I have tried locating the files an can't locate them, have also tried the malware removal it shows nothing.
OTL Extras logfile created on: 6/21/2010 8:14:24 PM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\CATINA\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.09 Gb Total Space | 217.57 Gb Free Space | 75.52% Space Free | Partition Type: NTFS
Drive D: | 970.13 Mb Total Space | 359.80 Mb Free Space | 37.09% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: CATINA-PC
Current User Name: CATINA
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0643284E-1C2D-4608-A41A-FAAB3E427A94}" = rport=139 | protocol=6 | dir=out | app=system |
"{0DBF3412-5410-47DA-A68A-F339FD43378C}" = lport=445 | protocol=6 | dir=in | app=system |
"{13A38403-A69E-4742-AEC8-6DC873787CDD}" = rport=445 | protocol=6 | dir=out | app=system |
"{1B5369FE-A83F-44ED-8228-CBD908281F56}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2BB98B6F-E0B6-4477-B20D-093C9B781477}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FAABB27-08D5-4DE9-AB92-3259581D4A36}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{543566AD-1961-40DA-8B18-23A83A50B7CD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6AE34A6A-A2EF-47B5-82D9-7BAEC80971EE}" = rport=138 | protocol=17 | dir=out | app=system |
"{86A94948-35C0-456D-BAF6-20BB42183650}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9029B8C7-3C3D-44FD-BD3C-358A3DBEFA29}" = lport=138 | protocol=17 | dir=in | app=system |
"{970F1C1E-F0FD-4873-B8B6-D2DEF83694E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6894730-A4FD-4F96-8A53-C405292B2361}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C4CD0002-26E7-424F-A38A-12EF955D13EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CECBA8EC-B10E-40C7-9F15-F1BBD03DFB78}" = lport=139 | protocol=6 | dir=in | app=system |
"{D0CF77A1-E369-43C4-9EF8-0E3D96447E66}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E4022590-3300-460D-8913-75C17239FEF1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EEB758D5-4051-4B8A-94AF-19B9BD68FFD9}" = lport=137 | protocol=17 | dir=in | app=system |
"{FBBB8923-61E9-49EE-BFCD-19E34ABC4BC2}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10006666-EC3F-4521-866C-91769F9FBAC0}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{11F9E593-BA56-4035-99EC-43CDE58B27B2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{24912A48-2E84-4AC9-8565-968700697BC8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2CE9832F-FEEB-4C16-90E5-2052A14A3E0C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{30C3B114-5488-4E9D-9502-5FE500CE273D}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{377D4CB7-D123-4AAC-BF5E-D3914E3D4B14}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{3A70090C-736C-4F42-ADB7-BBA88DED4DE7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{428FCC36-24F3-40B4-95AE-7E3046643133}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{48AA332E-E74D-4DFC-9A42-D5F2633A2321}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{60736F88-14DA-4C9C-B331-FD3AE7CB87BF}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{6C002225-C428-4082-870B-97F2F6B4B7D6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{81F6FE07-E5B8-421C-A6D3-F6BD358F8C92}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D8D5B79-E746-4C5B-AD56-E77CB5FEDACF}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{8FFC702D-BD1C-415C-9FF0-963FFD1DE09A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B9E738A0-81B8-4170-A05A-3A3A750487EE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C68511F4-7B9D-4F57-814D-A21B04BAE284}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{CC7A55B6-06E4-4CEC-9617-91FDB2B51C84}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{DE2D7F77-BF73-4A00-B705-57FAFE250CF8}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F900F683-33E2-4EAF-B00B-B4F75312E414}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FD2E77DF-B245-4B87-B7A0-EE6574D4AB88}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7DDEABFB-0621-4321-B385-CB86D3A6F90F}" = F4100
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8F931595-5561-4E26-AC78-7E9B1E3E9C98}" = WeatherBug
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Driver Software 9.0.A Corporate Edition
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{BC6D5EAF-D314-4f47-8951-42CF14CB7316}" = dj_aio_corporate
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E91E8912-769D-42F0-8408-0E329443BABC}" = WNC-0500USB Wireless Adapter
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}" = FlipShare
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AVG9Uninstall" = AVG Free 9.0
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"Playsushi" = Playsushi
"WildTangent emachines Master Uninstall" = eMachines Games
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6/6/2010 12:07:26 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 1:11:58 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 7:56:33 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 9:05:23 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 11:19:57 PM | Computer Name = CATINA-PC | Source = EventSystem | ID = 4609
Description =
Error - 6/7/2010 10:13:05 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/8/2010 8:05:58 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/9/2010 10:57:23 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/10/2010 9:39:21 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/11/2010 1:36:49 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 6/21/2010 5:33:45 PM | Computer Name = CATINA-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/21/2010 5:38:01 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:09 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:09 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:12 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:12 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:22 PM | Computer Name = CATINA-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 6/21/2010 5:38:22 PM | Computer Name = CATINA-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/21/2010 8:06:40 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 8:07:08 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
< End of report >
OTL Extras logfile created on: 6/21/2010 8:14:24 PM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\CATINA\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 68.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.09 Gb Total Space | 217.57 Gb Free Space | 75.52% Space Free | Partition Type: NTFS
Drive D: | 970.13 Mb Total Space | 359.80 Mb Free Space | 37.09% Space Free | Partition Type: FAT
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: CATINA-PC
Current User Name: CATINA
Logged in as Administrator.
Current Boot Mode: SafeMode with Networking
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0643284E-1C2D-4608-A41A-FAAB3E427A94}" = rport=139 | protocol=6 | dir=out | app=system |
"{0DBF3412-5410-47DA-A68A-F339FD43378C}" = lport=445 | protocol=6 | dir=in | app=system |
"{13A38403-A69E-4742-AEC8-6DC873787CDD}" = rport=445 | protocol=6 | dir=out | app=system |
"{1B5369FE-A83F-44ED-8228-CBD908281F56}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2BB98B6F-E0B6-4477-B20D-093C9B781477}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4FAABB27-08D5-4DE9-AB92-3259581D4A36}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{543566AD-1961-40DA-8B18-23A83A50B7CD}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6AE34A6A-A2EF-47B5-82D9-7BAEC80971EE}" = rport=138 | protocol=17 | dir=out | app=system |
"{86A94948-35C0-456D-BAF6-20BB42183650}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9029B8C7-3C3D-44FD-BD3C-358A3DBEFA29}" = lport=138 | protocol=17 | dir=in | app=system |
"{970F1C1E-F0FD-4873-B8B6-D2DEF83694E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B6894730-A4FD-4F96-8A53-C405292B2361}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C4CD0002-26E7-424F-A38A-12EF955D13EF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CECBA8EC-B10E-40C7-9F15-F1BBD03DFB78}" = lport=139 | protocol=6 | dir=in | app=system |
"{D0CF77A1-E369-43C4-9EF8-0E3D96447E66}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E4022590-3300-460D-8913-75C17239FEF1}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EEB758D5-4051-4B8A-94AF-19B9BD68FFD9}" = lport=137 | protocol=17 | dir=in | app=system |
"{FBBB8923-61E9-49EE-BFCD-19E34ABC4BC2}" = rport=137 | protocol=17 | dir=out | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10006666-EC3F-4521-866C-91769F9FBAC0}" = dir=in | app=c:\program files\avg\avg9\avgemc.exe |
"{11F9E593-BA56-4035-99EC-43CDE58B27B2}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{24912A48-2E84-4AC9-8565-968700697BC8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2CE9832F-FEEB-4C16-90E5-2052A14A3E0C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{30C3B114-5488-4E9D-9502-5FE500CE273D}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
"{377D4CB7-D123-4AAC-BF5E-D3914E3D4B14}" = protocol=6 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{3A70090C-736C-4F42-ADB7-BBA88DED4DE7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{428FCC36-24F3-40B4-95AE-7E3046643133}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{48AA332E-E74D-4DFC-9A42-D5F2633A2321}" = protocol=17 | dir=in | app=c:\program files\common files\symantec shared\ccapp.exe |
"{60736F88-14DA-4C9C-B331-FD3AE7CB87BF}" = dir=in | app=c:\program files\avg\avg9\avgupd.exe |
"{6C002225-C428-4082-870B-97F2F6B4B7D6}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{81F6FE07-E5B8-421C-A6D3-F6BD358F8C92}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{8D8D5B79-E746-4C5B-AD56-E77CB5FEDACF}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{8FFC702D-BD1C-415C-9FF0-963FFD1DE09A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{B9E738A0-81B8-4170-A05A-3A3A750487EE}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C68511F4-7B9D-4F57-814D-A21B04BAE284}" = protocol=17 | dir=in | app=c:\program files\symantec\symantec endpoint protection\smc.exe |
"{CC7A55B6-06E4-4CEC-9617-91FDB2B51C84}" = dir=in | app=c:\program files\avg\avg9\avgnsx.exe |
"{DE2D7F77-BF73-4A00-B705-57FAFE250CF8}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{F900F683-33E2-4EAF-B00B-B4F75312E414}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FD2E77DF-B245-4B87-B7A0-EE6574D4AB88}" = protocol=6 | dir=in | app=c:\program files\symantec\symantec endpoint protection\snac.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{24557DC0-0839-496f-82F9-C4EB72EFE4FA}" = HP Deskjet All-In-One Software 8.0
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{36FDBE6E-6684-462B-AE98-9A39A1B200CC}" = HP Product Assistant
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{657F8B33-CBBB-45F4-9087-274F22C89400}" = DJ_AIO_ProductContext
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7DDEABFB-0621-4321-B385-CB86D3A6F90F}" = F4100
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = eMachines Recovery Management
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Client 1.10.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A253629-0511-4854-8B4E-46E57E66005C}" = Bonjour
"{8F931595-5561-4E26-AC78-7E9B1E3E9C98}" = WeatherBug
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{9ECB4705-B9CB-405A-B6D4-33BDF707308E}" = DJ_AIO_Software
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{ACE22C48-49D7-4531-BE20-5C3D03393AB6}" = F4100_Help
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B2C61EBB-F47C-48ba-B375-27A40F8F48F7}" = HP Deskjet All-In-One Driver Software 9.0.A Corporate Edition
"{B4F35A00-24FD-4fb3-BF5E-413D5423434D}" = DJ_AIO_Software_min
"{BC6D5EAF-D314-4f47-8951-42CF14CB7316}" = dj_aio_corporate
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC83F417-8068-4074-BA2F-C4F8AB872556}" = DJ_AIO_Software_min
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{E91E8912-769D-42F0-8408-0E329443BABC}" = WNC-0500USB Wireless Adapter
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}" = Paint.NET v3.5.5
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F7F23DFB-31E1-B7EC-7A6D-7668B595ADAE}" = FlipShare
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"3ivx MPEG-4 5.0.3" = 3ivx MPEG-4 5.0.3 (remove only)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"AVG9Uninstall" = AVG Free 9.0
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"Imikimi Plugin" = Imikimi Plugin
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"NVIDIA Drivers" = NVIDIA Drivers
"Playsushi" = Playsushi
"WildTangent emachines Master Uninstall" = eMachines Games
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6/6/2010 12:07:26 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 1:11:58 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 7:56:33 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 9:05:23 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/6/2010 11:19:57 PM | Computer Name = CATINA-PC | Source = EventSystem | ID = 4609
Description =
Error - 6/7/2010 10:13:05 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/8/2010 8:05:58 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/9/2010 10:57:23 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/10/2010 9:39:21 PM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/11/2010 1:36:49 AM | Computer Name = CATINA-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 6/21/2010 5:33:45 PM | Computer Name = CATINA-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/21/2010 5:38:01 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:09 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:09 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:12 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:12 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 5:38:22 PM | Computer Name = CATINA-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 6/21/2010 5:38:22 PM | Computer Name = CATINA-PC | Source = Service Control Manager | ID = 7026
Description =
Error - 6/21/2010 8:06:40 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
Error - 6/21/2010 8:07:08 PM | Computer Name = CATINA-PC | Source = DCOM | ID = 10005
Description =
< End of report >