Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

tcpip.sys crash - BSOD

Started by JoeyTwoSneezes , Dec 12 2010 08:49 PM

  • Please log in to reply

#1
JoeyTwoSneezes
Posted 12 December 2010 - 08:49 PM

JoeyTwoSneezes

    New Member

  • Member
  • Pip
  • 1 posts
Whenever I run a packet sniffer program on my system it crashes tcpip.sys and I get the blue screen of death.
The first piece of software that crashed my system was 'What is Transferring' by LionMax Software.
The second piece of software was 'WireShark'

I thought it might be my AV software kicking in so I disabled it and ran WireShark again. tcpip.sys crashed again. Now we are here.

Below are the results of the OTL Quickscan. Any help will be graciously appreciated.

OTL.txt

OTL logfile created on: 12/12/2010 5:57:08 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Program Files (x86)\OTL
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 50.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 203.01 Gb Total Space | 67.68 Gb Free Space | 33.34% Space Free | Partition Type: NTFS
Drive D: | 291.59 Gb Total Space | 114.23 Gb Free Space | 39.17% Space Free | Partition Type: NTFS
Drive G: | 7.60 Gb Total Space | 6.63 Gb Free Space | 87.19% Space Free | Partition Type: FAT32
Drive I: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.47 Gb Total Space | 6.43 Gb Free Space | 85.99% Space Free | Partition Type: FAT32

Computer Name: JECOLLI-PC | User Name: jecolli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/12 17:51:18 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files (x86)\OTL\OTL.exe
PRC - [2010/11/17 00:10:36 | 000,954,880 | ---- | M] (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
PRC - [2010/11/09 13:39:20 | 000,233,936 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe
PRC - [2010/10/21 05:21:51 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2010/10/13 19:38:30 | 015,274,112 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\WorkShelf.exe
PRC - [2010/10/13 13:34:00 | 007,262,848 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\Nextstart.exe
PRC - [2010/10/11 15:12:08 | 000,273,672 | ---- | M] (Microsoft Corp.) -- C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe
PRC - [2010/09/29 03:11:07 | 000,174,400 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\TPSrvWow.exe
PRC - [2010/09/13 03:11:00 | 000,202,048 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PavFnSvr.exe
PRC - [2010/09/02 05:46:18 | 000,185,640 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe
PRC - [2010/09/02 05:46:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe
PRC - [2010/09/02 05:46:04 | 000,206,120 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe
PRC - [2010/08/16 07:54:45 | 000,028,992 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\psksvc.exe
PRC - [2010/06/04 09:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\pavsrvx86.exe
PRC - [2010/05/28 12:42:32 | 000,225,600 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\AVENGINE.EXE
PRC - [2010/04/22 17:29:12 | 000,107,776 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\WebProxy.exe
PRC - [2010/02/23 11:09:34 | 000,111,872 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PavBckPT.exe
PRC - [2009/12/10 11:13:56 | 004,562,944 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
PRC - [2009/11/27 12:04:44 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
PRC - [2009/11/26 16:03:56 | 000,226,560 | ---- | M] (Panda Security International) -- c:\Program Files (x86)\Panda Security\Panda Global Protection 2011\FIREWALL\PSHost.exe
PRC - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PsCtrlS.exe
PRC - [2009/05/12 02:05:52 | 000,247,808 | ---- | M] (Winstep Software Technologies) -- C:\Program Files (x86)\Winstep\WsxService.exe
PRC - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/06/27 12:23:00 | 000,091,392 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\SrvLoad.exe
PRC - [2008/06/19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PsImSvc.exe
PRC - [2008/06/12 22:17:01 | 000,042,168 | ---- | M] (Antony Lewis) -- C:\Program Files (x86)\WordWeb\wweb32.exe
PRC - [2008/02/04 16:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\PavPrSrv.exe


========== Modules (SafeList) ==========

MOD - [2010/12/12 17:51:18 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Program Files (x86)\OTL\OTL.exe
MOD - [2010/08/31 10:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2010/05/18 17:50:42 | 000,152,896 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PavTrc.dll
MOD - [2009/08/10 12:46:20 | 000,025,344 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\sysHelper32.dll
MOD - [2009/08/10 12:45:54 | 000,095,488 | ---- | M] (Panda Security, S.L.) -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PavOEpl.dll
MOD - [2009/03/30 17:32:26 | 000,087,296 | ---- | M] (Panda Security, S.L.) -- C:\Windows\SysWOW64\PavLspHookWow.dll
MOD - [2008/06/03 14:13:14 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcr71.dll
MOD - [2008/06/03 14:13:12 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msvcp71.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/10 16:25:46 | 000,342,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV:64bit: - [2008/12/11 14:53:38 | 000,098,488 | ---- | M] (SiSoftware) [Disabled | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV:64bit: - [2008/11/21 17:27:30 | 000,164,056 | ---- | M] (Softros Systems, Inc.) [Disabled | Stopped] -- C:\Program Files\Process Blocker\Process Blocker.exe -- (Process Blocker)
SRV:64bit: - [2008/08/19 16:27:22 | 000,024,576 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV:64bit: - [2008/07/26 07:25:24 | 000,187,928 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcS64)
SRV:64bit: - [2008/07/26 07:23:54 | 000,255,000 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVCSer64.exe -- (LVCOMSer)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/12/10 22:11:30 | 000,015,872 | ---- | M] (Agere Systems) [Disabled | Stopped] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio)
SRV - [2010/10/13 17:06:34 | 000,098,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2010/09/29 03:11:07 | 000,174,400 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\TPSrvWow.exe -- (TPSrv)
SRV - [2010/09/13 03:11:00 | 000,202,048 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PavFnSvr.exe -- (PAVFNSVR)
SRV - [2010/09/02 05:46:18 | 000,185,640 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\tgsrvc.exe -- (tgsrvc_verizondm) SupportSoft Repair Service (verizondm)
SRV - [2010/09/02 05:46:16 | 000,206,120 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\VERIZONDM\bin\sprtsvc.exe -- (sprtsvc_verizondm) SupportSoft Sprocket Service (verizondm)
SRV - [2010/08/16 07:54:45 | 000,028,992 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PskSvc.exe -- (PskSvcRetail)
SRV - [2010/06/25 12:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2010/06/04 09:37:50 | 000,314,176 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\pavsrvx86.exe -- (PAVSRV)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/27 12:04:44 | 000,278,528 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe -- (WSWNA1100)
SRV - [2009/11/26 16:03:56 | 000,226,560 | ---- | M] (Panda Security International) [Auto | Running] -- c:\program files (x86)\panda security\panda global protection 2011\firewall\PSHOST.EXE -- (PSHost)
SRV - [2009/11/05 16:10:22 | 000,954,368 | ---- | M] (Atheros Communications, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\NETGEAR\WNA1100\jswpsapi.exe -- (jswpsapi)
SRV - [2009/09/16 18:22:08 | 000,020,480 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2009/08/10 13:46:08 | 000,173,312 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PsCtrls.exe -- (Panda Software Controller)
SRV - [2009/05/12 02:05:52 | 000,247,808 | ---- | M] (Winstep Software Technologies) [Auto | Running] -- C:\Program Files (x86)\Winstep\WsxService.exe -- (Winstep Xtreme Service)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008/11/21 21:50:46 | 000,743,192 | ---- | M] (Acronis) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/07/29 19:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008/06/19 11:59:50 | 000,108,288 | ---- | M] (Panda Security S.L.) [Auto | Running] -- C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\PsImSvc.exe -- (PSIMSVC)
SRV - [2008/05/20 19:50:50 | 000,269,448 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2008/02/04 16:26:48 | 000,062,768 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe -- (PavPrSrv)
SRV - [2007/07/24 10:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/05/31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/05/24 06:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/01/04 18:48:52 | 000,112,152 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\Prot6Flt.sys -- (Prot6Flt)
DRV:64bit: - File not found [Kernel | On_Demand | Running] -- C:\Windows\SysNative\PavTPK.sys -- (PavTPK.sys)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVcKap64.sys -- (LVcKap64)
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ipinip.sys -- (IpInIp)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/06 01:11:09 | 000,015,928 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\COMFiltr.sys -- (ComFiltr)
DRV:64bit: - [2010/06/25 12:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010/06/22 17:20:18 | 000,030,792 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2010/05/21 12:50:50 | 000,065,608 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\amm6460.sys -- (AmFSM)
DRV:64bit: - [2010/02/18 18:31:20 | 000,214,536 | ---- | M] (Panda Security, S.L.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\n64i1642.sys -- (NETIMFLT01060042)
DRV:64bit: - [2010/02/18 18:31:18 | 000,118,280 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\APPFLT64.SYS -- (APPFLT)
DRV:64bit: - [2010/01/26 16:52:22 | 001,212,416 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/11/27 03:49:00 | 001,659,392 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\athurx.sys -- (athur)
DRV:64bit: - [2009/10/27 11:07:42 | 000,048,136 | ---- | M] (Panda Security, S.L.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\ShldFlt.sys -- (ShldFlt)
DRV:64bit: - [2009/09/25 13:54:08 | 000,074,760 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\WNMFLT64.SYS -- (WNMFLT)
DRV:64bit: - [2009/09/25 13:54:06 | 000,170,504 | ---- | M] (Panda Security, S.L.) [TDI Layer] [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NETTDI64.SYS -- (NETFLTDI)
DRV:64bit: - [2009/09/25 13:54:06 | 000,078,856 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\IDSFLT64.SYS -- (IDSFLT)
DRV:64bit: - [2009/09/25 13:54:02 | 000,082,952 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\DSAFLT64.SYS -- (DSAFLT)
DRV:64bit: - [2009/09/25 13:54:02 | 000,031,752 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\fnetm64.SYS -- (FNETMON)
DRV:64bit: - [2009/08/21 15:24:02 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/04/11 00:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/03/26 07:00:16 | 000,071,168 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009/02/02 14:47:42 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\akshasp.sys -- (akshasp)
DRV:64bit: - [2009/02/02 14:34:10 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2009/01/28 14:02:54 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\aksusb.sys -- (aksusb)
DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2009/01/08 19:07:58 | 001,581,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\tdrpm174.sys -- (tdrpman174) Acronis Try&Decide and Restore Points filter (build 174)
DRV:64bit: - [2009/01/08 19:07:52 | 000,880,160 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\timntr.sys -- (timounter)
DRV:64bit: - [2009/01/08 19:07:52 | 000,083,488 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys -- (tifsfilter)
DRV:64bit: - [2009/01/08 19:07:50 | 000,237,600 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\snman380.sys -- (snapman380) Acronis Snapshots Manager (Build 380)
DRV:64bit: - [2008/11/25 22:57:04 | 000,022,944 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP2\WNt500x64\sandra.sys -- (SANDRA)
DRV:64bit: - [2008/08/21 23:50:32 | 000,019,456 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motccgp.sys -- (motccgp)
DRV:64bit: - [2008/08/21 23:50:02 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2008/07/29 19:53:50 | 000,060,976 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys -- (psdvdisk)
DRV:64bit: - [2008/07/29 19:53:50 | 000,021,040 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys -- (PSDNServ)
DRV:64bit: - [2008/07/29 19:53:48 | 000,022,064 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV:64bit: - [2008/07/26 14:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2008/07/26 14:22:34 | 002,624,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
DRV:64bit: - [2008/07/26 07:24:40 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2008/07/26 07:24:40 | 000,030,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2008/07/20 15:31:36 | 000,084,480 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PTDLWWAN.sys -- (PTDLWWAN)
DRV:64bit: - [2008/07/20 15:31:34 | 000,066,688 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PTDLVsp.sys -- (PTDLVsp)
DRV:64bit: - [2008/07/20 15:31:32 | 000,070,784 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PTDLMdm.sys -- (PTDLMdm)
DRV:64bit: - [2008/07/20 15:31:30 | 000,066,304 | ---- | M] (DEVGURU Co,LTD.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\PTDLBus.sys -- (PTDLBus)
DRV:64bit: - [2008/05/26 13:54:28 | 000,120,816 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSVD.sys -- (WSVD)
DRV:64bit: - [2008/05/20 19:33:36 | 000,028,416 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2008/05/15 02:28:00 | 000,026,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\jswpslwfx.sys -- (JSWPSLWF)
DRV:64bit: - [2008/02/25 18:29:24 | 000,013,144 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ITEIO.sys -- (ITEIO.SYS)
DRV:64bit: - [2008/02/11 14:57:10 | 000,070,272 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2008/01/30 19:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/01/20 21:49:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RootMdm.sys -- (ROOTMODEM)
DRV:64bit: - [2007/04/16 19:51:50 | 000,014,112 | R--- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV:64bit: - [2007/01/19 18:24:24 | 000,025,312 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\scmndisp.sys -- (SCMNdisP)
DRV:64bit: - [2006/09/18 16:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\WBEM\ntfs.mof -- (Ntfs)
DRV - [2010/03/17 15:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 15:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/02/16 06:50:31 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64)
DRV - [2009/03/12 13:10:40 | 000,453,632 | ---- | M] (Aladdin Knowledge Systems) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\hardlock.sys -- (hardlock)
DRV - [2008/08/19 16:23:00 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_x1700
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer...&m=aspire_x1700

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer...&m=aspire_x1700
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = file:///C:/CISCO_CCNA/Exploration1_English/index.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..network.proxy.type: 0



[2010/08/11 21:27:14 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Mozilla\Extensions
[2010/11/11 21:35:55 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Mozilla\Firefox\Profiles\9724jy0f.default\extensions
[2010/08/11 21:47:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\jecolli\AppData\Roaming\Mozilla\Firefox\Profiles\9724jy0f.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/11 21:35:55 | 000,000,000 | ---D | M] (Verizon Toolbar) -- C:\Users\jecolli\AppData\Roaming\Mozilla\Firefox\Profiles\9724jy0f.default\extensions\{96ce3418-8ef3-45b5-8808-de5dbe03fb13}
[2010/10/16 16:14:15 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\jecolli\AppData\Roaming\Mozilla\Firefox\Profiles\9724jy0f.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/09/27 10:49:31 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Mozilla\Firefox\Profiles\9724jy0f.default\extensions\[email protected]
[2010/08/15 11:59:40 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/08/11 21:41:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/08/11 15:39:58 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\verizontb.xml

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - No CLSID value found.
O2 - BHO: (NASDAQ Quote Toolbar) - {A057A204-BACC-4D26-CCD1-7FBE89E33DC9} - C:\Program Files (x86)\nasdaq\nasdaq.dll (Nasdaq )
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (NASDAQ Quote Toolbar) - {A057A204-BACC-4D26-CCD1-7FBE89E33DC9} - C:\Program Files (x86)\nasdaq\nasdaq.dll (Nasdaq )
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3:64bit: - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files (x86)\Acer\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [APVXDWIN] C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\APVXDWIN.EXE (Panda Security, S.L.)
O4 - HKLM..\Run: [Bing Bar] C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2348.0\mswinext.exe (Microsoft Corp.)
O4 - HKLM..\Run: [NextSTART] File not found
O4 - HKLM..\Run: [SCANINICIO] C:\Program Files (x86)\Panda Security\Panda Global Protection 2011\Inicio.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [VERIZONDM] C:\Program Files (x86)\VERIZONDM\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [Workshelf] File not found
O4 - HKCU..\Run: [NextSTART] C:\Program Files (x86)\Winstep\nextstart.exe (Winstep Software Technologies)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Workshelf] C:\Program Files (x86)\Winstep\workshelf.exe (Winstep Software Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: GreyMSIAds = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O9 - Extra Button: Download Video - {3B54DEAB-C6D4-48a8-8C32-A70558643400} - C:\Program Files (x86)\FinalVideoDownloader\fvdRunner.html ()
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: advancedanalyzer.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: ameritrade.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: secunia.com ([psi] https in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office2010.mi...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {06305358-99CE-4C47-B59C-939B76856C2B} http://download.micr...6B/pmupd806.exe (MSN Money Charting)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support....veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {35B7E48B-9D81-4C6C-9578-5FD4F620D886} http://host1.telecha...stall/setup.exe (InstallShield Setup Player 2K2)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.h...tDetection2.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} http://v4.windowsupd...0104.1805208333 (Update Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...rk.cab56649.cab (MSN Games - Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://iplay.oberon-...ronGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://l.yimg.com/jh...aploader_v6.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} http://download.mcaf...567/mcfscan.cab (McFreeScan Class)
O16 - DPF: {FF3C5A9F-5A99-4930-80E8-4709194C2AD3} http://zone.msn.com/...on.cab64162.cab (MSN Games – Backgammon)
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} http://utilities.pcp.../pcpitstop2.dll (PCPitstop Exam)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\qbwc {FC598A64-626C-4447-85B8-53150405FD57} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - Reg Error: Key error. File not found
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\avldr: DllName - Reg Error: Value error. - C:\Windows\SysNative\avldr64.dll (On-Access Anti-Malware Scanner Sync)
O20 - Winlogon\Notify\avldr: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop WallPaper: C:\Users\Public\Documents\WinStep\Themes\aero lowres\\wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Documents\WinStep\Themes\aero lowres\\wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/05/06 07:26:23 | 000,000,309 | R--- | M] () - I:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/11/13 04:27:58 | 000,000,115 | -HS- | M] () - J:\autorun.inf -- [ FAT32 ]
O33 - MountPoints2\{112a9b62-db9b-11de-9d27-00219741976b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{3ad68cc3-ce5d-11de-bfa0-00219741976b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{4246db86-2f92-11de-9c39-00219741976b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{69303743-d7b1-11de-b353-00219741976b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- File not found
O33 - MountPoints2\{741737c7-a5fc-11df-b9e9-00219741976b}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- File not found
O33 - MountPoints2\{c1e4dc09-dde1-11dd-89e9-00219741976b}\Shell\AutoRun\command - "" = J:\StartCodySafe.exe -- [2010/02/13 17:18:58 | 000,182,756 | ---- | M] (by Codyssey.com)
O33 - MountPoints2\{c1e4dc0c-dde1-11dd-89e9-00219741976b}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -- [2007/10/23 02:45:39 | 001,336,632 | R--- | M] ()
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/12/12 17:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OTL
[2010/12/12 06:32:29 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\Microsoft
[2010/12/12 03:25:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Packet Tracer 5.0
[2010/12/09 19:25:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Camtech
[2010/12/09 19:24:49 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Roaming\Camtech
[2010/12/09 08:39:28 | 000,000,000 | ---D | C] -- C:\Users\jecolli\Documents\Politics
[2010/12/08 18:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FinalVideoDownloader
[2010/12/08 18:00:44 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Roaming\FinalTorrent
[2010/12/08 17:14:15 | 000,544,768 | ---- | C] (Stardock Corporation) -- C:\Windows\SysWow64\wbocx.ocx
[2010/12/08 17:14:15 | 000,056,496 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\SysWow64\wbhelp2.dll
[2010/12/08 17:14:14 | 000,033,968 | ---- | C] (Neil Banfield) -- C:\Windows\SysWow64\anim.dll
[2010/12/08 17:14:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinUtilities
[2010/12/08 16:32:14 | 000,798,208 | ---- | C] (Winstep Software Technologies) -- C:\Windows\SysWow64\NextControls.ocx
[2010/12/08 16:32:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Winstep
[2010/12/08 16:32:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winstep
[2010/12/08 07:39:27 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Local\NewTech Infosystems
[2010/12/08 07:39:03 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2010/12/07 08:48:56 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Local\Image File Tool
[2010/12/07 08:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImageFileTool
[2010/12/04 14:00:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Resource Kits
[2010/12/04 05:20:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/12/04 04:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinVi Hex Editor
[2010/12/04 04:22:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Greatis
[2010/12/01 14:05:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinDirStat
[2010/12/01 12:30:37 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2010/12/01 01:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zamzom
[2010/11/28 07:51:19 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Local\Evernote
[2010/11/28 07:51:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2010/11/25 08:54:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsSeeker
[2010/11/24 15:26:09 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Roaming\com.cldesktop.A457892AC9E286AFF16B1328DABF224A4C50065F.1
[2010/11/24 15:26:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\clDesktop
[2010/11/24 01:50:56 | 000,000,000 | ---D | C] -- C:\Users\jecolli\Documents\How to
[2010/11/21 21:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Free Windows Cleanup Tool
[2010/11/19 07:59:22 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Roaming\X-Setup Pro
[2010/11/19 07:59:22 | 000,000,000 | ---D | C] -- C:\ProgramData\X-Setup Pro
[2010/11/19 07:59:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\X-Setup Pro
[2010/11/19 03:22:04 | 000,000,000 | ---D | C] -- C:\Users\jecolli\Documents\Job Seeking
[2010/11/19 02:52:41 | 000,000,000 | ---D | C] -- C:\Users\jecolli\Documents\Psychometric Testing
[2010/11/16 15:36:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Motive
[2010/11/16 15:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Motive
[2010/11/16 15:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2010/11/14 23:47:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Chicken Hunter
[2010/11/14 17:56:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Uninstaller
[2010/11/14 12:00:47 | 000,000,000 | ---D | C] -- C:\Program Files\RegScanner x64
[2010/11/14 11:29:25 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Roaming\FreeFixer
[2010/11/14 11:29:25 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Local\FreeFixer
[2010/11/14 11:29:04 | 000,000,000 | ---D | C] -- C:\Program Files\FreeFixer
[2010/11/14 10:33:48 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Local\PackageAware
[2010/11/13 08:58:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\dwtf
[2010/11/13 08:53:30 | 000,000,000 | ---D | C] -- C:\SpyDLLRemover
[2010/11/13 08:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Registry Commander
[2010/11/13 04:51:09 | 000,000,000 | ---D | C] -- C:\Users\jecolli\AppData\Roaming\WinRAR
[2010/11/13 04:50:00 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/11/13 04:40:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Shellext
[2009/03/13 20:28:09 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/12 18:06:02 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/12 18:06:02 | 000,003,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/12 18:06:00 | 000,000,462 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A97AF005-1490-4A96-AB48-66784DAE0A42}.job
[2010/12/12 17:16:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/12 16:11:55 | 000,707,456 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/12/12 16:11:55 | 000,607,168 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/12/12 16:11:55 | 000,104,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/12/12 16:10:59 | 000,498,552 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT.bck
[2010/12/12 16:10:59 | 000,498,552 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFCONT.DAT
[2010/12/12 16:10:59 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG.bck
[2010/12/12 16:10:59 | 000,001,132 | ---- | M] () -- C:\Windows\SysNative\drivers\APPFLTR.CFG
[2010/12/12 16:10:59 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg.bck
[2010/12/12 16:10:59 | 000,000,252 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\IdsFlt.cfg
[2010/12/12 16:10:59 | 000,000,200 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt.bck
[2010/12/12 16:10:59 | 000,000,200 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetLoc.wlt
[2010/12/12 16:10:59 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg.bck
[2010/12/12 16:10:59 | 000,000,068 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetFlt.cfg
[2010/12/12 16:10:59 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg.bck
[2010/12/12 16:10:59 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\WnmFlt.cfg
[2010/12/12 16:10:59 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg.bck
[2010/12/12 16:10:59 | 000,000,056 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.cfg
[2010/12/12 16:10:58 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls.bck
[2010/12/12 16:10:58 | 000,418,468 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\DsaFlt.rls
[2010/12/12 16:08:00 | 000,000,436 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010/12/12 16:07:58 | 000,000,296 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg.bck
[2010/12/12 16:07:58 | 000,000,296 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAdapt.cfg
[2010/12/12 16:07:58 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt.bck
[2010/12/12 16:07:58 | 000,000,064 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\NetAR.wlt
[2010/12/12 16:06:26 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/12 16:06:15 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2010/12/12 16:05:45 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2010/12/12 16:05:41 | 555,349,670 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010/12/12 15:35:10 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/12/12 03:26:15 | 000,001,010 | ---- | M] () -- C:\Users\jecolli\Application Data\Microsoft\Internet Explorer\Quick Launch\Packet Tracer 5.0.lnk
[2010/12/11 08:35:49 | 000,037,109 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010/12/10 17:59:57 | 000,008,627 | ---- | M] () -- C:\Windows\SysWow64\PAV_FOG.OPC
[2010/12/09 10:17:31 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\_WKERNEL.FRE
[2010/12/08 18:28:00 | 000,121,344 | ---- | M] () -- C:\Users\jecolli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/08 18:09:13 | 000,000,978 | ---- | M] () -- C:\Users\jecolli\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalVideoDownloader.lnk
[2010/12/08 17:14:19 | 000,000,759 | ---- | M] () -- C:\Users\Public\Desktop\WinUtilities.lnk
[2010/12/08 16:43:16 | 000,331,248 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/12/08 16:32:22 | 000,000,592 | ---- | M] () -- C:\Users\jecolli\Documents\Winstep.lnk
[2010/12/08 07:41:57 | 000,000,000 | ---- | M] () -- C:\Windows\JCMKR32.INI
[2010/12/05 08:03:46 | 000,001,502 | ---- | M] () -- C:\Windows\wininit.ini
[2010/12/04 05:20:08 | 000,001,964 | ---- | M] () -- C:\Users\jecolli\Desktop\HiJackThis.lnk
[2010/12/04 00:00:01 | 000,000,522 | ---- | M] () -- C:\Windows\tasks\Basic clean-up.job
[2010/12/01 01:38:56 | 000,002,056 | ---- | M] () -- C:\Users\jecolli\Desktop\Zamzom Wireless Network Tool (Active).lnk
[2010/11/30 10:49:30 | 000,000,426 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2010/11/29 19:56:05 | 000,000,296 | ---- | M] () -- C:\Windows\tasks\AppleSoftwareUpdate.job
[2010/11/28 07:51:04 | 000,001,886 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk
[2010/11/28 07:51:04 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\Evernote.lnk
[2010/11/24 15:26:05 | 000,000,756 | ---- | M] () -- C:\Users\Public\Desktop\clDesktop.lnk
[2010/11/21 21:59:07 | 000,000,846 | ---- | M] () -- C:\Users\jecolli\Desktop\Free Windows Cleanup Tool.lnk
[2010/11/19 07:59:28 | 000,001,903 | ---- | M] () -- C:\Users\jecolli\Application Data\Microsoft\Internet Explorer\Quick Launch\X-Setup Pro.lnk
[2010/11/14 23:48:53 | 000,001,777 | ---- | M] () -- C:\Users\Public\Desktop\Chicken Hunter.lnk
[2010/11/14 04:48:08 | 000,261,731 | ---- | M] () -- C:\Users\jecolli\Documents\Contacts 11142010.CSV
[2010/11/14 04:48:00 | 000,038,444 | ---- | M] () -- C:\Users\jecolli\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/11/13 08:15:51 | 001,361,594 | ---- | M] () -- C:\Users\jecolli\Documents\StreamArmor - ScanResults 111310
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/12 14:24:19 | 555,349,670 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010/12/12 03:26:15 | 000,001,010 | ---- | C] () -- C:\Users\jecolli\Application Data\Microsoft\Internet Explorer\Quick Launch\Packet Tracer 5.0.lnk
[2010/12/08 18:09:13 | 000,000,978 | ---- | C] () -- C:\Users\jecolli\Application Data\Microsoft\Internet Explorer\Quick Launch\FinalVideoDownloader.lnk
[2010/12/08 17:14:26 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\_WKERNEL.FRE
[2010/12/08 17:14:18 | 000,000,759 | ---- | C] () -- C:\Users\Public\Desktop\WinUtilities.lnk
[2010/12/08 17:14:14 | 000,000,439 | ---- | C] () -- C:\Windows\SysWow64\shfolder.inf
[2010/12/08 16:32:22 | 000,000,592 | ---- | C] () -- C:\Users\jecolli\Documents\Winstep.lnk
[2010/12/08 07:41:57 | 000,000,000 | ---- | C] () -- C:\Windows\JCMKR32.INI
[2010/12/04 05:20:08 | 000,001,964 | ---- | C] () -- C:\Users\jecolli\Desktop\HiJackThis.lnk
[2010/12/01 01:38:56 | 000,002,056 | ---- | C] () -- C:\Users\jecolli\Desktop\Zamzom Wireless Network Tool (Active).lnk
[2010/11/28 07:51:04 | 000,001,886 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evernote Clipper.lnk
[2010/11/28 07:51:04 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\Evernote.lnk
[2010/11/24 15:26:05 | 000,000,756 | ---- | C] () -- C:\Users\Public\Desktop\clDesktop.lnk
[2010/11/21 21:59:07 | 000,000,846 | ---- | C] () -- C:\Users\jecolli\Desktop\Free Windows Cleanup Tool.lnk
[2010/11/19 07:59:28 | 000,001,903 | ---- | C] () -- C:\Users\jecolli\Application Data\Microsoft\Internet Explorer\Quick Launch\X-Setup Pro.lnk
[2010/11/14 23:48:53 | 000,001,777 | ---- | C] () -- C:\Users\Public\Desktop\Chicken Hunter.lnk
[2010/11/14 04:48:01 | 000,261,731 | ---- | C] () -- C:\Users\jecolli\Documents\Contacts 11142010.CSV
[2010/11/13 08:15:51 | 001,361,594 | ---- | C] () -- C:\Users\jecolli\Documents\StreamArmor - ScanResults 111310
[2010/11/08 21:41:35 | 000,000,000 | ---- | C] () -- C:\Users\jecolli\AppData\Roaming\Rim.Desktop.Exception.log
[2010/11/08 21:23:30 | 000,000,807 | ---- | C] () -- C:\Users\jecolli\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[2010/11/08 21:20:21 | 000,415,336 | ---- | C] () -- C:\Users\jecolli\AppData\Local\dd_vcredistMSI3801.txt
[2010/11/08 21:20:20 | 000,011,372 | ---- | C] () -- C:\Users\jecolli\AppData\Local\dd_vcredistUI3801.txt
[2010/10/30 06:02:14 | 000,370,216 | ---- | C] () -- C:\Users\jecolli\AppData\Local\dd_vcredistMSI3A1B.txt
[2010/10/30 06:02:13 | 000,011,390 | ---- | C] () -- C:\Users\jecolli\AppData\Local\dd_vcredistUI3A1B.txt
[2010/09/27 08:59:34 | 000,024,226 | ---- | C] () -- C:\Users\jecolli\AppData\Roaming\UserTile.png
[2010/09/09 08:31:55 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010/08/18 04:32:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/08/12 15:53:03 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2010/08/12 15:53:02 | 000,755,027 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010/08/12 15:53:01 | 000,159,839 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2010/08/12 15:53:01 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/08/10 05:17:43 | 000,000,284 | ---- | C] () -- C:\Windows\reimage.ini
[2010/06/25 12:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2010/06/06 01:57:13 | 000,001,471 | ---- | C] () -- C:\Program Files (x86)\uninstal.log
[2010/03/17 07:38:28 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI
[2009/08/15 16:28:08 | 000,000,035 | ---- | C] () -- C:\Windows\A5W.INI
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\SysWow64\OGACheckControl.DLL
[2009/07/01 18:40:40 | 000,002,516 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2009/07/01 18:40:40 | 000,000,088 | RHS- | C] () -- C:\ProgramData\6B4D530E64.sys
[2009/06/03 17:21:48 | 000,707,710 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009/06/01 19:25:42 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/06/01 19:24:38 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/01 12:48:09 | 000,001,336 | ---- | C] () -- C:\Windows\stock.INI
[2009/05/31 12:20:46 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/05/31 12:19:16 | 000,037,109 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/05/20 08:23:01 | 000,038,444 | ---- | C] () -- C:\Users\jecolli\AppData\Roaming\Comma Separated Values (Windows).ADR
[2009/03/23 14:59:59 | 000,000,680 | ---- | C] () -- C:\Users\jecolli\AppData\Local\d3d9caps.dat
[2009/03/13 21:05:40 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIOFM4.dll
[2009/03/13 21:05:40 | 000,001,024 | RH-- | C] () -- C:\Windows\SysWow64\NTIBUN5.dll
[2009/03/09 20:15:46 | 000,000,732 | ---- | C] () -- C:\Users\jecolli\AppData\Local\d3d9caps64.dat
[2009/02/05 02:46:31 | 000,000,000 | ---- | C] () -- C:\Windows\hpqEmlsz.INI
[2009/01/14 18:24:59 | 000,000,342 | ---- | C] () -- C:\Users\jecolli\AppData\Roaming\wklnhst.dat
[2009/01/14 00:41:23 | 000,000,151 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2009/01/14 00:41:23 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini
[2009/01/14 00:41:00 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\brlmw03a.ini
[2009/01/14 00:40:59 | 000,009,853 | ---- | C] () -- C:\Windows\HL-2140.INI
[2009/01/14 00:40:51 | 000,000,426 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2009/01/14 00:39:06 | 000,000,272 | ---- | C] () -- C:\Windows\Brownie.ini
[2009/01/12 08:29:44 | 008,507,392 | ---- | C] () -- C:\ProgramData\sandra.mda
[2009/01/09 08:07:49 | 000,001,502 | ---- | C] () -- C:\Windows\wininit.ini
[2009/01/08 00:39:30 | 000,121,344 | ---- | C] () -- C:\Users\jecolli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/07 06:43:36 | 000,005,410 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2008/05/04 11:08:55 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\CPUINFO2.DLL
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008/01/15 03:31:00 | 000,000,530 | ---- | C] () -- C:\Windows\SysWow64\tx14_ic.ini
[2006/10/11 00:40:59 | 000,000,044 | ---- | C] () -- C:\Windows\Acer(Normal).ini
[2006/10/11 00:40:59 | 000,000,042 | ---- | C] () -- C:\Windows\Acer(Wide).ini
[2002/05/21 09:00:47 | 000,001,362 | R--- | C] () -- C:\Program Files (x86)\ReadMe.txt
[2001/12/26 18:12:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\multiplex_vcd.dll
[2001/09/04 01:46:38 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\Hmpg12.dll
[2001/07/30 18:33:56 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC.dll
[2001/07/24 00:04:36 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009/03/11 21:10:08 | 000,000,000 | -HSD | M] -- C:\Users\jecolli\AppData\Roaming\.#
[2009/01/06 22:29:13 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Acer
[2009/03/13 21:10:32 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Acer GameZone Console
[2009/01/25 09:01:39 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Acronis
[2010/09/23 08:58:33 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\aignes
[2009/02/01 13:57:47 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Amazon
[2009/07/23 16:05:31 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Blackberry Desktop
[2010/12/09 19:24:49 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Camtech
[2009/02/25 01:03:50 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010/11/24 15:26:09 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\com.cldesktop.A457892AC9E286AFF16B1328DABF224A4C50065F.1
[2010/09/09 07:51:18 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\eSobi
[2009/01/24 10:18:27 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\FedEx
[2010/12/08 18:00:44 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\FinalTorrent
[2010/12/08 18:19:00 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\FinalVideoDownloader
[2010/08/26 08:03:34 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Fluke
[2010/11/14 11:56:39 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\FreeFixer
[2009/01/14 07:26:20 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\FUJIFILM
[2009/01/06 22:29:12 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Leadertech
[2010/09/26 17:21:52 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Notepad++
[2010/08/17 20:33:02 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Opera
[2010/08/06 01:08:47 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Panda Security
[2010/09/27 08:59:33 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\PeerNetworking
[2010/11/08 21:41:41 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Research In Motion
[2009/07/25 11:42:18 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\RIM Palm&PPC Upgrade Wizard
[2010/03/17 07:38:28 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Shark007
[2010/09/22 16:38:40 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Simnet
[2009/11/11 19:33:15 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Smith Micro
[2009/01/20 23:32:54 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Systenance
[2010/12/12 15:13:30 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\TD AMERITRADE
[2009/10/17 17:02:40 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Template
[2010/09/09 15:36:54 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\uTorrent
[2010/12/09 08:40:13 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Windows Live Writer
[2010/08/15 15:06:09 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\WinFF
[2010/10/30 12:12:05 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Wireshark
[2009/08/09 20:26:40 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\Worden Brothers, Inc
[2010/11/19 07:59:22 | 000,000,000 | ---D | M] -- C:\Users\jecolli\AppData\Roaming\X-Setup Pro
[2010/12/04 00:00:01 | 000,000,522 | ---- | M] () -- C:\Windows\Tasks\Basic clean-up.job
[2010/12/12 15:35:10 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/12 18:06:00 | 000,000,462 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{A97AF005-1490-4A96-AB48-66784DAE0A42}.job

========== Purity Check ==========



< End of report >



Extras.txt

OTL Extras logfile created on: 12/12/2010 5:57:08 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Program Files (x86)\OTL
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 50.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 70.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 203.01 Gb Total Space | 67.68 Gb Free Space | 33.34% Space Free | Partition Type: NTFS
Drive D: | 291.59 Gb Total Space | 114.23 Gb Free Space | 39.17% Space Free | Partition Type: NTFS
Drive G: | 7.60 Gb Total Space | 6.63 Gb Free Space | 87.19% Space Free | Partition Type: FAT32
Drive I: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive J: | 7.47 Gb Total Space | 6.43 Gb Free Space | 85.99% Space Free | Partition Type: FAT32

Computer Name: JECOLLI-PC | User Name: jecolli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Directory [printdir] -- %windir%\printdir.bat "%1" File not found
Directory [sendtotoys1add] -- C:\Program Files (x86)\Send To Toys\SendToAdd.exe "%1" ()
Directory [sendtotoys1remove] -- C:\Program Files (x86)\Send To Toys\SendToRemove.exe "%1" ()
Directory [sendtotoys2prompt] -- C:\Program Files (x86)\Send To Toys\SendToCommandPrompt.exe "%1" ()
Directory [viewdir] -- %windir%\viewdir.bat "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Directory [printdir] -- %windir%\printdir.bat "%1" File not found
Directory [sendtotoys1add] -- C:\Program Files (x86)\Send To Toys\SendToAdd.exe "%1" ()
Directory [sendtotoys1remove] -- C:\Program Files (x86)\Send To Toys\SendToRemove.exe "%1" ()
Directory [sendtotoys2prompt] -- C:\Program Files (x86)\Send To Toys\SendToCommandPrompt.exe "%1" ()
Directory [viewdir] -- %windir%\viewdir.bat "%1" File not found
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 0F 32 34 A2 1C E3 C9 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\encryption.exe:*:Enabled:encryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\decryption.exe:*:Enabled:decryption -- ( Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSfsu.exe:*:Enabled:eDSfsu -- (Egis Incorporated.)
"C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe" = C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStbmngr.exe:*:Enabled:eDStbmngr -- (Egis Incorporated.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002C7687-C09D-4AE6-92EA-68A524F87A95}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{04A0A140-F49C-4C07-91BF-65516556D8C4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0609F420-6CEB-4813-9B53-889D3B09E655}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0731797E-2646-4E43-B850-88D65FC63B02}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{0C2670D7-14BF-4365-A06E-74E528E9D2EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0DC0EF2B-76FA-44E1-AF3B-82448B90C93C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0E56A0B1-65F0-43C9-85F7-85426F1D24AA}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{0FA5708F-7653-49A7-9E0C-48D68401AC6D}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{1282CFDF-A9B0-4CAC-8BCD-68107D699036}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{1A251B55-1786-4D8F-BB9C-21BE2EBCED3F}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2340AE63-2EDD-4894-8663-7230FFF9AB59}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{2426B4F7-70A8-4180-B5C3-76213237D3E6}" = rport=139 | protocol=6 | dir=out | app=system |
"{26BAB627-EF2E-4285-B7D4-F2B15AA515D6}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{2B73C760-6D70-4AA3-AC93-C5CF206E7D78}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{2B785EF9-B21E-4B16-8B74-7852873B12CD}" = lport=139 | protocol=6 | dir=in | app=system |
"{2D1374DE-1BE9-47F0-802F-150AA7961179}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2E772D43-A1B2-4EAA-B318-F3C057CEBFA1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3552221E-B5AA-41F7-955A-CD0249DD2AB6}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{35E80AB4-0077-4592-84D9-110A7D68F6F9}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3B33CC5F-5315-417F-A7E2-A46465AB9CB7}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4117F74A-C6D7-454B-9AF9-A9F131B8E03E}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{474E8BB3-FC67-4163-9567-36D6582FC743}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{5518A3FB-31C6-4918-935A-A9E19129AC9C}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{569FF6AC-E82D-4F4C-A066-9BCB273C6F71}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5ABC349E-07BB-462F-BEFA-74F498597E17}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5B63B44A-96AC-4B9C-B9E5-E83B01533A90}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6773459F-7EFB-4F48-9734-02055B735A8A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{68FCB490-542E-442C-9F3F-96D5336D1AFF}" = rport=2869 | protocol=6 | dir=out | app=system |
"{7A3EBFFF-D040-455F-B24D-D35A5451A8B8}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{7FD15CDC-2BB4-42DC-982A-9EC35844C842}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8224A6BF-B391-4ACF-8A4B-ED62C2BDEE83}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{83594580-E845-45C1-A71C-9D12807C7083}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{A11EA1BA-7AD2-4076-8CA6-1CAFC5BB3BE2}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{A2647193-D71C-4BCE-A7DD-4D4D4086C83B}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A2B859F9-C429-4D57-A5FA-21B507DCC8BA}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A3F1FE4F-6EB4-4182-AD61-78AFA38A0D45}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A73AD886-633A-44A2-8B79-FB6E02A1D5E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A838D4E0-11F0-456E-87F2-32BE9B2447EB}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A9E805B4-80ED-4043-8B25-50FEA22869F9}" = lport=137 | protocol=17 | dir=in | app=system |
"{AA434FD7-72EF-486A-8B36-A9D5389B52CE}" = rport=445 | protocol=6 | dir=out | app=system |
"{B01335A7-C35F-4BFB-8D9C-2063131ED597}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B25FB1A1-0027-495C-AAAC-E5FFBC2423A9}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B3D9022A-9292-4B87-BADE-F30783240580}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\rpcagentsrv.exe |
"{B5D8F96D-2554-40AF-8C61-C5C46D028365}" = lport=445 | protocol=6 | dir=in | app=system |
"{B6103B86-D34D-4B13-9393-DE0468C7192F}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{B7E46295-6ED9-4422-8237-D7009EB988A7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B92B6F0F-BCD8-46B4-B4D6-F832A112787F}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C04B9041-E3DF-4E2A-A585-533066F7820C}" = lport=26675 | protocol=6 | dir=in | [email protected]%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{C55266D0-F61D-4F03-A5DB-0E25D453E4BF}" = rport=137 | protocol=17 | dir=out | app=system |
"{C644B4EB-B39D-4528-BB98-E2D684DDF412}" = rport=138 | protocol=17 | dir=out | app=system |
"{D5057A93-387A-46E7-B816-C468FFCADA05}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{D63A7F8D-9B16-4843-938A-D61EF0394FE9}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{DD1520B7-C164-4B10-B020-4C1E626E9DAE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DDBA0B89-BEB1-4D31-ACB2-3FCC067EDFBD}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E01B1FA7-C963-4105-912E-E39B26484CE3}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E1BBCFD4-6598-47E7-8CBE-799EA2A19838}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{E2992925-1317-41FB-AD37-219CB174930A}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E84EEBA3-BFD5-45A8-BADB-ECDF710A53D3}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{EB02D076-8FDA-49F0-AA18-FAD5D285E2F8}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2009.sp2\wnt500x64\rpcsandrasrv.exe |
"{ECA816AB-6994-49C4-A252-D207DD3C646B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ECAF1C35-1C7B-4C03-BA87-BB45F18B4D2A}" = lport=138 | protocol=17 | dir=in | app=system |
"{EE3835E1-0B58-4E7F-AB19-DFF414E99AF2}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{F1C7EB8D-B9CD-402E-BC7D-BD0897CE0C3A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F69DD1A2-0AA3-4FE2-AEF9-DCFE8014DEE3}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{FB07C443-58EB-43D2-9352-E32760A76EE7}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{FBA99D14-263F-43C1-B641-E3F8DEB9A8D1}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FC0EDF79-7025-4225-A057-725F1C1047EB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09FDE755-CE2F-465D-9E08-B6E039022737}" = protocol=1 | dir=in | [email protected],-28543 |
"{0AFE77CB-3D29-4D16-998D-482CA0EFC081}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0C278121-EDF7-4A04-BB11-D6EBDE33CDB6}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0D7F5097-CFBF-47A4-A6AC-8770AAF940BF}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{0EF729F3-9466-4E8C-9F4B-2D735C528CA0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0FCB484A-0BC9-4019-9655-94DF7853D618}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry\desktopmgr.exe |
"{10D5F823-18D8-4FF5-A534-98F504A9CDE7}" = protocol=58 | dir=in | [email protected],-28545 |
"{11E8C43D-446F-43D0-878E-05CB5EFC862D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{1264FE25-99AD-48E5-8F26-8FCAB82BBC17}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{158AB33C-E900-45DE-8C52-331F378C53A6}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1668E2CF-BBE3-4A2A-922B-9268236D8434}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe |
"{18A63337-7E8F-4948-957E-308FA60FA4AF}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{1DA4DF50-7A05-409D-BA6B-03E28E26184D}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe |
"{20FBDEEF-44D9-4211-BDFB-59DDE6707EBF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{21FF7F01-ABDA-48D8-BAE6-0581D2C09C43}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{2698D019-51CD-4DDD-8B6C-79EEADC46C3D}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2FDC4712-0070-4C45-B27B-7328262E6169}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{4052A7C5-FE75-4999-8B76-40DE05B40888}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{409776F0-8460-4D38-A1DD-5F1F67A18169}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{40CDEE7F-BAC4-467F-9857-99F19823E1C6}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{43875B4B-3877-4255-8BEE-7D3F1FA3B797}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{460D05C6-7C19-4FC7-8C6D-DEE241113B52}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{4B7AEC43-5C24-4C5B-8902-B02A4EA517BF}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{4BBADC33-46D8-4DCE-83CB-F5BB67A53CCE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{4C9ABADC-53AC-4A2A-9664-2DD0C74CF15A}" = protocol=1 | dir=out | [email protected],-28544 |
"{527C3824-E63F-4A9E-AC49-FCBC360DC476}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{55D976D8-7D42-44FB-A985-4F0386A0B4B8}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5A516DC0-C83C-4F92-91EF-4A21F674CACD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{5DE6A05A-E2F6-4981-9E4F-5B44F08D163D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{60A2DD21-3D4F-47D6-A8E8-1776C26620F8}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{60A5F4A5-5D3F-44FB-B485-541C3A893C51}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe |
"{60A69246-54C0-483F-A414-0534AE549328}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{620A75F8-549D-437C-AB77-F3329A82D572}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{62CBD147-DA0E-485F-B287-06E2AA6DDBCF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6C94B7C8-058D-400A-92AC-2EF1D498130B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{6FADE3B4-DBF8-4F3D-91DD-F7A32A087BA6}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe |
"{70253A30-4653-4B69-9B00-8C8C2C84F9C6}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{71A75F21-4D5D-4DD5-A561-45EC5DBD7E2B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{72A2C71A-A8B9-4C6B-8263-1AE3437F4E7A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{73D28208-08F0-4A1F-8FF3-B3823015C5CF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{743D8FE1-0953-4A9A-BF80-26A5E88361EA}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe |
"{748B4281-3D2D-4CC5-B50C-6C6F683390CE}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{7536B3DA-9B04-43AB-BD28-56230CF66D47}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{7643B6C0-1B9E-482D-93BE-F0547AC92F6A}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{78EDC403-DAE2-4276-8887-6E67BFA6D348}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{7BB47953-9A07-4AB9-8DD1-4AC9BC2795DD}" = protocol=58 | dir=in | [email protected],-148 |
"{7CAD5EA0-86C4-4F87-94F9-2636EE0669CF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7D0F02EB-21F6-4F01-A78F-22B75ED47775}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{7D7EC173-DDE5-469F-BD78-7FC3E9D84A9C}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{827B9C5D-B61F-43A2-9BC3-F99A1CE5E41E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{830A752F-4EE9-49B4-A8D6-277C013E7825}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{83CD5F5B-53D3-4F7C-88EB-9C609B82A410}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8CB91948-6C3F-40BA-8BC6-A3DAAA3394F1}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{906FF16A-8D96-48C7-B78A-1BA79410223A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94B00D51-AAFF-484A-A6EA-AC69F9376F8B}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{951E6639-C9F5-4DCC-AF59-7FB313285A95}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{9534EEC7-D216-44CF-AE4B-B36D3EEACD7E}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9976EBFA-E2BA-49A1-A04D-2BA65A248B40}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{99F75630-A079-4B3A-9A91-9E1431D9FCDE}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{9E65F2E3-6B3E-4CFE-957D-D343007C415F}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9FF882DB-2CE3-443F-ABDD-A7F6D6A476F0}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A3C5F775-104A-4151-A5CA-155E49DA5C75}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{A3EE557F-F25E-48D4-816F-DCC98A31A546}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe |
"{A6D82712-A5A8-4725-90CC-8C5E745420FF}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A8906851-A571-407E-AC81-C408F9C0C39F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{AB77AFF3-2463-4364-B83B-FC34CC1F67C8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ADB4489C-DCFF-47CE-9F39-90954D6A188D}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{B13DB515-FD63-4FAC-ADD5-EC7A0D42D7D2}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B21D6808-2712-4B2C-8DEA-00607D44A854}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B23A806F-A211-49A6-B482-0724827B56C7}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{B500B12B-BE0A-4F85-AF0A-3045848CF4CF}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{B96EBEC8-D70E-47C6-97D0-6D81CBE28F82}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry\desktopmgr.exe |
"{BA605A50-F2EB-4C59-8EF3-EFBAD23B22F8}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{BEC2F151-216F-4DC8-95DF-B6975E185065}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{C26B8BC7-54AE-4EB1-B0B2-ED96FC765937}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{CA637DFF-EF21-4A2F-8CE8-F1B3A18F5297}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{CDD1FC06-87A9-442A-9FB1-1CCA5FDB2EE8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D11D6CFA-5FB1-412B-9C81-6E86B77F5BF1}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D4288692-7C3D-4D23-BBF5-39FD6A28DE8E}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{D5E8048A-718B-46D6-8423-30F16E12197A}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D64DF116-C971-46B7-9009-272F44148455}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{D67A3CC2-517E-4D89-AD84-6F09A5FF5AC3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D82D7048-D283-480B-8016-E3F28FB3E892}" = protocol=58 | dir=out | [email protected],-28546 |
"{DF4610E4-E6B2-415F-9B09-2446E978CC59}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{DFDF073D-F58C-416A-A822-F56C237EB329}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{E11A5BC1-A585-4119-B692-5949CD1AB291}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E7760F1F-0211-4255-8C6C-65BC9CA63CD4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E7CF343D-6E37-4851-B3DF-01A4A0D41814}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{EAE9D013-EC6C-4D68-A944-321CEE09B288}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe |
"{EDBA1BB4-4A01-4BEF-B3AB-659063A34C20}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{EEF55D9E-9F81-456B-8106-8C31BAD6C224}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{EFADA308-CF74-42B6-89B1-0E5AB93D6646}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F042D123-C7C6-4813-9034-DBCA5F2EA3EB}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe |
"{F2835E69-3D12-4645-8B2B-9D6E281AE85F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{F40FBC09-CDC7-49AA-8B94-716DF5DBF7E1}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{FB180FA9-2469-47D5-9150-E26617725C5E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{FBAC180D-75CE-4609-9BA3-D8D7150D2B09}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{FC8F33BE-0AC3-4FA4-8024-92B675460D83}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{FD09A41D-0018-4B5B-BBE0-F3D3C6818E72}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"TCP Query User{30710C01-ADDF-44C9-9F5E-656ED2CF5967}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{79FB2916-1460-49EC-9789-1A5D80E7366B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{88185E85-647D-4E32-878A-6CE8818D2D59}C:\program files (x86)\panda security\panda global protection 2011\apvxdwin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\panda security\panda global protection 2011\apvxdwin.exe |
"UDP Query User{065FC2F1-414B-4AF5-A1ED-22A274BCDBF1}C:\program files (x86)\panda security\panda global protection 2011\apvxdwin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\panda security\panda global protection 2011\apvxdwin.exe |
"UDP Query User{84780A44-F2F2-4AE5-B6B1-E5D8250E5649}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9EABE0D3-3674-4990-A894-6EF22D4EC14E}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08C3441C-4FAF-48D3-A551-70DD6031734F}" = Microsoft Baseline Security Analyzer 2.2
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{249E9ED4-1C67-4DA5-9E39-F0F09AFD93B7}" = Logitech QuickCam
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java™ 6 Update 22 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{63B4D80D-7BAC-4D1D-B9B6-27FF54197982}" = Regi
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B7588D45-AFDC-4C93-9E2E-A100F3554B64}" = Microsoft Fix it Center
"{BB9B16B0-442F-46c6-92EF-8E7F30A66F92}" = PANTECH UM175AL Driver
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite 2009.SP2
"{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb" = Microsoft Automated Troubleshooting Services Shim
"{CD0773D5-C18E-495c-B39B-21A96415EDD5}" = HP Officejet J4500 Series
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8B2C435-8737-431E-8784-24CD13B0B821}" = PE585QAEncoder-64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F48D2C25-42B7-46C3-8438-1502A4CD0E4E}" = Process Blocker
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"Agere Systems Soft Modem" = Agere Systems PCI-SV92EX Soft Modem
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"DriverAgent.exe" = DriverAgent by eSupport.com
"HP Document Manager" = HP Document Manager 1.0
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"LSI Soft Modem" = LSI PCI-SV92EX Soft Modem
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies
"WinRAR archiver" = WinRAR archiver
"x64 Components_is1" = x64 Components v2.4.9

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{02EE107B-8D95-4949-8935-4DEBE8F08BE3}" = Bing Bar Platform
"{0549CB72-DB76-43D0-B9B7-EDF1DE741CFD}" = Panda Global Protection 2011
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{1535DCC2-6EB2-4FAC-9ABB-C3DC939BB87A}" = Chicken Hunter
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{246B9798-40A5-4D83-A270-51572D59EB33}" = MsConfig Cleanup Utility
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.5.1
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java™ 6 Update 21
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
"{302BF4A9-0AEB-41A6-8838-A9497F07B508}" = The Options Toolbox v5.0
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{37C8899D-FD70-481F-94AA-1F1B08765E22}" = Acronis True Image Home
"{398E8625-6F3A-4C54-B54C-28F0ABB89774}" = BPD_HPSU
"{4109EEA6-0868-41B8-B79A-07DCFB2B1C93}" = SmartView 2.1
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{53735ECE-E461-4FD0-B742-23A352436D3A}" = Logitech Updater
"{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
"{5C0856B6-6260-4952-8FF5-C79C3FD3AA44}" = e-Sword
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FE22909-D0D6-4111-ABCE-7F8D986C4A2A}" = Foxit PDF Preview Handler
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{796C722E-D039-44E8-9C42-01B23DB9AE87}" = Brother HL-2140
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{80813829-BE27-4799-8BC7-2F75A7B6CB50}" = IHA_MessageCenter
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{81A25967-DB85-4B48-A8A7-D25AC191DEE4}" = Panda Global Protection 2011
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110113233}" = Bookworm Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}" = Mahjongg Artifacts
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112310577}" = Flip Words 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{830D40F7-7092-4418-BE17-F7F7899F2B41}" = e-Sword
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8ECB8220-F419-4BEB-9596-97033C533702}" = QuickBooks Simple Start 2008
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_STANDARDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A2AE9709-283B-4B48-AA34-729C070A62FB}" = NETGEAR WNA1100 wireless USB 2.0 adapter
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7ABFBE8-2A67-4C26-86A5-FC4CD9F0B2FA}" = Panda Global Protection 2011
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE9C1337-2775-4A23-AAB2-5582AAD08E9B}" = FedEx QuickShip
"{AF397F20-24BB-11D7-AC6F-0050DA09345C}" = Advanced Analyzer
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B1D3568D-BC21-4C50-92A5-2396570DF1DE}_is1" = Panda Secure Vault 5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B44529FF-501E-47CD-A06D-223C161BE058}" = FinePixViewer Resource
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C894366E-51C4-4162-BA82-ECBEFC1C2C61}" = PayPal Plug-In
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CECA8CB2-DE76-73DD-0D07-DE7F0EC7B77F}" = clDesktop
"{CED3B64B-9381-4AB8-A213-6C084C952E43}" = Zamzom Wireless
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D142FE39-3386-4d82-9AD3-36D4A92AC3C2}" = DocMgr
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DD1865F0-AD73-40FB-B23E-1822E02396FF}" = NVIDIA PhysX
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E258A840-7E9A-443A-B156-67102C48BF17}" = TPP Storage Driver 5.0
"{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"{E46B2F8A-6CCD-4949-871D-F9664F2113AB}" = PayPal Plug-In
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA50F6E4-8542-4B2B-B344-D080D5DA0EB1}" = BlackBerry Device Software Updater
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F54E5D65-CB60-4A31-A71B-BCFB0FA0076D}" = Verizon Download Manager
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.0.2
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{FC274982-5AAD-4C20-848D-4424A5043010}_is1" = WinUtilities 9.94 Free Edition
"{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Assist" = Acer Assist
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Acer Registration" = Acer Registration
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"aignesamdeadlink_is1" = AM-DeadLink 4.3
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.3
"AU10F_is1" = Advanced Uninstaller Free - Version 10
"Belarc Advisor" = Belarc Advisor 7.2
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"Bull's-Eye Broker" = Bull's-Eye Broker
"CCleaner" = CCleaner
"Cisco Networking Academy curriculum_is1" = Cisco Networking Academy curriculum 4.0.0.0
"Ciscopedia PDA_is1" = Ciscopedia 1.0M
"Ciscopedia_is1" = Ciscopedia 1.0
"com.cldesktop.A457892AC9E286AFF16B1328DABF224A4C50065F.1" = clDesktop
"DivX Setup.divx.com" = DivX Setup
"EasyBCD" = EasyBCD 1.7.2
"FinalVideoDownloader_is1" = Final Video Downloader 2010
"FolderSizePropertyPage" = Folder Size Shell Extension v3.2
"Free Convert MPEG WMV to MP4 FLV AVI Converter_is1" = Free Convert MPEG WMV to MP4 FLV AVI Converter 5.8
"Free Windows Cleanup Tool" = Free Windows Cleanup Tool
"FreeFixer0.58" = FreeFixer
"Greatis WinDowse 4.0_is1" = Greatis WinDowse 4.0
"ImageFileTool" = ImageFileTool
"Index.dat Analyzer_is1" = Index.dat Analyzer v2.5
"InfoTag Magic 1.0" = InfoTag Magic 1.0
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"InstallShield_{E3993D46-AE3F-402E-9F9D-EEBDFBEC3564}" = Corel WinDVD 9
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.0.0 (Full)
"LyricsSeeker plugins" = LyricsSeeker plugins 2.3
"MoneyToolbox" = MSN Money Investment Toolbox
"Mozilla Firefox (3.6.10)" = Mozilla Firefox (3.6.10)
"nasdaq" = NASDAQ Quote Toolbar
"Network Stumbler" = Network Stumbler 0.4.0 (remove only)
"Notepad++" = Notepad++
"omNovia Secure Player_is1" = Secure Recorder 2.1.0
"Packet Tracer 5.0_is1" = Packet Tracer 5.0
"Picasa 3" = Picasa 3
"Punch! Home Design - AS4000" = Punch! Home Design - AS4000
"QcDrv" = Logitech® Camera Driver
"QuickLink Mobile" = QuickLink Mobile
"QuoteTracker_is1" = QuoteTracker
"Revenge of Arcade 1.0" = Microsoft Revenge of Arcade
"save2pc Light_is1" = save2pc Light 4.02
"Send To Toys_is1" = Send To Toys v2.6
"ShadowExplorer_is1" = ShadowExplorer 0.4
"Simnet Registry Defrag 2010_is1" = Simnet Registry Defrag 2010
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"STANDARDR" = Microsoft Office Standard 2007
"TweakVI" = TweakVI
"Unlocker" = Unlocker 1.8.7
"uTorrent" = µTorrent
"Verizon Help and Support" = Verizon Help and Support Tool
"WinFF_is1" = WinFF 1.2
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Winstep Xtreme_is1" = Winstep Xtreme 10.9
"Wireshark" = Wireshark 1.4.1
"WordWeb" = WordWeb
"xqdcXSP_is1" = XQDC X-Setup Pro 9.2.100
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"ZyGoVideo 2.0" = ZyGoVideo 2.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"GoToMeeting" = GoToMeeting 4.0.0.320
"Move Media Player" = Move Media Player
"Options 360™" = Options 360™
"WinDirStat" = WinDirStat 1.1.2

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/22/2010 3:01:53 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/22/2010 3:01:53 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 7/22/2010 6:06:36 AM | Computer Name = jecolli-PC | Source = WinMgmt | ID = 10
Description =

Error - 7/22/2010 8:59:20 PM | Computer Name = jecolli-PC | Source = Application Error | ID = 1000
Description = Faulting application iexplore.exe, version 8.0.6001.18928, time stamp
0x4bdfa327, faulting module nvd3dum.dll, version 8.17.11.9745, time stamp 0x4bb7dd53,
exception code 0xc0000005, fault offset 0x0049e5a1, process id 0x11a0, application
start time 0x01cb2a008d860d1c.

Error - 7/23/2010 3:01:03 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/23/2010 3:01:03 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/23/2010 3:01:03 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 1024
Description =

Error - 7/23/2010 3:01:34 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/23/2010 3:01:34 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 11606
Description =

Error - 7/23/2010 3:01:34 AM | Computer Name = jecolli-PC | Source = MsiInstaller | ID = 1024
Description =

[ FedExQuickShip Events ]
Error - 4/9/2009 6:39:29 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at Microsoft.Office.Interop.Outlook.MAPIFolder.set_WebViewOn(Boolean
WebViewOn) at FedExQuickShip.Utility.FedExFolderManager.CreateFolders(Application
application) Error :Outlook cannot open this item. The item may be damaged.

Error - 4/9/2009 6:40:42 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at FedExQuickShip.Utility.FedExFolderManager.ShutDown()
Error
:Object reference not set to an instance of an object.

Error - 4/9/2009 6:47:29 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at Microsoft.Office.Interop.Outlook.MAPIFolder.set_WebViewOn(Boolean
WebViewOn) at FedExQuickShip.Utility.FedExFolderManager.CreateFolders(Application
application) Error :Outlook cannot open this item. The item may be damaged.

Error - 4/9/2009 6:48:14 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at FedExQuickShip.Utility.FedExFolderManager.ShutDown()
Error
:Object reference not set to an instance of an object.

Error - 4/9/2009 6:48:29 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at Microsoft.Office.Interop.Outlook.MAPIFolder.set_WebViewOn(Boolean
WebViewOn) at FedExQuickShip.Utility.FedExFolderManager.CreateFolders(Application
application) Error :Outlook cannot open this item. The item may be damaged.

Error - 4/9/2009 6:50:01 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at FedExQuickShip.Utility.FedExFolderManager.ShutDown()
Error
:Object reference not set to an instance of an object.

Error - 4/9/2009 6:59:21 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at Microsoft.Office.Interop.Outlook.MAPIFolder.set_WebViewOn(Boolean
WebViewOn) at FedExQuickShip.Utility.FedExFolderManager.CreateFolders(Application
application) Error :Outlook cannot open this item. The item may be damaged.

Error - 4/9/2009 7:06:20 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at FedExQuickShip.Utility.FedExFolderManager.ShutDown()
Error
:Object reference not set to an instance of an object.

Error - 4/10/2009 12:47:49 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at Microsoft.Office.Interop.Outlook.MAPIFolder.set_WebViewOn(Boolean
WebViewOn) at FedExQuickShip.Utility.FedExFolderManager.CreateFolders(Application
application) Error :Outlook cannot open this item. The item may be damaged.

Error - 4/10/2009 12:57:38 PM | Computer Name = jecolli-PC | Source = FedExQuickShip | ID = 0
Description = StackTrace : at FedExQuickShip.Utility.FedExFolderManager.ShutDown()
Error
:Object reference not set to an instance of an object.

[ Media Center Events ]
Error - 2/10/2009 2:56:00 AM | Computer Name = jecolli-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 11/15/2009 2:33:40 PM | Computer Name = jecolli-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 12/9/2009 10:26:47 AM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 475
seconds with 360 seconds of active time. This session ended with a crash.

Error - 12/9/2009 10:27:44 AM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 42
seconds with 0 seconds of active time. This session ended with a crash.

Error - 1/11/2010 8:31:15 PM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1430
seconds with 60 seconds of active time. This session ended with a crash.

Error - 1/13/2010 9:23:35 PM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 131
seconds with 120 seconds of active time. This session ended with a crash.

Error - 1/22/2010 6:29:22 AM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 133
seconds with 120 seconds of active time. This session ended with a crash.

Error - 1/29/2010 6:33:25 AM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1895
seconds with 960 seconds of active time. This session ended with a crash.

Error - 2/10/2010 10:38:49 AM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/15/2010 6:19:04 PM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 126
seconds with 120 seconds of active time. This session ended with a crash.

Error - 3/28/2010 7:25:43 AM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 136
seconds with 60 seconds of active time. This session ended with a crash.

Error - 7/6/2010 3:11:46 PM | Computer Name = jecolli-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 40
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 12/12/2010 4:38:53 PM | Computer Name = jecolli-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 12/12/2010 4:38:58 PM | Computer Name = jecolli-PC | Source = ipnathlp | ID = 34001
Description = The ICS_IPV6 failed to configure IPv6 stack.

Error - 12/12/2010 4:38:58 PM | Computer Name = jecolli-PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.27,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which
addresses are being allocated to DHCP clients. To enable the DHCP allocator on this
IP address, change the scope to include the IP address, or change the IP address
to fall within the scope.

Error - 12/12/2010 5:06:00 PM | Computer Name = jecolli-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:01:28 PM on 12/12/2010 was unexpected.

Error - 12/12/2010 5:06:05 PM | Computer Name = jecolli-PC | Source = netbt | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "0026F24D1CAB" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.

Error - 12/12/2010 5:06:05 PM | Computer Name = jecolli-PC | Source = netbt | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "0026F24D1CAB" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.

Error - 12/12/2010 5:07:57 PM | Computer Name = jecolli-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 12/12/2010 5:07:58 PM | Computer Name = jecolli-PC | Source = Service Control Manager | ID = 7022
Description =

Error - 12/12/2010 5:08:00 PM | Computer Name = jecolli-PC | Source = ipnathlp | ID = 34001
Description = The ICS_IPV6 failed to configure IPv6 stack.

Error - 12/12/2010 5:08:00 PM | Computer Name = jecolli-PC | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.27,
since the IP address is outside the 192.168.0.0/255.255.255.0 scope from which
addresses are being allocated to DHCP clients. To enable the DHCP allocator on this
IP address, change the scope to include the IP address, or change the IP address
to fall within the scope.


< End of report >

Thanks in advance
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP