Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

MS Word 2007 will not respond


  • Please log in to reply

#1
JRex

JRex

    Member

  • Member
  • PipPip
  • 57 posts
Hi,

I don't know if this is a malware issue, but I followed all the step requested. I chated with MS and they asked me to buy Logmein. After 3 hours of work, their fix was to set up a new user. I feel this is not a fix but a scape. Below is my OTL.


OTL Extras logfile created on: 3/13/2010 11:04:09 PM - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Users\RehabSoup\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.79 Gb Total Space | 183.03 Gb Free Space | 63.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: REHABSOUP-PC
Current User Name: RehabSoup
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1515FCF1-0846-4CF6-BE55-F42A21F39023}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{097C5C3A-7469-4437-AAB8-74582CB6E97F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0F5F6C69-9B60-47FC-8A54-AEB7746E257B}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{3B5F2E29-E3E0-4E3B-8F15-2E8138904CF5}" = protocol=6 | dir=in | app=c:\program files\zoomtext 9.1\zt.exe |
"{435593F4-A6D4-4BC3-88A7-DD544950B16D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4B6A367A-E231-4A53-8FD3-D279EBE0A666}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{52970D96-81DF-4F40-8C94-BCFF513C5345}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{6401BC53-1D70-4CAD-991F-AC69390EF480}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{6644A823-0DF1-48FB-AFD9-FE981A722CA7}" = protocol=6 | dir=in | app=c:\program files\bookshare\readoutloud bookshare\applications\readoutloud_bookshare.exe |
"{7C0B6D86-C895-4E09-8AAB-D4258780F57A}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{875084C9-4620-48D6-BC27-A68A7D4B37A2}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{9C440577-AF25-488E-B841-67243A454D04}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9D886D7B-E594-46AB-A59D-53F067308252}" = protocol=17 | dir=in | app=c:\program files\bookshare\readoutloud bookshare\applications\solo.exe |
"{A528A3A2-6590-4C47-BCE0-A4509D6090F5}" = protocol=17 | dir=in | app=c:\program files\zoomtext 9.1\zt.exe |
"{A5D58A73-64C0-40A5-96A0-0BA7BFF6DFA4}" = protocol=6 | dir=in | app=c:\program files\bookshare\readoutloud bookshare\applications\solo.exe |
"{A8563522-C9A1-449A-86A8-9456A76E173E}" = protocol=17 | dir=in | app=c:\program files\bookshare\readoutloud bookshare\applications\readoutloud_bookshare.exe |
"{B957F89C-FDA9-4F6A-8675-48A84841545C}" = protocol=6 | dir=in | app=c:\program files\zoomtext 9.1\zt.exe |
"{C41A6502-4D98-4205-8B65-A3F6AA661233}" = protocol=17 | dir=in | app=c:\program files\zoomtext 9.1\zt.exe |
"{CBB7F743-C497-40DC-B1A9-59E85C37EE79}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA044134-2E1D-4E83-8D1D-A77A48847CC6}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E16A5B09-F173-4F8E-8A46-4046237FCBAA}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{EA5802CF-6FF2-47B4-AF5C-9660525E08F7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"TCP Query User{0D3685E6-E38D-41E0-ADEB-B283340D6DE1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{3FA3485E-CEC2-4764-90F8-E475710D3EE5}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"TCP Query User{5774749B-FAF2-4782-8C9C-EF326A13466D}C:\program files\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{6A4B06BE-9E87-4A41-B4E2-02BE897678CE}C:\program files\bookshare\readoutloud bookshare\applications\solo.exe" = protocol=6 | dir=in | app=c:\program files\bookshare\readoutloud bookshare\applications\solo.exe |
"TCP Query User{700A3B83-E44D-447A-AAAD-1198F9477BCE}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{0C3CB36A-8A14-41CA-8C1B-13029CAEA0CB}C:\program files\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"UDP Query User{23E4580B-6A9C-422C-9A35-39C97F4DFF1F}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{775A2A75-549E-485B-9F04-911E53386985}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{A344C640-80CA-42DC-8EF7-84BCD7F8AA02}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe |
"UDP Query User{EA33DC5D-9B04-4959-9F55-F0FC52D4AAB3}C:\program files\bookshare\readoutloud bookshare\applications\solo.exe" = protocol=17 | dir=in | app=c:\program files\bookshare\readoutloud bookshare\applications\solo.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{02807340-8FA2-44B6-ABA1-E443E4FF0A20}" = VZAccess Manager for RIM
"{05AA6986-1571-4F1F-B2D3-71935A037040}" = MindGenius Business 3
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{11A53AF3-CAA5-4C29-887E-CCA7CEE2689B}" = Neat Mobile Scanner Driver
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17FB545D-6B69-40B7-94AE-5D27C50115A0}" = ReadOutLoud Bookshare Edition
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F68C868-B5AF-4836-8A46-C030BBE1EDB3}" = ScanSoft PaperPort 11
"{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}" = Sony Sound Forge Audio Studio 9.0
"{21199F32-B676-4FE2-A443-EF7DB6B8FD4F}" = Opera 10.10
"{21526716-DFD8-4B90-86D9-EF9F47057B3E}" = Toshiba Resources Page
"{223F72BF-0DEB-4953-8D1F-870738804863}" = QuickScan 4.5.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java™ 6 Update 11
"{276605ED-DEDF-4F8D-AC4F-56F72EFD5014}" = HumanConcepts OrgPlus 8 Plug-in
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (NR2007)
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{31C6CB69-6FED-499B-9064-61B9E8892E98}" = Write:OutLoud SE
"{31E6C82F-CF41-4E05-85BF-5E8C5A1ABAEC}" = WebEx Recorder and Player
"{34466787-FDAE-4B20-8DC0-72E97F39D237}" = OneTouch 4.0 ScanSoft OmniPage OCR Module
"{34A5E174-93FD-496D-8073-13F63128AED6}" = ZoomText 9.1
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{35229F1E-79B5-43BD-A6F3-D1A6A80EB246}" = Writer's Workbench 8.3
"{355BCF4B-A2A6-46F1-A33E-FA8D6B1794C7}" = SiteSpinner V2
"{35C0A1E4-D02A-412C-841F-266DBB116ABB}" = Intel® PROSet/Wireless WiFi Software
"{3972C18C-688F-4312-BE9A-3E065204C33D}" = IBM ViaVoice TTS Runtime v6.610 - UK English
"{39D4FB9C-9CDE-4449-BD2B-6AD4D376CFDC}" = Art Explosion Publisher Pro 2.0
"{3B1806A9-814A-4979-BEC0-22CC2B7F6C8A}" = Kurzweil 1000 v.11 Demo
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{4241BD9F-55F1-43B5-8694-DBC9C596F175}" = Web Easy Professional
"{43ED550A-D813-43F7-B18E-9AD4785C9387}" = ScanSoft OmniPage 15
"{46DAA26F-21A6-4514-A7F1-963C369D5C9F}" = MindGenius Business
"{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking
"{50065200-ED20-4ED3-A181-C80B766C26CD}" = Mindjet MindManager 8
"{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"{5158974E-2D28-4018-9335-7694C2974746}" = Fix-It Utilities 10 Professional
"{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{56B4002F-671C-49F4-984C-C760FE3806B5}" = Microsoft SQL Server VSS Writer
"{58E61440-7C91-4008-910C-713AEB7D927B}" = ZoomText 9.1 Tutorial
"{5A6D561B-4703-4E2B-A5D3-4E3EDF7A186D}" = Victor Reader Soft Bookshare.Org
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5E6F6CF3-BACC-4144-868C-E14622C658F3}" = TOSHIBA Web Camera Application
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{65BCF909-6AF7-4B01-8EB3-713CE2873DC8}" = Microsoft Expression Web 3
"{664F96E2-7CE3-48E2-A7D9-55E002EEFB31}" = Boingo Wi-Fi
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69D2AB07-7677-4B06-AD69-97DB81D0E326}" = Neat Mobile Scanner (Silver) Driver
"{6A35E74B-68AD-4054-B93A-FEB7B687114C}" = Kofax VirtualReScan 4.10
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6C8B32D9-8DDA-412F-8FD6-C56356D69FBB}" = Kurzweil 3000 v.11
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit
"{6F7614CC-F33A-4877-8814-49856F441F3C}" = Stardock MyColors
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{752E90AC-3F11-4EA3-88EA-96441047EC31}" = Microsoft Expression Web 3 SP1
"{75A1CF49-0D66-4A84-B7FE-C5AD8C48C708}" = Realspeak Solo Tom US English
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{76E6BBAA-25E6-4BFC-9613-75A5CACE2940}" = Olympus DSS Player
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B2E2D40-328F-4FFE-B24C-45D11965C77D}" = Realspeak Solo Samantha US English
"{7BD1EAE4-2E08-4087-8600-44B0ACB0C887}" = NeatWorks Core Files
"{820F4F44-9B10-4A5D-ACC5-4BC2EA3FFEEE}" = Kurzweil 3000 v.10
"{833F2BA8-64CF-405F-A6A8-9D9408E444F7}" = HumanConcepts OrgPlus 8
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83892653-9EB8-4192-803E-D987A85CDD23}" = TOSHIBA Agreement Notification Utility
"{84814E6B-2581-46EC-926A-823BD1C670F6}" = WIDCOMM Bluetooth Software
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{890EF3F8-742F-46BD-9E8E-084B3A1F4364}" = QuickBooks Financial Center
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"{8B24C91D-EAB1-40FC-A9D8-6B5D95BF3036}" = ReadOutLoud Bookshare Edition
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}" = Toshiba Application and Driver Installer
"{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}" = TOSHIBA PC Health Monitor
"{A208044D-A88B-4ACF-AE95-E4F213E6EDC0}" = TOSHIBA Supervisor Password
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A4A42670-82B9-4A58-8955-20271DBBF29F}" = Neat ADF Scanner Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AC6569FA-6919-442A-8552-073BE69E247A}" = TOSHIBA Service Station
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{B0E5D7E7-A106-458F-BA7B-2F8CAEA3BF16}" = PlayReady PC runtime
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}" = TOSHIBA Recovery Disc Creator
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{BF5A20B4-55F7-49B8-9302-FAC7C459AF3D}" = Skype Launcher
"{C1A6B23C-438E-4D08-B508-4E830CA8F335}" = IBM ViaVoice TTS Runtime v6.610 - US English
"{C23F7EB0-F535-473D-BC73-59B6CD8B98B2}" = Neat Mobile Scanner 2008 Driver
"{C43E6BC5-AA66-49EB-A712-A791E2679032}" = Writer's Workbench Tutorials
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3
"{C80D0EA2-418C-4CDD-8B81-612C0B1C7937}" = Business PlanMaker Professional Deluxe
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BB}" = WinZip 14.0
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0387727-C89D-4774-B643-B9333EAA09DE}" = TOSHIBA Hardware Setup
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D1548D1F-93FD-4BCC-8AA0-8B6D9122EE8F}" = HumanWare Companion
"{D16AA51D-2BE9-421A-84A7-759578E64A74}" = Web Easy Professional 7
"{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69992ED-A7F6-406C-9280-1C156417BC49}" = Toshiba Quality Application
"{E7712E53-7A7F-46EB-AA13-70D5987D30F2}" = Dragon NaturallySpeaking 10
"{EA1E5659-5186-465F-BD65-761F9294C247}" = DeskNotes
"{EA652824-3675-4043-84CB-17BCA7F9AC5F}" = OfficeReady Office Policy Manual
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}" = BlackBerry Desktop Software 5.0
"{EECB71EE-0C84-4242-A936-94E2559410E1}" = Read:OutLoud SE
"{EF58D88F-4E62-4372-9DFA-E1CED7C34986}" = Kofax VRS Update for Visioneer OneTouch OEM
"{F0A386D2-6E15-4A8F-A04E-87CE9BED0D48}" = TOSHIBA ConfigFree
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"{F439D7AF-03F3-4F8E-AEC4-571BFE977C61}" = iTunes
"{F616C77A-38C0-42A2-91D1-35E423D37C64}" = Read And Write 9
"{FA300000-0001-0000-0000-074957833700}" = ABBYY PDF Transformer 3.0
"{FB3888EF-464F-489B-A2BF-456CAECA3DC2}" = OneTouch 4.0
"{FBDC8AA4-E3AE-4DCE-8603-2EF158059898}" = Microsoft SAPI 5.1 Runtime
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF544852-4859-43CA-AB36-3B1DD6F02F0D}" = Texthelp International Voices
"1190-3857-8766-9166" = PersonalBrain 5
"ABBYY PDF Transformer 3.0" = ABBYY PDF Transformer 3.0
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"APA PERRLA" = APA PERRLA
"BlackBerry_{EE59E3BD-6B7D-4BBB-B9CD-20EA7AEF1E10}" = BlackBerry Desktop Software 5.0
"BlueVoda_Website_Builder_1.0" = BlueVoda Website Builder 11.4G
"Core FTP LE 2.1" = Core FTP LE 2.1
"DolphinOrpheus208" = Dolphin Orpheus
"DolphinSAM" = Dolphin Synthesizer Access Manager
"eReviewBook_is1" = eReviewBook 3.0 (build 295)
"ERUNT_is1" = ERUNT 1.1j
"Fax Machine_is1" = Fax Machine 4.33
"Google Desktop" = Google Desktop
"GoToAssist Express Customer" = GoToAssist Express Customer 1.4.0.223
"Grammar Expert Plus" = Grammar Expert Plus
"HDMI" = Intel® Graphics Media Accelerator Driver
"Inspiration 8" = Inspiration 8
"InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}" = DVD MovieFactory for TOSHIBA
"InstallShield_{53536479-DFB0-47ED-9D10-43F3708C222D}" = TOSHIBA eco Utility
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{83892653-9EB8-4192-803E-D987A85CDD23}" = TOSHIBA Agreement Notification Utility
"InstallShield_{89F7D66C-777D-473B-AA11-319C0F190EAC}" = TOSHIBA Internal Modem Region Select Utility
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}" = TOSHIBA HDD/SSD Alert
"InstallShield_{F2004B8D-7791-4B35-A3FA-D8CA8BB4DD81}" = Direct DiscRecorder
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Language Tune-Up Kit" = Language Tune-Up Kit
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox (3.5.8)" = Mozilla Firefox (3.5.8)
"MSTTS" = Microsoft Text-to-Speech Engine 4.0 (English)
"My Reward Board" = My Reward Board
"NeatWorks" = NeatWorks
"NextUp Talker_is1" = NextUp Talker
"PDF-XChange 3_is1" = PDF-XChange 3
"PERRLA" = PERRLA
"Picasa2" = Picasa 2
"PowerSlidesPro2.0" = PowerSlidesPro
"Professor Teaches Business Planning" = Professor Teaches Business Planning
"RFB&D Download Manager_is1" = RFB&D Download Manager
"Smart WAV Converter Pro_is1" = Smart WAV Converter Pro
"ST6UNST #1" = 1 Click UnZip
"Stardock MyColors" = Stardock MyColors
"StyleEase for MLA Style" = StyleEase for MLA Style
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TextAloud MP3_is1" = TextAloud
"The Business Card Creator" = The Business Card Creator
"The Logo Creator v5" = The Logo Creator v5
"Theophilos_is1" = Theophilos 3
"TomTom HOME" = TomTom HOME 2.7.2.1825
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"ULTIMATER" = Microsoft Office Ultimate 2007
"Web_3.0.3813.0" = Microsoft Expression Web 3
"WildTangent toshiba Master Uninstall" = WildTangent Games
"Xara Web Designer UK" = Xara Web Designer
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Sansa Updater" = Sansa Updater

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 3/8/2010 1:32:43 PM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/8/2010 5:21:15 PM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/8/2010 8:29:26 PM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/8/2010 10:36:18 PM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/9/2010 8:12:44 AM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/9/2010 3:49:28 PM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/9/2010 4:05:02 PM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/9/2010 7:47:15 PM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

Error - 3/9/2010 9:51:36 PM | Computer Name = RehabSoup-PC | Source = Application Hang | ID = 1002
Description = The program AcroRd32.exe version 9.1.0.163 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 154c Start Time: 01cabff31c38a6a0 Termination Time: 8

Error - 3/10/2010 7:38:41 AM | Computer Name = RehabSoup-PC | Source = WinMgmt | ID = 10
Description =

[ OSession Events ]
Error - 9/29/2009 8:58:46 PM | Computer Name = RehabSoup-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.6211.1000, Microsoft Office Version: 12.0.6215.1000. This session lasted 62
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/26/2010 12:49:13 AM | Computer Name = RehabSoup-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 11
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/11/2010 9:07:25 AM | Computer Name = RehabSoup-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 138
seconds with 120 seconds of active time. This session ended with a crash.

Error - 3/11/2010 11:39:00 PM | Computer Name = RehabSoup-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3341
seconds with 480 seconds of active time. This session ended with a crash.

Error - 3/12/2010 9:30:18 PM | Computer Name = RehabSoup-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2786
seconds with 180 seconds of active time. This session ended with a crash.

Error - 3/13/2010 1:45:00 PM | Computer Name = RehabSoup-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 37
seconds with 0 seconds of active time. This session ended with a crash.

Error - 3/13/2010 2:58:30 PM | Computer Name = RehabSoup-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 3/13/2010 5:57:34 PM | Computer Name = RehabSoup-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.254.2 for the Network Card with network
address 0022FAEBDDAE has been denied by the DHCP server 192.168.254.254 (The DHCP
Server sent a DHCPNACK message).

Error - 3/13/2010 6:26:57 PM | Computer Name = RehabSoup-PC | Source = DCOM | ID = 10005
Description =

Error - 3/13/2010 6:26:57 PM | Computer Name = RehabSoup-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 3/13/2010 6:26:57 PM | Computer Name = RehabSoup-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3/13/2010 6:26:57 PM | Computer Name = RehabSoup-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 3/13/2010 6:26:57 PM | Computer Name = RehabSoup-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3/13/2010 10:24:21 PM | Computer Name = RehabSoup-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.254.2 for the Network Card with network
address 0022FAEBDDAE has been denied by the DHCP server 192.168.254.254 (The DHCP
Server sent a DHCPNACK message).

Error - 3/13/2010 10:24:21 PM | Computer Name = RehabSoup-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 3/13/2010 11:26:07 PM | Computer Name = RehabSoup-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 10:24:02 PM on 3/13/2010 was unexpected.

Error - 3/13/2010 11:26:23 PM | Computer Name = RehabSoup-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >
OTL logfile created on: 3/13/2010 11:04:09 PM - Run 1
OTL by OldTimer - Version 3.1.37.1 Folder = C:\Users\RehabSoup\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 48.00% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 71.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 287.79 Gb Total Space | 183.03 Gb Free Space | 63.60% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: REHABSOUP-PC
Current User Name: RehabSoup
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/13 23:02:58 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Users\RehabSoup\Downloads\OTL.exe
PRC - [2010/02/11 09:34:42 | 000,020,360 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\System32\atashost.exe
PRC - [2009/12/03 20:57:54 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2009/11/18 14:00:00 | 000,495,432 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files\WinZip\WZQKPICK.EXE
PRC - [2009/11/02 19:24:58 | 000,257,440 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10d.exe
PRC - [2009/10/07 22:13:55 | 000,079,872 | ---- | M] (SanDisk Corporation) -- C:\Users\RehabSoup\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
PRC - [2009/10/02 13:32:22 | 000,529,688 | ---- | M] (Avanquest Software) -- C:\Program Files\Avanquest\Fix-It\mxtask.exe
PRC - [2009/09/28 19:34:16 | 000,378,176 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardian.exe
PRC - [2009/09/08 13:46:32 | 001,012,040 | ---- | M] (Sunbelt Software) -- C:\Program Files\Common Files\AntiVirus\SBAMSvc.exe
PRC - [2009/09/01 11:36:16 | 000,050,456 | ---- | M] (Avanquest Software) -- C:\Program Files\Avanquest\Fix-It\MXTask2.exe
PRC - [2009/08/27 10:05:04 | 000,247,144 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2009/08/27 10:05:04 | 000,092,008 | ---- | M] (TomTom) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2009/07/01 22:12:46 | 000,623,960 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research in Motion\Auto Update\RIMAutoUpdate.exe
PRC - [2009/06/10 15:45:46 | 000,351,384 | ---- | M] (The Neat Company) -- C:\Program Files\NeatWorks\exec\NeatWorksDatabaseController.exe
PRC - [2009/04/27 01:17:13 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
PRC - [2009/04/16 20:42:58 | 000,020,544 | ---- | M] (TOSHIBA) -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe
PRC - [2009/04/14 19:57:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TecoService.exe
PRC - [2009/04/14 19:57:12 | 001,318,912 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TECO\TEco.exe
PRC - [2009/04/11 01:27:39 | 000,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieuser.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/09 18:01:10 | 000,570,736 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
PRC - [2009/04/09 18:00:50 | 000,656,752 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
PRC - [2009/04/01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
PRC - [2009/03/30 18:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2009/03/24 13:34:34 | 001,007,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
PRC - [2009/03/23 12:50:40 | 000,729,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2009/03/17 18:36:00 | 000,304,496 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2009/03/17 13:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
PRC - [2009/03/16 18:48:30 | 000,091,496 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Common Files\Nuance\NaturallySpeaking10\dgnuiasvr.exe
PRC - [2009/03/16 18:44:54 | 002,835,816 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe
PRC - [2009/03/13 16:02:42 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe
PRC - [2009/03/12 20:11:04 | 006,965,792 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2009/03/10 20:50:36 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2009/03/06 20:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2009/03/06 20:29:04 | 000,468,320 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2009/03/04 17:28:44 | 000,143,360 | ---- | M] (Ai Squared ) -- C:\Program Files\ZoomText 9.1\ZtUac.exe
PRC - [2009/03/04 17:28:44 | 000,011,264 | ---- | M] (Ai Squared ) -- C:\Program Files\ZoomText 9.1\ZoomTextHelperService.exe
PRC - [2009/02/19 16:52:38 | 000,057,344 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe
PRC - [2009/01/30 13:05:04 | 000,365,872 | ---- | M] (Boingo Wireless, Inc.) -- C:\Program Files\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
PRC - [2009/01/26 14:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/12/18 16:34:24 | 000,448,376 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2008/12/15 15:07:10 | 000,230,704 | ---- | M] (Stardock Corporation) -- C:\Program Files\Stardock\MyColors\VistaSrv.exe
PRC - [2008/12/15 15:07:10 | 000,099,632 | ---- | M] () -- C:\Program Files\Stardock\MyColors\WBVista.exe
PRC - [2008/12/11 11:50:24 | 000,037,656 | ---- | M] (Mindjet) -- C:\Program Files\Mindjet\MindManager 8\MmReminderService.exe
PRC - [2008/11/24 21:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2008/11/24 21:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/25 08:18:50 | 000,098,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
PRC - [2008/10/16 19:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe
PRC - [2008/10/16 18:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2008/09/30 16:33:38 | 000,131,072 | ---- | M] (Visioneer Inc.) -- C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
PRC - [2008/08/11 12:41:00 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
PRC - [2008/07/25 10:28:36 | 000,163,840 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
PRC - [2008/02/04 06:46:35 | 000,258,048 | R--- | M] (Dolphin Oceanic Ltd.) -- C:\Windows\System32\dolsrvcbar2.exe
PRC - [2007/11/21 19:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/11/01 15:55:30 | 000,576,104 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/06/11 09:13:20 | 000,073,728 | ---- | M] (OLYMPUS IMAGING CORP.) -- C:\Program Files\Olympus\DeviceDetector\DM1Service.exe
PRC - [2007/05/23 13:29:36 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe
PRC - [2007/05/14 11:38:02 | 000,030,248 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2007/05/10 23:50:24 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPage15\OpWare15.exe
PRC - [2007/05/10 23:49:48 | 000,943,656 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPage15\OpAgent.exe
PRC - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/09/11 04:40:34 | 000,086,960 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe


========== Modules (SafeList) ==========

MOD - [2010/03/13 23:02:58 | 000,555,008 | ---- | M] (OldTimer Tools) -- C:\Users\RehabSoup\Downloads\OTL.exe
MOD - [2009/09/29 12:25:06 | 000,028,672 | ---- | M] (Avanquest Software) -- C:\Program Files\Avanquest\Fix-It\WinHook.dll
MOD - [2009/04/11 01:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Auto | Stopped] -- -- (LMIRescue_8bff4bf2-b0d6-43d3-9dac-fdcc4abb7f53) LogMeIn Rescue (8bff4bf2-b0d6-43d3-9dac-fdcc4abb7f53)
SRV - [2010/03/13 13:11:09 | 000,161,144 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist Express Customer\223\g2ax_service.exe -- (GoToAssist Express Customer)
SRV - [2010/02/11 09:34:42 | 000,020,360 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2009/12/03 20:57:54 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-110309-193829)
SRV - [2009/10/02 13:32:22 | 000,529,688 | ---- | M] (Avanquest Software) [Auto | Running] -- C:\Program Files\Avanquest\Fix-It\mxtask.exe -- (Fix-It Task Manager)
SRV - [2009/09/28 19:34:22 | 000,116,032 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
SRV - [2009/09/24 20:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009/09/08 13:46:32 | 001,012,040 | ---- | M] (Sunbelt Software) [Auto | Running] -- C:\Program Files\Common Files\AntiVirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2009/08/27 10:05:04 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2009/06/10 15:45:46 | 000,351,384 | ---- | M] (The Neat Company) [Auto | Running] -- C:\Program Files\NeatWorks\exec\NeatWorksDatabaseController.exe -- (NeatWorksDatabaseController)
SRV - [2009/05/27 02:27:04 | 029,262,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe -- (MSSQL$NR2007) SQL Server (NR2007)
SRV - [2009/04/27 01:17:13 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe -- (ABBYY.Licensing.PDFTransformer.Classic.3.0)
SRV - [2009/04/16 20:42:58 | 000,020,544 | ---- | M] (TOSHIBA) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCameraSrv.exe -- (camsvc)
SRV - [2009/04/14 19:57:38 | 000,176,128 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
SRV - [2009/04/09 18:00:50 | 000,656,752 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2009/04/01 17:10:58 | 000,062,776 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
SRV - [2009/03/30 18:57:22 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2009/03/17 13:49:04 | 000,073,728 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
SRV - [2009/03/10 20:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2009/03/06 20:29:16 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/03/04 17:28:44 | 000,011,264 | ---- | M] (Ai Squared ) [Auto | Running] -- C:\Program Files\ZoomText 9.1\ZoomTextHelperService.exe -- (ZoomText Helper Service)
SRV - [2009/02/19 16:52:38 | 000,057,344 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe -- (RSELSVC)
SRV - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/12/15 15:07:10 | 000,230,704 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Stardock\MyColors\VistaSrv.exe -- (WindowBlinds)
SRV - [2008/11/24 21:31:12 | 000,087,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2008/11/24 21:31:08 | 000,239,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2008/11/24 21:31:08 | 000,045,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe -- (MSSQLServerADHelper)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/11/03 18:15:32 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/10/16 19:26:20 | 000,860,160 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2008/10/16 18:54:34 | 000,466,944 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2008/09/30 16:33:38 | 000,131,072 | ---- | M] (Visioneer Inc.) [Auto | Running] -- C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2008/08/11 12:41:00 | 000,063,040 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
SRV - [2008/02/04 06:46:35 | 000,258,048 | R--- | M] (Dolphin Oceanic Ltd.) [Auto | Running] -- C:\Windows\System32\dolsrvcbar2.exe -- (DolphinCBarSrv2)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/21 19:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/06/11 09:13:20 | 000,073,728 | ---- | M] (OLYMPUS IMAGING CORP.) [Auto | Running] -- C:\Program Files\Olympus\DeviceDetector\DM1Service.exe -- (DM1Service)
SRV - [2007/05/23 13:29:36 | 000,122,880 | ---- | M] (CrypKey (Canada) Ltd.) [Auto | Running] -- C:\Windows\System32\Crypserv.exe -- (Crypkey License)
SRV - [2006/10/05 14:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2005/11/14 03:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...r...B&bmod=TSHB
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...r...B&bmod=TSHB

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...r...B&bmod=TSHB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.rehabsoup.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.startup.homepage: "http://labs.google.c...om/accessible/"
FF - prefs.js..extensions.enabledItems: {99a0337c-6303-4879-b72e-500fd9aaca8c}:1.0.8
FF - prefs.js..extensions.enabledItems: [email protected]:2
FF - prefs.js..extensions.enabledItems: 4
FF - prefs.js..extensions.enabledItems: 9
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655


FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/24 09:11:34 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/03/13 12:58:56 | 000,000,000 | ---D | M]

[2009/12/25 08:48:50 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Mozilla\Extensions
[2009/11/13 01:20:14 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Mozilla\Extensions\[email protected]
[2010/03/12 17:58:22 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Mozilla\Firefox\Profiles\sifrhskn.default\extensions
[2009/12/25 08:51:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\RehabSoup\AppData\Roaming\Mozilla\Firefox\Profiles\sifrhskn.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/02/08 21:17:53 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\RehabSoup\AppData\Roaming\Mozilla\Firefox\Profiles\sifrhskn.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/01/05 21:32:00 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Mozilla\Firefox\Profiles\sifrhskn.default\extensions\[email protected]
[2010/01/12 20:51:19 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/24 09:29:10 | 000,000,000 | ---D | M] (TextAloud Firefox Plugin) -- C:\Program Files\Mozilla Firefox\extensions\{99a0337c-6303-4879-b72e-500fd9aaca8c}

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (txthlpBHO Class) - {060235DC-6D84-47BD-95D7-A4EF5099A59D} - C:\Program Files\Texthelp Systems\Read and Write 9\texthelpbho.dll ()
O2 - BHO: (AhIeBho Class) - {10384d0e-2bc1-48b6-844b-ad0e9e6d2511} - C:\Program Files\ZoomText 9.1\ahoi\ah_ie_bho.dll (Ai Squared )
O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (CmjBrowserHelperObject Object) - {6FE6A929-59D1-4763-91AD-29B61CFFB35B} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ba3HelperObj Class) - {A17B153F-2267-4161-A165-73DCD6C31BEF} - C:\Program Files\Texthelp Systems\Read and Write 9\ba3bho.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll File not found
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll File not found
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (TextAloud) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\Program Files\TextAloud\TAForIE.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [Boingo Wi-Fi] C:\Program Files\Boingo\Boingo Wi-Fi\Boingo.lnk ()
O4 - HKLM..\Run: [cfFncEnabler.exe] C:\Program Files\TOSHIBA\ConfigFree\cfFncEnabler.exe (Toshiba Corporation)
O4 - HKLM..\Run: [DNS7reminder] C:\Program Files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Fax Machine] File not found
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HSON] C:\Program Files\TOSHIBA\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [Kurzweil 1000 11.0] C:\Windows\System32\TIMELO~1.EXE -c Kurzweil 1000 11.0 -k {3B1806A9-814A-4979-BEC0-22CC2B7F6C8A} -l Kurzweil 1000.lnk File not found
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [MMReminderService] C:\Program Files\Mindjet\MindManager 8\MmReminderService.exe (Mindjet)
O4 - HKLM..\Run: [NDSTray.exe] C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION)
O4 - HKLM..\Run: [NetFxUpdate_v1.1.4322] C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe (Microsoft)
O4 - HKLM..\Run: [Opware15] C:\Program Files\ScanSoft\OmniPage15\Opware15.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ScanSoft OmniPage 15-reminder] C:\Program Files\ScanSoft\OmniPage15\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SmartFaceVWatcher] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Teco] C:\Program Files\TOSHIBA\TECO\Teco.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPCHWMsg] C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TWebCamera] C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe (TOSHIBA)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKCU..\Run: [OpAgent] C:\Program Files\ScanSoft\OmniPage15\OpAgent.exe (Nuance Communications, Inc.)
O4 - HKCU..\Run: [SansaDispatch] C:\Users\RehabSoup\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (SanDisk Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - Startup: C:\Users\RehabSoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk = C:\Program Files\Nuance\NaturallySpeaking10\Program\natspeak.exe (Nuance Communications, Inc.)
O4 - Startup: C:\Users\RehabSoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Users\RehabSoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to Mindjet MindManager - {2F72393D-2472-4F82-B600-ED77F354B7FF} - C:\Program Files\Mindjet\MindManager 8\Mm8InternetExplorer.dll (Mindjet)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://dolphinuk.we...ex/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254 192.168.254.254
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist Express Customer: DllName - C:\Program Files\Citrix\GoToAssist Express Customer\223\g2ax_winlogon.dll - C:\Program Files\Citrix\GoToAssist Express Customer\223\g2ax_winlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{35d2346a-7c36-11de-bdf7-0022faebddae}\Shell - "" = AutoRun
O33 - MountPoints2\{35d2346a-7c36-11de-bdf7-0022faebddae}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{4a0eed6f-b446-11de-b18f-001e33c9337c}\Shell - "" = AutoRun
O33 - MountPoints2\{4a0eed6f-b446-11de-b18f-001e33c9337c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -- File not found
O33 - MountPoints2\{8b102809-7b08-11de-b5ac-001e33c9337c}\Shell - "" = Autorun
O33 - MountPoints2\{8b102809-7b08-11de-b5ac-001e33c9337c}\Shell\AutoRun\command - "" = E:\RunTimeInstaller.exe ZoomTextUSBAutoStart.exe -- File not found
O33 - MountPoints2\{f6b5c5f0-5a40-11de-878b-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f6b5c5f0-5a40-11de-878b-806e6f6e6963}\Shell\AutoRun\command - "" = D:\setup.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias [2008/01/20 21:34:27 | 000,000,000 | ---D | M]
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
OTL cannot create restorepoints on Vista OSs!

========== Files/Folders - Created Within 14 Days ==========

[2015/02/02 07:46:06 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\Documents\KESI
[2015/02/02 07:46:06 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\AppData\Roaming\KESI
[2015/02/02 07:45:28 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\Documents\DRConfig
[2015/02/02 07:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Olympus Shared
[2015/02/02 07:44:03 | 000,196,608 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\OdiOlDVR.dll
[2015/02/02 07:44:03 | 000,167,936 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\STRDEVAPI.dll
[2015/02/02 07:44:03 | 000,057,344 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\StrDevCheck.dll
[2015/02/02 07:44:03 | 000,057,344 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\OdiAPI.dll
[2015/02/02 07:43:45 | 000,069,632 | ---- | C] (OLYMPUS OPTICAL CO.,LTD) -- C:\Windows\System32\DM1USBAPI.dll
[2015/02/02 07:43:45 | 000,027,326 | ---- | C] (OLYMPUS OPTICAL CO.,LTD) -- C:\Windows\System32\drivers\DM_1USB.sys
[2015/02/02 07:43:44 | 000,266,240 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\DirrecAPI.dll
[2015/02/02 07:43:44 | 000,229,376 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\DSSCOREVB.dll
[2015/02/02 07:43:44 | 000,229,376 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\DSSCore.dll
[2015/02/02 07:43:44 | 000,204,800 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\FootSwitchAPI.dll
[2015/02/02 07:43:44 | 000,155,648 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\DSSCodec.dll
[2015/02/02 07:43:44 | 000,122,880 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\DSSLicMnVB.dll
[2015/02/02 07:43:44 | 000,122,880 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\DSSLicMn.dll
[2015/02/02 07:43:44 | 000,073,728 | ---- | C] (OLYMPUS CORPORATION) -- C:\Windows\System32\DSXUSB.dll
[2015/02/02 07:43:44 | 000,073,728 | ---- | C] (OLYMPUS CORPORATION) -- C:\Windows\System32\DSSUSB1.DLL
[2015/02/02 07:43:44 | 000,069,632 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\DSSFSSET.cpl
[2015/02/02 07:43:44 | 000,065,552 | ---- | C] (OLYMPUS CORPORATION) -- C:\Windows\System32\dsslire.dll
[2015/02/02 07:43:44 | 000,061,456 | ---- | C] (OLYMPUS IMAGING CORP.) -- C:\Windows\System32\dsslire2.dll
[2015/02/02 07:43:44 | 000,049,152 | ---- | C] (OLYMPUS OPTICAL CO.,LTD.) -- C:\Windows\System32\DSSUSBF.dll
[2015/02/02 07:43:44 | 000,049,152 | ---- | C] (OLYMPUS OPTICAL CO.,LTD.) -- C:\Windows\System32\DSSUSB.DLL
[2015/02/02 07:43:44 | 000,049,152 | ---- | C] (OLYMPUS OPTICAL CO.,LTD.) -- C:\Windows\System32\DSSFSAPI.dll
[2015/02/02 07:43:44 | 000,039,635 | ---- | C] (OLYMPUS OPTICAL CO.,LTD.) -- C:\Windows\System32\drivers\DSXUSB.sys
[2015/02/02 07:43:44 | 000,039,071 | ---- | C] (OLYMPUS OPTICAL CO.,LTD.) -- C:\Windows\System32\drivers\DSSUSB1.SYS
[2015/02/02 07:43:44 | 000,033,363 | ---- | C] (OLYMPUS OPTICAL CO.,LTD.) -- C:\Windows\System32\drivers\DSSUSB.SYS
[2015/02/02 07:43:44 | 000,025,381 | ---- | C] (OLYMPUS OPTICAL CO.,LTD.) -- C:\Windows\System32\drivers\DSSUSBF.sys
[2015/02/02 07:43:31 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DSSPlayer
[2015/02/02 07:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Olympus
[2015/02/01 11:36:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SpeechWorks
[2015/02/01 11:34:21 | 000,000,000 | ---D | C] -- C:\Program Files\Kurzweil Educational Systems
[2015/02/01 11:34:21 | 000,000,000 | ---D | C] -- C:\ProgramData\KESI
[2014/01/01 13:37:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\KESI
[2013/12/01 08:24:59 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\Documents\Kurzweil Educational Systems
[2013/12/01 08:24:59 | 000,000,000 | ---D | C] -- C:\Export
[2011/04/01 16:09:37 | 000,000,000 | ---D | C] -- C:\Ltk
[2011/04/01 16:09:02 | 000,000,000 | ---D | C] -- C:\Program Files\LTK Setup
[2010/03/13 22:31:44 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/03/13 22:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT
[2010/03/13 22:23:42 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\Desktop\Problems with computer
[2010/03/13 22:04:13 | 000,000,000 | ---D | C] -- C:\1ClickUnZIP_unzipfolder
[2010/03/13 22:02:58 | 000,000,000 | ---D | C] -- C:\Program Files\1ClickUnZip
[2010/03/13 21:28:28 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\AppData\Local\Ai Squared
[2010/03/13 21:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\CrypKey
[2010/03/13 21:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\ViaVoiceTTS
[2010/03/13 21:20:35 | 000,165,888 | ---- | C] (Kenonic Controls) -- C:\Windows\Ckconfig.exe
[2010/03/13 21:20:35 | 000,122,880 | ---- | C] (CrypKey (Canada) Ltd.) -- C:\Windows\System32\Crypserv.exe
[2010/03/13 21:15:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Ai Squared
[2010/03/13 21:15:15 | 000,000,000 | ---D | C] -- C:\Program Files\ZoomText 9.1 Tutorial
[2010/03/13 21:14:28 | 000,053,248 | ---- | C] (Freedom Scientific, Inc.) -- C:\Windows\System32\bypass_jfwvid.dll
[2010/03/13 21:14:24 | 000,151,552 | ---- | C] (Ai Squared ) -- C:\Windows\System32\Ai2XOR.dll
[2010/03/13 21:14:22 | 000,095,744 | ---- | C] (Ai Squared ) -- C:\Windows\System32\Ai2Mdd.dll
[2010/03/13 21:14:22 | 000,058,368 | ---- | C] (Ai Squared ) -- C:\Windows\System32\Ai2d91.dll
[2010/03/13 21:14:22 | 000,015,872 | ---- | C] (Ai Squared ) -- C:\Windows\System32\Ai2Ldr.dll
[2010/03/13 21:14:22 | 000,008,704 | ---- | C] (Ai Squared ) -- C:\Windows\System32\Ai2V.sys
[2010/03/13 21:14:22 | 000,007,680 | ---- | C] (Ai Squared ) -- C:\Windows\System32\drivers\Ai2sXP.sys
[2010/03/13 21:14:22 | 000,007,168 | ---- | C] (Ai Squared ) -- C:\Windows\System32\drivers\Ai2Mmpd.sys
[2010/03/13 21:14:20 | 000,000,000 | ---D | C] -- C:\Program Files\ZoomText 9.1
[2010/03/13 13:46:37 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\AppData\Local\LogMeIn
[2010/03/13 13:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2010/03/13 13:46:26 | 000,028,984 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIport.dll
[2010/03/13 13:46:25 | 000,083,288 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIRfsClientNP.dll
[2010/03/13 13:46:25 | 000,047,640 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\drivers\LMIRfsDriver.sys
[2010/03/13 13:46:21 | 000,087,352 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\System32\LMIinit.dll
[2010/03/13 13:45:56 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn
[2010/03/13 13:06:54 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2010/03/13 13:05:44 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\AppData\Local\Deployment
[2010/03/13 13:05:44 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\AppData\Local\Apps
[2010/03/13 13:02:45 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\AppData\Local\Citrix
[2010/03/04 21:44:36 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\Desktop\Mom's Bills
[2010/03/01 13:25:07 | 000,000,000 | ---D | C] -- C:\Users\RehabSoup\Desktop\Excel 2007
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2015/02/02 07:44:03 | 000,001,862 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Directrec Configuration Tool.lnk
[2015/02/02 07:44:03 | 000,001,807 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk
[2015/02/02 07:44:02 | 000,000,000 | ---- | M] () -- C:\Windows\Dssole.INI
[2015/02/02 07:43:43 | 000,000,645 | ---- | M] () -- C:\Users\RehabSoup\Desktop\Olympus DSS Player.lnk
[2014/01/01 13:41:47 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Kurzweil 3000.lnk
[2014/01/01 13:41:47 | 000,000,646 | ---- | M] () -- C:\Users\Public\Desktop\Kurzweil 3000 Pending Audio.lnk
[2014/01/01 13:41:47 | 000,000,641 | ---- | M] () -- C:\Users\Public\Desktop\Kurzweil 3000 Output Audio.lnk
[2013/12/01 08:02:51 | 000,001,964 | ---- | M] () -- C:\Users\Public\Desktop\Kurzweil 1000.lnk
[2013/12/01 08:02:51 | 000,001,810 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audio Spooler.lnk
[2013/12/01 08:02:42 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/12/01 08:02:42 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2011/04/01 16:10:07 | 000,000,349 | ---- | M] () -- C:\Windows\LTK.INI
[2010/03/13 23:05:43 | 005,505,024 | -HS- | M] () -- C:\Users\RehabSoup\NTUSER.DAT
[2010/03/13 22:31:30 | 000,000,924 | ---- | M] () -- C:\Users\RehabSoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/03/13 22:31:28 | 000,000,744 | ---- | M] () -- C:\Users\RehabSoup\Desktop\NTREGOPT.lnk
[2010/03/13 22:31:28 | 000,000,725 | ---- | M] () -- C:\Users\RehabSoup\Desktop\ERUNT.lnk
[2010/03/13 22:26:38 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/13 22:26:14 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/03/13 22:26:14 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/03/13 22:26:13 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/03/13 22:26:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/03/13 22:26:02 | 3082,801,152 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/13 22:26:01 | 454,339,221 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/03/13 22:22:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/13 22:04:10 | 000,000,055 | ---- | M] () -- C:\Windows\xm.url
[2010/03/13 22:03:37 | 000,000,053 | ---- | M] () -- C:\Windows\top-windows-downloads.url
[2010/03/13 21:57:55 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/13 21:43:13 | 000,004,480 | ---- | M] () -- C:\Windows\System32\esnecil.ind
[2010/03/13 21:43:13 | 000,000,004 | ---- | M] () -- C:\Windows\vx86036.dat
[2010/03/13 21:42:30 | 000,052,438 | ---- | M] () -- C:\Users\RehabSoup\ZxRestart.ini
[2010/03/13 21:31:36 | 000,816,706 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010/03/13 21:31:36 | 000,683,700 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010/03/13 21:31:36 | 000,135,490 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010/03/13 21:23:09 | 000,524,288 | -HS- | M] () -- C:\Users\RehabSoup\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010/03/13 21:23:09 | 000,065,536 | -HS- | M] () -- C:\Users\RehabSoup\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010/03/13 21:22:33 | 004,050,993 | -H-- | M] () -- C:\Users\RehabSoup\AppData\Local\IconCache.db
[2010/03/13 21:21:59 | 000,001,671 | ---- | M] () -- C:\Users\Public\Desktop\ZoomText 9.1 Trial.lnk
[2010/03/13 21:21:59 | 000,001,308 | ---- | M] () -- C:\Users\Public\Desktop\ZoomText Keyboard Info.lnk
[2010/03/13 21:21:59 | 000,000,020 | ---- | M] () -- C:\Windows\TestSupp.ini
[2010/03/13 21:20:38 | 000,000,046 | ---- | M] () -- C:\Windows\Crypkey.ini
[2010/03/13 14:11:44 | 000,568,328 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/03/13 13:46:17 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/03/13 13:11:25 | 000,001,353 | ---- | M] () -- C:\Users\RehabSoup\Desktop\GoToAssist Express Customer.lnk
[2010/03/13 13:05:44 | 000,200,200 | ---- | M] () -- C:\Users\RehabSoup\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/03/13 13:02:45 | 000,108,920 | ---- | M] () -- C:\Users\RehabSoup\g2ax_customer_downloadhelper_win32_x86.exe
[2010/03/13 12:54:18 | 000,000,518 | ---- | M] () -- C:\Windows\win.ini
[2010/03/10 15:47:51 | 000,003,114 | ---- | M] () -- C:\Users\RehabSoup\AppData\Roaming\SAS7_000.DAT
[2010/03/06 08:19:36 | 000,025,600 | ---- | M] () -- C:\Users\RehabSoup\AppData\Local\Map1.doc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/02/02 07:44:03 | 000,001,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Directrec Configuration Tool.lnk
[2015/02/02 07:44:03 | 000,001,807 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk
[2015/02/02 07:44:02 | 000,000,000 | ---- | C] () -- C:\Windows\Dssole.INI
[2015/02/02 07:43:45 | 000,045,056 | ---- | C] () -- C:\Windows\System32\DM1USBAPIVB.dll
[2015/02/02 07:43:43 | 000,000,645 | ---- | C] () -- C:\Users\RehabSoup\Desktop\Olympus DSS Player.lnk
[2015/02/01 11:38:26 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Kurzweil 3000.lnk
[2014/01/01 13:41:47 | 000,000,646 | ---- | C] () -- C:\Users\Public\Desktop\Kurzweil 3000 Pending Audio.lnk
[2014/01/01 13:41:47 | 000,000,641 | ---- | C] () -- C:\Users\Public\Desktop\Kurzweil 3000 Output Audio.lnk
[2013/12/01 08:02:51 | 000,001,964 | ---- | C] () -- C:\Users\Public\Desktop\Kurzweil 1000.lnk
[2013/12/01 08:02:51 | 000,001,810 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audio Spooler.lnk
[2013/12/01 08:02:42 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/12/01 08:02:42 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2011/04/01 16:09:58 | 000,000,349 | ---- | C] () -- C:\Windows\LTK.INI
[2010/03/13 22:31:30 | 000,000,924 | ---- | C] () -- C:\Users\RehabSoup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010/03/13 22:31:28 | 000,000,744 | ---- | C] () -- C:\Users\RehabSoup\Desktop\NTREGOPT.lnk
[2010/03/13 22:31:28 | 000,000,725 | ---- | C] () -- C:\Users\RehabSoup\Desktop\ERUNT.lnk
[2010/03/13 22:04:10 | 000,000,055 | ---- | C] () -- C:\Windows\xm.url
[2010/03/13 22:03:37 | 000,000,053 | ---- | C] () -- C:\Windows\top-windows-downloads.url
[2010/03/13 21:57:55 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/03/13 21:42:23 | 000,052,438 | ---- | C] () -- C:\Users\RehabSoup\ZxRestart.ini
[2010/03/13 21:27:55 | 000,000,004 | ---- | C] () -- C:\Windows\vx86036.dat
[2010/03/13 21:21:59 | 000,001,671 | ---- | C] () -- C:\Users\Public\Desktop\ZoomText 9.1 Trial.lnk
[2010/03/13 21:21:59 | 000,001,308 | ---- | C] () -- C:\Users\Public\Desktop\ZoomText Keyboard Info.lnk
[2010/03/13 21:20:35 | 000,027,648 | R--- | C] () -- C:\Windows\Setup_ck.exe
[2010/03/13 21:20:35 | 000,018,432 | ---- | C] () -- C:\Windows\Setup_ck.dll
[2010/03/13 21:20:35 | 000,016,896 | ---- | C] () -- C:\Windows\System32\Ckldrv.sys
[2010/03/13 21:20:35 | 000,011,776 | ---- | C] () -- C:\Windows\Ckrfresh.exe
[2010/03/13 21:14:22 | 000,000,001 | ---- | C] () -- C:\Windows\System32\ai2drv.dat
[2010/03/13 15:12:01 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/03/13 15:12:00 | 000,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/03/13 13:46:15 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010/03/13 13:11:25 | 000,001,353 | ---- | C] () -- C:\Users\RehabSoup\Desktop\GoToAssist Express Customer.lnk
[2010/03/13 13:02:44 | 000,108,920 | ---- | C] () -- C:\Users\RehabSoup\g2ax_customer_downloadhelper_win32_x86.exe
[2010/03/06 08:19:35 | 000,025,600 | ---- | C] () -- C:\Users\RehabSoup\AppData\Local\Map1.doc
[2010/01/28 07:49:55 | 000,000,120 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2010/01/23 15:00:15 | 000,040,448 | ---- | C] () -- C:\Windows\System32\regobj.dll
[2010/01/16 20:40:03 | 000,045,056 | ---- | C] () -- C:\Windows\System32\mdmparm.dll
[2009/11/22 20:20:20 | 000,004,096 | -H-- | C] () -- C:\Users\RehabSoup\AppData\Local\keyfile3.drm
[2009/11/02 11:39:06 | 000,000,182 | ---- | C] () -- C:\Users\RehabSoup\AppData\Roaming\wklnhst.dat
[2009/10/31 13:39:37 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009/10/31 13:39:17 | 000,006,211 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009/10/31 13:03:18 | 000,000,505 | ---- | C] () -- C:\Windows\pixcache.ini
[2009/10/31 12:58:54 | 000,000,211 | ---- | C] () -- C:\Windows\kofax200.ini
[2009/10/31 12:49:50 | 000,031,935 | ---- | C] () -- C:\Windows\maxlink.ini
[2009/10/24 21:59:02 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/19 13:17:18 | 000,000,305 | ---- | C] () -- C:\Users\RehabSoup\AppData\Local\cookies.ini
[2009/09/16 18:40:41 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/15 16:16:28 | 000,000,046 | ---- | C] () -- C:\Windows\Crypkey.ini
[2009/08/15 14:16:13 | 000,000,060 | ---- | C] () -- C:\Windows\powerpnt.ini
[2009/08/15 14:16:13 | 000,000,031 | ---- | C] () -- C:\ProgramData\msadws_default.theme
[2009/08/15 14:02:40 | 000,040,960 | ---- | C] () -- C:\Windows\System32\LDWaveIO.dll
[2009/08/15 14:02:40 | 000,032,768 | ---- | C] () -- C:\Windows\System32\IsatITC.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/26 22:24:16 | 000,020,992 | ---- | C] () -- C:\Users\RehabSoup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/07/21 07:04:59 | 000,000,020 | ---- | C] () -- C:\Windows\TestSupp.ini
[2009/07/16 20:08:18 | 000,000,052 | ---- | C] () -- C:\Windows\STYLEEASEAPA.INI
[2009/07/13 07:18:23 | 000,000,056 | ---- | C] () -- C:\ProgramData\msdcmapi.dat
[2009/07/13 07:18:23 | 000,000,033 | ---- | C] () -- C:\ProgramData\msadws.theme
[2009/07/12 14:57:21 | 000,122,880 | ---- | C] () -- C:\Windows\System32\trc.dll
[2009/07/12 14:56:49 | 000,118,784 | ---- | C] () -- C:\Windows\System32\mp3dec.dll
[2009/07/12 14:56:49 | 000,081,920 | ---- | C] () -- C:\Windows\System32\dsp_trc.dll
[2009/07/12 14:56:49 | 000,005,120 | ---- | C] () -- C:\Windows\System32\IcdSptSvps.dll
[2009/07/12 07:56:36 | 000,003,114 | ---- | C] () -- C:\Users\RehabSoup\AppData\Roaming\SAS7_000.DAT
[2009/07/11 12:18:02 | 000,000,013 | RHS- | C] () -- C:\Windows\System32\drivers\fbd.sys
[2009/07/11 12:17:36 | 000,000,004 | RHS- | C] () -- C:\Windows\System32\drivers\taishop.sys
[2009/06/16 02:00:36 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2009/06/16 01:20:49 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009/05/03 22:25:09 | 000,209,040 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2009/05/03 22:25:09 | 000,204,944 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2009/05/03 22:25:09 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2009/05/03 22:25:09 | 000,196,752 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2009/05/03 22:25:09 | 000,192,656 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2009/05/03 22:25:09 | 000,024,720 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2009/03/03 14:17:44 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1670.dll
[2009/01/30 19:50:42 | 000,050,472 | ---- | C] () -- C:\Windows\System32\KESIMapiStub.dll
[2008/03/12 15:11:08 | 000,057,904 | ---- | C] () -- C:\Windows\System32\wbload.dll
[2007/11/01 15:53:34 | 026,259,456 | ---- | C] () -- C:\Windows\System32\btwicons.dll
[2007/11/01 15:43:30 | 000,077,824 | ---- | C] () -- C:\Windows\System32\btprn2k.dll
[2006/11/02 19:22:58 | 000,030,256 | ---- | C] () -- C:\Windows\System32\PMMailSend.dll
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/02/13 11:02:00 | 000,663,552 | ---- | C] () -- C:\Windows\System32\tx12.dll
[2006/02/09 02:20:00 | 000,000,530 | ---- | C] () -- C:\Windows\System32\tx12_ic.ini
[2005/11/10 09:01:28 | 000,006,144 | ---- | C] () -- C:\Windows\System32\ClassXps.dll
[2001/11/14 11:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
[2001/02/01 01:00:00 | 000,045,744 | ---- | C] () -- C:\Windows\System32\VTSPELL.DLL
[2001/02/01 01:00:00 | 000,007,008 | ---- | C] () -- C:\Windows\System32\SETUPKIT.DLL
[2000/07/10 14:02:26 | 000,541,761 | ---- | C] () -- C:\Windows\System32\Prdllw32.dll
[2000/07/10 14:01:10 | 000,243,425 | ---- | C] () -- C:\Windows\System32\Pddllw32.dll
[1999/01/04 12:25:00 | 000,375,296 | ---- | C] () -- C:\Windows\System32\tx32.dll
[1998/11/04 01:20:00 | 000,000,202 | ---- | C] () -- C:\Windows\System32\Ic32.ini
[1996/03/26 13:09:08 | 000,188,416 | ---- | C] () -- C:\Windows\System32\Pddllwnt.dll
[1995/08/23 12:45:58 | 000,002,016 | ---- | C] () -- C:\Windows\Sg5w30.dll
[1995/08/23 12:45:54 | 000,214,899 | ---- | C] () -- C:\Windows\Aplib2.dll
[1995/08/23 12:45:42 | 000,034,144 | ---- | C] () -- C:\Windows\Aplib1.dll
[1995/08/23 12:45:40 | 000,006,784 | ---- | C] () -- C:\Windows\Accupage.dll

========== LOP Check ==========

[2009/11/01 15:15:40 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Avanquest
[2009/09/20 20:33:11 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Blackberry Desktop
[2009/09/30 21:32:30 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\CoreFTP
[2009/08/15 16:00:57 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Dolphin
[2009/10/28 20:52:45 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Gael
[2009/10/27 20:31:14 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Individual Software
[2009/08/24 04:22:10 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Inspiration Software
[2013/12/01 08:24:58 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\KESI
[2009/10/31 12:56:04 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\LinkManager 4.0
[2009/10/31 13:39:57 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\MAGIX
[2009/10/28 23:17:26 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\MindGenius
[2009/09/30 18:44:30 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Nova Development
[2009/07/11 18:43:15 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Nuance
[2009/11/01 20:27:48 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\OneTouch 4.0
[2009/12/03 22:59:09 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Opera
[2009/10/27 20:21:51 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\OrgPlus8
[2009/09/12 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\PersonalBrain
[2009/07/20 20:24:12 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Publish Providers
[2009/07/29 07:00:30 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Research In Motion
[2010/01/22 09:51:22 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\RFB&&D Download Manager
[2009/10/07 22:13:22 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\SanDisk
[2009/10/31 13:07:24 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\ScanSoft
[2009/07/21 07:03:30 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Smith Micro
[2009/07/20 20:24:01 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Sony
[2010/02/05 19:14:29 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Template
[2010/01/17 15:54:29 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Texthelp Systems
[2009/11/13 01:20:12 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\TomTom
[2009/08/15 21:17:42 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\TOSHIBA
[2010/01/30 16:25:32 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\Virtual Mechanics
[2009/10/30 04:35:22 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\webex
[2009/07/11 12:17:34 | 000,000,000 | ---D | M] -- C:\Users\RehabSoup\AppData\Roaming\WinBatch
[2010/03/13 21:22:47 | 000,032,598 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/11/01 18:45:32 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{7FD67E87-3860-4287-9F00-DCF113891D09}.job
[2009/09/27 08:06:00 | 000,000,430 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{CE61A055-E9FF-4677-A549-446FF45B78C6}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008/01/20 21:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2008/03/24 22:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_3e1ecd89\AGP440.sys
[2008/03/24 22:22:22 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=2D77788D0B7FE269044F58C86AE099CE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.22142_none_ba734aead7ed1bb6\AGP440.sys
[2008/03/25 22:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_e4087235\AGP440.sys
[2008/03/25 22:38:23 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=ED91751834103DB2A74470CD763A49FE -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6000.20800_none_b8b64d46daa7e57a\AGP440.sys
[2006/11/02 04:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009/04/11 01:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 21:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 04:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008/06/02 22:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\drivers\atapi.sys
[2008/06/02 22:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7f3e4ed9\atapi.sys
[2008/06/02 22:29:54 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=9C0E70031905ADBF94EDB9EA14AF943B -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22193_none_dd6376773aedb5e4\atapi.sys
[2008/06/02 22:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b7393fc6\atapi.sys
[2008/06/02 22:27:21 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E26DDFE464B464DAF1C739122978D1D6 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20847_none_dbb74a7b3d9afbc1\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006/11/02 04:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: IASTOR.SYS >
[2009/02/11 19:26:18 | 000,407,576 | ---- | M] (Intel Corporation) MD5=1ADAA4F16073FD0C7270F451FD024E97 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2009/02/11 19:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/02/11 19:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\drivers\iaStor.sys
[2009/02/11 19:11:50 | 000,329,752 | ---- | M] (Intel Corporation) MD5=71ECC07BC7C5E24C3DD01D8A29A24054 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_ea118ff5\iaStor.sys

< MD5 for: IASTORV.SYS >
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008/01/20 21:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006/11/02 04:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009/04/11 01:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008/01/20 21:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006/11/02 04:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008/01/20 21:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008/01/20 21:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009/04/11 01:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/01/20 21:24:26 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll
[2008/01/20 21:24:26 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll
[2009/04/11 01:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2009/04/11 01:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008/01/20 22:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/20 22:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/20 22:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 05:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 05:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

========== Alternate Data Streams ==========

@Alternate Data Stream - 53 bytes -> C:\Windows\win.ini:WININI
@Alternate Data Stream - 45 bytes -> C:\ProgramData\msadws.theme:NTOSCHK
@Alternate Data Stream - 222 bytes -> C:\ProgramData\TEMP:F35A93AD
@Alternate Data Stream - 178 bytes -> C:\ProgramData\TEMP:6161D577
< End of report >
  • 0

Advertisements


#2
JRex

JRex

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Thanks but I fixed the problem. I deleted the word data registry key. I saved this before I did, so if it did not work...

http://support.micro.....Ben-us;921541

This was the steps I took.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP