What a fantastic website, thank you for putting in the time to help everyone.
Ok its my dads pc running vista and I am trying to fix it for him.
Before I found this site, I downloaded malware bytes and found 250 virus trojans malware etc. I did the repair and now all are gone bar two. I also tried to remove all toolbars from the add/remove hardware application. All of them were removed except for arcasde rush toolbar, when i tried to remove that it just says "could not open INSTALL.LOG file".
The reason I did this in the first place was because of three reasons. One, IE would randomly open up other tabs when surfing the web. Two, whenever using google and after the search results would could up, so would an error box saying something about a script error, would you like to continue running scripts? (sorry I cannot be more precise). The only way to remove the box was to click on the [x]. Clicking on yes or no would do nothing. Three, dad is running trend micro security and in the malware protection section of windows security section it says trend is turned off and no matter what I cant get it too turn on.
Anyway I like to be thorough and if it all possible would somebody please check to see if I have got them all. The pc is still slow and often programs and the like go into "program is not responding" status. I am not sure if this is just due to him having so much rubbish on his pc though.
I download OTL and followed the steps.
Here is the OTL file
OTL logfile created on: 26/12/2010 4:57:18 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Terry\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 325.53 Gb Total Space | 263.62 Gb Free Space | 80.98% Space Free | Partition Type: NTFS
Drive D: | 9.82 Gb Total Space | 1.19 Gb Free Space | 12.12% Space Free | Partition Type: NTFS
Computer Name: TERRY-PC | User Name: Terry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/12/26 15:04:12 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Terry\Desktop\OTL.exe
PRC - [2009/12/23 03:44:05 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/04/11 16:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
========== Modules (SafeList) ==========
MOD - [2010/12/26 15:04:12 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Terry\Desktop\OTL.exe
MOD - [2010/09/01 01:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Trend Micro\TrendSecure\SecurityActivityDashboard\tmarsvc.exe -- (Security Activity Dashboard Service)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Zondex\Zondex Guard\lsfsserv.exe -- (AVService)
SRV - [2010/11/09 02:40:56 | 000,715,440 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/09/23 00:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010/09/22 16:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010/08/16 11:34:42 | 000,689,416 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2010/08/16 11:34:42 | 000,497,008 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - [2010/08/16 11:34:42 | 000,345,352 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2010/05/26 07:22:03 | 002,179,076 | ---- | M] (NCH Software) [Disabled | Stopped] -- C:\Program Files\NCH Software\ExpressAccounts\expressaccounts.exe -- (ExpressAccountsService)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/28 17:47:26 | 002,465,796 | ---- | M] (NCH Software) [Disabled | Stopped] -- C:\Program Files\NCH Software\ExpressInvoice\expressinvoice.exe -- (ExpressInvoiceService)
SRV - [2009/09/25 11:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2008/01/19 17:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/19 13:21:16 | 000,141,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007/10/19 13:19:22 | 000,141,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007/10/19 13:17:28 | 000,186,904 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/01/01 18:29:12 | 000,425,472 | ---- | M] (Australian Project Pty Limited) [Disabled | Stopped] -- C:\Windows\System32\AvMonitor.exe -- (AvSvcMonitor)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbnet.sys -- (ZTEusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\neokdss.sys -- (neokdss)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2010/09/23 00:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010/08/16 11:34:52 | 000,283,152 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmwfp.sys -- (tmwfp)
DRV - [2010/08/16 11:34:52 | 000,146,448 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmlwf.sys -- (tmlwf)
DRV - [2010/08/16 11:34:52 | 000,089,872 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/07/31 03:29:10 | 000,249,424 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmxpflt.sys -- (tmxpflt)
DRV - [2010/07/31 03:29:00 | 000,036,432 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmpreflt.sys -- (tmpreflt)
DRV - [2010/07/31 03:06:08 | 001,331,512 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vsapint.sys -- (vsapint)
DRV - [2010/07/20 04:03:10 | 000,059,472 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2010/07/20 04:03:00 | 000,051,792 | ---- | M] (Trend Micro Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2010/07/20 04:02:54 | 000,163,408 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2009/04/11 14:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB Audio Driver (WDM)
DRV - [2009/04/11 14:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2008/07/03 17:03:48 | 002,152,088 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/06/27 10:52:02 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2008/05/08 13:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 13:04:16 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2008/05/08 13:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/03/25 16:44:24 | 002,307,072 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)
DRV - [2008/02/18 05:18:11 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008/02/18 05:18:11 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008/02/18 05:18:11 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2007/12/12 09:51:28 | 000,021,280 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\PC-Doctor 5 for Windows\pcd5srvc.pkms -- (PCD5SRVC{BD6912E3-AC9D80E8-05040000})
DRV - [2007/10/19 13:16:30 | 002,109,976 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/10/18 15:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/11 18:59:24 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007/10/11 18:59:02 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/10/04 02:18:12 | 000,099,840 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2007/01/01 18:29:04 | 000,074,624 | ---- | M] (Leprechaun Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\lsfsfixp.sys -- (AVFilter)
DRV - [2006/11/02 19:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2006/11/02 19:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2006/11/02 19:51:34 | 000,316,520 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2006/11/02 19:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2006/11/02 19:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2006/11/02 19:51:25 | 000,232,040 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2006/11/02 19:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2006/11/02 19:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2006/11/02 19:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2006/11/02 19:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006/11/02 19:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006/11/02 19:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2006/11/02 19:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2006/11/02 19:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006/11/02 19:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006/11/02 19:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2006/11/02 19:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2006/11/02 19:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006/11/02 19:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2006/11/02 19:50:10 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2006/11/02 19:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid2.sys -- (SiSRaid2)
DRV - [2006/11/02 19:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2006/11/02 19:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2006/11/02 19:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006/11/02 19:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006/11/02 19:50:05 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2006/11/02 19:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006/11/02 19:50:04 | 000,065,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2006/11/02 19:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006/11/02 19:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006/11/02 19:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006/11/02 19:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2006/11/02 18:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrSerId.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006/11/02 18:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006/11/02 18:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006/11/02 18:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006/11/02 18:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006/11/02 18:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006/11/02 17:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006/11/02 17:30:54 | 000,117,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel®
DRV - [2005/12/13 02:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
DRV - [2005/05/27 19:46:22 | 000,913,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\LV302AV.SYS -- (PID_08A0) QuickCam IM(PID_08A0)
DRV - [2005/05/27 19:31:28 | 000,022,016 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/ig?hl=en
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {8B72860F-C5F8-4286-865E-D2C2DB98A9E6}:0.9.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.11.6
FF - prefs.js..extensions.enabledItems: [email protected]:11.0.0.0
FF - prefs.js..extensions.enabledItems: {75623d5d-4683-402a-b610-ac4bab767c86}:3.0.3
FF - prefs.js..extensions.enabledItems: {22181a4d-af90-4ca3-a569-faed9118d6bc}:1.2.0.1073
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..keyword.URL: "http://www.mywebsear...139&searchfor="
FF - HKLM\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2010/08/16 11:49:33 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/12 13:26:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/25 17:29:38 | 000,000,000 | ---D | M]
[2010/01/19 17:18:34 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Mozilla\Extensions
[2010/12/26 15:09:39 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\extensions
[2010/01/19 17:25:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/01/19 17:25:45 | 000,000,000 | ---D | M] (Surf Canyon - Search Engine Assistant) -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86}
[2010/01/19 17:25:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\extensions\{8B72860F-C5F8-4286-865E-D2C2DB98A9E6}
[2010/01/19 17:25:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010/01/19 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\extensions\[email protected]
[2010/01/20 07:45:50 | 000,009,949 | ---- | M] () -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\searchplugins\mywebsearch.xml
[2010/12/26 15:09:41 | 000,002,291 | ---- | M] () -- C:\Users\Terry\AppData\Roaming\Mozilla\Firefox\Profiles\r2bhleah.default\searchplugins\surf-canyon.xml
[2010/12/06 16:15:54 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010/05/10 08:19:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/24 08:29:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/12/06 16:15:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010/09/15 04:50:38 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/12/22 13:30:24 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/12/22 13:30:24 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/12/22 13:30:24 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/12/22 13:30:24 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2006/09/19 07:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [RemoveIT Pro v7Ultra] C:\Program Files\InCode Solutions\RemoveIT Pro v7 Ultra\removeit.exe File not found
O4 - HKCU..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1100465 -Mozilla\4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident\4.0; File not found
O4 - HKLM..\RunOnceEx: [] File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: bigpond.com ([register] https in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Mahjong%20Escape%20-%20Ancient%20Japan/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Terry\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O24 - Desktop BackupWallPaper: C:\Users\Terry\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/02/18 05:57:16 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{7a8a3f7e-39c4-11dd-b299-001d92b1f81e}\Shell\AutoRun\command - "" = K:\setupSNK.exe -- File not found
O33 - MountPoints2\{7a8a3f81-39c4-11dd-b299-001d92b1f81e}\Shell - "" = AutoRun
O33 - MountPoints2\{7a8a3f81-39c4-11dd-b299-001d92b1f81e}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2010/12/26 15:04:09 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\Terry\Desktop\OTL.exe
[2010/12/26 12:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\AxBx
[2010/12/25 14:28:57 | 000,000,000 | ---D | C] -- C:\Users\Terry\AppData\Roaming\Malwarebytes
[2010/12/25 14:28:50 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/25 14:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/12/25 14:28:46 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/25 14:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/12/12 13:25:36 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/12/07 12:51:00 | 000,000,000 | ---D | C] -- C:\Users\Terry\Documents\Prestige Quotes
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/12/26 16:52:42 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/12/26 16:27:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/12/26 16:01:49 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/12/26 16:01:49 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/12/26 16:01:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/12/26 16:00:49 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/12/26 16:00:37 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE
[2010/12/26 15:09:30 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{822AA00D-D0A5-4E91-A606-0C7C1D1DA95D}.job
[2010/12/26 15:04:12 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Terry\Desktop\OTL.exe
[2010/12/26 14:56:44 | 000,002,305 | ---- | M] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2010/12/26 12:33:21 | 000,000,888 | ---- | M] () -- C:\Users\Terry\Desktop\Multi Virus Cleaner 2009.lnk
[2010/12/25 19:03:15 | 000,000,940 | ---- | M] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2010/12/25 17:41:38 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/12/25 14:28:50 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/22 18:21:49 | 000,001,455 | ---- | M] () -- C:\Users\Terry\Desktop\Daily Job Sheets.lnk
[2010/12/20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010/12/20 18:08:40 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010/12/19 04:46:24 | 000,000,232 | ---- | M] () -- C:\Users\Terry\Desktop\Mobile Phones Crazy John's.url
[2010/12/17 15:56:52 | 000,000,331 | ---- | M] () -- C:\Users\Terry\Desktop\Blind Orders Online.url
[2010/12/16 08:31:53 | 000,002,651 | ---- | M] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word.lnk
[2010/12/16 07:55:38 | 000,396,352 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010/12/14 12:53:57 | 000,000,211 | ---- | M] () -- C:\Users\Terry\Desktop\NAB -.url
[2010/12/13 17:42:12 | 000,000,328 | ---- | M] () -- C:\Users\Terry\Desktop\4KQ ~Classic Hits all Day~.url
[2010/12/12 13:25:57 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/12/12 13:23:07 | 000,000,430 | ---- | M] () -- C:\Users\Terry\Desktop\St. Patrick's Day Games.url
[2010/12/11 16:23:33 | 000,002,609 | ---- | M] () -- C:\Users\Terry\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel.lnk
[2010/12/11 16:11:01 | 000,001,809 | ---- | M] () -- C:\Users\Terry\Desktop\Jason Invoicing Master.lnk
[2010/12/07 14:03:32 | 000,001,121 | ---- | M] () -- C:\Users\Terry\Desktop\Xmas 2010 - Shortcut.lnk
[2010/12/05 19:19:42 | 000,000,010 | ---- | M] () -- C:\Windows\popcinfo.dat
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/12/26 16:00:36 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/12/26 12:33:21 | 000,000,888 | ---- | C] () -- C:\Users\Terry\Desktop\Multi Virus Cleaner 2009.lnk
[2010/12/25 18:14:06 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20101225.log
[2010/12/25 14:28:50 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/12/12 13:25:57 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk
[2010/12/07 14:03:32 | 000,001,121 | ---- | C] () -- C:\Users\Terry\Desktop\Xmas 2010 - Shortcut.lnk
[2010/12/05 19:19:42 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
[2010/11/23 13:41:59 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20101123.log
[2010/11/12 12:04:52 | 000,031,567 | ---- | C] () -- C:\Windows\maxlink.ini
[2010/11/12 11:56:05 | 000,000,349 | ---- | C] () -- C:\ProgramData\OutlookFail.20101112.log
[2010/11/12 11:41:50 | 000,106,496 | ---- | C] () -- C:\Windows\System32\BrMuSNMP.dll
[2010/11/07 09:09:13 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20101107.log
[2010/11/03 16:45:54 | 000,000,213 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010/11/03 16:45:54 | 000,000,094 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010/10/13 07:03:44 | 000,000,525 | ---- | C] () -- C:\ProgramData\OutlookFail.20101013.log
[2010/10/10 11:27:26 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20101010.log
[2010/10/03 11:09:09 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20101003.log
[2010/09/23 12:05:20 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100923.log
[2010/09/15 11:26:48 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100915.log
[2010/09/14 18:16:08 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100914.log
[2010/09/01 06:54:48 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20100901.log
[2010/08/28 16:42:30 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100828.log
[2010/08/08 18:22:29 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100808.log
[2010/07/30 07:05:19 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100730.log
[2010/07/04 16:51:53 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20100704.log
[2010/06/20 18:15:14 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100620.log
[2010/06/02 10:12:53 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100602.log
[2010/06/01 16:53:18 | 000,000,041 | ---- | C] () -- C:\Windows\MYOB.INI
[2010/06/01 16:53:17 | 000,000,338 | ---- | C] () -- C:\Windows\MYOBP.INI
[2010/06/01 11:48:35 | 000,000,663 | ---- | C] () -- C:\Windows\openrda.ini
[2010/06/01 11:48:12 | 000,000,000 | ---- | C] () -- C:\Windows\drvxl32.INI
[2010/06/01 11:48:10 | 000,000,000 | ---- | C] () -- C:\Windows\drvwd32.INI
[2010/05/14 08:19:20 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100514.log
[2010/05/09 12:20:48 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100509.log
[2010/05/04 07:11:53 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100504.log
[2010/04/27 06:45:11 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100427.log
[2010/04/25 08:55:25 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100425.log
[2010/03/10 19:42:50 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100310.log
[2010/02/18 15:58:07 | 000,000,350 | ---- | C] () -- C:\ProgramData\OutlookFail.20100218.log
[2010/02/14 07:50:14 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100214.log
[2010/01/27 20:21:31 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/01/23 08:39:14 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100123.log
[2010/01/16 09:42:52 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100116.log
[2010/01/12 08:41:28 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100112.log
[2010/01/10 11:37:11 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100110.log
[2010/01/05 16:29:16 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2010/01/05 16:29:16 | 000,000,040 | ---- | C] () -- C:\Windows\BRDIAG.INI
[2010/01/05 16:29:16 | 000,000,023 | ---- | C] () -- C:\Windows\Brownie.ini
[2010/01/05 16:29:12 | 000,026,624 | ---- | C] () -- C:\Windows\System32\BRGSRC32.DLL
[2010/01/05 16:29:12 | 000,004,608 | ---- | C] () -- C:\Windows\System32\BRGSRC16.DLL
[2010/01/05 16:29:11 | 000,009,013 | ---- | C] () -- C:\Windows\HL-2040.INI
[2009/12/30 08:09:53 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20091230.log
[2009/12/16 18:43:52 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lslsimon.dll
[2009/12/15 10:52:54 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20091215.log
[2009/12/15 08:02:15 | 000,000,081 | ---- | C] () -- C:\Windows\Nrjs.ini
[2009/12/11 11:01:22 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20091211.log
[2009/12/09 13:22:28 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20091209.log
[2009/11/27 07:03:49 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20091127.log
[2009/11/14 20:55:42 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20091114.log
[2009/11/05 21:08:49 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20091105.log
[2009/10/29 14:43:36 | 000,000,760 | ---- | C] () -- C:\Users\Terry\AppData\Roaming\setup_ldm.iss
[2009/10/25 07:50:25 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20091025.log
[2009/10/15 10:51:45 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20091015.log
[2009/09/17 13:39:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/07/26 13:43:46 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20090726.log
[2009/07/24 17:52:36 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20090724.log
[2009/07/23 19:38:11 | 000,000,348 | ---- | C] () -- C:\ProgramData\OutlookFail.20090723.log
[2009/07/07 09:50:55 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20090707.log
[2009/05/30 12:00:40 | 000,000,105 | ---- | C] () -- C:\Windows\ka.ini
[2009/03/29 12:31:01 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20090329.log
[2009/03/27 17:31:28 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20090327.log
[2008/12/09 15:36:08 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2008/12/09 15:36:07 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2008/11/23 13:50:36 | 000,000,183 | ---- | C] () -- C:\Windows\compedia.ini
[2008/11/05 13:41:25 | 000,000,612 | ---- | C] () -- C:\Users\Terry\AppData\Roaming\wklnhst.dat
[2008/09/02 11:09:07 | 000,002,508 | ---- | C] () -- C:\Users\Terry\AppData\Roaming\$_hpcst$.hpc
[2008/06/14 16:17:16 | 000,007,680 | ---- | C] () -- C:\Users\Terry\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/14 13:26:25 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2008/06/12 07:44:50 | 000,000,680 | ---- | C] () -- C:\Users\Terry\AppData\Local\d3d9caps.dat
[2008/03/25 16:56:08 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1461.dll
[2008/02/18 05:49:06 | 000,000,342 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008/02/18 05:31:26 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2008/02/18 05:31:26 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2008/02/18 05:19:39 | 001,838,408 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/02/18 05:19:39 | 001,399,880 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/02/18 05:19:39 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1364.dll
[2008/02/18 05:19:39 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/10/11 18:59:24 | 000,025,624 | ---- | C] () -- C:\Windows\System32\drivers\LVPr2Mon.sys
[2006/11/02 22:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 17:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/05/05 18:26:00 | 000,335,872 | ---- | C] () -- C:\Windows\System32\ctreestd.dll
[2002/03/04 10:16:34 | 000,110,592 | R--- | C] () -- C:\Windows\System32\Jpeg32.dll
[2000/01/31 08:02:00 | 000,047,104 | ---- | C] () -- C:\Windows\System32\Wh2Robo.dll
[1999/01/27 13:39:06 | 000,065,024 | ---- | C] () -- C:\Windows\System32\indounin.dll
[1997/06/13 07:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
========== LOP Check ==========
[2010/11/20 15:43:02 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\7Wonders
[2009/10/11 11:56:51 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Alawar
[2009/03/19 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Anabel
[2009/09/05 18:37:53 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Big Fish Games
[2009/11/11 15:37:57 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\blg
[2009/12/09 18:21:13 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\CoSoSys
[2008/12/11 08:26:17 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\DNA
[2008/06/16 15:26:49 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\EDS software
[2009/09/12 18:07:38 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\ERS G-Studio
[2008/06/14 13:45:05 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\FotoWire
[2009/12/15 18:04:49 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Game Mill Entertainment
[2009/11/08 10:48:04 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Lazy Turtle Games
[2009/08/25 18:08:02 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\MA
[2010/11/08 18:23:01 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Magic Academy
[2009/09/06 19:17:48 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\MagicBall4
[2008/06/14 13:18:36 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\MRTalk
[2008/06/14 16:14:25 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\muvee Technologies
[2008/08/02 07:39:29 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Playrix Entertainment
[2008/06/14 16:52:21 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\ScanSoft
[2008/10/19 10:21:25 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\School Zone Preferences
[2008/06/16 13:17:19 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\SpinTop
[2009/08/18 15:21:02 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\SpinTop Games
[2010/09/30 09:16:47 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\SPORE Creature Creator
[2009/07/07 10:22:01 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Telstra
[2009/11/17 17:49:56 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\Template
[2008/06/12 09:41:47 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\WildTangent
[2008/07/03 19:24:05 | 000,000,000 | ---D | M] -- C:\Users\Terry\AppData\Roaming\WinBatch
[2010/12/26 16:00:50 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010/12/26 15:09:30 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{822AA00D-D0A5-4E91-A606-0C7C1D1DA95D}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:D37966A8
@Alternate Data Stream - 234 bytes -> C:\ProgramData\TEMP:2495D97A
@Alternate Data Stream - 220 bytes -> C:\ProgramData\TEMP:7AF9CAEB
@Alternate Data Stream - 212 bytes -> C:\ProgramData\TEMP:4A2862FF
@Alternate Data Stream - 208 bytes -> C:\ProgramData\TEMP:870649A4
@Alternate Data Stream - 201 bytes -> C:\ProgramData\TEMP:25249477
@Alternate Data Stream - 147 bytes -> C:\ProgramData\TEMP:9E76E7F3
@Alternate Data Stream - 140 bytes -> C:\ProgramData\TEMP:EA10407C
@Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:89C28CF6
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:F84B8DB5
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:B3938129
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:8CCA8DB4
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:3E69E337
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:7C60A173
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:DA18FD1D
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:A3E01678
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:8BB2EC84
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:7F65E62F
@Alternate Data Stream - 107 bytes -> C:\ProgramData\TEMP:211ED887
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:69C58877
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:68F4226F
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:7FDF5B65
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:77A023CE
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:00F7B10F
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:00C3A74E
< End of report >
Extras File
OTL Extras logfile created on: 26/12/2010 4:57:18 PM - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Terry\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy
2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 52.00% Memory free
4.00 Gb Paging File | 3.00 Gb Available in Paging File | 78.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 325.53 Gb Total Space | 263.62 Gb Free Space | 80.98% Space Free | Partition Type: NTFS
Drive D: | 9.82 Gb Total Space | 1.19 Gb Free Space | 12.12% Space Free | Partition Type: NTFS
Computer Name: TERRY-PC | User Name: Terry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E48D42-B27C-41EE-85B0-670D2B6EF0A1}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{0A0279E2-FE04-45E3-A4A8-58BA9EF3B202}" = rport=137 | protocol=17 | dir=out | app=system |
"{126FAA8C-586A-42D6-81A9-D32926795154}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{14BD4B83-904A-47ED-8FFB-20399117C6A2}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{15489E72-511B-4379-95C3-CC9DCDFEFC21}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{20D31364-2F60-4996-B27A-132B56C2D7AD}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{29C05897-BBC8-4DF5-8568-A21EB5C55C10}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2A48CA0A-DF71-4BE5-8190-C820FD3A53C4}" = lport=138 | protocol=17 | dir=in | app=system |
"{2A9F5433-55C7-4381-91CD-023E5AD4C0B6}" = lport=26675 | protocol=6 | dir=in | name=activesync service |
"{3799D237-3DED-4BD9-9A75-4553786E795C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{392076FC-68CF-4D67-AB8C-1497326C9B12}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{58C9EA7C-A881-4E39-9983-98B2C7DD5BC9}" = rport=139 | protocol=6 | dir=out | app=system |
"{5B2FA2C6-066B-456D-8B4F-AA57726F59C7}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{870F60CA-756E-4B87-9F1B-D048AD11955A}" = lport=139 | protocol=6 | dir=in | app=system |
"{8E1E6775-77D4-4863-B3C3-8C9C57FDCA36}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{923991C3-1604-4ACF-914F-F9657383B2B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{92A495A2-7AF9-4393-BA70-E4F75CB58F77}" = lport=2869 | protocol=6 | dir=in | app=system |
"{ADCF7E41-33AC-43A0-B584-8C70225A49B7}" = rport=445 | protocol=6 | dir=out | app=system |
"{B873FFC0-D4D2-47B4-8703-E9DF5ECDCF13}" = lport=445 | protocol=6 | dir=in | app=system |
"{BF894A32-8515-4EAC-BA01-06CFE50FC042}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CA9EBE25-7BC1-489D-8453-96B15440F39C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CF3979C8-647F-49F6-836D-DEBDBD56503F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{DB0C7B28-F6B4-4187-8A45-07320CBC25F3}" = lport=4100 | protocol=17 | dir=in | name=upnp router control port |
"{EBA6AE13-DEAC-4BE8-BA9E-E6C933F80C8E}" = lport=137 | protocol=17 | dir=in | app=system |
"{F6579AC3-839B-4859-AADC-F06C003E7DDA}" = rport=138 | protocol=17 | dir=out | app=system |
"{FF339AFB-DBC5-446A-9A11-0D62DEBAE40C}" = lport=26675 | protocol=6 | dir=in | name=activesync service |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{172ECABD-BD15-4A1C-9049-6EA7185FD5FC}" = protocol=1 | dir=in | [email protected],-28543 |
"{209267AF-4817-464B-B5C5-500363F9EFD2}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{23CB8345-D800-4E9E-BC46-EBBB5B0F6AA5}" = protocol=17 | dir=in | app=c:\program files\microsoft activesync\wcescomm.exe |
"{2812F4F4-688E-4E96-BC5C-6BC40A5829F4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2AB58A15-7A5D-4489-95CB-C3272CC21AC3}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{30F211BF-A4BC-43DC-A479-6F5169F1CE4A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{36A6D528-BEB2-4521-8050-F02623EACB4C}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{3A4EF973-DA11-4A2B-91CF-E5C394A9E732}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{44352E1F-7149-42FB-BBB9-EFBD015B322C}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{44EC8C20-9DE1-46D7-B1D0-A264F2473203}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
"{477A1E0A-8B06-4015-BE47-019204E11A47}" = protocol=6 | dir=in | app=c:\program files\microsoft activesync\rapimgr.exe |
"{4F82CC5A-074F-4968-B74F-DB1A3F2B95D2}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{519C0395-2997-4E71-B524-13C1E2531397}" = protocol=17 | dir=in | app=c:\program files\microsoft activesync\rapimgr.exe |
"{589A46C1-A4F7-4061-AE16-263E870A6D46}" = protocol=6 | dir=in | app=c:\program files\microsoft activesync\wcesmgr.exe |
"{60DFC938-A94D-46BD-9E4C-1F38928437BE}" = protocol=17 | dir=in | app=c:\program files\microsoft activesync\wcesmgr.exe |
"{74074518-DCD5-4F1A-8CEC-02B472F96E10}" = protocol=17 | dir=in | app=c:\program files\microsoft activesync\wcesmgr.exe |
"{78467FFA-F458-4742-A198-0B883D51FA61}" = protocol=6 | dir=in | app=c:\program files\microsoft activesync\rapimgr.exe |
"{7BD97A5F-3A26-4FAF-93BB-5578903786E2}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{7ECA29F8-B173-4E10-90BC-C3FE1E46E42F}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{8151B81C-64BC-443A-BA1C-075CAFD88F3D}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{89B8060C-73E8-465A-B112-D0F15F4A6923}" = protocol=6 | dir=in | app=c:\program files\microsoft activesync\wcescomm.exe |
"{8DF39B86-0C43-4F08-99DE-27C217331236}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{97BC9F38-9715-447C-8CAC-A4F4321CD457}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{A092ECD1-6D8A-42D6-B004-62308D0D3729}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{AB3007A8-FE95-4E5E-9969-EC998257BDF6}" = protocol=6 | dir=in | app=c:\program files\microsoft activesync\wcescomm.exe |
"{AE24CC90-6096-46C7-B0B6-5AE606383618}" = protocol=17 | dir=in | app=c:\program files\microsoft activesync\rapimgr.exe |
"{BC0DAF81-0F75-4FB8-9432-9210DA94F61C}" = protocol=58 | dir=out | [email protected],-28546 |
"{CA233302-EDDE-41D0-BC1D-CE1074BC9DB1}" = protocol=1 | dir=out | [email protected],-28544 |
"{D6F05B40-63E6-4834-8DB0-F7BC7C12D150}" = protocol=6 | dir=in | app=c:\program files\microsoft activesync\wcesmgr.exe |
"{DFEEAA4B-ED54-4FB0-8A94-1998DB39EF8A}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E87F495F-52D5-4FF3-9932-DC1029902C12}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{F266BF10-88A8-40DC-9E79-83D2C4C2EA73}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F2AC3F6E-5656-4869-AD57-C0CBCF0B85FE}" = protocol=58 | dir=in | [email protected],-28545 |
"{F454894A-2055-4BE3-AEFD-36BEF9768FDE}" = protocol=17 | dir=in | app=c:\program files\microsoft activesync\wcescomm.exe |
"{F65D0854-33C3-431E-A8A3-844254A82DB7}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{0244D6A4-6F3B-4E53-B385-227F040F2C5E}" = MYOB Accounting v18
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1BCE2581-B7CA-4BB4-BDFB-D113506AA38B}" = HP Easy Setup - Frontend
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java™ 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2EA3EAAF-5515-472F-8E24-17F600829F37}" = Junior Science
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34DAFDEC-A4B4-488A-A5CD-C91975A6F083}" = MediaRing Talk
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{441246E4-64A9-4D61-9EA5-56EE4E14D8B0}_is1" = Ben 10 Escape Fury
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5115C036-C0D5-4E1B-81C9-542CA967478A}" = muvee autoProducer 6.1
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{59AE3CCC-7AE7-4C08-B20D-5592854001EF}" = Brother HL-2040
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{60DD2787-197D-4303-ABAC-7B4DAA373CB2}" = Navman SmartST Desktop 2006 SE
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security Pro
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{771f78af-8d38-421a-b23c-d7d45008dc8d}.sdb" = SCREENSEVEN
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7929C3E9-A036-40D5-AA8C-0FEEAC593529}_is1" = UltraSMS
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8C2690CF-5B74-4F93-8139-7B5644CD6A3B}" = MobileMe Control Panel
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CC42289-E228-4A35-B8A9-015242283BB2}" = SPORE™ Creature Creator
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile Device Center
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}" = Logitech QuickCam
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security Pro
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A06176AF-7494-4B29-BE74-F01323AD3233}" = MYOB BusinessBasics v1
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A637F36B-2B36-11D4-A322-0001020A6A3D}" = LEGO Creator Knights' Kingdom
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B208806F-A231-4FA0-AB3F-5C1B8979223E}" = Microsoft ActiveSync 4.0
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}" = EA Download Manager UI
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B7C0BF-E165-4DF0-8188-4DE1B47BE4E0}" = Zondex Guard
"{C8D47273-7A1A-4614-A3D8-263632D8A5ED}" = HP Customer Experience Enhancements
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1565BD9-6E66-4292-90C6-5FC70A98A428}" = MYOB ODBC Direct v8 AUS
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1" = Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile Device Center Driver Update
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"3D Mahjongg" = 3D Mahjongg
"76322c23820ae7473cdebbff3eceb262" = Cars
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"arcaderush Toolbar" = arcaderush Toolbar
"BFG-Aztec Tribe" = Aztec Tribe
"BFGC" = Big Fish Games: Game Manager
"BFG-Hidden Object of Desire" = Harlequin Presents ™: Hidden Object of Desire
"BFG-Lost Realms - The Curse of Babylon" = Lost Realms: The Curse of Babylon
"Casper Mystery In The Castle_is1" = Casper Mystery In The Castle
"CleanUp!" = CleanUp!
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1" = EA Download Manager UI
"EA Download Manager" = EA Download Manager
"Escape Rosecliff Island" = Escape Rosecliff Island
"e-tax 2008" = e-tax 2008
"ExpressAccounts" = Express Accounts
"ExpressInvoice" = Express Invoice
"GodsWar Online_is1" = GodsWar Online
"Google Chrome" = Google Chrome
"HCA - The Ugly Prince Duckling_is1" = HCA - The Ugly Prince Duckling
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"Imaginext™ Pirate Raider" = Imaginext™ Pirate Raider
"InstallShield_{0244D6A4-6F3B-4E53-B385-227F040F2C5E}" = MYOB Accounting v18
"InstallShield_{A06176AF-7494-4B29-BE74-F01323AD3233}" = MYOB BusinessBasics v1
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D1565BD9-6E66-4292-90C6-5FC70A98A428}" = MYOB ODBC Direct v8 AUS
"Logitech Print Service" = Logitech Print Service
"lvdrivers_11.50" = Logitech QuickCam Driver Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mortimer Beckett" = Mortimer Beckett
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"Multi Virus Cleaner 2009_is1" = Multi Virus Cleaner 2009
"Mythic Mahjong" = Mythic Mahjong
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PROHYBRIDR" = 2007 Microsoft Office system
"PROR" = Microsoft Office Professional 2007
"Puzzle Play Dot-to-Dots" = Puzzle Play Dot-to-Dots
"QuickDesign ver 1" = HR Design QuickDesign ver 1 1.0.2.0
"Treasure Island 2_is1" = Treasure Island 2
"WildTangent hp Master Uninstall" = HP Games
"WildTangent wildgames Master Uninstall" = WildGames
"WinLiveSuite" = Windows Live Essentials
"WTA-5a8545b0-7180-40b9-8daa-2a64c15a082a" = Lost Lagoon - The Trail of Destiny
"WTA-6dc7e153-4c4d-4cde-ba08-406dc35d912b" = Kong: Skull Island Adventure
"WTA-fca3bc07-ed11-4080-b8d0-fc691b344430" = Zzed
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"Free Realms Installer" = Free Realms Installer
"SOE-Free Realms" = Free Realms
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 18/02/2010 5:24:39 AM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application TMAS_OL.exe, version 5.5.0.1455, time stamp 0x4b25c125,
faulting module TMAS_OL.exe, version 5.5.0.1455, time stamp 0x4b25c125, exception
code 0x40000015, fault offset 0x000a2b61, process id 0x37ec, application start time
0x01cab07c22321cea.
Error - 18/02/2010 6:24:40 PM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application UltraSMS.exe, version 1.5.1.2, time stamp 0x49e58dbe,
faulting module version.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception
code 0xc0000135, fault offset 0x00009eed, process id 0x12dc, application start time
0x01cab0e924e83f5e.
Error - 18/02/2010 6:24:41 PM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784,
faulting module HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784, exception
code 0xc0000005, fault offset 0x0001c15e, process id 0x10bc, application start time
0x01cab0e921c3ae9e.
Error - 19/02/2010 6:23:22 PM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784,
faulting module HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784, exception
code 0xc0000005, fault offset 0x0001c15e, process id 0xa68, application start time
0x01cab1b21543f80d.
Error - 20/02/2010 6:45:51 AM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784,
faulting module HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784, exception
code 0xc0000005, fault offset 0x0001c15e, process id 0x10b0, application start time
0x01cab219d8d55050.
Error - 20/02/2010 6:45:51 AM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application UltraSMS.exe, version 1.5.1.2, time stamp 0x49e58dbe,
faulting module version.dll, version 6.0.6002.18005, time stamp 0x49e03821, exception
code 0xc0000135, fault offset 0x00009eed, process id 0x128c, application start time
0x01cab219da4b0830.
Error - 20/02/2010 6:56:25 PM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784,
faulting module HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784, exception
code 0xc0000005, fault offset 0x0001c15e, process id 0xc54, application start time
0x01cab27fe5a762c5.
Error - 21/02/2010 10:20:37 PM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784,
faulting module HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784, exception
code 0xc0000005, fault offset 0x0001c15e, process id 0x844, application start time
0x01cab3659be00e16.
Error - 21/02/2010 10:23:43 PM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application TMAS_OL.exe, version 5.5.0.1455, time stamp 0x4b25c125,
faulting module TMAS_OL.exe, version 5.5.0.1455, time stamp 0x4b25c125, exception
code 0x40000015, fault offset 0x000a2b61, process id 0x9fc, application start time
0x01cab365f576a016.
Error - 22/02/2010 5:44:33 PM | Computer Name = Terry-PC | Source = Application Error | ID = 1000
Description = Faulting application HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784,
faulting module HotbarSA.exe, version 11.0.78.0, time stamp 0x4aafe784, exception
code 0xc0000005, fault offset 0x0001c15e, process id 0x480, application start time
0x01cab40833e18a2d.
[ Media Center Events ]
Error - 17/11/2009 3:47:51 AM | Computer Name = Terry-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
[ OSession Events ]
Error - 11/06/2008 7:30:57 PM | Computer Name = Terry-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6300.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 48
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11/06/2008 8:05:58 PM | Computer Name = Terry-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6300.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 36
seconds with 0 seconds of active time. This session ended with a crash.
Error - 11/06/2008 8:11:26 PM | Computer Name = Terry-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6300.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 55
seconds with 0 seconds of active time. This session ended with a crash.
Error - 28/03/2009 10:31:06 PM | Computer Name = Terry-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 5340
seconds with 960 seconds of active time. This session ended with a crash.
Error - 1/04/2010 7:12:24 PM | Computer Name = Terry-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 158
seconds with 60 seconds of active time. This session ended with a crash.
Error - 1/09/2010 11:37:13 PM | Computer Name = Terry-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 334
seconds with 120 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 25/12/2010 3:55:07 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/12/2010 3:55:07 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/12/2010 4:38:16 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/12/2010 4:38:16 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/12/2010 5:18:43 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/12/2010 5:18:43 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/12/2010 8:57:16 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25/12/2010 8:57:16 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26/12/2010 2:03:27 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26/12/2010 2:03:27 AM | Computer Name = Terry-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Any and all help will be muchly appreciated, thanks.
Edited by I8A4RE, 26 December 2010 - 01:38 AM.
Sign In
Create Account
