Ad Muncher\FirefoxExtension_2.0 [2009/10/22 18:44:12 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009/05/12 09:36:50 | 00,000,000 | ---D | M]

[2009/06/26 04:33:44 | 00,000,000 | ---D | M] -- C:\Users\Skip\AppData\Roaming\Mozilla\Extensions
[2010/01/23 09:23:24 | 00,000,000 | ---D | M] -- C:\Users\Skip\AppData\Roaming\Mozilla\Firefox\Profiles\tpcbwwei.default\extensions
[2009/07/27 13:24:30 | 00,000,000 | ---D | M] (No name found) -- C:\Users\Skip\AppData\Roaming\Mozilla\Firefox\Profiles\tpcbwwei.default\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/01/12 15:40:54 | 00,000,000 | ---D | M] -- C:\Users\Skip\AppData\Roaming\Mozilla\Firefox\Profiles\tpcbwwei.default\extensions\kodak-companion@mozilla.com
[2010/01/23 09:23:24 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/05/29 04:56:53 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\kodak-companion@mozilla.com
[2009/05/29 04:56:52 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\kodak-online@partners.mozilla.com
[2009/12/31 12:38:50 | 00,002,024 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2006/09/18 16:41:30 | 00,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [Ad Muncher] C:\Program Files\Ad Muncher\AdMunch.exe (Murray Hurps Corp Pty Ltd)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [DLCXCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\DLCXtime.DLL ()
O4 - HKLM..\Run: [dlcxmon.exe] C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe ()
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4 - HKLM..\Run: [FaxCenterServer] C:\Program Files\Dell PC Fax\fm3032.exe ()
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [MemoryCardManager] C:\Program Files\Dell Photo AIO Printer 926\memcard.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKCU..\Run: [Jing] C:\Program Files\TechSmith\Jing\Jing.exe (TechSmith Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Skip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HughesNetStatusMeter.lnk = C:\Program Files\HughesNetStatusMeter\HughesNetStatusMeter\HughesNetStatusMeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O8 - Extra context menu item: &ieSpell Options - C:\Users\Skip\Desktop\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Check &Spelling - C:\Users\Skip\Desktop\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Users\Skip\Desktop\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Users\Skip\Desktop\ieSpell\wikipedia.HTM ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Users\Skip\Desktop\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Users\Skip\Desktop\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Users\Skip\Desktop\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 67.142.162.12 67.142.162.13
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Kodak Pictures\9-13-2009\100_0162.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Kodak Pictures\9-13-2009\100_0162.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 30 Days ==========

[2010/01/23 16:13:42 | 00,000,000 | ---D | C] -- C:\Users\Skip\Documents\OH ****_files
[2010/01/21 16:37:22 | 00,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010/01/21 16:37:18 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010/01/21 16:37:16 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010/01/21 16:37:14 | 00,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010/01/21 10:12:55 | 00,000,000 | ---D | C] -- C:\Program Files\HughesNetStatusMeter
[2010/01/21 08:16:05 | 00,000,000 | ---D | C] -- C:\Users\Skip\AppData\Roaming\Malwarebytes
[2010/01/21 08:15:59 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/21 08:15:56 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/01/21 08:15:55 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/21 08:15:54 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/01/15 10:46:02 | 00,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2010/01/12 21:19:12 | 00,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010/01/12 21:19:11 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010/01/10 14:07:02 | 00,000,000 | ---D | C] -- C:\Users\Skip\Documents\Speedtest.net - The Global Broadband Speed Test_files
[2010/01/03 07:24:17 | 00,000,000 | ---D | C] -- C:\Users\Skip\Documents\PAST MOTORCYCLES
[2010/01/02 12:33:09 | 00,000,000 | R--D | C] -- C:\Users\Skip\Documents\Favorites
[2009/12/27 14:52:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee
[2009/12/27 14:52:13 | 00,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2009/12/27 14:52:13 | 00,000,000 | ---D | C] -- C:\Program Files\McAfee
[2009/12/27 14:52:02 | 00,000,000 | ---D | C] -- C:\ProgramData\Yahoo! Companion
[2009/12/27 14:52:02 | 00,000,000 | ---D | C] -- C:\Users\Skip\AppData\Roaming\Yahoo!
[2009/12/27 14:51:57 | 00,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2009/05/12 14:43:05 | 00,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlcxinpa.dll
[2009/05/12 14:43:05 | 00,323,584 | ---- | C] ( ) -- C:\Windows\System32\dlcxhcp.dll
[2009/05/12 14:43:04 | 00,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlcxusb1.dll
[2009/05/12 14:43:04 | 00,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlcxiesc.dll
[2009/05/12 14:43:03 | 01,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlcxserv.dll
[2009/05/12 14:43:03 | 00,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlcxprox.dll
[2009/05/12 14:43:03 | 00,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlcxpplc.dll
[2009/05/12 14:43:02 | 00,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlcxpmui.dll
[2009/05/12 14:43:02 | 00,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlcxlmpm.dll
[2009/05/12 14:43:01 | 00,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlcxhbn3.dll
[2009/05/12 14:42:59 | 00,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomc.dll
[2009/05/12 14:42:59 | 00,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlcxcomm.dll

========== Files - Modified Within 30 Days ==========

[2010/01/24 09:01:03 | 02,097,152 | -HS- | M] () -- C:\Users\Skip\NTUSER.DAT
[2010/01/24 08:51:01 | 00,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/01/24 08:49:18 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/01/24 08:49:18 | 00,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/01/24 08:34:43 | 00,000,235 | ---- | M] () -- C:\Users\Skip\Desktop\Computer Help Forums.url
[2010/01/24 07:07:03 | 00,022,645 | ---- | M] () -- C:\Users\Skip\Desktop\Yahoo! Mail (skiplytle).url
[2010/01/24 05:39:50 | 00,000,115 | ---- | M] () -- C:\Users\Skip\Desktop\Kickenhardware.net.url
[2010/01/23 21:07:21 | 00,000,868 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010/01/23 16:53:35 | 00,694,964 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/01/23 16:53:35 | 00,598,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/01/23 16:53:35 | 00,101,988 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/01/23 16:49:22 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/01/23 16:49:09 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/01/23 16:49:05 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/01/23 16:48:32 | 00,524,288 | -HS- | M] () -- C:\Users\Skip\NTUSER.DAT{60138fab-d48f-11de-ab90-001aa00b9b1e}.TMContainer00000000000000000001.regtrans-ms
[2010/01/23 16:48:32 | 00,065,536 | -HS- | M] () -- C:\Users\Skip\NTUSER.DAT{60138fab-d48f-11de-ab90-001aa00b9b1e}.TM.blf
[2010/01/23 16:47:28 | 02,904,227 | -H-- | M] () -- C:\Users\Skip\AppData\Local\IconCache.db
[2010/01/23 16:13:44 | 00,011,500 | ---- | M] () -- C:\Users\Skip\Documents\OH ****.html
[2010/01/23 16:10:12 | 00,012,068 | ---- | M] () -- C:\Users\Skip\Documents\download.htm
[2010/01/23 15:57:51 | 00,658,432 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mbb
[2010/01/23 15:57:51 | 00,391,168 | R--- | M] () -- C:\Users\Public\Documents\ESBK.mb
[2010/01/23 10:52:39 | 00,000,245 | ---- | M] () -- C:\Users\Skip\Desktop\Poodwaddle World Clock.url
[2010/01/23 10:46:23 | 00,038,384 | ---- | M] () -- C:\Users\Skip\Documents\2010-01-23_1045.png
[2010/01/23 07:41:19 | 00,000,211 | ---- | M] () -- C:\Users\Skip\Desktop\Resizr - Free Online Image, Photo, & Pictures Resize, Crop & Editing Software for MySpace.url
[2010/01/22 16:31:32 | 00,000,589 | ---- | M] () -- C:\Users\Skip\Desktop\Google (2).url
[2010/01/22 16:22:44 | 00,000,227 | ---- | M] () -- C:\Users\Skip\Desktop\Windows Live Hotmail.url
[2010/01/22 15:47:32 | 00,057,168 | ---- | M] () -- C:\Users\Skip\Documents\2010-01-22_1546--box.png
[2010/01/21 18:26:42 | 00,252,843 | ---- | M] () -- C:\Users\Skip\Documents\2010-01-21_1823-JING_001.png
[2010/01/21 18:24:36 | 00,246,707 | ---- | M] () -- C:\Users\Skip\Documents\2010-01-21_1823-JING.png
[2010/01/21 16:30:39 | 00,000,419 | ---- | M] () -- C:\Users\Skip\Desktop\YouTube - Broadcast Yourself..url
[2010/01/21 10:24:17 | 00,360,635 | ---- | M] () -- C:\Users\Skip\Documents\HughesNetStatusMeter.air
[2010/01/21 10:13:16 | 00,001,077 | ---- | M] () -- C:\Users\Skip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HughesNetStatusMeter.lnk
[2010/01/21 10:13:11 | 00,001,041 | ---- | M] () -- C:\Users\Public\Desktop\HughesNetStatusMeter.lnk
[2010/01/21 08:16:02 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/20 12:52:03 | 04,680,392 | ---- | M] () -- C:\Users\Skip\Documents\FAP---HUGHES.mht
[2010/01/20 12:31:27 | 00,745,641 | ---- | M] () -- C:\Users\Skip\Documents\HughesNet! USAGE.mht
[2010/01/20 12:22:46 | 00,000,126 | ---- | M] () -- C:\Users\Skip\Desktop\Hughes Portal.url
[2010/01/19 07:29:11 | 00,000,411 | ---- | M] () -- C:\Users\Skip\Desktop\7-Day Forecast for Latitude 35.34Â°N and Longitude 83.81Â°W.url
[2010/01/18 07:39:59 | 00,113,304 | ---- | M] () -- C:\Users\Skip\Documents\FIREWALL.jpg
[2010/01/16 17:12:07 | 00,169,360 | ---- | M] () -- C:\Users\Skip\Documents\link outtage.jpg
[2010/01/16 05:39:01 | 00,043,526 | ---- | M] () -- C:\Users\Skip\Documents\NEWS PAPER CLIP.jpg
[2010/01/15 10:56:55 | 02,381,804 | ---- | M] () -- C:\Users\Skip\Documents\re-due tax evaluation.rtf 2nd.bmp.7z
[2010/01/15 09:51:25 | 06,396,642 | ---- | M] () -- C:\Users\Skip\Documents\re-due tax evaluation.rtf 2nd.bmp
[2010/01/15 08:52:38 | 00,097,848 | ---- | M] () -- C:\Users\Skip\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/01/15 08:51:45 | 00,367,232 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/01/15 08:27:06 | 00,000,128 | ---- | M] () -- C:\Windows\win.ini
[2010/01/14 12:05:42 | 00,009,216 | ---- | M] () -- C:\Users\Skip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/14 11:12:06 | 00,181,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010/01/13 16:39:34 | 00,000,398 | ---- | M] () -- C:\Windows\tasks\EasyShare Registration Task.job
[2010/01/12 15:57:46 | 00,030,469 | ---- | M] () -- C:\Users\Skip\Documents\HN9000 System Control Center.mht
[2010/01/12 12:01:43 | 00,000,640 | ---- | M] () -- C:\Users\Skip\Desktop\TinyPic - Free Image Hosting, Photo Sharing & Video Hosting.url
[2010/01/12 11:51:17 | 00,009,399 | ---- | M] () -- C:\Users\Skip\Documents\25ap66c.jpg.gif
[2010/01/10 14:07:04 | 00,014,802 | ---- | M] () -- C:\Users\Skip\Documents\Speedtest.net - The Global Broadband Speed Test.htm
[2010/01/09 14:38:16 | 00,008,258 | ---- | M] () -- C:\Users\Skip\Documents\tax evaluation.rtf
[2010/01/08 07:44:18 | 00,000,240 | ---- | M] () -- C:\Users\Skip\Desktop\Speakeasy - Speed Test.url
[2010/01/07 16:07:14 | 00,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/01/07 16:07:04 | 00,019,160 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/01/07 10:20:32 | 00,002,467 | ---- | M] () -- C:\Users\Skip\Desktop\Pictures by skipl_2009 - Photobucket.url
[2010/01/07 08:59:57 | 00,000,281 | ---- | M] () -- C:\Users\Skip\Desktop\Walmart.com Save money. Live better..url
[2010/01/07 08:53:59 | 00,000,382 | ---- | M] () -- C:\Users\Skip\Desktop\Lowe's Home Improvement Buy Kitchen Cabinets, Paint, Appliances & Flooring.url
[2009/12/31 14:36:59 | 00,022,801 | ---- | M] () -- C:\Users\Skip\Documents\2010blue.jpg
[2009/12/31 14:25:48 | 00,022,408 | ---- | M] () -- C:\Users\Skip\Documents\dell_keyboard.jpg

========== Files Created - No Company Name ==========

[2010/01/23 16:13:42 | 00,011,500 | ---- | C] () -- C:\Users\Skip\Documents\OH ****.html
[2010/01/23 16:10:00 | 00,012,068 | ---- | C] () -- C:\Users\Skip\Documents\download.htm
[2010/01/23 10:46:22 | 00,038,384 | ---- | C] () -- C:\Users\Skip\Documents\2010-01-23_1045.png
[2010/01/23 07:40:39 | 00,000,211 | ---- | C] () -- C:\Users\Skip\Desktop\Resizr - Free Online Image, Photo, & Pictures Resize, Crop & Editing Software for MySpace.url
[2010/01/22 15:47:32 | 00,057,168 | ---- | C] () -- C:\Users\Skip\Documents\2010-01-22_1546--box.png
[2010/01/21 18:26:42 | 00,252,843 | ---- | C] () -- C:\Users\Skip\Documents\2010-01-21_1823-JING_001.png
[2010/01/21 18:24:35 | 00,246,707 | ---- | C] () -- C:\Users\Skip\Documents\2010-01-21_1823-JING.png
[2010/01/21 10:24:36 | 00,360,635 | ---- | C] () -- C:\Users\Skip\Documents\HughesNetStatusMeter.air
[2010/01/21 10:13:16 | 00,001,077 | ---- | C] () -- C:\Users\Skip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HughesNetStatusMeter.lnk
[2010/01/21 10:13:11 | 00,001,041 | ---- | C] () -- C:\Users\Public\Desktop\HughesNetStatusMeter.lnk
[2010/01/21 08:16:02 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/01/20 12:52:02 | 04,680,392 | ---- | C] () -- C:\Users\Skip\Documents\FAP---HUGHES.mht
[2010/01/20 12:31:17 | 00,745,641 | ---- | C] () -- C:\Users\Skip\Documents\HughesNet! USAGE.mht
[2010/01/18 07:39:58 | 00,113,304 | ---- | C] () -- C:\Users\Skip\Documents\FIREWALL.jpg
[2010/01/16 17:12:06 | 00,169,360 | ---- | C] () -- C:\Users\Skip\Documents\link outtage.jpg
[2010/01/16 05:38:59 | 00,043,526 | ---- | C] () -- C:\Users\Skip\Documents\NEWS PAPER CLIP.jpg
[2010/01/15 10:56:50 | 02,381,804 | ---- | C] () -- C:\Users\Skip\Documents\re-due tax evaluation.rtf 2nd.bmp.7z
[2010/01/15 09:51:24 | 06,396,642 | ---- | C] () -- C:\Users\Skip\Documents\re-due tax evaluation.rtf 2nd.bmp
[2010/01/12 15:57:45 | 00,030,469 | ---- | C] () -- C:\Users\Skip\Documents\HN9000 System Control Center.mht
[2010/01/12 11:51:10 | 00,009,399 | ---- | C] () -- C:\Users\Skip\Documents\25ap66c.jpg.gif
[2010/01/10 14:07:01 | 00,014,802 | ---- | C] () -- C:\Users\Skip\Documents\Speedtest.net - The Global Broadband Speed Test.htm
[2010/01/09 14:38:16 | 00,008,258 | ---- | C] () -- C:\Users\Skip\Documents\tax evaluation.rtf
[2009/12/31 14:27:22 | 00,022,408 | ---- | C] () -- C:\Users\Skip\Documents\dell_keyboard.jpg
[2009/12/31 07:57:56 | 00,022,801 | ---- | C] () -- C:\Users\Skip\Documents\2010blue.jpg
[2009/09/05 15:44:25 | 00,000,848 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009/05/29 11:03:44 | 00,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/12 14:46:38 | 00,344,064 | ---- | C] () -- C:\Windows\System32\dlcxcoin.dll
[2009/05/12 14:43:57 | 00,045,056 | ---- | C] () -- C:\Windows\System32\DLPRMON.DLL
[2009/05/12 14:43:57 | 00,032,768 | ---- | C] () -- C:\Windows\System32\DLPMONUI.DLL
[2009/05/12 14:43:05 | 00,274,432 | ---- | C] () -- C:\Windows\System32\dlcxinst.dll
[2009/05/12 14:43:04 | 00,454,656 | ---- | C] () -- C:\Windows\System32\dlcxutil.dll
[2009/05/12 14:43:02 | 00,176,128 | ---- | C] () -- C:\Windows\System32\dlcxinsb.dll
[2009/05/12 14:43:02 | 00,139,264 | ---- | C] () -- C:\Windows\System32\dlcxjswr.dll
[2009/05/12 14:43:02 | 00,106,496 | ---- | C] () -- C:\Windows\System32\dlcxinsr.dll
[2009/05/12 14:43:01 | 00,176,128 | ---- | C] () -- C:\Windows\System32\dlcxins.dll
[2009/05/12 14:43:00 | 00,188,416 | ---- | C] () -- C:\Windows\System32\dlcxgrd.dll
[2009/05/12 14:43:00 | 00,086,016 | ---- | C] () -- C:\Windows\System32\dlcxcub.dll
[2009/05/12 14:43:00 | 00,073,728 | ---- | C] () -- C:\Windows\System32\dlcxcu.dll
[2009/05/12 14:43:00 | 00,036,864 | ---- | C] () -- C:\Windows\System32\dlcxcur.dll
[2009/05/12 14:42:58 | 00,073,728 | ---- | C] () -- C:\Windows\System32\DLCXcfg.dll
[2009/05/11 20:27:33 | 00,009,216 | ---- | C] () -- C:\Users\Skip\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/11/02 02:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/09/22 06:42:38 | 00,065,536 | ---- | C] () -- C:\Windows\System32\dlcxcaps.dll
[2006/08/08 14:58:04 | 00,692,224 | ---- | C] () -- C:\Windows\System32\dlcxdrs.dll
[2006/04/24 14:09:58 | 00,040,960 | ---- | C] () -- C:\Windows\System32\dlcxvs.dll
[2006/03/19 19:03:04 | 00,061,440 | ---- | C] () -- C:\Windows\System32\dlcxcnv4.dll

========== LOP Check ==========

[2009/05/18 10:37:13 | 00,000,000 | ---D | M] -- C:\Users\Skip\AppData\Roaming\ieSpell
[2009/07/18 08:52:53 | 00,000,000 | ---D | M] -- C:\Users\Skip\AppData\Roaming\Paltalk
[2009/08/12 15:54:31 | 00,000,000 | ---D | M] -- C:\Users\Skip\AppData\Roaming\Skinux
[2009/06/11 12:51:18 | 00,000,000 | ---D | M] -- C:\Users\Skip\AppData\Roaming\WinPatrol
[2010/01/13 16:39:34 | 00,000,398 | ---- | M] () -- C:\Windows\Tasks\EasyShare Registration Task.job
[2010/01/23 16:48:13 | 00,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< MD5 for: AGP440.SYS >
[2008/01/20 21:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 21:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 21:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 21:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 21:32:22 | 00,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006/11/02 04:49:52 | 00,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 00,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:32:21 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/20 21:32:21 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:32:21 | 00,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 00,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 00,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2008/01/20 21:32:49 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 21:32:49 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 21:32:49 | 00,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 00,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 00,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 21:33:41 | 00,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 00,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 21:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 21:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 21:32:47 | 00,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 21:34:39 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 01:28:24 | 00,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< End of report >

gunnner · Jan 24, 2010

OTL Extras logfile created on: 1/24/2010 8:57:40 AM - Run 1
OTL by OldTimer - Version 3.1.26.0 Folder = C:\Users\Skip\Downloads
Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

958.00 Mb Total Physical Memory | 217.00 Mb Available Physical Memory | 23.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 35.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 148.97 Gb Total Space | 113.03 Gb Free Space | 75.87% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SKIP-PC
Current User Name: Skip
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2099048572-1010265244-4268482758-1000]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{037F9E07-B258-4ECD-8755-8D24B29F6384}" = rport=10243 | protocol=6 | dir=out | app=system |
"{06247E03-CF9D-4DDE-BE4A-36572FD10CC4}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{0C16D172-9BE4-4F31-BA50-94DEFF6C1487}" = rport=139 | protocol=6 | dir=out | app=system |
"{22B01D77-2B2C-4F7B-A35C-885A069392CF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{35FA6A7D-2ECB-4338-8C26-B59C61525A17}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{39A64400-AE03-4502-B5C0-16C0ABC9AB40}" = lport=445 | protocol=6 | dir=in | app=system |
"{4228B3AF-2F6D-4570-BBF8-5E0CCB0E5C10}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4C0EF332-2634-449F-8215-206F2F162290}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{776A005D-7840-4664-AE3C-0D8ABFBCAFD3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{825A22CE-9FCB-47B6-B715-21FE9C438E2A}" = rport=137 | protocol=17 | dir=out | app=system |
"{8BAAC795-35D1-4751-A522-0989AB4EEA46}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5CE6528-B221-4C78-B062-05ABEB3B81D8}" = rport=445 | protocol=6 | dir=out | app=system |
"{A6CBDCF6-9E51-4744-BF96-8BD19E81DB56}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A7D16A4B-F514-4DCA-BBD9-E2D9507764BC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C5DAD115-AF99-4521-819D-F6F715A164DB}" = lport=139 | protocol=6 | dir=in | app=system |
"{C6334840-1A37-4E8B-A597-1639127834AA}" = rport=138 | protocol=17 | dir=out | app=system |
"{CA878D78-84DA-47D1-958F-BF208A87A839}" = lport=138 | protocol=17 | dir=in | app=system |
"{DC5683C5-B335-4E80-ACBD-86FBC6FF2EE7}" = lport=137 | protocol=17 | dir=in | app=system |
"{EA0A2C30-5D48-4ACA-94E7-111B751ADBBE}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1B4DA122-E185-4752-8BA6-B520E6346BBF}" = protocol=6 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"{1DAF16D7-0FAA-4BB9-93AB-E2E31893FE8E}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxmon.exe |
"{23F568DB-0349-4346-80FB-B7366AF1D952}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{34264FD4-7ACE-4D7E-B5C0-2657CE5C4B4C}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{3E1B8B5F-723C-4C60-A69C-EA6362C4D610}" = protocol=17 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{5DD2A40E-8544-4478-A108-2F4E1B451BCD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{644D9C08-AA09-45E2-8331-B57988903F02}" = protocol=6 | dir=in | app=c:\program files\google\google talk\googletalk.exe |
"{7E43DE8E-4654-4C37-92DF-320E15D52A55}" = protocol=6 | dir=out | app=system |
"{82178F18-811B-4665-ABE2-6458559457F7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8225EE54-9370-4BD8-B21C-2375BD853943}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{842355A9-2435-4582-82D6-5D3F7B64297B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{86FBB666-1298-4799-A700-3245DAE8A5F8}" = protocol=17 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxmon.exe |
"{89251C77-7364-4A00-A542-F220D4936948}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8A593EBC-C22D-4DBB-93FB-0A3D444FBC34}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D74F3A1-90AF-4AF7-AD69-5E68E0D03007}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{90B1347E-85F5-4FCB-A274-A065A9DAAF20}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9236EFB6-F8BB-49BE-93BF-E5749261EB5C}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A2053506-D1CA-4001-95C8-75554F05197F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{A9611733-5F1A-41CC-A841-762093DEC06F}" = protocol=6 | dir=in | app=c:\program files\dell photo aio printer 926\dlcxaiox.exe |
"{B6630781-ACF5-4E58-92B7-C4E3F96CC84A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B80C827C-FEAF-4F71-9C06-837A0589B37D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DA732AF9-FEC0-4E3E-ABBD-5B5A9BA1163E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EC0DAC9A-9FB8-4BA6-8B36-E4A37BD32D61}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{EF9DE233-2A0C-4223-9DFD-B9A5CD6ABFCC}" = protocol=17 | dir=in | app=c:\windows\system32\dlcxcoms.exe |
"TCP Query User{5589CBEB-FAFE-425A-8E92-58D45DDCA0DA}C:\program files\paltalk messenger\paltalk.exe" = protocol=6 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |
"TCP Query User{85600846-3F16-4179-A114-B4BDB90E7178}C:\program files\paltalk messenger\paltalk.exe" = protocol=6 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |
"UDP Query User{548246AD-055B-4344-BF5F-53936AB5A858}C:\program files\paltalk messenger\paltalk.exe" = protocol=17 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |
"UDP Query User{E541784E-42A7-4050-9010-9FECF3E01999}C:\program files\paltalk messenger\paltalk.exe" = protocol=17 | dir=in | app=c:\program files\paltalk messenger\paltalk.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 17
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{76756402-BF1E-4A0F-AFCC-0EE6CF58F58C}" = ESET NOD32 Antivirus
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{BE34AF1E-8140-8FC4-6850-3A9E3F5E8365}" = HughesNet Status Meter
"{C084BC61-E537-11DE-8616-005056806466}" = Google Earth
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EDA117A2-FDC1-4B4E-9E5A-3596EE217499}" = Jing
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"7-Zip" = 7-Zip 4.65
"Ad Muncher" = Ad Muncher v4.8 Build 31318
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Ask Toolbar_is1" = Ask Toolbar
"CadStd" = CadStd
"com.hughesnet.HughesNetStatusMeter.01AEF16E74A158B173D9EB6C77C7CD8D859A7566.1" = HughesNet Status Meter
"Dell PC Fax" = Dell PC Fax
"Dell Photo AIO Printer 926" = Dell Photo AIO Printer 926
"Google Updater" = Google Updater
"ieSpell" = ieSpell
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"NVIDIA Drivers" = NVIDIA Drivers
"PalTalk8.2" = PaltalkScene
"PhotoFiltre" = PhotoFiltre
"WinPatrol" = WinPatrol 2009
"Yahoo! Companion" = Yahoo! Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/21/2010 5:28:24 PM | Computer Name = Skip-PC | Source = Application Error | ID = 1000
Description = Faulting application ekrn.exe, version 4.0.424.0, time stamp 0x49ddea76,
faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception
code 0xc0000005, fault offset 0x00066578, process id 0x99c, application start time
0x01ca9ae0a26a6ad0.

Error - 1/21/2010 5:29:37 PM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/21/2010 5:43:52 PM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/21/2010 9:38:12 PM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/22/2010 3:26:17 PM | Computer Name = Skip-PC | Source = Application Error | ID = 1000
Description = Faulting application ekrn.exe, version 4.0.424.0, time stamp 0x49ddea76,
faulting module ntdll.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception
code 0xc0000005, fault offset 0x00066578, process id 0x900, application start time
0x01ca9b98bdd82339.

Error - 1/22/2010 3:27:34 PM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/22/2010 6:38:56 PM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/23/2010 7:10:19 AM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/23/2010 8:27:31 AM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

Error - 1/23/2010 5:50:50 PM | Computer Name = Skip-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 8/29/2009 3:16:09 PM | Computer Name = Skip-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/1/2009 1:40:10 PM | Computer Name = Skip-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:37:31 PM on 9/1/2009 was unexpected.

Error - 9/2/2009 2:25:02 PM | Computer Name = Skip-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:40:29 AM on 9/2/2009 was unexpected.

Error - 10/2/2009 11:26:55 AM | Computer Name = Skip-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:49:53 AM on 10/2/2009 was unexpected.

Error - 10/13/2009 8:12:16 AM | Computer Name = Skip-PC | Source = Print | ID = 6161
Description = The document http://computerhelpforums.net otes-for-members-new-and-old/367,
owned by Skip, failed to print on printer Dell Photo AIO Printer 926. Try to print
the document again, or restart the print spooler. Data type: LEMF. Size of the
spool file in bytes: 929471. Number of bytes printed: 929471. Total number of pages
in the document: 2. Number of pages printed: 0. Client computer: \\SKIP-PC. Win32
error code returned by the print processor: 0. The operation completed successfully.

Error - 10/19/2009 1:43:18 PM | Computer Name = Skip-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 1:35:14 PM on 10/19/2009 was unexpected.

Error - 10/20/2009 12:55:37 AM | Computer Name = Skip-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 001AA00B9B1E has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

Error - 10/21/2009 8:32:18 AM | Computer Name = Skip-PC | Source = WPDMTPDriver | ID = 80836
Description =

Error - 10/23/2009 10:15:10 AM | Computer Name = Skip-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:11:29 AM on 10/23/2009 was unexpected.

Error - 10/23/2009 10:15:14 AM | Computer Name = SKIP-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.0.2 for the Network Card with network
address 001AA00B9B1E has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).

< End of report >

gunnner · Jan 24, 2010

JUST A NOTE--------I COULD NOT DO THE SCAN ON IE-----WOULD NOT GO------HAD TO DO IT ON FIREFOX (no I'm not shouting) & I got GREAT help from DOUGIE walking me through the scan

THANKS STARBUCK ------------------------------------------gunnner

Log in or Sign up

Microsoft Office

gunnner Registered Members

Attached Files:

Hughes-Calculate dish.jpg

Match Registered Members

BeeCeeBee ADMINISTRATOR IN MEMORY

gunnner Registered Members

BeeCeeBee ADMINISTRATOR IN MEMORY

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

Attached Files:

FIREWALL.jpg

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

gunnner Registered Members

gunnner Registered Members

Share This Page

Log in or Sign up

Microsoft Office

gunnner Registered Members

Attached Files:

Hughes-Calculate dish.jpg

Match Registered Members

BeeCeeBee ADMINISTRATOR IN MEMORY

gunnner Registered Members

BeeCeeBee ADMINISTRATOR IN MEMORY

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

Attached Files:

FIREWALL.jpg

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

starbuck Rest In Peace Pete Administrator

gunnner Registered Members

gunnner Registered Members

gunnner Registered Members

Share This Page

Useful Searches