For the last several weeks my pc has been very slow; 2 days ago i took action to start cleaning up (media) files to see if it would run faster. Once I finished deleting the files I ran disk clean up and followed it with disk defragmentor. I had a program (I have removed it now) call driver checker, ran this program and it stated one of my intel drivers needed updating...so I went to the intel site to do a scan to ensure an update was actually needed, prior to scaning it stated that I would need to update java and to temporarily allow pop ups to run the scan. I did this, however when I tried to preform the scan it said java needed an older version (?) anyhow I just decided to forget checking the driver any further and closed down the pc for the night.
The following day when I logged on to continue my cleansing efforts non of my security programs worked. A friend recommended installing avast and doing a scan, I did a quick scan nothing was found; i then did a deep scan and 2 music files were infected so I "put them in the chest" and applied. It then advised that a boot scan would be required and to restart the pc for this to take place. When the boot scan was running there was about 8 infected files found at which point I deleted (the one I had some question about deleting was located in system32/seekeen My friend did a search on it and told me it was safe to delete so I did. I was so confident that when the desktop loaded I'd be all set.....not even close.
I searched through files and did some research to find out how I could get the windows security to work...went through some process and found the file exe pertaining to security center and when I clicked on it nothing happened (I should mention that when viewing the source of the file it did not state microsoft as the company).
I went to the microsoft site to see if there was anything I could download to correct this, they had a free scanner available which I used and it detected and deleted several more corrupt files....still no fix. After reading numerous posts on your forum I installed hijackthis and ran several reports however it would not allow a log to be created. I saw everyone advising to use Malwarebytes-Antimalware so I downloaded and ran a scan, there was another 2 trojans, 2 adwares, and another type of corrupt file so I had malware take steps to resolve these issues. Rescanned and results came back as 0 infected files. When the pc restarted still no end result for my anti-spyware problems.
I then downloaded the inherit program recommended to one of the others experiencing similar problems however this program would not launch.
I need some help please!!
here is the log from Malwarebytes-Antimalware:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6133
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8080.16413
22/03/2011 3:21:47 PM
mbam-log-2011-03-22 (15-21-46).txt
Scan type: Quick scan
Objects scanned: 171844
Time elapsed: 17 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RkHit (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: (regedit.exe "%1") -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Windows\System32\drivers\RKHit.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\$RECYCLE.BIN\s-1-5-21-2649331228-3696308728-864307741-1001\$RGYXT6B.exe (Adware.TryMedia) -> Quarantined and deleted successfully.
Thank you.
Additional: I have just run an OTL scan for your assessment as well:
OTL logfile created on: 23/03/2011 11:21:00 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Heather\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1,013.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 33.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.16 Gb Total Space | 124.46 Gb Free Space | 55.77% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 4.30 Gb Free Space | 44.26% Space Free | Partition Type: NTFS
Computer Name: ALYSSAS-PC | User Name: Heather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Heather\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe (Radialpoint Inc.)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RPS.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
========== Modules (SafeList) ==========
MOD - C:\Users\Heather\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80ENU.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll (Microsoft Corporation)
MOD - C:\Program Files\Rogers Backup Manager\VaultClientMenu.dll (Radialpoint SafeCare Inc.)
MOD - C:\Program Files\Rogers Backup Manager\VaultClientCOM.dll (Radialpoint SafeCare Inc.)
MOD - C:\Program Files\Rogers Backup Manager\libexpat.dll ()
MOD - C:\Windows\System32\msshsq.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll (Microsoft Corporation)
MOD - C:\Windows\System32\duser.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_d76cf65.dll ()
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (ServicepointService) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (GamesAppService) -- C:\Program Files\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (Radialpoint Security Services) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SRV - (RP_FWS) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
SRV - (VaultClientUpgrade) -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
SRV - (VaultClientSRV) -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe (IDT, Inc.)
SRV - (RadialpointIDSAgent) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (scan) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll (S.C. BitDefender S.R.L)
SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.)
SRV - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AlertService) Intel® -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
SRV - (Remote UI Service) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
SRV - (MCLServiceATL) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
SRV - (ISSM) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation)
SRV - (M1 Server) Intel® Viiv™ -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
========== Driver Services (SafeList) ==========
DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswNdis) -- C:\Windows\system32\DRIVERS\aswNdis.sys (ALWIL Software)
DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation)
DRV - (RPSKT) Security Services Driver (x86) -- C:\Windows\System32\drivers\rp_skt32.sys (Radialpoint Inc.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (Trufos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys (BitDefender S.R.L.)
DRV - (Profos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys (BitDefender S.R.L.)
DRV - (RadialpointIDSDriver) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys (AVG Technologies )
DRV - (RadialpointIDSFilter) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys (AVG Technologies )
DRV - (RadialpointIDSShim) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys (AVG Technologies )
DRV - (RadialpointIDSEH) -- C:\Windows\system32\drivers\AVGIDSEH.sys (AVG Technologies )
DRV - (bdfsfltr) -- C:\Windows\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (FlyUsb) -- C:\Windows\System32\drivers\FlyUsb.sys (LeapFrog)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (NETw2v32) Intel® -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (nmsgopro) -- C:\Windows\System32\drivers\nmsgopro.sys (Gteko Ltd.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: emoticons-msn-smi[email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/01/03 02:23:40 | 000,000,000 | ---D | M]
[2010/11/26 21:13:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heather\AppData\Roaming\Mozilla\Extensions
[2010/11/26 21:13:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heather\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/05/24 13:09:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heather\AppData\Roaming\Mozilla\Extensions\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
O1 HOSTS File: ([2008/09/11 02:22:53 | 000,264,251 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 9162 more lines...
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\RogersAgent.exe (Rogers Cable Communications)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\Run: [Update Manager] C:\Program Files\Rogers\Update Manager\UpdateManager.exe (Rogers Cable Communications Inc. )
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\RogersAgent.exe (Rogers Cable Communications)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002..\Run: [Update Manager] C:\Program Files\Rogers\Update Manager\UpdateManager.exe (Rogers Cable Communications Inc. )
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [NoIE4StubProcessing] File not found
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\RunOnce: [EZVInstaller] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: link = [binary data]
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: link = [binary data]
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Heather\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Heather\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/13 03:17:12 | 000,000,049 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\J\Shell - "" = AutoRun
O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Exif Launcher S.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Users^Heather^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe - (Sony Corporation)
MsConfig - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: FlyMonitor - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LifeCam - hkey= - key= - C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig - StartUpReg: NapsterShell - hkey= - key= - C:\Program Files\Napster\napster.exe (Napster)
MsConfig - StartUpReg: PWRISOVM.EXE - hkey= - key= - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SHS - hkey= - key= - C:\Program Files\Rogers\SelfHealing\SHS.exe (Rogers Cable Communications)
MsConfig - StartUpReg: SpywareCease.exe - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: Radialpoint Security Services - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SafeBootMin: RkHit.sys - Reg Error: Value error.
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: ServicepointService - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: Radialpoint Security Services - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: ServicepointService - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {1AF1E270-843C-BDE6-B4F2-D972DD93010C} - DirectX
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - Reg Error: Value error.
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5136A0CB-A036-E544-3D7C-7075D0FDFE7B} - DirectX
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{03F5D01C-F7DB-4F1A-9389-BF06ECDE5D44} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
========== Files/Folders - Created Within 30 Days ==========
[2011/03/22 14:44:26 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Roaming\Malwarebytes
[2011/03/22 14:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/22 14:43:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/03/22 14:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/22 14:42:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/03/22 14:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/22 12:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/22 12:51:36 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/03/22 11:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rogers Servicepoint Agent
[2011/03/22 11:08:49 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/03/22 00:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2011/03/21 16:50:43 | 000,301,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/03/21 16:50:43 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/03/21 16:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011/03/21 16:50:04 | 000,101,976 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011/03/21 16:42:22 | 000,192,728 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011/03/21 16:42:22 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/03/21 16:42:22 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/03/21 16:42:21 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/03/21 16:42:21 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/03/21 16:32:57 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011/03/21 16:32:54 | 000,040,648 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/03/21 16:32:42 | 000,190,016 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/03/21 16:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/03/21 16:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/03/20 23:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Cease 2011
[2011/03/03 16:25:12 | 000,000,000 | ---D | C] -- C:\Users\Heather\Desktop\101MSDCF
[2011/02/21 18:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Win98 Driver
[2011/02/21 18:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\USB Disk Win98 Driver
[2011/02/21 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Heather\Documents\*.tmp files -> C:\Users\Heather\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/03/23 11:17:03 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2649331228-3696308728-864307741-1002UA.job
[2011/03/23 11:17:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2649331228-3696308728-864307741-1002Core.job
[2011/03/23 10:31:09 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/23 10:13:23 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/23 09:59:39 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/23 09:59:38 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/23 09:59:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/23 09:59:18 | 1063,235,584 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/22 23:36:08 | 000,002,487 | ---- | M] () -- C:\Users\Heather\Desktop\HiJackThis.lnk
[2011/03/22 14:43:30 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/22 11:08:08 | 168,735,031 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/03/21 17:13:24 | 000,617,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/21 17:13:24 | 000,111,958 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/21 16:50:43 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/03/21 16:42:21 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/03/19 20:59:49 | 000,002,587 | ---- | M] () -- C:\Users\Heather\Desktop\Microsoft Office Word 2007.lnk
[2011/03/19 15:54:38 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\AdvancedDefrag Schedule.job
[2011/03/19 15:54:34 | 000,000,032 | ---- | M] () -- C:\Windows\__$tofn$__
[2011/03/18 03:36:45 | 000,002,052 | ---- | M] () -- C:\Users\Heather\Desktop\Google Chrome.lnk
[2011/03/18 03:36:45 | 000,002,014 | ---- | M] () -- C:\Users\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/14 12:53:44 | 000,192,512 | ---- | M] () -- C:\Users\Heather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 12:13:11 | 000,983,040 | -HS- | M] () -- C:\Users\Heather\Desktop\ehthumbs_vista.db
[2011/03/12 19:56:27 | 000,000,938 | ---- | M] () -- C:\Users\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2011/03/12 19:40:06 | 000,005,880 | ---- | M] () -- C:\Users\Heather\Desktop\Jar Of hearts.wlmp
[2011/03/08 21:34:45 | 000,019,244 | ---- | M] () -- C:\Windows\System32\Support.xml
[2011/03/03 22:25:24 | 000,238,349 | ---- | M] () -- C:\Users\Heather\Desktop\tumblr_lhi3puK9o21qbvlm4.gif
[2011/03/03 18:34:34 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/02/23 10:04:21 | 000,040,648 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/02/23 10:04:17 | 000,190,016 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/02/23 09:57:38 | 000,101,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011/02/23 09:56:55 | 000,371,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/02/23 09:56:45 | 000,301,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/02/23 09:56:41 | 000,192,728 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011/02/23 09:55:49 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/02/23 09:55:10 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/02/23 09:55:03 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/02/23 09:54:55 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/02/23 08:34:54 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011/02/21 21:48:02 | 001,314,944 | ---- | M] () -- C:\Users\Heather\Desktop\o_canada.mp3
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Heather\Documents\*.tmp files -> C:\Users\Heather\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/03/22 14:43:30 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/22 12:51:37 | 000,002,487 | ---- | C] () -- C:\Users\Heather\Desktop\HiJackThis.lnk
[2011/03/22 11:08:08 | 168,735,031 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/03/21 16:50:43 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/03/21 14:21:12 | 1063,235,584 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/12 19:40:06 | 000,005,880 | ---- | C] () -- C:\Users\Heather\Desktop\Jar Of hearts.wlmp
[2011/03/03 22:25:34 | 000,238,349 | ---- | C] () -- C:\Users\Heather\Desktop\tumblr_lhi3puK9o21qbvlm4.gif
[2011/03/03 18:34:34 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/02/21 21:48:10 | 001,314,944 | ---- | C] () -- C:\Users\Heather\Desktop\o_canada.mp3
[2010/10/13 19:17:58 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010/09/24 22:56:44 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/08/13 03:01:57 | 000,000,042 | ---- | C] () -- C:\Windows\System32\RegistryPatrolUpdates.ini
[2010/07/28 21:08:24 | 000,000,000 | ---- | C] () -- C:\Windows\PCFriend.INI
[2009/10/21 14:20:08 | 000,005,504 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen_x86.sys
[2009/09/17 01:33:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/17 01:33:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/31 14:00:21 | 000,185,344 | ---- | C] () -- C:\Windows\System32\MemWarp.dll
[2009/05/24 20:35:44 | 3271,306,784 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/02/13 22:51:29 | 000,000,054 | ---- | C] () -- C:\Windows\Composer.INI
[2008/10/18 21:51:53 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/10/02 21:33:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/29 18:07:22 | 000,013,176 | ---- | C] () -- C:\Users\Heather\AppData\Roaming\wklnhst.dat
[2008/02/08 21:53:39 | 000,001,356 | ---- | C] () -- C:\Users\Heather\AppData\Local\d3d9caps.dat
[2008/01/02 17:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 17:34:50 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008/01/02 17:33:40 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/10/29 14:43:50 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/10/28 18:15:43 | 000,192,512 | ---- | C] () -- C:\Users\Heather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/26 13:05:06 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2007/02/26 12:40:30 | 000,000,004 | ---- | C] () -- C:\Windows\Pix11.dat
[2007/02/26 12:28:41 | 000,547,840 | ---- | C] () -- C:\Windows\zHotkey.exe
[2007/02/26 12:28:41 | 000,532,544 | ---- | C] () -- C:\Windows\PIC.dll
[2007/02/26 12:28:41 | 000,036,864 | ---- | C] () -- C:\Windows\ShowWnd.exe
[2007/02/26 12:28:41 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2006/12/12 10:02:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/22 18:16:18 | 000,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 14:50:06 | 000,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 002,316,368 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,617,088 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,111,958 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/07/14 15:35:46 | 000,021,504 | ---- | C] () -- C:\Windows\System32\WBCustomizer.dll
[2006/06/23 13:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2006/06/11 20:01:15 | 000,352,256 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe
[1998/10/11 00:07:38 | 000,088,576 | ---- | C] () -- C:\Windows\System32\Iticheck.dll
========== LOP Check ==========
[2010/06/17 21:59:35 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\acccore
[2010/02/28 01:28:49 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Big Fish Games
[2010/03/01 00:25:51 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Boomzap
[2010/06/16 13:00:40 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\com.howardbaines.alertthingy.0748309D110A93659DC7033729E261921C112CEF.1
[2010/02/27 02:55:59 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\ERS G-Studio
[2009/11/22 16:25:39 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\eurotalk
[2010/11/26 21:10:21 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Greyfirst
[2008/05/15 23:14:01 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\InterTrust
[2008/07/12 13:28:06 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Ludia
[2010/01/10 13:29:24 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\NetMedia Providers
[2009/09/02 18:18:04 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Peace Craft
[2009/08/30 13:03:23 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\PlayFirst
[2010/08/11 00:55:25 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Publish Providers
[2010/11/14 03:28:37 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Research In Motion
[2010/09/09 13:29:55 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Rogers Online Protection
[2007/10/29 14:13:44 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\SampleView
[2010/08/27 16:20:19 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Sony
[2008/05/29 18:07:25 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Template
[2010/05/24 15:30:04 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/04/09 02:04:45 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Uniblue
[2011/03/20 12:22:58 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\uTorrent
[2010/02/27 18:32:33 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Virtual Prophecy
[2010/03/03 11:37:35 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\webex
[2011/03/19 15:54:38 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\AdvancedDefrag Schedule.job
[2011/03/22 23:45:27 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:DFC5A2B2
< End of report >
OTL Extras logfile created on: 23/03/2011 11:21:00 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Heather\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy
1,013.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 33.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.16 Gb Total Space | 124.46 Gb Free Space | 55.77% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 4.30 Gb Free Space | 44.26% Space Free | Partition Type: NTFS
Computer Name: ALYSSAS-PC | User Name: Heather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.js [@ = JSFile] --
.scr [@ = scrfile] -- "%1" /s
.vbs [@ = VBSFile] --
[HKEY_USERS\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found
.ini [@ = inifile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] --
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
vbsfile [open] --
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2649331228-3696308728-864307741-1001]
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2649331228-3696308728-864307741-500]
"EnableNotificationsRef" = 2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00631E44-6F85-47EF-A942-16DB521B9E1D}" = lport=6940 | protocol=6 | dir=in | name=bittorent60 |
"{00CBC49E-9452-4995-B771-654906B803BE}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{02EB6C4E-C375-4B8B-B71D-08EFA3D1518E}" = lport=6892 | protocol=6 | dir=in | name=bittorent12 |
"{03C03A2C-2E0A-4974-A85C-A0CA826E07FB}" = lport=6941 | protocol=6 | dir=in | name=bittorent61 |
"{07CBBC6C-835E-43E3-B15A-004569C8E385}" = lport=6999 | protocol=6 | dir=in | name=bittorent119 |
"{0BA02A6E-7C32-4DE0-BE36-F8F8A9C7584B}" = lport=6997 | protocol=6 | dir=in | name=bittorent117 |
"{0C37DBF5-A5EE-4B22-BE7C-AC9730A00A21}" = lport=6920 | protocol=6 | dir=in | name=bittorent40 |
"{0CD82CFC-91FA-4747-938C-7089AFCE3A11}" = lport=6966 | protocol=6 | dir=in | name=bittorent86 |
"{0E4CC042-85AD-473E-A566-3DBEFE8A1BD6}" = lport=6883 | protocol=6 | dir=in | name=bittorent3 |
"{0F52C097-32C3-487D-9E6C-8DB1A3DCC554}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{0FC2308D-2F19-48E7-BAE8-166EF63B266F}" = lport=6912 | protocol=6 | dir=in | name=bittorent32 |
"{12315F29-66D1-42C7-B19A-F68497314478}" = lport=6985 | protocol=6 | dir=in | name=bittorent105 |
"{128B8C77-2329-4F46-ACDD-A3A16157C8A6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1389F7C1-2316-4871-B778-F5E77CB10BC6}" = lport=6992 | protocol=6 | dir=in | name=bittorent112 |
"{15383C2B-2B9C-43A3-9DD6-F6B1CA48E3E9}" = lport=6917 | protocol=6 | dir=in | name=bittorent37 |
"{1584B953-F8B3-4AB0-8147-134198D22DB3}" = lport=6983 | protocol=6 | dir=in | name=bittorent103 |
"{169E2250-7362-4EE9-92D7-AD50DD75AE46}" = lport=6939 | protocol=6 | dir=in | name=bittorent59 |
"{1862E67E-08A6-4F8D-BCE8-7CF4859EB036}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1E002608-04C1-4153-960D-2AE377D7D49D}" = lport=6989 | protocol=6 | dir=in | name=bittorent109 |
"{1EFF94DE-CA64-4A18-B28E-37A612893EA8}" = lport=6914 | protocol=6 | dir=in | name=bittorent34 |
"{20F45358-2CFC-4BCC-849A-E809354C35EA}" = lport=6885 | protocol=6 | dir=in | name=bittorent5 |
"{25195ECD-5094-49F3-8765-5BCEB0ECC1E0}" = lport=6942 | protocol=6 | dir=in | name=bittorent62 |
"{2539F0F4-E5E2-4D82-A57B-BAFF68B229C5}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{266C348F-AC28-4B8D-8F2C-7F1E32F2B483}" = lport=6996 | protocol=6 | dir=in | name=bittorent116 |
"{28E4BCD1-4021-4D8A-BFA7-159BCE970D51}" = lport=6881 | protocol=6 | dir=in | name=bittorent1 |
"{29BA372E-9D59-4DCB-A6B6-CA5364D3823C}" = lport=6990 | protocol=6 | dir=in | name=bittorent110 |
"{2DAAA581-BCE8-45D0-A196-EB0263D1506D}" = lport=6899 | protocol=6 | dir=in | name=bittorent19 |
"{33CB5544-480A-4BFB-AB16-13D282BB9427}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{33D0F9B5-EAE9-428B-BCB5-C9A3299B9A63}" = lport=6898 | protocol=6 | dir=in | name=bittorent18 |
"{356E8B0C-9272-45C3-9B20-00164D99C60A}" = lport=6969 | protocol=6 | dir=in | name=bittorent89 |
"{3919EC22-2D8C-4BF6-BC67-477511973E37}" = lport=6974 | protocol=6 | dir=in | name=bittorent94 |
"{39739EEF-9F92-47C1-B1E7-BE7252A7DDC9}" = rport=138 | protocol=17 | dir=out | app=system |
"{3E223512-1496-433E-9139-86670720286A}" = lport=6919 | protocol=6 | dir=in | name=bittorent39 |
"{3E53834A-8BBA-4B32-B9B6-1C042078F052}" = lport=6893 | protocol=6 | dir=in | name=bittorent13 |
"{448FC004-6283-42BB-B774-3B3CF52FC630}" = lport=6934 | protocol=6 | dir=in | name=bittorent54 |
"{44FA635F-9331-4E5E-8325-78A8ABE73D67}" = lport=6936 | protocol=6 | dir=in | name=bittorent56 |
"{46264FB0-0B76-48CF-91B5-7EA87C6E9427}" = lport=6962 | protocol=6 | dir=in | name=bittorent82 |
"{46B564E3-30CA-4844-A1A3-2E23A7F2140D}" = lport=6978 | protocol=6 | dir=in | name=bittorent98 |
"{48B4EF76-B222-4426-9720-CB3B26115C22}" = lport=6956 | protocol=6 | dir=in | name=bittorent76 |
"{48FF0362-EFA0-4C95-99CB-F0C43F1E0D39}" = lport=6943 | protocol=6 | dir=in | name=bittorent63 |
"{4A94F4EE-4801-4404-BEA3-F956749F0327}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv™ media server upnp discovery |
"{4E1AB6B7-9A2E-47A4-ACB8-7B6C5539B570}" = lport=6889 | protocol=6 | dir=in | name=bittorent9 |
"{51865A1F-31D4-4B35-AE3A-7FE77A8935C7}" = lport=6894 | protocol=6 | dir=in | name=bittorent14 |
"{5233F1F6-2BB0-4482-A003-448D008E5892}" = lport=6897 | protocol=6 | dir=in | name=bittorent17 |
"{5299DBF9-1097-4A86-8122-D83E6E053288}" = lport=6970 | protocol=6 | dir=in | name=bittorent90 |
"{52ADA088-7577-473F-B31F-C48A22540511}" = lport=6977 | protocol=6 | dir=in | name=bittorent97 |
"{54DBE442-3D0C-481B-82AE-32DC23EF6A9A}" = lport=6959 | protocol=6 | dir=in | name=bittorent79 |
"{54EE3590-4AFD-454F-A53A-3D0E4FEC4BB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{57242043-113C-40BA-8298-F0A378A83C5E}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{589C2907-6AF6-46E4-A453-DBBC86ED3E51}" = lport=6993 | protocol=6 | dir=in | name=bittorent113 |
"{5B137439-F68A-4DAE-8800-10F4D201B447}" = lport=6986 | protocol=6 | dir=in | name=bittorent106 |
"{5BBF64AE-10D8-4645-A438-085689FC7908}" = lport=6905 | protocol=6 | dir=in | name=bittorent25 |
"{5D22CB8D-6B54-4A17-8532-CD85A4C0DDA9}" = lport=6900 | protocol=6 | dir=in | name=bittorent20 |
"{5E4745B3-75EC-4A68-8DF7-6B934F13C9EC}" = lport=6913 | protocol=6 | dir=in | name=bittorent33 |
"{5E6A62D0-3203-4DF6-AA1F-F484A5B59D42}" = lport=6984 | protocol=6 | dir=in | name=bittorent104 |
"{5FF5AA5F-E3B1-4C66-A2B2-D15BAD455EAB}" = lport=6976 | protocol=6 | dir=in | name=bittorent96 |
"{6413F9B1-9297-408E-A38F-E2B410DF3A3D}" = lport=6927 | protocol=6 | dir=in | name=bittorent47 |
"{64652868-F99D-48E6-8384-D367EBFFE108}" = lport=6925 | protocol=6 | dir=in | name=bittorent45 |
"{64FC4D0F-5D52-4919-A7F5-7FC185913FF8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6B349217-76FA-41CA-B113-775F53C167C3}" = lport=6945 | protocol=6 | dir=in | name=bittorent65 |
"{6BD169F2-91CD-47C1-8825-2DFD384CF939}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6C695D17-58F5-43F1-9E2E-729D6C2CF8E9}" = lport=6949 | protocol=6 | dir=in | name=bittorent69 |
"{6DFC38B9-8933-4A8D-94C2-19607DC5C38D}" = lport=6981 | protocol=6 | dir=in | name=bittorent101 |
"{71A4CDC9-E994-4284-890E-7D3F93E82A53}" = lport=6882 | protocol=6 | dir=in | name=bittorent2 |
"{7269B113-CBAE-43A5-B87F-0692B2EE3AF2}" = lport=6960 | protocol=6 | dir=in | name=bittorent80 |
"{7312ED0D-84D8-4212-BD20-167CA05AC9B1}" = lport=6967 | protocol=6 | dir=in | name=bittorent87 |
"{74797560-674F-475E-9673-475CB322F601}" = lport=6961 | protocol=6 | dir=in | name=bittorent81 |
"{7ABEFBB8-CA36-4C02-8043-C5E6A88C9D0E}" = lport=6937 | protocol=6 | dir=in | name=bittorent57 |
"{7BB30492-61E9-4962-8FC9-051F646885A5}" = lport=6896 | protocol=6 | dir=in | name=bittorent16 |
"{7D51E263-AB35-484C-A003-6C07A78282C0}" = lport=6911 | protocol=6 | dir=in | name=bittorent31 |
"{7D90985C-595C-422A-85B6-E09371F98E8A}" = rport=445 | protocol=6 | dir=out | app=system |
"{80B035D7-C4B7-43FD-8F35-821698426734}" = lport=6915 | protocol=6 | dir=in | name=bittorent35 |
"{81423F46-4ADE-4725-A743-727CDC51355A}" = lport=6902 | protocol=6 | dir=in | name=bittorent22 |
"{83A9F744-AEA0-4DBA-8063-4BE659596580}" = lport=6948 | protocol=6 | dir=in | name=bittorent68 |
"{85A9C943-D47A-4645-A78E-6495967E9047}" = lport=6954 | protocol=6 | dir=in | name=bittorent74 |
"{8794FA4C-7582-4825-8402-9CE03474252A}" = lport=6928 | protocol=6 | dir=in | name=bittorent48 |
"{8901265F-B153-41D2-8C5B-BA39AB96A8A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{89C02BD5-0905-418D-899E-50F41C98A11C}" = lport=6921 | protocol=6 | dir=in | name=bittorent41 |
"{8B36CB6B-5E39-4330-8A20-56756299FFFA}" = lport=137 | protocol=17 | dir=in | app=system |
"{8B432914-E4E7-430C-8716-51A876675060}" = lport=6891 | protocol=6 | dir=in | name=bittorent11 |
"{8B8704A0-3437-4AF0-8677-DCD1E4B9A0AA}" = lport=445 | protocol=6 | dir=in | app=system |
"{8F7FB897-F7B1-4CD4-8C20-E032E58295E3}" = lport=6950 | protocol=6 | dir=in | name=bittorent70 |
"{9136579B-814D-494D-869C-F75D2F5B2598}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{92789AF9-DACE-48E6-AAEE-68FFB71FA147}" = lport=6951 | protocol=6 | dir=in | name=bittorent71 |
"{92F0CCE2-CB53-463D-9B13-A226AD6EFC91}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{93CB3A80-FFFF-4026-8E03-D558DAA90481}" = lport=6953 | protocol=6 | dir=in | name=bittorent73 |
"{93CB79FF-C4A0-4061-96A6-7423C39948B9}" = lport=6904 | protocol=6 | dir=in | name=bittorent24 |
"{94BB2065-B489-47C8-BF03-52F6D912C979}" = lport=6916 | protocol=6 | dir=in | name=bittorent36 |
"{96E14FCA-DD94-4172-83C5-5053A15A5835}" = lport=6958 | protocol=6 | dir=in | name=bittorent78 |
"{978F2581-88DA-401B-A854-A568209D9761}" = lport=6995 | protocol=6 | dir=in | name=bittorent115 |
"{97D7571A-603C-4D2F-9D2F-54923E5CE848}" = lport=6929 | protocol=6 | dir=in | name=bittorent49 |
"{9842127F-B13C-48A1-881B-ED8B9DF8072B}" = lport=6926 | protocol=6 | dir=in | name=bittorent46 |
"{9C2EA139-E1CC-454D-ADF4-744F6FFC1CDF}" = lport=6979 | protocol=6 | dir=in | name=bittorent99 |
"{9FDE3AE5-2FF8-490B-8F23-D96025A87CB4}" = lport=6973 | protocol=6 | dir=in | name=bittorent93 |
"{A23D5762-AB40-4306-8191-D343CEC78400}" = lport=6964 | protocol=6 | dir=in | name=bittorent84 |
"{A3F647E0-225E-4035-89FE-5F4B32AD734F}" = lport=6907 | protocol=6 | dir=in | name=bittorent27 |
"{A48CBB6E-F954-4A94-8A8D-DE674FF12407}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{A6AD2231-FC90-440A-8C07-1F8067DD5F10}" = lport=6931 | protocol=6 | dir=in | name=bittorent51 |
"{A7D3C3E4-1751-46D8-8E62-E6BCF2B89220}" = lport=6975 | protocol=6 | dir=in | name=bittorent95 |
"{A9EBA039-E972-485D-89B9-8DF997A315F4}" = lport=6890 | protocol=6 | dir=in | name=bittorent10 |
"{ABEDA75B-186C-4C14-B202-3866BA8A97AE}" = lport=6991 | protocol=6 | dir=in | name=bittorent111 |
"{ACE9080F-1B8B-4E19-9B83-DB9102DDE871}" = lport=6923 | protocol=6 | dir=in | name=bittorent43 |
"{AE87D46E-6CE9-4E8F-9E7C-0EF15203F774}" = lport=6895 | protocol=6 | dir=in | name=bittorent15 |
"{B2DDA28B-96F3-4E91-BA09-39BF06AAAA51}" = lport=6980 | protocol=6 | dir=in | name=bittorent100 |
"{B3B0FBB0-706A-4AC7-826B-F13FA78EB0FE}" = lport=6924 | protocol=6 | dir=in | name=bittorent44 |
"{B3E7DB9E-5104-47EC-845E-2032A1F995BA}" = lport=6888 | protocol=6 | dir=in | name=bittorent8 |
"{B54CA444-89B5-43FA-A2AD-D37345585264}" = lport=6955 | protocol=6 | dir=in | name=bittorent75 |
"{B636C835-E768-4087-8B8E-FDF4FCE902E2}" = lport=6982 | protocol=6 | dir=in | name=bittorent102 |
"{B7BE0E44-1721-4053-A761-C2E5BF5B5DBE}" = lport=6947 | protocol=6 | dir=in | name=bittorent67 |
"{B841F180-3B59-468C-B5E3-203F875B32BB}" = lport=6987 | protocol=6 | dir=in | name=bittorent107 |
"{BBE5AE6B-A5F4-4D66-BA26-AEA78837012A}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv™ media server discovery |
"{BE1FE52A-8DFE-4AAF-B05E-9DBD1614EFC5}" = lport=6933 | protocol=6 | dir=in | name=bittorent53 |
"{C0F6947D-12A2-461F-B479-BFF7C5A3F178}" = lport=6935 | protocol=6 | dir=in | name=bittorent55 |
"{C2013053-C9F0-43A0-AFC4-97C69F83C9A8}" = lport=6963 | protocol=6 | dir=in | name=bittorent83 |
"{C27778A5-025B-4189-A176-7E004DBCE2D0}" = lport=6884 | protocol=6 | dir=in | name=bittorent4 |
"{C27C7987-A8FF-442A-AC38-2AC3B8731FDC}" = lport=6971 | protocol=6 | dir=in | name=bittorent91 |
"{C4790358-474B-4621-A5F4-0BE4A9A825E2}" = lport=6906 | protocol=6 | dir=in | name=bittorent26 |
"{C47C2DEA-0AAA-4522-96DC-C9B557E6F220}" = lport=6922 | protocol=6 | dir=in | name=bittorent42 |
"{C6304272-2167-4730-AAE9-ED6A4AA65B71}" = lport=6938 | protocol=6 | dir=in | name=bittorent58 |
"{C86D41DB-F4B0-4273-8588-9425E2FDD112}" = lport=6965 | protocol=6 | dir=in | name=bittorent85 |
"{C9160954-FA50-40DD-9EDF-95CD0E256FAF}" = lport=6886 | protocol=6 | dir=in | name=bittorent6 |
"{CE72245A-46AD-41EE-84B6-0E0CB30B7838}" = lport=6994 | protocol=6 | dir=in | name=bittorent114 |
"{CFD03BB7-B2E3-40DF-A391-B5990442338E}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{D1E7A9D7-E857-436F-B3D8-D6CE4E8829D1}" = lport=6909 | protocol=6 | dir=in | name=bittorent29 |
"{D207B577-242D-4CD2-8051-F2F583504F6C}" = lport=6968 | protocol=6 | dir=in | name=bittorent88 |
"{D523691E-C94C-49DC-8133-EB53A9E3D89D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D6A0C049-5F42-49DD-90D7-D1D31B7C67C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{D6F919F3-BB1F-4DED-8BD4-A1B644B38B3B}" = lport=6957 | protocol=6 | dir=in | name=bittorent77 |
"{D7294AD7-46C4-4B3C-9037-042F206E803C}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{D8A4A1CC-6100-4BDB-8BDE-9A738C04B3F5}" = lport=6903 | protocol=6 | dir=in | name=bittorent23 |
"{D8E78110-D436-42D7-9381-19CBE891540F}" = lport=6952 | protocol=6 | dir=in | name=bittorent72 |
"{D9F04B95-4159-43D5-8C0E-3F594BCE81EF}" = lport=6988 | protocol=6 | dir=in | name=bittorent108 |
"{E3A93D8D-7339-4BD4-9BE0-3DD2A39E2389}" = lport=6932 | protocol=6 | dir=in | name=bittorent52 |
"{E71C675E-2E2F-4F27-AFED-9E08B8CD7C2D}" = lport=6930 | protocol=6 | dir=in | name=bittorent50 |
"{E74CECCA-019C-4942-B41D-6C442F28352B}" = lport=6908 | protocol=6 | dir=in | name=bittorent28 |
"{EA32A4AB-8EA0-4B9D-8447-B962AA6B0469}" = lport=6910 | protocol=6 | dir=in | name=bittorent30 |
"{ECDD1D6F-681D-4207-BE7E-50B031505C82}" = lport=6887 | protocol=6 | dir=in | name=bittorent7 |
"{F28FE880-77C9-4C5E-B64D-D792DBE1B182}" = lport=138 | protocol=17 | dir=in | app=system |
"{F5241192-FF55-42BD-9B63-661361D5583D}" = lport=6901 | protocol=6 | dir=in | name=bittorent21 |
"{F5BCBC1A-5E49-402A-9804-B97266F78698}" = lport=6998 | protocol=6 | dir=in | name=bittorent118 |
"{F6A2DDF3-C8AF-4302-9F8D-C911367CAEE3}" = lport=6946 | protocol=6 | dir=in | name=bittorent66 |
"{F7268CA2-5958-41E7-B374-65E2741A963C}" = lport=6972 | protocol=6 | dir=in | name=bittorent92 |
"{F7574C9D-D11E-4FFE-87B3-8F093884BF04}" = lport=6944 | protocol=6 | dir=in | name=bittorent64 |
"{F9E3AB8E-9F06-4971-9647-5E58446D3740}" = lport=6918 | protocol=6 | dir=in | name=bittorent38 |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013FCE0D-3E3D-417D-BD9C-A48C8FA621BE}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{0560800F-9AC6-4CB5-A825-A01E46D127E9}" = protocol=6 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{05A7932A-D78F-45A2-9719-8168D45AF570}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{0C7B6684-3F4D-413F-96D8-805CBA2F0DDA}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{122B1A5B-240C-423C-86A9-3D9B6E871EF5}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{14ECC95F-3552-423A-8371-FFDF0599148C}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{157ACAA7-7D39-47E5-964C-BBFD73844138}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{15FFF8BC-17C4-4BAF-B3FB-D1C283CC86CD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1D576A96-D0FC-4031-8891-E4CAC1A7989D}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{220C4876-ED68-44F6-8A39-B1D4DFD99EE8}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{257A0C09-898A-453A-B6FC-FD8667FF15E2}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{2F29D2BD-E90C-438F-A355-959008CB8C4E}" = protocol=17 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{3456131C-6D9D-4842-B0B6-1FDA62C07DC0}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{34FF9943-EB11-4E4E-BB48-CDBBB63C73AA}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{357A7663-B4C3-4809-AF3C-E7BE2B6CCBE3}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{3A73AA09-EA44-4157-910F-D74FAEB603A7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{404AB1A1-48A4-491B-A9F9-F861AF47B93E}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{421876B5-9D59-4292-B0D4-9B50E042ED59}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{44F99B38-D36D-4933-8908-55660D1A2D0B}" = protocol=17 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flymonitor.exe |
"{45EA4A04-D099-4C36-B65E-7CCE9E9C14C9}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{53CC53B2-3CF2-4DAB-83AF-A0AE5C58B09C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{53F1A75F-8D72-4226-8850-2420BDCE1229}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{593F7820-FA59-4A87-AAAE-9402D2828ECC}" = protocol=58 | dir=out | [email protected],-28546 |
"{5BBBF519-5A0F-4B9E-B4E0-C94AEF09A968}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{5CB511B6-CDCF-4CBC-A1D2-5D600F5940CC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{62D5E13C-FD98-4F44-9845-C6BD4B82C4DC}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{62E0CAC8-1A4C-4E76-BD92-BCAF04F664FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{671C0246-D60D-4E6A-A897-2BF3B7D8219D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6F7F37D7-129D-4281-811C-910FE888928E}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{740C8416-7216-41FB-BB34-B7FFC00CEA2E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{742C0EB2-A621-48B5-9D29-EE5B965D646F}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{791B4B4D-B19E-4D58-8D6A-B30AF0703F1B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7995E2AA-5DD9-4089-9A1F-1C17481A5064}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{7F164539-6F1D-4712-81C1-2D342AE70FE6}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{87A9CAC2-A551-4E97-A2F3-EBE7523F2B78}" = protocol=6 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{920C54CA-03EA-496D-A4CB-35430C97A62A}" = protocol=6 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flymonitor.exe |
"{9903C47C-6B1D-43EE-A67E-CC663008DE81}" = protocol=1 | dir=in | [email protected],-28543 |
"{9C402C81-45C4-411A-94F8-23A86BA58094}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{9EAD921A-2B11-4EAE-A191-5ECE128D4AB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A28D1B25-EE61-4524-B438-89654C8771C1}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A3AB168A-4F0B-4FC1-89EC-C2054F3BF42D}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{AE6AFF60-4406-4634-AA97-3B4C052EF9C9}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{B14797DB-7EC5-482E-8660-D246EF8C8FF1}" = protocol=6 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flyworld.exe |
"{B480139E-C575-4C62-8AA4-7FCC0172665D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B708B4ED-89C7-419F-9F94-4238C1B4B0D9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BF904914-40EB-4DF3-9398-5D3A437BCFAD}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{C0664700-15F1-4AA4-A857-A1D4804688C9}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{C0DD821B-70C5-42ED-B0B2-2C06C7A2577E}" = protocol=17 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{D02CF58E-A8A0-4C60-8D5B-C11ECA2A30A7}" = protocol=1 | dir=out | [email protected],-28544 |
"{D41B76CF-B724-4498-A406-5FB01083A0C3}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DC36ACB3-D5F9-4579-8CFD-62274534C0E8}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{E43FC36D-131B-467C-B4B3-25EEE79162CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7079120-90FC-4E06-928A-1D54A9D2B488}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{EBB66FBB-9349-40BB-A30D-31B812262DD2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F263CFEC-C26F-4016-BB64-59F01FC1105C}" = protocol=58 | dir=in | [email protected],-28545 |
"{F7F151C7-6272-4F7E-BEE5-0386ADBC72A8}" = protocol=17 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flyworld.exe |
"{F8AEBE1A-761A-4CC9-9125-5B602DE040CB}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{FE941D76-5E91-4C13-AAAA-07AC744CEBF3}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{FF8EA31F-1ED2-4A44-8AF1-482336E78CA3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"TCP Query User{83BB59DD-4667-41BB-BB66-179254F026D0}C:\users\public\desktop\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\users\public\desktop\limewire\limewire.exe |
"TCP Query User{897B3907-5FEC-436D-850B-830508EFFCED}C:\users\heather\desktop\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\users\heather\desktop\limewire\limewire.exe |
"UDP Query User{3BCE407B-AF5A-42E2-9562-F37AF0690F88}C:\users\heather\desktop\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\users\heather\desktop\limewire\limewire.exe |
"UDP Query User{7E806297-5E59-415B-858E-4C382E621426}C:\users\public\desktop\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\users\public\desktop\limewire\limewire.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{107254A0-0ADF-11D4-9397-00D0B7020B38}" =
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 23
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel® Viiv™ Software
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316CDA1E-4760-4772-94B0-0FFC56D85700}" = RPS CRT
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A783E8-DC11-427F-A56C-8ED43EEC0695}" = RPS CRT
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35AE9CC9-10A3-4A24-87DF-A6A99BDC1969}" = Rogers Online Protection
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{4449B83C-1257-4355-8F3E-71280E922B5F}" = Intel® Network Connections 14.7.23.0
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}" = Sony Media Manager 2.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}" = USB Disk Win98 Driver
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{548B7B4A-B4F6-4074-A2D2-40154DC906B5}" = RPS PerfectDiskStub
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway" = WildTangent Games App (Gateway Games)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779C01A3-8466-499D-88FC-EB820EB3AC51}" = RPS RpsCore
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}" = BlackBerry Desktop Software 6.0.1
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F6333AB7-7C1F-4817-9805-40E048F95C7B}_is1" = AdvancedDefrag 4.2
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"Akamai" = Akamai NetSession Interface
"avast" = avast! Internet Security
"AviSynth" = AviSynth 2.5
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.1
"Burger Shop 2 1.00" = Burger Shop 2 1.00
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"FLY World" = FLY World
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"Hells Kitchen_is1" = Hells Kitchen
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Intel® Configuration Center" = Intel® Viiv™ Software
"LSI Soft Modem" = LSI PCI-SV92PP Soft Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2006b" = Microsoft Money 2006
"Peggle Nights Deluxe 1.0" = Peggle Nights Deluxe 1.0
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"PowerISO" = PowerISO
"PROSetDX" = Intel® Network Connections 14.7.23.0
"RadialpointClientGateway_is1" = Rogers Servicepoint Agent 3.7.44
"RealPlayer 6.0" = RealPlayer
"Registry Patrol" = Registry Patrol
"Rogers Client CD" = Rogers Client CD 1.0
"setup" = Rogers Yahoo! Client CD (remove only)
"SHS" = Rogers Self Healing Software (remove only)
"UnityWebPlayer" = Unity Web Player
"Update Manager" = Update Manager (remove only)
"WildTangent gateway Master Uninstall" = Gateway Games
"WinLiveSuite" = Windows Live Essentials
"WT076454" = Burger Shop 2
"WT076616" = My Kingdom for the Princess
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ==========
Error: Unable to start EventLog service!
< End of report >
Edited by logicallady, 23 March 2011 - 09:41 AM.
Sign In
Create Account
