Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4226
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
6/22/2010 7:25:34 PM
mbam-log-2010-06-22 (19-25-34).txt
Scan type: Quick scan
Objects scanned: 136415
Time elapsed: 5 minute(s), 30 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 7
Registry Values Infected: 7
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 57
Memory Processes Infected:
C:\Windows\Temp\fFollower.exe (Trojan.Dropper) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{84c3c236-f588-4c93-84f4-147b2abbe67b} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{7b6a2552-e65b-4a9e-add4-c45577ffd8fd} (Adware.EZLife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Follower (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\netc (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\jxiderotegixi (Trojan.Hiloti) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c:\windows\temp\ope3ac8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\c:\windows\temp\ope3bc2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vtusobu (Trojan.Hiloti) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\skb (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lsass (Trojan.PWS) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: c:\windows\system32\sdra64.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Spyware.Zbot) -> Data: system32\sdra64.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (userinit.exe,C:\Windows\system32\sdra64.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Windows\svc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\odiponam.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Windows\Temp\ope3AC8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\ope3AC8.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\ope3BC2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\ope3BC2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\prtypi30.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Users\Nikki\AppData\Roaming\343b5f0d.exe (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Users\Nikki\Desktop\Key Gen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\simplex.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.8390406008419182.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\Temp\1your_exe.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\4_pinnew.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\Windows\Temp\6_ldry3no.exe.vir (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\avto.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT14C6.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT1FD6.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT2B8A.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT30FE.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT3B73.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT40CD.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT426D.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT4F97.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT5135.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT6B1D.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT7194.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT7CB1.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BIT9F25.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BITACFB.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BITBC2A.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BITD55D.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BITE29D.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BITE454.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BITF191.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\BITFC24.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\Temp\bmsaovlw.exe (Malware.Gen) -> Quarantined and deleted successfully.
C:\Windows\Temp\ijwxv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\miragge.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\pdfupd.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\Temp\q1.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\svchosty.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\teste1_p.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\ughau.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.
C:\Windows\Temp\Updater70702Setup.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Temp\xvsfym.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
C:\Windows\Temp\yakarjme.exe (Trojan.Dropper.Gen) -> Quarantined and deleted successfully.
C:\Windows\System32\csrrss.exe (Trojan.Sasfis) -> Quarantined and deleted successfully.
C:\Windows\System32\sdra64.exe (Spyware.Zbot) -> Quarantined and deleted successfully.
C:\Windows\Temp\0.6867814398230598.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\Temp\1_goo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\tmp2726406.log (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\tmp5689623.log (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\lsass.exe (Trojan.PWS) -> Quarantined and deleted successfully.
C:\ProgramData\Update\seupd.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\Tasks\MSWD-343b5f0d.job (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Windows\Temp\ffollower.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
Once I found your guide I started at the beginning and went through every step all the way through running Malwarebytes' which when complete shows this log:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 4226
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18928
6/22/2010 10:19:02 PM
mbam-log-2010-06-22 (22-19-02).txt
Scan type: Quick scan
Objects scanned: 133570
Time elapsed: 6 minute(s), 6 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I than moved onto the GMER Rootkit Scanner and followed the directions exactly, however the only boxes that the program allows me to check are the ones that are checked: Services, Registry, Files, ADS....the rest of the boxes are grayed out and not able to be selected, I ran the Scan to see what would happen and it ran for quite awhile it reported that there where no modifications to the system, I hit save and when I opened the file to view it there was nothing there. Not sure what the problem was, I downloaded the program again thinking maybe it didn't download properly, ran it again and had the same results...not sure about the problem here but I moved onto the next step....
While running the OTL in the middle of execution a window came up claiming disk error offering: Try Again, Cancel, Continue....I tried all options and the window just continued to pop up at least 10-15 times than it disappeared and the scan continued. These are the log files that came from OTL:
OTL.Txt
OTL logfile created on: 6/22/2010 11:02:09 PM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Nikki\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 477.88 Gb Free Space | 69.91% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 8.69 Gb Free Space | 57.94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 1.90 Gb Total Space | 1.84 Gb Free Space | 96.82% Space Free | Partition Type: FAT
Computer Name: NIKKI-PC
Current User Name: Nikki
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2010/06/22 22:51:23 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Nikki\Desktop\OTL.exe
PRC - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/04/01 13:58:04 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/04/02 13:47:04 | 000,234,888 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe
PRC - [2009/04/02 13:47:02 | 000,464,264 | ---- | M] () -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe
PRC - [2008/05/23 15:06:08 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2007/01/30 02:08:40 | 000,077,824 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
========== Modules (SafeList) ==========
MOD - [2010/06/22 22:51:23 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Nikki\Desktop\OTL.exe
MOD - [2008/01/20 22:50:01 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010/01/21 16:24:56 | 000,130,048 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2009/12/09 20:30:34 | 000,017,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Essentials\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2008/07/24 07:49:06 | 000,881,664 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/07/18 08:42:16 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2008/07/02 03:11:34 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/04/16 08:33:40 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/06/16 08:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2009/04/02 13:47:04 | 000,234,888 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe -- (ASKUpgrade)
SRV - [2009/04/02 13:47:02 | 000,464,264 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\AskBarDis\bar\bin\AskService.exe -- (ASKService)
SRV - [2008/12/11 23:25:43 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/10/25 11:44:08 | 000,065,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service)
SRV - [2006/11/02 09:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 02:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 02:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2010/04/16 08:33:36 | 000,050,176 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/13 11:02:52 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2008/07/24 07:49:08 | 004,310,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:64bit: - [2008/07/24 07:49:08 | 004,310,528 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/07/21 07:18:30 | 000,026,624 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2008/07/15 08:14:10 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/07/10 07:28:50 | 000,170,496 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/07/02 03:11:34 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2008/07/02 03:11:32 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2008/07/02 03:11:28 | 001,487,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2008/07/02 03:11:28 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/07/02 03:11:28 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008/01/20 22:47:27 | 000,903,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\xnacc.sys -- (xnacc)
DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 22:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:64bit: - [2007/11/14 04:00:00 | 000,053,488 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2007/06/21 21:16:42 | 000,825,336 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\WMP300Nv1.sys -- (WMP300Nv1)
DRV:64bit: - [2007/01/23 15:47:00 | 000,051,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2007/01/23 15:47:00 | 000,048,912 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/09/04 13:46:04 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/09/04 13:46:04 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/07/02 03:11:32 | 000,094,208 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\mdmxsdk.dll -- (mdmxsdk)
DRV - [2006/09/18 17:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 17:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...amp;ibd=4081127
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - HKLM\software\mozilla\Firefox\Extensions\\{0A0FE45D-CDD0-4D00-A2E6-2641D73F1E1C}: C:\Windows\system32\config\systemprofile\AppData\Local\{0A0FE45D-CDD0-4D00-A2E6-2641D73F1E1C} [2010/06/12 18:27:23 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/06/22 19:46:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/06/22 22:07:13 | 000,000,000 | ---D | M]
[2010/06/22 19:47:08 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\mozilla\Extensions
[2010/01/14 00:01:06 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\mozilla\Firefox\extensions
[2010/01/14 00:01:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nikki\AppData\Roaming\mozilla\Firefox\extensions\{E9A1DEE0-C623-4439-8932-001E7D17607D}
[2010/06/22 21:01:24 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\mozilla\Firefox\Profiles\70dauglw.default\extensions
[2010/06/22 19:46:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSSE] c:\Program Files\Microsoft Security Essentials\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [C:\Windows\TEMP\ope3319.exe ] C:\Windows\TEMP\ope3319.exe File not found
O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.4.1.cab (DLM Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Nikki\Pictures\Wallpaper\Family.jpg
O24 - Desktop BackupWallPaper: C:\Users\Nikki\Pictures\Wallpaper\Family.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{0dfe479a-682d-11df-9813-0021704843bd}\Shell - "" = AutoRun
O33 - MountPoints2\{0dfe479a-682d-11df-9813-0021704843bd}\Shell\AutoRun\command - "" = K:\WD SmartWare.exe -- File not found
O33 - MountPoints2\{8b211f60-d032-11dd-81e5-0021704843bd}\Shell - "" = AutoRun
O33 - MountPoints2\{8b211f60-d032-11dd-81e5-0021704843bd}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\{a1b42257-eaf9-11dd-ad0e-0021704843bd}\Shell - "" = AutoRun
O33 - MountPoints2\{a1b42257-eaf9-11dd-ad0e-0021704843bd}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: Ias - C:\Windows\SysWOW64\ias [2008/01/20 23:08:35 | 000,000,000 | ---D | M]
Drivers32:64bit: aux - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: aux1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: mixer1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.iyuv - iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.uyvy - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yuy2 - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvu9 - tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvyu - msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wave1 - wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - msacm32.drv (Microsoft Corporation)
Drivers32: aux - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: aux1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midi1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Microsoft Corporation)
Drivers32: mixer - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: mixer1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: msacm.imaadpcm - C:\Windows\SysWow64\imaadp32.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.msadpcm - C:\Windows\SysWow64\msadp32.acm (Microsoft Corporation)
Drivers32: msacm.msg711 - C:\Windows\SysWow64\msg711.acm (Microsoft Corporation)
Drivers32: msacm.msgsm610 - C:\Windows\SysWow64\msgsm32.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.iyuv - C:\Windows\SysWow64\iyuv_32.dll (Microsoft Corporation)
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Microsoft Corporation)
Drivers32: vidc.msvc - C:\Windows\SysWow64\msvidc32.dll (Microsoft Corporation)
Drivers32: vidc.uyvy - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yuy2 - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\tsbyuv.dll (Microsoft Corporation)
Drivers32: vidc.yvyu - C:\Windows\SysWow64\msyuv.dll (Microsoft Corporation)
Drivers32: wave - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wave1 - C:\Windows\SysWow64\wdmaud.drv (Microsoft Corporation)
Drivers32: wavemapper - C:\Windows\SysWow64\msacm32.drv (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ==========
[2010/06/22 22:51:14 | 000,574,464 | ---- | C] (OldTimer Tools) -- C:\Users\Nikki\Desktop\OTL.exe
[2010/06/22 22:38:33 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Desktop\Fixing Computer
[2010/06/22 22:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Antimalware
[2010/06/22 22:22:37 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Essentials
[2010/06/22 22:10:03 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010/06/22 22:09:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010/06/22 22:06:54 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/06/22 21:24:31 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Local\Little_Apps_(http___www.l
[2010/06/22 21:08:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Little Registry Cleaner
[2010/06/22 21:08:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Little Registry Cleaner
[2010/06/22 20:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software
[2010/06/22 20:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Alwil Software
[2010/06/22 19:50:46 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\Adobe Reader 9 Installer
[2010/06/22 19:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
[2010/06/22 19:46:58 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Local\Mozilla
[2010/06/22 19:17:45 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Malwarebytes
[2010/06/22 19:17:33 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/06/22 19:17:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/06/22 19:17:31 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/06/22 19:17:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/06/22 19:11:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/06/22 16:54:39 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Documents\Vuze Downloads
[2010/06/19 03:20:59 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Portable Devices
[2010/06/19 03:20:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Portable Devices
[2010/06/18 22:45:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Strange Cases - The Tarot Card Mystery
[2010/06/18 22:42:53 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Silverback Productions
[2010/06/16 18:13:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/06/16 18:13:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/06/15 11:09:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vi-VN
[2010/06/15 11:09:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vi-VN
[2010/06/15 11:09:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\eu-ES
[2010/06/15 11:09:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\eu-ES
[2010/06/15 11:09:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ca-ES
[2010/06/15 11:09:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ca-ES
[2010/06/15 09:31:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2010/06/12 20:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2010/06/12 20:10:34 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\DarkParablesBriarRoseSE_BFG
[2010/06/12 18:25:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Update
[2010/06/12 18:25:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/06/12 18:24:28 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010/06/12 18:21:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PuppetShow - Mystery of Joyville
[2010/06/12 18:11:49 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Skunk Studios
[2010/06/12 18:10:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dark Parables - Curse of Briar Rose
[2010/06/11 22:43:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2010/06/10 10:58:20 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Top Evidence
[2010/06/10 10:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Top Evidence
[2010/06/10 00:09:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2010/06/10 00:03:10 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2010/06/09 23:56:25 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010/06/09 22:43:49 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\ERS G-Studio
[2010/06/09 11:29:59 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\MysteryStudio
[2010/06/08 17:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Murder She Wrote
[2010/06/08 16:21:59 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\SulusGames
[2010/06/08 16:21:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SulusGames
[2010/06/07 18:03:09 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Big Fish Games
[2010/06/06 17:32:44 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\MagicIndie
[2010/06/06 02:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\PlayPond
[2010/06/06 01:58:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Robinson Crusoe and the Cursed Pirates
[2010/06/06 01:49:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/06/06 01:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\bfgclient
[2010/06/06 01:42:36 | 000,000,000 | ---D | C] -- C:\BigFishGamesCache
[2010/06/01 19:28:47 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Documents\FrostWire
[2010/06/01 13:34:16 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Documents\Graphic Design
[2010/06/01 09:14:08 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Incomplete
[2010/05/30 11:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\eSellerate
[2010/05/30 11:20:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iPod To Computer Transfer
[2010/05/30 10:45:57 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Apple Computer
[2010/05/30 10:44:26 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010/05/30 10:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/05/30 10:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/05/30 10:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/05/30 10:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2010/05/30 10:40:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2010/05/30 10:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2010/05/30 10:37:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2010/05/30 10:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/05/30 10:29:54 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/05/30 10:29:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2010/05/26 20:05:33 | 000,184,320 | ---- | C] (Homestead Technologies, Inc.) -- C:\Windows\SysWow64\OESICore.dll
[2010/05/26 20:05:33 | 000,045,056 | ---- | C] (Homestead Technologies, Inc.) -- C:\Windows\SysWow64\HSSICore.dll
[2010/05/26 20:05:33 | 000,040,960 | ---- | C] (Homestead Technologies) -- C:\Windows\SysWow64\HS_live.ocx
[2010/05/26 20:05:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Homestead
[2010/05/26 20:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\WD_SmartWareCommon
[2010/05/26 19:59:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Homestead
[2010/05/26 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Local\Western_Digital
[2010/05/26 18:44:23 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Western Digital
[2010/05/26 18:43:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2010/05/26 18:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2010/05/26 18:39:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Western Digital
[2010/05/26 18:39:21 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Local\Western Digital
[2010/05/26 12:22:33 | 000,000,000 | ---D | C] -- C:\ConvertXtoDVD
[2010/05/26 09:37:06 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2010/05/26 01:38:38 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2010/05/26 01:38:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AdobeSupportAdvisor
[2010/05/26 00:12:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2010/05/26 00:04:14 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Transfer data
[2010/05/25 15:50:41 | 000,000,000 | ---D | C] -- C:\Users\Nikki\Documents\BookSmartData
[2010/05/25 15:50:12 | 000,000,000 | ---D | C] -- C:\Users\Nikki\.blurb
[2010/05/25 15:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BookSmart
[2010/05/23 21:27:45 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Motive
[2010/05/23 21:27:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATT-HSI
[2010/04/06 06:35:27 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Smart PDF Converter
[2010/04/06 06:35:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Smart Soft
[2010/04/06 06:35:06 | 000,000,000 | ---D | C] -- C:\Program Files\Smart PDF Converter
[2010/04/06 01:40:02 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\UDC Profiles
[2010/04/06 01:05:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF Editor 3
[2010/04/06 00:59:57 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Downloaded Installations
[2010/04/06 00:53:36 | 000,030,584 | ---- | C] (fCoder Group, Inc.) -- C:\Windows\SysNative\udcpm.dll
[2010/04/06 00:53:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Universal Document Converter
[2010/04/06 00:35:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PS
[2010/04/06 00:35:10 | 000,136,704 | ---- | C] (pdfconverter.com) -- C:\Windows\SysNative\pcPCR2PortMon.dll
[2010/04/06 00:25:15 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/04/06 00:15:08 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\PrimoPDF
[2010/04/06 00:13:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nitro PDF
[2010/04/05 18:34:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2010/04/05 18:24:44 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/04/03 01:22:35 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Local\Yahoo
[2010/04/03 01:16:02 | 000,000,000 | ---D | C] -- C:\Users\Nikki\AppData\Roaming\Yahoo!
[2010/04/03 01:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2010/04/03 01:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
========== Files - Modified Within 90 Days ==========
[2010/06/22 23:03:50 | 008,650,752 | -HS- | M] () -- C:\Users\Nikki\ntuser.dat
[2010/06/22 22:57:43 | 000,690,960 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/06/22 22:57:43 | 000,595,446 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/06/22 22:57:43 | 000,101,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/06/22 22:51:23 | 000,574,464 | ---- | M] (OldTimer Tools) -- C:\Users\Nikki\Desktop\OTL.exe
[2010/06/22 22:45:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/06/22 22:29:01 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/06/22 22:29:00 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/06/22 22:28:59 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/06/22 22:28:59 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\RtlNICDiagVistaStart.job
[2010/06/22 22:28:56 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/06/22 22:28:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/06/22 22:27:57 | 000,524,288 | -HS- | M] () -- C:\Users\Nikki\ntuser.dat{fd2fffc3-8911-11de-8384-0021704843bd}.TMContainer00000000000000000001.regtrans-ms
[2010/06/22 22:27:57 | 000,065,536 | -HS- | M] () -- C:\Users\Nikki\ntuser.dat{fd2fffc3-8911-11de-8384-0021704843bd}.TM.blf
[2010/06/22 22:27:55 | 002,536,013 | -H-- | M] () -- C:\Users\Nikki\AppData\Local\IconCache.db
[2010/06/22 22:22:37 | 000,000,944 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/22 22:07:14 | 000,001,919 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/06/22 22:04:00 | 000,000,680 | ---- | M] () -- C:\Users\Nikki\AppData\Local\d3d9caps.dat
[2010/06/22 20:27:37 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2010/06/22 19:46:55 | 000,001,804 | ---- | M] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/22 19:46:55 | 000,001,780 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/22 19:27:17 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At6.job
[2010/06/22 19:27:17 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\At5.job
[2010/06/22 19:17:35 | 000,000,874 | ---- | M] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/22 16:00:00 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\At4.job
[2010/06/22 16:00:00 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\At1.job
[2010/06/22 15:59:59 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\At3.job
[2010/06/22 15:59:59 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\At2.job
[2010/06/22 15:20:12 | 000,298,102 | ---- | M] () -- C:\Users\Nikki\Desktop\attachments_2010_06_22.zip
[2010/06/22 10:03:50 | 000,420,247 | ---- | M] () -- C:\Users\Nikki\Desktop\46-screening app.pdf
[2010/06/21 17:18:52 | 000,246,008 | ---- | M] () -- C:\Users\Nikki\Desktop\Application.pdf
[2010/06/19 03:20:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/06/19 03:20:11 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/06/18 22:45:39 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Play Strange Cases - The Tarot Card Mystery.lnk
[2010/06/15 11:12:48 | 004,977,136 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/06/11 22:00:43 | 000,050,176 | ---- | M] () -- C:\Users\Nikki\Documents\Copy of Florida Resident Undergraduate.xls
[2010/06/09 23:40:39 | 000,095,744 | ---- | M] () -- C:\Users\Nikki\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/06/06 01:43:26 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2010/06/02 17:36:27 | 000,176,802 | ---- | M] () -- C:\Users\Nikki\Documents\Fralix credit inquiry letter_page001.jpg
[2010/06/02 17:36:06 | 000,001,398 | ---- | M] () -- C:\Users\Nikki\AppData\Roaming\wklnhst.dat
[2010/06/01 18:43:06 | 000,001,068 | ---- | M] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.6.lnk
[2010/06/01 18:43:06 | 000,001,044 | ---- | M] () -- C:\Users\Nikki\Desktop\FrostWire 4.20.6.lnk
[2010/06/01 12:50:41 | 000,001,477 | ---- | M] () -- C:\Users\Nikki\Desktop\Adobe Illustrator CS3.lnk
[2010/06/01 12:50:39 | 000,001,046 | ---- | M] () -- C:\Users\Nikki\Desktop\Adobe Photoshop CS3.lnk
[2010/06/01 09:51:07 | 000,113,664 | ---- | M] () -- C:\Users\Nikki\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/06/01 09:48:54 | 000,018,803 | ---- | M] () -- C:\Users\Nikki\Documents\Large Square Specs.docx
[2010/05/30 11:20:25 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\iPod To Computer Transfer.lnk
[2010/05/30 10:51:01 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010/05/30 10:45:43 | 000,001,804 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/05/27 20:54:25 | 000,128,755 | ---- | M] () -- C:\Users\Nikki\AppData\Roaming\vso_ts_preview.xml
[2010/05/26 20:01:30 | 000,184,320 | ---- | M] (Homestead Technologies, Inc.) -- C:\Windows\SysWow64\OESICore.dll
[2010/05/26 20:01:30 | 000,045,056 | ---- | M] (Homestead Technologies, Inc.) -- C:\Windows\SysWow64\HSSICore.dll
[2010/05/26 20:01:30 | 000,040,960 | ---- | M] (Homestead Technologies) -- C:\Windows\SysWow64\HS_live.ocx
[2010/05/26 19:59:07 | 000,098,136 | ---- | M] () -- C:\Windows\gzip.exe
[2010/05/26 18:42:54 | 000,001,278 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2010/05/26 18:42:54 | 000,001,223 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2010/05/26 00:13:11 | 000,001,832 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2010/05/25 15:50:09 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\BookSmart.lnk
[2010/05/22 14:58:45 | 000,001,689 | ---- | M] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/04/29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/04/08 21:06:36 | 000,000,162 | -H-- | M] () -- C:\Users\Nikki\Documents\~$oujoij.docx
[2010/04/06 01:05:52 | 000,075,776 | ---- | M] () -- C:\Windows\cadkasdeinst01e.exe
[2010/04/05 22:26:04 | 000,002,039 | ---- | M] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
========== Files Created - No Company Name ==========
[2010/06/22 22:22:37 | 000,000,944 | ---- | C] () -- C:\Users\Public\Desktop\Microsoft Security Essentials.lnk
[2010/06/22 20:27:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2010/06/22 20:26:51 | 000,441,006 | ---- | C] () -- C:\Users\Nikki\AppData\Local\dd_vcredistMSI749C.txt
[2010/06/22 20:26:47 | 000,012,390 | ---- | C] () -- C:\Users\Nikki\AppData\Local\dd_vcredistUI749C.txt
[2010/06/22 19:53:00 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/06/22 19:46:55 | 000,001,804 | ---- | C] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2010/06/22 19:46:55 | 000,001,780 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/06/22 19:17:35 | 000,000,874 | ---- | C] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2010/06/22 15:20:04 | 000,298,102 | ---- | C] () -- C:\Users\Nikki\Desktop\attachments_2010_06_22.zip
[2010/06/22 10:03:49 | 000,420,247 | ---- | C] () -- C:\Users\Nikki\Desktop\46-screening app.pdf
[2010/06/21 17:53:20 | 000,000,000 | ---- | C] () -- C:\Users\Nikki\Sti_Trace.log
[2010/06/21 17:18:50 | 000,246,008 | ---- | C] () -- C:\Users\Nikki\Desktop\Application.pdf
[2010/06/19 03:20:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
[2010/06/19 03:20:11 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_07_00.Wdf
[2010/06/18 22:45:39 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Play Strange Cases - The Tarot Card Mystery.lnk
[2010/06/12 16:00:22 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At6.job
[2010/06/11 22:00:40 | 000,050,176 | ---- | C] () -- C:\Users\Nikki\Documents\Copy of Florida Resident Undergraduate.xls
[2010/06/11 16:00:21 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\At5.job
[2010/06/06 01:43:26 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Game Manager.lnk
[2010/06/02 17:36:26 | 000,176,802 | ---- | C] () -- C:\Users\Nikki\Documents\Fralix credit inquiry letter_page001.jpg
[2010/06/01 18:43:06 | 000,001,068 | ---- | C] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.20.6.lnk
[2010/06/01 18:43:06 | 000,001,044 | ---- | C] () -- C:\Users\Nikki\Desktop\FrostWire 4.20.6.lnk
[2010/06/01 12:50:41 | 000,001,477 | ---- | C] () -- C:\Users\Nikki\Desktop\Adobe Illustrator CS3.lnk
[2010/06/01 12:50:39 | 000,001,046 | ---- | C] () -- C:\Users\Nikki\Desktop\Adobe Photoshop CS3.lnk
[2010/06/01 09:48:53 | 000,018,803 | ---- | C] () -- C:\Users\Nikki\Documents\Large Square Specs.docx
[2010/05/30 11:20:25 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\iPod To Computer Transfer.lnk
[2010/05/30 10:45:43 | 000,001,804 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/05/26 20:01:29 | 000,098,136 | ---- | C] () -- C:\Windows\gzip.exe
[2010/05/26 18:42:54 | 000,001,278 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk
[2010/05/26 18:42:54 | 000,001,223 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2010/05/26 09:31:20 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\At4.job
[2010/05/26 09:29:42 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\At3.job
[2010/05/26 00:18:16 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\At2.job
[2010/05/26 00:16:46 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\At1.job
[2010/05/26 00:13:11 | 000,001,832 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
[2010/05/25 15:50:09 | 000,001,754 | ---- | C] () -- C:\Users\Public\Desktop\BookSmart.lnk
[2010/04/08 21:06:36 | 000,000,162 | -H-- | C] () -- C:\Users\Nikki\Documents\~$oujoij.docx
[2010/04/06 01:05:52 | 000,075,776 | ---- | C] () -- C:\Windows\cadkasdeinst01e.exe
[2010/04/06 00:13:55 | 000,090,624 | ---- | C] () -- C:\Windows\SysNative\Primomonnt.dll
[2010/04/05 22:26:04 | 000,002,039 | ---- | C] () -- C:\Users\Nikki\Application Data\Microsoft\Internet Explorer\Quick Launch\Adobe Digital Editions.lnk
[2009/12/25 16:08:56 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\cygz.dll
[2009/12/25 16:08:56 | 000,007,196 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_3GP_AAC.ini
[2009/12/25 16:08:56 | 000,006,490 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_PSP.ini
[2009/12/25 16:08:56 | 000,005,028 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_3GP2_AAC.ini
[2009/12/25 16:08:56 | 000,003,045 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_iPod.ini
[2009/12/25 16:08:56 | 000,002,956 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_PMP.ini
[2009/12/25 16:08:56 | 000,002,910 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_3GP_AMR.ini
[2009/12/25 16:08:56 | 000,002,516 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_PPC.ini
[2009/12/25 16:08:56 | 000,001,964 | ---- | C] () -- C:\Windows\SysWow64\INI_QT_3GPP2_QVGA_AAC.ini
[2009/12/25 16:08:56 | 000,001,964 | ---- | C] () -- C:\Windows\SysWow64\INI_QT_3GPP2_QCIF_AAC.ini
[2009/12/25 16:08:56 | 000,001,814 | ---- | C] () -- C:\Windows\SysWow64\INI_QT_3GPP_QVGA_AMR.ini
[2009/12/25 16:08:56 | 000,001,814 | ---- | C] () -- C:\Windows\SysWow64\INI_QT_3GPP_QVGA_AAC.ini
[2009/12/25 16:08:56 | 000,001,814 | ---- | C] () -- C:\Windows\SysWow64\INI_QT_3GPP_QCIF_AMR.ini
[2009/12/25 16:08:56 | 000,001,814 | ---- | C] () -- C:\Windows\SysWow64\INI_QT_3GPP_QCIF_AAC.ini
[2009/12/25 16:08:56 | 000,001,814 | ---- | C] () -- C:\Windows\SysWow64\INI_Pro_Xbox.ini
[2009/12/25 16:08:56 | 000,000,036 | ---- | C] () -- C:\Windows\SysWow64\INI_Add_mfra.ini
[2009/12/25 16:08:55 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2009/08/18 15:03:23 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/18 15:02:18 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/08/02 05:32:02 | 000,000,786 | ---- | C] () -- C:\Windows\SysWow64\WLAN.INI
========== LOP Check ==========
[2010/06/22 19:13:19 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Azureus
[2010/06/07 18:03:09 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Big Fish Games
[2010/06/21 17:53:20 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Canon
[2010/04/05 18:24:44 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/06/15 09:50:35 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\DarkParablesBriarRoseSE_BFG
[2010/04/06 00:59:57 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Downloaded Installations
[2010/06/12 19:08:54 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\ERS G-Studio
[2010/06/22 19:13:24 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\FrostWire
[2009/12/30 17:16:05 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\GetRightToGo
[2010/06/06 17:32:44 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\MagicIndie
[2010/06/09 16:30:17 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\MysteryStudio
[2009/12/07 00:24:41 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\OpenCandy
[2009/07/17 12:21:10 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Participatory Culture Foundation
[2009/07/17 12:22:07 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\PCF-VLC
[2010/04/06 00:15:08 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\PrimoPDF
[2010/06/18 22:42:53 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Silverback Productions
[2010/06/12 18:11:49 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Skunk Studios
[2010/04/06 06:35:39 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Smart PDF Converter
[2010/06/19 10:03:57 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\SulusGames
[2008/12/10 15:01:42 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Template
[2010/06/10 10:58:20 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Top Evidence
[2010/04/12 00:10:38 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\UDC Profiles
[2010/06/22 22:30:52 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\uTorrent
[2010/05/27 20:54:26 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Vso
[2010/05/26 18:44:23 | 000,000,000 | ---D | M] -- C:\Users\Nikki\AppData\Roaming\Western Digital
[2010/06/22 16:00:00 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\At1.job
[2010/06/22 15:59:59 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\At2.job
[2010/06/22 15:59:59 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\At3.job
[2010/06/22 16:00:00 | 000,000,376 | ---- | M] () -- C:\Windows\Tasks\At4.job
[2010/06/22 19:27:17 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\At5.job
[2010/06/22 19:27:17 | 000,000,344 | ---- | M] () -- C:\Windows\Tasks\At6.job
[2010/06/22 22:28:59 | 000,000,288 | ---- | M] () -- C:\Windows\Tasks\RtlNICDiagVistaStart.job
[2010/06/22 22:28:00 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2009/04/11 02:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2008/11/26 23:08:19 | 000,005,093 | RH-- | M] () -- C:\dell.sdr
[2010/06/22 22:28:42 | 2460,233,727 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\System32\config\*.sav >
< %systemroot%\system32\user32.dll /md5 >
[2009/04/11 02:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
< %systemroot%\system32\ws2_32.dll /md5 >
[2008/01/20 22:50:35 | 000,179,200 | ---- | M] (Microsoft Corporation) MD5=B304D47D5744BA20FCB99FB8B2C07B0B -- C:\Windows\SysWOW64\ws2_32.dll
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
========== Alternate Data Streams ==========
@Alternate Data Stream - 227 bytes -> C:\ProgramData\TEMP:EEB25EAE
@Alternate Data Stream - 225 bytes -> C:\ProgramData\TEMP:008586AE
@Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:32A82570
@Alternate Data Stream - 215 bytes -> C:\ProgramData\TEMP:5C6EBC69
@Alternate Data Stream - 203 bytes -> C:\ProgramData\TEMP:1ECED34B
@Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:05670151
@Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:FAB64002
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:9D6EAEC3
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:B8EB1B99
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:737160C1
@Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:D1B5B4F1
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:7A032A04
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:3AD6342E
< End of report >
Extras.Txt
OTL Extras logfile created on: 6/22/2010 11:02:09 PM - Run 1
OTL by OldTimer - Version 3.2.6.1 Folder = C:\Users\Nikki\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18928)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
6.00 Gb Total Physical Memory | 4.00 Gb Available Physical Memory | 66.00% Memory free
12.00 Gb Paging File | 10.00 Gb Available in Paging File | 84.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683.57 Gb Total Space | 477.88 Gb Free Space | 69.91% Space Free | Partition Type: NTFS
Drive D: | 15.00 Gb Total Space | 8.69 Gb Free Space | 57.94% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive K: | 1.90 Gb Total Space | 1.84 Gb Free Space | 96.82% Space Free | Partition Type: FAT
Computer Name: NIKKI-PC
Current User Name: Nikki
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 00 D5 61 B1 9D 0C CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2AF580E6-F4E3-4C30-9D08-7C23EE797B0A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2E0FFFBC-9F7F-483B-BD03-D146F9339E76}" = rport=445 | protocol=6 | dir=out | app=system |
"{320DF203-CE92-4A20-AF64-088CAC14EBA9}" = rport=139 | protocol=6 | dir=out | app=system |
"{37FF00ED-5986-490E-BF93-1C87CBD29719}" = rport=137 | protocol=17 | dir=out | app=system |
"{3E84149F-589D-4C9C-8D4F-2F5B8B06F544}" = lport=138 | protocol=17 | dir=in | app=system |
"{47035755-6CA2-4DFA-ABB8-8830238A6F6D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{4BE53D70-51C8-43AD-9FB1-F504A9E59F59}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{682C2733-15FE-4AAE-B455-4F7838EC6ED5}" = lport=445 | protocol=6 | dir=in | app=system |
"{76EF2C4B-3317-4862-A9FF-A34A22FEC716}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{973B4192-00AC-4D87-8E28-A4B3438FD7FA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{A6A5B684-61A4-480B-8C15-853D2F52FD5D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB62E585-B035-4F7A-8997-E92A70DB080F}" = lport=139 | protocol=6 | dir=in | app=system |
"{BF782A8B-3332-4526-83C3-D9B2F56AD6DD}" = lport=137 | protocol=17 | dir=in | app=system |
"{CB3A5005-31BE-4390-9486-A3111337D0FE}" = rport=138 | protocol=17 | dir=out | app=system |
"{CDC9CD3B-1AEC-4412-8AE5-BE9111ECF878}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{D212FC33-33FA-404E-8982-EB355A75D365}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D66D28E7-0F3B-4190-8991-0C41A95B473E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E32E5A9A-7F02-47E8-A391-8995EF52C98D}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FB8A734B-E451-4252-BE21-A1A6408C3E50}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0024F104-393D-4769-A99C-1242ED23EF8C}" = protocol=1 | dir=out | [email protected],-28544 |
"{065AABAB-C504-464D-9D64-0B029F93B50E}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{0727D904-B322-4B5F-BCF9-ADFD73868F1D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0F93CA80-00F5-405E-AC3C-3C2722369187}" = protocol=6 | dir=in | app=c:\program files (x86)\att-hsi\mccibrowser.exe |
"{0FBF627A-3219-402B-BD32-9E3EF20EB2A1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{16BB5A19-84A0-4CAE-8F2E-3A5F2E424942}" = protocol=58 | dir=in | [email protected],-28545 |
"{273D15C2-82E1-4D17-BA32-387A50CE8289}" = protocol=6 | dir=in | app=c:\program files (x86)\att-hsi\mccibrowser.exe |
"{2D02D74E-28C2-48AE-A61E-4C29198E3367}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{3D88A987-EC1F-4C07-A8BF-AF43FB0BBBFE}" = protocol=1 | dir=in | [email protected],-28543 |
"{4F7F3ECF-39BB-49AB-8B17-6D5E24904885}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{593206D9-A80C-47C1-BDB9-76D711E4A81E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6C64BFE4-2A2A-49C6-BEA2-8941F82A47A2}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6EDA7119-F76B-4E3C-A268-68DB0060D8FF}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{72CB2A81-06FE-49BE-85A2-BCF1C93EF47C}" = protocol=6 | dir=in | app=c:\program files\alwil software\avast5\avastui.exe |
"{7B13046D-82BA-4ECB-B82F-1A9AE74EFF6E}" = protocol=17 | dir=in | app=c:\program files (x86)\att-hsi\mccibrowser.exe |
"{7CCE47A3-5329-4A78-9003-4B0145131197}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{830E7D5E-5E8A-4639-A805-37325EC948BE}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8360718F-0542-4A80-B570-01F2ABBF4E8E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{85A065C3-2B7D-4885-86BB-CBB14F628DE5}" = protocol=58 | dir=out | [email protected],-28546 |
"{8E676918-5B8C-4944-B874-D3602971D77B}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{908852EF-D24D-4456-9E96-2A3A943F8E78}" = protocol=17 | dir=in | app=c:\program files\alwil software\avast5\avastui.exe |
"{91D97B51-52EA-4E56-9EBB-3DC0A89005C4}" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"{993C6412-57E1-46DE-989F-8DE5CF874906}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{A202B5A5-35B7-448E-8D14-13A6094091CE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{BA45888C-DF3F-4FDA-B258-11DBED937337}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{C6AF6F41-1E12-42B1-8000-F72EA524A7F2}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{CCF6CD9B-3C8E-4BFE-8669-79057CA287A5}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{DEDD4F2C-EA3B-4943-80EB-4ED2FF5D514E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E17980A4-2ED4-4463-A110-159374676AA8}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{EAA1E55A-482E-46FB-922F-B9146BF4A3A7}" = protocol=17 | dir=in | app=c:\program files (x86)\att-hsi\mccibrowser.exe |
"{F4D7ACEB-980B-413D-A9AE-BE85BFAFE918}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{F7D2A556-9080-4343-99CB-80183E776312}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{FA08CCDE-357F-417D-93DA-73399A8A0E96}" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"TCP Query User{219CB3F0-926D-4111-BCAB-97372F0D2D34}C:\program files (x86)\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"TCP Query User{64517E27-71DA-49AC-BD08-4529077A3522}C:\program files (x86)\maple 13\jre\bin\maple.exe" = protocol=6 | dir=in | app=c:\program files (x86)\maple 13\jre\bin\maple.exe |
"TCP Query User{9776CDD5-9303-40C8-A519-F7687AFEF11C}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{EBD84156-155C-453E-9EBB-3CFDD7B6DE04}C:\program files (x86)\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"UDP Query User{58B0B391-ADDA-4DCB-AD36-0EF973DECD30}C:\program files (x86)\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\frostwire\frostwire.exe |
"UDP Query User{670D134E-B213-4D18-A9F8-A22DFD0AAEE4}C:\program files (x86)\maple 13\jre\bin\maple.exe" = protocol=17 | dir=in | app=c:\program files (x86)\maple 13\jre\bin\maple.exe |
"UDP Query User{9EEEF7F9-50C1-4231-AA66-8C2112C77F23}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"UDP Query User{DBFC7333-CE83-463A-ACFB-D5778F4B2BCF}C:\program files (x86)\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series" = Canon MP620 series MP Drivers
"{129E42AF-AE8D-9834-4759-713A0418E048}" = ccc-utility64
"{1C89932F-1D9D-4776-AD7A-9156FF792539}" = Modem Diagnostic Tool
"{404BB1FF-A84F-432F-B77B-301E88E8D1C7}" = Apple Mobile Device Support
"{604CB4FC-3D32-405F-A109-165F170529B6}" = WD SmartWare
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95C9C76F-ECF3-40FA-94F8-5DDFB6BAF40D}" = Microsoft Security Essentials
"{96D5EB02-DE18-4DCD-A713-929B4461CA8D}" = iTunes
"{C19D4D8F-4433-4F6D-9F0C-79589FD0B973}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E590FD1C-E8C6-4D2E-8CA9-77B403F7EE01}" = Microsoft Antimalware
"CNXT_MODEM_PCI_HSF" = Conexant D850 PCI V.92 Modem
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Security Essentials" = Microsoft Security Essentials
"Smart PDF Converter_is1" = Smart PDF Converter 5.0.1.335
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}" = Adobe Color NA Recommended Settings CS4
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03B25762-461B-22C8-9AF0-170F3D749061}" = Catalyst Control Center Graphics Previews Vista
"{03BF49A6-A643-A836-0732-2467E9A6B911}" = Catalyst Control Center Localization Korean
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0AC7F464-85E9-337D-B100-DC178C14A699}" = Catalyst Control Center Core Implementation
"{0BC1B842-C298-99E6-D0A8-FA3B33A07C5C}" = Catalyst Control Center Localization German
"{0BF215E3-C97F-7BF3-96D0-9C7D3F5FF9B4}" = Catalyst Control Center Localization Chinese Traditional
"{0D1303D7-3918-3014-E119-33DBB649BE86}" = Catalyst Control Center Localization Spanish
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{138BF761-BFAA-29BB-B755-91262DE91A19}" = ccc-core-static
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{162981A5-050A-3DDA-2477-49724E334DEF}" = CCC Help Spanish
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FECF5F8-8E75-432C-9FF7-1C04F1956B54}" = Realtek Ethernet Network Card Diagnostic tool for Windows Vista
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java™ 6 Update 20
"{276B965A-AC01-955C-E678-C8D25C58A42B}" = Catalyst Control Center Graphics Previews Common
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2B83C858-A352-1E5D-0052-C326C815F3C4}" = CCC Help Japanese
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4571CC76-42C4-7D67-E024-0AEB166E1C6F}" = Acrobat.com
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C335AD4-6821-4028-9A6C-13943762DB55}" = Convert X to DVD 3.4.7.121
"{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}" = Adobe Setup
"{5370D92F-CF5A-4A38-DE84-151F9F58BCB2}" = Catalyst Control Center Localization Italian
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}" = Adobe Color EU Extra Settings CS4
"{56CDA83B-BC0B-A4A7-BD48-1176A6C97033}" = Catalyst Control Center Graphics Light
"{62BB3973-E765-3178-4FF2-0F447122696C}" = Adobe Support Advisor
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63EB4545-0CB5-35FE-D20C-F8E6995703F3}" = Catalyst Control Center Localization French
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{712A51A2-68F2-17D2-E3EB-C199DA0E0BE0}" = Catalyst Control Center Localization Portuguese
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{88477E65-A679-2CAE-645A-5073ED86715B}" = CCC Help Portuguese
"{88DCB080-7A56-5697-4407-21BD03DCE401}" = Catalyst Control Center Graphics Full New
"{8AC7ACAD-10E5-E7F4-481A-29C4C8B19990}" = Catalyst Control Center Graphics Full Existing
"{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}" = CDDRV_Installer
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1)
"{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English)
"{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PRJPRO_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_WebDesigner_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}" = Microsoft Office Project Professional 2007
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{9E73617F-2F38-4864-BD61-BB2DDFE43323}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B4-0409-0000-0000000FF1CE}" = Microsoft Office Project MUI (English) 2007
"{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{27A9D316-D332-433B-8EB1-1D93EE49F26D}" = Microsoft Office Project 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PRJPRO_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_WebDesigner_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{99D8CE0E-20C7-3761-5F90-0E1329A55824}" = CCC Help Hungarian
"{9C2F79E2-4B21-E840-CF5B-FF1EE52E5B9F}" = Catalyst Control Center Localization Chinese Standard
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A029AD64-F8F2-09AD-E29B-623B4BBF872C}" = CCC Help French
"{A09B8374-BD00-63EB-9616-E624A44EF877}" = CCC Help German
"{A28D08AE-3FBD-EBDB-BA28-CE719F699E48}" = CCC Help Chinese Standard
"{A3111537-BA7A-C129-1E6B-E2C77DCA3AD2}" = CCC Help Italian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA20E409-BDB4-439B-B75B-D5B193546779}" = Linksys Wireless-N PCI Adapter WMP300N Driver - WMP300Nv1.1
"{AC76BA86-7AD7-1033-7B44-A93000000001}" = Adobe Reader 9.3.2
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2050314-D2DF-6589-E155-5E4E8F8AB3D4}" = Catalyst Control Center Localization Turkish
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C2112C02-1BCA-A86F-F6E1-264CCE43F451}" = CCC Help Chinese Traditional
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{CDA2EBE1-999C-48FB-DF9A-81C789900BFF}" = CCC Help Turkish
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D68F16A7-9447-8A92-7EF3-A4E26B2A95EE}" = CCC Help English
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE27264D-7CA0-3317-7192-C64F0B7D9AB3}" = Catalyst Control Center Localization Japanese
"{E044161D-75F5-3EC5-2BDA-42D106E602D2}" = CCC Help Korean
"{E112EC9E-B411-F3E0-EF02-C0D21C09F329}" = Catalyst Control Center Localization Hungarian
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA778E78-0B7B-05AE-A72F-AF484D201DFB}" = Skins
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Adobe_a04a925a57548091300ada368235fc6" = Adobe Illustrator CS3
"AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Support Advisor
"Ask Toolbar_is1" = Vuze Toolbar
"ATT-PRT22" = ATT-PRT22
"BFGC" = Big Fish Games: Game Manager
"BFG-Dark Parables - Curse of Briar Rose" = Dark Parables: Curse of Briar Rose
"BFG-Murder She Wrote" = Murder, She Wrote
"BFG-Robinson Crusoe and the Cursed Pirates" = Robinson Crusoe and the Cursed Pirates
"BFG-Strange Cases - The Tarot Card Mystery" = Strange Cases: The Tarot Card Mystery
"BookSmart® 2.6.1 2.6.1" = BookSmart® 2.6.1 2.6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Digital Editions" = Adobe Digital Editions
"ENTERPRISE" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Free Studio_is1" = Free Studio version 4.2
"FrostWire" = FrostWire 4.20.6
"iPod To Computer Transfer_is1" = iPod To Computer Transfer 6.2
"Little Registry Cleaner" = Little Registry Cleaner
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"PDF Editor 3" = PDF Editor 3
"PRJPRO" = Microsoft Office Project Professional 2007
"Uninstall_is1" = Uninstall 1.0.0.1
"Universal Document Converter_is1" = Universal Document Converter (Demo)
"WebDesigner" = Microsoft Expression Web
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 6/15/2010 11:13:46 AM | Computer Name = Nikki-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/15/2010 11:15:24 AM | Computer Name = Nikki-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/15/2010 11:17:21 AM | Computer Name = Nikki-PC | Source = ESENT | ID = 215
Description = WinMail (3108) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 6/15/2010 11:17:24 AM | Computer Name = Nikki-PC | Source = ESENT | ID = 215
Description = WinMail (3396) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.
Error - 6/15/2010 11:34:46 AM | Computer Name = Nikki-PC | Source = Application Error | ID = 1000
Description = Faulting application lsass.exe, version 0.0.0.0, time stamp 0x2a425e19,
faulting module Flash10e.ocx, version 10.0.45.2, time stamp 0x4b5f8faa, exception
code 0xc0000005, fault offset 0x002f7be7, process id 0x1094, application start time
0x01cb0c9e031a5d40.
Error - 6/16/2010 12:57:00 AM | Computer Name = Nikki-PC | Source = Application Error | ID = 1000
Description = Faulting application svc.exe, version 0.0.0.0, time stamp 0x2a425e19,
faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code
0xc0000005, fault offset 0x09090909, process id 0x1d78, application start time 0x01cb0d0dcca7fe00.
Error - 6/16/2010 5:13:21 PM | Computer Name = Nikki-PC | Source = WinMgmt | ID = 10
Description =
Error - 6/16/2010 5:22:44 PM | Computer Name = Nikki-PC | Source = Application Error | ID = 1000
Description = Faulting application lsass.exe, version 0.0.0.0, time stamp 0x2a425e19,
faulting module Flash10e.ocx, version 10.0.45.2, time stamp 0x4b5f8faa, exception
code 0xc0000005, fault offset 0x000ce151, process id 0xa30, application start time
0x01cb0d989b3c7a8b.
Error - 6/16/2010 5:26:09 PM | Computer Name = Nikki-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18928, time stamp
0x4bdfa327, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception
code 0xc00000fd, fault offset 0x75579bb4, process id 0x8dc, application start time
0x01cb0d9a7ce5befb.
Error - 6/16/2010 6:08:05 PM | Computer Name = Nikki-PC | Source = WinMgmt | ID = 10
Description =
[ System Events ]
Error - 6/22/2010 7:52:24 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 6/22/2010 7:52:24 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/22/2010 8:22:26 PM | Computer Name = Nikki-PC | Source = DCOM | ID = 10005
Description =
Error - 6/22/2010 8:22:26 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 6/22/2010 8:22:26 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/22/2010 9:56:57 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 6/22/2010 9:58:58 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7031
Description =
Error - 6/22/2010 10:07:00 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 6/22/2010 10:07:00 PM | Computer Name = Nikki-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 6/22/2010 10:07:00 PM | Computer Name = Nikki-PC | Source = DCOM | ID = 10005
Description =
< End of report >
Please let me know what the next step is....
Sign In
Create Account
