Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

I'm freaking out: TOTALLY UNSECURED


  • Please log in to reply

#1
logicallady

logicallady

    New Member

  • Member
  • Pip
  • 1 posts
Good evening,

For the last several weeks my pc has been very slow; 2 days ago i took action to start cleaning up (media) files to see if it would run faster. Once I finished deleting the files I ran disk clean up and followed it with disk defragmentor. I had a program (I have removed it now) call driver checker, ran this program and it stated one of my intel drivers needed updating...so I went to the intel site to do a scan to ensure an update was actually needed, prior to scaning it stated that I would need to update java and to temporarily allow pop ups to run the scan. I did this, however when I tried to preform the scan it said java needed an older version (?) anyhow I just decided to forget checking the driver any further and closed down the pc for the night.
The following day when I logged on to continue my cleansing efforts non of my security programs worked. A friend recommended installing avast and doing a scan, I did a quick scan nothing was found; i then did a deep scan and 2 music files were infected so I "put them in the chest" and applied. It then advised that a boot scan would be required and to restart the pc for this to take place. When the boot scan was running there was about 8 infected files found at which point I deleted (the one I had some question about deleting was located in system32/seekeen My friend did a search on it and told me it was safe to delete so I did. I was so confident that when the desktop loaded I'd be all set.....not even close.
I searched through files and did some research to find out how I could get the windows security to work...went through some process and found the file exe pertaining to security center and when I clicked on it nothing happened (I should mention that when viewing the source of the file it did not state microsoft as the company).
I went to the microsoft site to see if there was anything I could download to correct this, they had a free scanner available which I used and it detected and deleted several more corrupt files....still no fix. After reading numerous posts on your forum I installed hijackthis and ran several reports however it would not allow a log to be created. I saw everyone advising to use Malwarebytes-Antimalware so I downloaded and ran a scan, there was another 2 trojans, 2 adwares, and another type of corrupt file so I had malware take steps to resolve these issues. Rescanned and results came back as 0 infected files. When the pc restarted still no end result for my anti-spyware problems.
I then downloaded the inherit program recommended to one of the others experiencing similar problems however this program would not launch.

I need some help please!!

here is the log from Malwarebytes-Antimalware:


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6133

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8080.16413

22/03/2011 3:21:47 PM
mbam-log-2011-03-22 (15-21-46).txt

Scan type: Quick scan
Objects scanned: 171844
Time elapsed: 17 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RkHit (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.TryMedia) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: () Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\System32\drivers\RKHit.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\$RECYCLE.BIN\s-1-5-21-2649331228-3696308728-864307741-1001\$RGYXT6B.exe (Adware.TryMedia) -> Quarantined and deleted successfully.


Thank you.


Additional: I have just run an OTL scan for your assessment as well:


OTL logfile created on: 23/03/2011 11:21:00 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Heather\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,013.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 33.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.16 Gb Total Space | 124.46 Gb Free Space | 55.77% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 4.30 Gb Free Space | 44.26% Space Free | Partition Type: NTFS

Computer Name: ALYSSAS-PC | User Name: Heather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Heather\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgentComHandler.exe (Radialpoint Inc.)
PRC - C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RPS.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\bin\AVGIDSMonitor.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe (Intel® Corporation)
PRC - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
PRC - C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)


========== Modules (SafeList) ==========

MOD - C:\Users\Heather\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Program Files\AVAST Software\Avast\snxhk.dll (AVAST Software)
MOD - C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80ENU.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll (Microsoft Corporation)
MOD - C:\Program Files\Rogers Backup Manager\VaultClientMenu.dll (Radialpoint SafeCare Inc.)
MOD - C:\Program Files\Rogers Backup Manager\VaultClientCOM.dll (Radialpoint SafeCare Inc.)
MOD - C:\Program Files\Rogers Backup Manager\libexpat.dll ()
MOD - C:\Windows\System32\msshsq.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll (Microsoft Corporation)
MOD - C:\Windows\System32\duser.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_d76cf65.dll ()
SRV - (BBSvc) -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
SRV - (ServicepointService) -- C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (GamesAppService) -- C:\Program Files\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (Radialpoint Security Services) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SRV - (RP_FWS) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
SRV - (VaultClientUpgrade) -- C:\Program Files\Rogers Backup Manager\VaultClientUpgrade.exe (Radialpoint SafeCare Inc.)
SRV - (VaultClientSRV) -- C:\Program Files\Rogers Backup Manager\VaultClientSRV.exe (Radialpoint SafeCare Inc.)
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_98f8d2d0\stacsv.exe (IDT, Inc.)
SRV - (RadialpointIDSAgent) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (scan) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\scan.dll (S.C. BitDefender S.R.L)
SRV - (PDEngine) -- C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe (Raxco Software, Inc.)
SRV - (PDAgent) -- C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe (Raxco Software, Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AlertService) Intel® -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel® Corporation)
SRV - (Remote UI Service) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel® Corporation)
SRV - (MCLServiceATL) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel® Corporation)
SRV - (ISSM) Intel® -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel® Corporation)
SRV - (M1 Server) Intel® Viiv™ -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)


========== Driver Services (SafeList) ==========

DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (aswNdis) -- C:\Windows\system32\DRIVERS\aswNdis.sys (ALWIL Software)
DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation)
DRV - (RPSKT) Security Services Driver (x86) -- C:\Windows\System32\drivers\rp_skt32.sys (Radialpoint Inc.)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (Trufos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\trufos.sys (BitDefender S.R.L.)
DRV - (Profos) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\BitDefender\profos.sys (BitDefender S.R.L.)
DRV - (RadialpointIDSDriver) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSDriver.sys (AVG Technologies )
DRV - (RadialpointIDSFilter) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSfilter.sys (AVG Technologies )
DRV - (RadialpointIDSShim) -- C:\Program Files\Rogers Online Protection\Rogers Online Protection\AVG\Identity Protection\agent\drivers\AVGIDSShim.sys (AVG Technologies )
DRV - (RadialpointIDSEH) -- C:\Windows\system32\drivers\AVGIDSEH.sys (AVG Technologies )
DRV - (bdfsfltr) -- C:\Windows\system32\drivers\bdfsfltr.sys (BitDefender S.R.L. Bucharest, ROMANIA)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corporation)
DRV - (DefragFS) -- C:\Windows\System32\drivers\DefragFs.sys (Raxco Software, Inc.)
DRV - (USB_RNDIS) -- C:\Windows\System32\drivers\usb8023.sys (Microsoft Corporation)
DRV - (FlyUsb) -- C:\Windows\System32\drivers\FlyUsb.sys (LeapFrog)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (NETw2v32) Intel® -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (nmsgopro) -- C:\Windows\System32\drivers\nmsgopro.sys (Gteko Ltd.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ca.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com


IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Default_page_URL = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.gateway.c...ys=DTP&M=GT5428
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>



IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsof...arch/search.asp
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: [email protected]:0.1.2008d
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: emoticons-msn-smileys[email protected]:0.1
FF - prefs.js..extensions.enabledItems: [email protected]:2.0.0
FF - prefs.js..extensions.enabledItems: [email protected]:0.9
FF - prefs.js..extensions.enabledItems: [email protected]:1.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.5

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/01/03 02:23:40 | 000,000,000 | ---D | M]

[2010/11/26 21:13:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heather\AppData\Roaming\Mozilla\Extensions
[2010/11/26 21:13:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heather\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/05/24 13:09:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heather\AppData\Roaming\Mozilla\Extensions\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]
File not found (No name found) -- C:\USERS\HEATHER\DESKTOP\RAPUNZEL- SEARS PLAY\EXTENSIONS\[email protected]

O1 HOSTS File: ([2008/09/11 02:22:53 | 000,264,251 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 136136.net
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 127.0.0.1 163ns.com
O1 - Hosts: 9162 more lines...
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ()
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..\Toolbar\WebBrowser: (no name) - {D0523BB4-21E7-11DD-9AB7-415B56D89593} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel® Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res.exe (ali)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\RogersAgent.exe (Rogers Cable Communications)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\Run: [Update Manager] C:\Program Files\Rogers\Update Manager\UpdateManager.exe (Rogers Cable Communications Inc. )
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002..\Run: [RogersAgent] c:\Program Files\Rogers\SelfHealing\RogersAgent.exe (Rogers Cable Communications)
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002..\Run: [Update Manager] C:\Program Files\Rogers\Update Manager\UpdateManager.exe (Rogers Cable Communications Inc. )
O4 - HKLM..\RunOnce: [*Restore] C:\Windows\System32\rstrui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\System32\WerFault.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [NoIE4StubProcessing] File not found
O4 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000..\RunOnce: [EZVInstaller] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: link = [binary data]
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: link = [binary data]
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (Intertrust Technologies, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2649331228-3696308728-864307741-1000\..Trusted Ranges: GD ([http] in Local intranet)
O15 - HKU\S-1-5-21-2649331228-3696308728-864307741-1002\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.71.255.198
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Heather\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Heather\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/13 03:17:12 | 000,000,049 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2004/04/30 20:01:00 | 000,000,053 | -HS- | M] () - D:\Autorun.inf -- [ NTFS ]
O33 - MountPoints2\J\Shell - "" = AutoRun
O34 - HKLM BootExecute: (PDBoot.exe) - C:\Windows\System32\PDBoot.exe (Raxco Software, Inc.)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.clmp3enc - C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM (CyberLink Corp.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.VP60 - C:\Windows\System32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\System32\vp6vfw.dll (On2.com)

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Exif Launcher S.lnk - Reg Error: Value error. - File not found
MsConfig - StartUpFolder: C:^Users^Heather^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe - (Sony Corporation)
MsConfig - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: FlyMonitor - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LifeCam - hkey= - key= - C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
MsConfig - StartUpReg: NapsterShell - hkey= - key= - C:\Program Files\Napster\napster.exe (Napster)
MsConfig - StartUpReg: PWRISOVM.EXE - hkey= - key= - C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SHS - hkey= - key= - C:\Program Files\Rogers\SelfHealing\SHS.exe (Rogers Cable Communications)
MsConfig - StartUpReg: SpywareCease.exe - hkey= - key= - File not found
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "startup" - 2

SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: Radialpoint Security Services - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SafeBootMin: RkHit.sys - Reg Error: Value error.
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: ServicepointService - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - File not found
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: Radialpoint Security Services - C:\Program Files\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Rogers)
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: ServicepointService - C:\Program Files\Rogers Online Protection\Rogers Servicepoint Agent\ServicepointService.exe (Radialpoint Inc.)
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {1AF1E270-843C-BDE6-B4F2-D972DD93010C} - DirectX
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4EC8E993-32C1-47F5-A07A-5B0574655AD4} - Reg Error: Value error.
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5136A0CB-A036-E544-3D7C-7075D0FDFE7B} - DirectX
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{03F5D01C-F7DB-4F1A-9389-BF06ECDE5D44} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

========== Files/Folders - Created Within 30 Days ==========

[2011/03/22 14:44:26 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Roaming\Malwarebytes
[2011/03/22 14:43:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/03/22 14:43:27 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/03/22 14:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/03/22 14:42:47 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/03/22 14:42:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/03/22 12:51:36 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/03/22 12:51:36 | 000,000,000 | ---D | C] -- C:\Users\Heather\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/03/22 11:51:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rogers Servicepoint Agent
[2011/03/22 11:08:49 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/03/22 00:11:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center
[2011/03/21 16:50:43 | 000,301,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/03/21 16:50:43 | 000,019,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/03/21 16:50:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2011/03/21 16:50:04 | 000,101,976 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011/03/21 16:42:22 | 000,192,728 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011/03/21 16:42:22 | 000,049,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/03/21 16:42:22 | 000,025,432 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/03/21 16:42:21 | 000,371,544 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/03/21 16:42:21 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/03/21 16:32:57 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011/03/21 16:32:54 | 000,040,648 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/03/21 16:32:42 | 000,190,016 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/03/21 16:23:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/03/21 16:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/03/20 23:16:40 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Cease 2011
[2011/03/03 16:25:12 | 000,000,000 | ---D | C] -- C:\Users\Heather\Desktop\101MSDCF
[2011/02/21 18:10:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Win98 Driver
[2011/02/21 18:10:37 | 000,000,000 | ---D | C] -- C:\Program Files\USB Disk Win98 Driver
[2011/02/21 17:07:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Heather\Documents\*.tmp files -> C:\Users\Heather\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/03/23 11:17:03 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2649331228-3696308728-864307741-1002UA.job
[2011/03/23 11:17:03 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2649331228-3696308728-864307741-1002Core.job
[2011/03/23 10:31:09 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/03/23 10:13:23 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/03/23 09:59:39 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/03/23 09:59:38 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/03/23 09:59:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/03/23 09:59:18 | 1063,235,584 | -HS- | M] () -- C:\hiberfil.sys
[2011/03/22 23:36:08 | 000,002,487 | ---- | M] () -- C:\Users\Heather\Desktop\HiJackThis.lnk
[2011/03/22 14:43:30 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/22 11:08:08 | 168,735,031 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/03/21 17:13:24 | 000,617,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/03/21 17:13:24 | 000,111,958 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/03/21 16:50:43 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/03/21 16:42:21 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2011/03/19 20:59:49 | 000,002,587 | ---- | M] () -- C:\Users\Heather\Desktop\Microsoft Office Word 2007.lnk
[2011/03/19 15:54:38 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\AdvancedDefrag Schedule.job
[2011/03/19 15:54:34 | 000,000,032 | ---- | M] () -- C:\Windows\__$tofn$__
[2011/03/18 03:36:45 | 000,002,052 | ---- | M] () -- C:\Users\Heather\Desktop\Google Chrome.lnk
[2011/03/18 03:36:45 | 000,002,014 | ---- | M] () -- C:\Users\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/03/14 12:53:44 | 000,192,512 | ---- | M] () -- C:\Users\Heather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/03/14 12:13:11 | 000,983,040 | -HS- | M] () -- C:\Users\Heather\Desktop\ehthumbs_vista.db
[2011/03/12 19:56:27 | 000,000,938 | ---- | M] () -- C:\Users\Heather\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2011/03/12 19:40:06 | 000,005,880 | ---- | M] () -- C:\Users\Heather\Desktop\Jar Of hearts.wlmp
[2011/03/08 21:34:45 | 000,019,244 | ---- | M] () -- C:\Windows\System32\Support.xml
[2011/03/03 22:25:24 | 000,238,349 | ---- | M] () -- C:\Users\Heather\Desktop\tumblr_lhi3puK9o21qbvlm4.gif
[2011/03/03 18:34:34 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/02/23 10:04:21 | 000,040,648 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/02/23 10:04:17 | 000,190,016 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2011/02/23 09:57:38 | 000,101,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
[2011/02/23 09:56:55 | 000,371,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2011/02/23 09:56:45 | 000,301,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2011/02/23 09:56:41 | 000,192,728 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
[2011/02/23 09:55:49 | 000,049,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2011/02/23 09:55:10 | 000,025,432 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2011/02/23 09:55:03 | 000,053,592 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2011/02/23 09:54:55 | 000,019,544 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2011/02/23 08:34:54 | 000,012,112 | ---- | M] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
[2011/02/21 21:48:02 | 001,314,944 | ---- | M] () -- C:\Users\Heather\Desktop\o_canada.mp3
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Heather\Documents\*.tmp files -> C:\Users\Heather\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/03/22 14:43:30 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/03/22 12:51:37 | 000,002,487 | ---- | C] () -- C:\Users\Heather\Desktop\HiJackThis.lnk
[2011/03/22 11:08:08 | 168,735,031 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/03/21 16:50:43 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2011/03/21 14:21:12 | 1063,235,584 | -HS- | C] () -- C:\hiberfil.sys
[2011/03/12 19:40:06 | 000,005,880 | ---- | C] () -- C:\Users\Heather\Desktop\Jar Of hearts.wlmp
[2011/03/03 22:25:34 | 000,238,349 | ---- | C] () -- C:\Users\Heather\Desktop\tumblr_lhi3puK9o21qbvlm4.gif
[2011/03/03 18:34:34 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/02/21 21:48:10 | 001,314,944 | ---- | C] () -- C:\Users\Heather\Desktop\o_canada.mp3
[2010/10/13 19:17:58 | 000,000,256 | ---- | C] () -- C:\Windows\System32\pool.bin
[2010/09/24 22:56:44 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/08/13 03:01:57 | 000,000,042 | ---- | C] () -- C:\Windows\System32\RegistryPatrolUpdates.ini
[2010/07/28 21:08:24 | 000,000,000 | ---- | C] () -- C:\Windows\PCFriend.INI
[2009/10/21 14:20:08 | 000,005,504 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen_x86.sys
[2009/09/17 01:33:50 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/17 01:33:49 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/31 14:00:21 | 000,185,344 | ---- | C] () -- C:\Windows\System32\MemWarp.dll
[2009/05/24 20:35:44 | 3271,306,784 | -HS- | C] () -- C:\Windows\System32\drivers\fidbox.dat
[2009/02/13 22:51:29 | 000,000,054 | ---- | C] () -- C:\Windows\Composer.INI
[2008/10/18 21:51:53 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2008/10/02 21:33:28 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/05/29 18:07:22 | 000,013,176 | ---- | C] () -- C:\Users\Heather\AppData\Roaming\wklnhst.dat
[2008/02/08 21:53:39 | 000,001,356 | ---- | C] () -- C:\Users\Heather\AppData\Local\d3d9caps.dat
[2008/01/02 17:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 17:34:50 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2008/01/02 17:33:40 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/10/29 14:43:50 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/10/28 18:15:43 | 000,192,512 | ---- | C] () -- C:\Users\Heather\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/26 13:05:06 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2007/02/26 12:40:30 | 000,000,004 | ---- | C] () -- C:\Windows\Pix11.dat
[2007/02/26 12:28:41 | 000,547,840 | ---- | C] () -- C:\Windows\zHotkey.exe
[2007/02/26 12:28:41 | 000,532,544 | ---- | C] () -- C:\Windows\PIC.dll
[2007/02/26 12:28:41 | 000,036,864 | ---- | C] () -- C:\Windows\ShowWnd.exe
[2007/02/26 12:28:41 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2006/12/12 10:02:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/11/22 18:16:18 | 000,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 14:50:06 | 000,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 002,316,368 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,617,088 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,111,958 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/07/14 15:35:46 | 000,021,504 | ---- | C] () -- C:\Windows\System32\WBCustomizer.dll
[2006/06/23 13:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2006/06/11 20:01:15 | 000,352,256 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe
[1998/10/11 00:07:38 | 000,088,576 | ---- | C] () -- C:\Windows\System32\Iticheck.dll

========== LOP Check ==========

[2010/06/17 21:59:35 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\acccore
[2010/02/28 01:28:49 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Big Fish Games
[2010/03/01 00:25:51 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Boomzap
[2010/06/16 13:00:40 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\com.howardbaines.alertthingy.0748309D110A93659DC7033729E261921C112CEF.1
[2010/02/27 02:55:59 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\ERS G-Studio
[2009/11/22 16:25:39 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\eurotalk
[2010/11/26 21:10:21 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Greyfirst
[2008/05/15 23:14:01 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\InterTrust
[2008/07/12 13:28:06 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Ludia
[2010/01/10 13:29:24 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\NetMedia Providers
[2009/09/02 18:18:04 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Peace Craft
[2009/08/30 13:03:23 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\PlayFirst
[2010/08/11 00:55:25 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Publish Providers
[2010/11/14 03:28:37 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Research In Motion
[2010/09/09 13:29:55 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Rogers Online Protection
[2007/10/29 14:13:44 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\SampleView
[2010/08/27 16:20:19 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Sony
[2008/05/29 18:07:25 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Template
[2010/05/24 15:30:04 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010/04/09 02:04:45 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Uniblue
[2011/03/20 12:22:58 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\uTorrent
[2010/02/27 18:32:33 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\Virtual Prophecy
[2010/03/03 11:37:35 | 000,000,000 | ---D | M] -- C:\Users\Heather\AppData\Roaming\webex
[2011/03/19 15:54:38 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\AdvancedDefrag Schedule.job
[2011/03/22 23:45:27 | 000,032,582 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >



OTL Extras logfile created on: 23/03/2011 11:21:00 AM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\Heather\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8080.16413)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

1,013.00 Mb Total Physical Memory | 331.00 Mb Available Physical Memory | 33.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 57.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 223.16 Gb Total Space | 124.46 Gb Free Space | 55.77% Space Free | Partition Type: NTFS
Drive D: | 9.72 Gb Total Space | 4.30 Gb Free Space | 44.26% Space Free | Partition Type: NTFS

Computer Name: ALYSSAS-PC | User Name: Heather | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
.js [@ = JSFile] --
.scr [@ = scrfile] -- "%1" /s
.vbs [@ = VBSFile] --

[HKEY_USERS\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- Reg Error: Key error. File not found
.ini [@ = inifile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [open] --
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /s
txtfile [edit] -- Reg Error: Key error.
vbsfile [open] --
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2649331228-3696308728-864307741-1001]
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2649331228-3696308728-864307741-500]
"EnableNotificationsRef" = 2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00631E44-6F85-47EF-A942-16DB521B9E1D}" = lport=6940 | protocol=6 | dir=in | name=bittorent60 |
"{00CBC49E-9452-4995-B771-654906B803BE}" = lport=49164 | protocol=6 | dir=in | name=akamai netsession interface |
"{02EB6C4E-C375-4B8B-B71D-08EFA3D1518E}" = lport=6892 | protocol=6 | dir=in | name=bittorent12 |
"{03C03A2C-2E0A-4974-A85C-A0CA826E07FB}" = lport=6941 | protocol=6 | dir=in | name=bittorent61 |
"{07CBBC6C-835E-43E3-B15A-004569C8E385}" = lport=6999 | protocol=6 | dir=in | name=bittorent119 |
"{0BA02A6E-7C32-4DE0-BE36-F8F8A9C7584B}" = lport=6997 | protocol=6 | dir=in | name=bittorent117 |
"{0C37DBF5-A5EE-4B22-BE7C-AC9730A00A21}" = lport=6920 | protocol=6 | dir=in | name=bittorent40 |
"{0CD82CFC-91FA-4747-938C-7089AFCE3A11}" = lport=6966 | protocol=6 | dir=in | name=bittorent86 |
"{0E4CC042-85AD-473E-A566-3DBEFE8A1BD6}" = lport=6883 | protocol=6 | dir=in | name=bittorent3 |
"{0F52C097-32C3-487D-9E6C-8DB1A3DCC554}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{0FC2308D-2F19-48E7-BAE8-166EF63B266F}" = lport=6912 | protocol=6 | dir=in | name=bittorent32 |
"{12315F29-66D1-42C7-B19A-F68497314478}" = lport=6985 | protocol=6 | dir=in | name=bittorent105 |
"{128B8C77-2329-4F46-ACDD-A3A16157C8A6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{1389F7C1-2316-4871-B778-F5E77CB10BC6}" = lport=6992 | protocol=6 | dir=in | name=bittorent112 |
"{15383C2B-2B9C-43A3-9DD6-F6B1CA48E3E9}" = lport=6917 | protocol=6 | dir=in | name=bittorent37 |
"{1584B953-F8B3-4AB0-8147-134198D22DB3}" = lport=6983 | protocol=6 | dir=in | name=bittorent103 |
"{169E2250-7362-4EE9-92D7-AD50DD75AE46}" = lport=6939 | protocol=6 | dir=in | name=bittorent59 |
"{1862E67E-08A6-4F8D-BCE8-7CF4859EB036}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1E002608-04C1-4153-960D-2AE377D7D49D}" = lport=6989 | protocol=6 | dir=in | name=bittorent109 |
"{1EFF94DE-CA64-4A18-B28E-37A612893EA8}" = lport=6914 | protocol=6 | dir=in | name=bittorent34 |
"{20F45358-2CFC-4BCC-849A-E809354C35EA}" = lport=6885 | protocol=6 | dir=in | name=bittorent5 |
"{25195ECD-5094-49F3-8765-5BCEB0ECC1E0}" = lport=6942 | protocol=6 | dir=in | name=bittorent62 |
"{2539F0F4-E5E2-4D82-A57B-BAFF68B229C5}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{266C348F-AC28-4B8D-8F2C-7F1E32F2B483}" = lport=6996 | protocol=6 | dir=in | name=bittorent116 |
"{28E4BCD1-4021-4D8A-BFA7-159BCE970D51}" = lport=6881 | protocol=6 | dir=in | name=bittorent1 |
"{29BA372E-9D59-4DCB-A6B6-CA5364D3823C}" = lport=6990 | protocol=6 | dir=in | name=bittorent110 |
"{2DAAA581-BCE8-45D0-A196-EB0263D1506D}" = lport=6899 | protocol=6 | dir=in | name=bittorent19 |
"{33CB5544-480A-4BFB-AB16-13D282BB9427}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{33D0F9B5-EAE9-428B-BCB5-C9A3299B9A63}" = lport=6898 | protocol=6 | dir=in | name=bittorent18 |
"{356E8B0C-9272-45C3-9B20-00164D99C60A}" = lport=6969 | protocol=6 | dir=in | name=bittorent89 |
"{3919EC22-2D8C-4BF6-BC67-477511973E37}" = lport=6974 | protocol=6 | dir=in | name=bittorent94 |
"{39739EEF-9F92-47C1-B1E7-BE7252A7DDC9}" = rport=138 | protocol=17 | dir=out | app=system |
"{3E223512-1496-433E-9139-86670720286A}" = lport=6919 | protocol=6 | dir=in | name=bittorent39 |
"{3E53834A-8BBA-4B32-B9B6-1C042078F052}" = lport=6893 | protocol=6 | dir=in | name=bittorent13 |
"{448FC004-6283-42BB-B774-3B3CF52FC630}" = lport=6934 | protocol=6 | dir=in | name=bittorent54 |
"{44FA635F-9331-4E5E-8325-78A8ABE73D67}" = lport=6936 | protocol=6 | dir=in | name=bittorent56 |
"{46264FB0-0B76-48CF-91B5-7EA87C6E9427}" = lport=6962 | protocol=6 | dir=in | name=bittorent82 |
"{46B564E3-30CA-4844-A1A3-2E23A7F2140D}" = lport=6978 | protocol=6 | dir=in | name=bittorent98 |
"{48B4EF76-B222-4426-9720-CB3B26115C22}" = lport=6956 | protocol=6 | dir=in | name=bittorent76 |
"{48FF0362-EFA0-4C95-99CB-F0C43F1E0D39}" = lport=6943 | protocol=6 | dir=in | name=bittorent63 |
"{4A94F4EE-4801-4404-BEA3-F956749F0327}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv™ media server upnp discovery |
"{4E1AB6B7-9A2E-47A4-ACB8-7B6C5539B570}" = lport=6889 | protocol=6 | dir=in | name=bittorent9 |
"{51865A1F-31D4-4B35-AE3A-7FE77A8935C7}" = lport=6894 | protocol=6 | dir=in | name=bittorent14 |
"{5233F1F6-2BB0-4482-A003-448D008E5892}" = lport=6897 | protocol=6 | dir=in | name=bittorent17 |
"{5299DBF9-1097-4A86-8122-D83E6E053288}" = lport=6970 | protocol=6 | dir=in | name=bittorent90 |
"{52ADA088-7577-473F-B31F-C48A22540511}" = lport=6977 | protocol=6 | dir=in | name=bittorent97 |
"{54DBE442-3D0C-481B-82AE-32DC23EF6A9A}" = lport=6959 | protocol=6 | dir=in | name=bittorent79 |
"{54EE3590-4AFD-454F-A53A-3D0E4FEC4BB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{57242043-113C-40BA-8298-F0A378A83C5E}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{589C2907-6AF6-46E4-A453-DBBC86ED3E51}" = lport=6993 | protocol=6 | dir=in | name=bittorent113 |
"{5B137439-F68A-4DAE-8800-10F4D201B447}" = lport=6986 | protocol=6 | dir=in | name=bittorent106 |
"{5BBF64AE-10D8-4645-A438-085689FC7908}" = lport=6905 | protocol=6 | dir=in | name=bittorent25 |
"{5D22CB8D-6B54-4A17-8532-CD85A4C0DDA9}" = lport=6900 | protocol=6 | dir=in | name=bittorent20 |
"{5E4745B3-75EC-4A68-8DF7-6B934F13C9EC}" = lport=6913 | protocol=6 | dir=in | name=bittorent33 |
"{5E6A62D0-3203-4DF6-AA1F-F484A5B59D42}" = lport=6984 | protocol=6 | dir=in | name=bittorent104 |
"{5FF5AA5F-E3B1-4C66-A2B2-D15BAD455EAB}" = lport=6976 | protocol=6 | dir=in | name=bittorent96 |
"{6413F9B1-9297-408E-A38F-E2B410DF3A3D}" = lport=6927 | protocol=6 | dir=in | name=bittorent47 |
"{64652868-F99D-48E6-8384-D367EBFFE108}" = lport=6925 | protocol=6 | dir=in | name=bittorent45 |
"{64FC4D0F-5D52-4919-A7F5-7FC185913FF8}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{6B349217-76FA-41CA-B113-775F53C167C3}" = lport=6945 | protocol=6 | dir=in | name=bittorent65 |
"{6BD169F2-91CD-47C1-8825-2DFD384CF939}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6C695D17-58F5-43F1-9E2E-729D6C2CF8E9}" = lport=6949 | protocol=6 | dir=in | name=bittorent69 |
"{6DFC38B9-8933-4A8D-94C2-19607DC5C38D}" = lport=6981 | protocol=6 | dir=in | name=bittorent101 |
"{71A4CDC9-E994-4284-890E-7D3F93E82A53}" = lport=6882 | protocol=6 | dir=in | name=bittorent2 |
"{7269B113-CBAE-43A5-B87F-0692B2EE3AF2}" = lport=6960 | protocol=6 | dir=in | name=bittorent80 |
"{7312ED0D-84D8-4212-BD20-167CA05AC9B1}" = lport=6967 | protocol=6 | dir=in | name=bittorent87 |
"{74797560-674F-475E-9673-475CB322F601}" = lport=6961 | protocol=6 | dir=in | name=bittorent81 |
"{7ABEFBB8-CA36-4C02-8043-C5E6A88C9D0E}" = lport=6937 | protocol=6 | dir=in | name=bittorent57 |
"{7BB30492-61E9-4962-8FC9-051F646885A5}" = lport=6896 | protocol=6 | dir=in | name=bittorent16 |
"{7D51E263-AB35-484C-A003-6C07A78282C0}" = lport=6911 | protocol=6 | dir=in | name=bittorent31 |
"{7D90985C-595C-422A-85B6-E09371F98E8A}" = rport=445 | protocol=6 | dir=out | app=system |
"{80B035D7-C4B7-43FD-8F35-821698426734}" = lport=6915 | protocol=6 | dir=in | name=bittorent35 |
"{81423F46-4ADE-4725-A743-727CDC51355A}" = lport=6902 | protocol=6 | dir=in | name=bittorent22 |
"{83A9F744-AEA0-4DBA-8063-4BE659596580}" = lport=6948 | protocol=6 | dir=in | name=bittorent68 |
"{85A9C943-D47A-4645-A78E-6495967E9047}" = lport=6954 | protocol=6 | dir=in | name=bittorent74 |
"{8794FA4C-7582-4825-8402-9CE03474252A}" = lport=6928 | protocol=6 | dir=in | name=bittorent48 |
"{8901265F-B153-41D2-8C5B-BA39AB96A8A4}" = rport=139 | protocol=6 | dir=out | app=system |
"{89C02BD5-0905-418D-899E-50F41C98A11C}" = lport=6921 | protocol=6 | dir=in | name=bittorent41 |
"{8B36CB6B-5E39-4330-8A20-56756299FFFA}" = lport=137 | protocol=17 | dir=in | app=system |
"{8B432914-E4E7-430C-8716-51A876675060}" = lport=6891 | protocol=6 | dir=in | name=bittorent11 |
"{8B8704A0-3437-4AF0-8677-DCD1E4B9A0AA}" = lport=445 | protocol=6 | dir=in | app=system |
"{8F7FB897-F7B1-4CD4-8C20-E032E58295E3}" = lport=6950 | protocol=6 | dir=in | name=bittorent70 |
"{9136579B-814D-494D-869C-F75D2F5B2598}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{92789AF9-DACE-48E6-AAEE-68FFB71FA147}" = lport=6951 | protocol=6 | dir=in | name=bittorent71 |
"{92F0CCE2-CB53-463D-9B13-A226AD6EFC91}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{93CB3A80-FFFF-4026-8E03-D558DAA90481}" = lport=6953 | protocol=6 | dir=in | name=bittorent73 |
"{93CB79FF-C4A0-4061-96A6-7423C39948B9}" = lport=6904 | protocol=6 | dir=in | name=bittorent24 |
"{94BB2065-B489-47C8-BF03-52F6D912C979}" = lport=6916 | protocol=6 | dir=in | name=bittorent36 |
"{96E14FCA-DD94-4172-83C5-5053A15A5835}" = lport=6958 | protocol=6 | dir=in | name=bittorent78 |
"{978F2581-88DA-401B-A854-A568209D9761}" = lport=6995 | protocol=6 | dir=in | name=bittorent115 |
"{97D7571A-603C-4D2F-9D2F-54923E5CE848}" = lport=6929 | protocol=6 | dir=in | name=bittorent49 |
"{9842127F-B13C-48A1-881B-ED8B9DF8072B}" = lport=6926 | protocol=6 | dir=in | name=bittorent46 |
"{9C2EA139-E1CC-454D-ADF4-744F6FFC1CDF}" = lport=6979 | protocol=6 | dir=in | name=bittorent99 |
"{9FDE3AE5-2FF8-490B-8F23-D96025A87CB4}" = lport=6973 | protocol=6 | dir=in | name=bittorent93 |
"{A23D5762-AB40-4306-8191-D343CEC78400}" = lport=6964 | protocol=6 | dir=in | name=bittorent84 |
"{A3F647E0-225E-4035-89FE-5F4B32AD734F}" = lport=6907 | protocol=6 | dir=in | name=bittorent27 |
"{A48CBB6E-F954-4A94-8A8D-DE674FF12407}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{A6AD2231-FC90-440A-8C07-1F8067DD5F10}" = lport=6931 | protocol=6 | dir=in | name=bittorent51 |
"{A7D3C3E4-1751-46D8-8E62-E6BCF2B89220}" = lport=6975 | protocol=6 | dir=in | name=bittorent95 |
"{A9EBA039-E972-485D-89B9-8DF997A315F4}" = lport=6890 | protocol=6 | dir=in | name=bittorent10 |
"{ABEDA75B-186C-4C14-B202-3866BA8A97AE}" = lport=6991 | protocol=6 | dir=in | name=bittorent111 |
"{ACE9080F-1B8B-4E19-9B83-DB9102DDE871}" = lport=6923 | protocol=6 | dir=in | name=bittorent43 |
"{AE87D46E-6CE9-4E8F-9E7C-0EF15203F774}" = lport=6895 | protocol=6 | dir=in | name=bittorent15 |
"{B2DDA28B-96F3-4E91-BA09-39BF06AAAA51}" = lport=6980 | protocol=6 | dir=in | name=bittorent100 |
"{B3B0FBB0-706A-4AC7-826B-F13FA78EB0FE}" = lport=6924 | protocol=6 | dir=in | name=bittorent44 |
"{B3E7DB9E-5104-47EC-845E-2032A1F995BA}" = lport=6888 | protocol=6 | dir=in | name=bittorent8 |
"{B54CA444-89B5-43FA-A2AD-D37345585264}" = lport=6955 | protocol=6 | dir=in | name=bittorent75 |
"{B636C835-E768-4087-8B8E-FDF4FCE902E2}" = lport=6982 | protocol=6 | dir=in | name=bittorent102 |
"{B7BE0E44-1721-4053-A761-C2E5BF5B5DBE}" = lport=6947 | protocol=6 | dir=in | name=bittorent67 |
"{B841F180-3B59-468C-B5E3-203F875B32BB}" = lport=6987 | protocol=6 | dir=in | name=bittorent107 |
"{BBE5AE6B-A5F4-4D66-BA26-AEA78837012A}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv™ media server discovery |
"{BE1FE52A-8DFE-4AAF-B05E-9DBD1614EFC5}" = lport=6933 | protocol=6 | dir=in | name=bittorent53 |
"{C0F6947D-12A2-461F-B479-BFF7C5A3F178}" = lport=6935 | protocol=6 | dir=in | name=bittorent55 |
"{C2013053-C9F0-43A0-AFC4-97C69F83C9A8}" = lport=6963 | protocol=6 | dir=in | name=bittorent83 |
"{C27778A5-025B-4189-A176-7E004DBCE2D0}" = lport=6884 | protocol=6 | dir=in | name=bittorent4 |
"{C27C7987-A8FF-442A-AC38-2AC3B8731FDC}" = lport=6971 | protocol=6 | dir=in | name=bittorent91 |
"{C4790358-474B-4621-A5F4-0BE4A9A825E2}" = lport=6906 | protocol=6 | dir=in | name=bittorent26 |
"{C47C2DEA-0AAA-4522-96DC-C9B557E6F220}" = lport=6922 | protocol=6 | dir=in | name=bittorent42 |
"{C6304272-2167-4730-AAE9-ED6A4AA65B71}" = lport=6938 | protocol=6 | dir=in | name=bittorent58 |
"{C86D41DB-F4B0-4273-8588-9425E2FDD112}" = lport=6965 | protocol=6 | dir=in | name=bittorent85 |
"{C9160954-FA50-40DD-9EDF-95CD0E256FAF}" = lport=6886 | protocol=6 | dir=in | name=bittorent6 |
"{CE72245A-46AD-41EE-84B6-0E0CB30B7838}" = lport=6994 | protocol=6 | dir=in | name=bittorent114 |
"{CFD03BB7-B2E3-40DF-A391-B5990442338E}" = lport=49162 | protocol=6 | dir=in | name=akamai netsession interface |
"{D1E7A9D7-E857-436F-B3D8-D6CE4E8829D1}" = lport=6909 | protocol=6 | dir=in | name=bittorent29 |
"{D207B577-242D-4CD2-8051-F2F583504F6C}" = lport=6968 | protocol=6 | dir=in | name=bittorent88 |
"{D523691E-C94C-49DC-8133-EB53A9E3D89D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{D6A0C049-5F42-49DD-90D7-D1D31B7C67C7}" = lport=139 | protocol=6 | dir=in | app=system |
"{D6F919F3-BB1F-4DED-8BD4-A1B644B38B3B}" = lport=6957 | protocol=6 | dir=in | name=bittorent77 |
"{D7294AD7-46C4-4B3C-9037-042F206E803C}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{D8A4A1CC-6100-4BDB-8BDE-9A738C04B3F5}" = lport=6903 | protocol=6 | dir=in | name=bittorent23 |
"{D8E78110-D436-42D7-9381-19CBE891540F}" = lport=6952 | protocol=6 | dir=in | name=bittorent72 |
"{D9F04B95-4159-43D5-8C0E-3F594BCE81EF}" = lport=6988 | protocol=6 | dir=in | name=bittorent108 |
"{E3A93D8D-7339-4BD4-9BE0-3DD2A39E2389}" = lport=6932 | protocol=6 | dir=in | name=bittorent52 |
"{E71C675E-2E2F-4F27-AFED-9E08B8CD7C2D}" = lport=6930 | protocol=6 | dir=in | name=bittorent50 |
"{E74CECCA-019C-4942-B41D-6C442F28352B}" = lport=6908 | protocol=6 | dir=in | name=bittorent28 |
"{EA32A4AB-8EA0-4B9D-8447-B962AA6B0469}" = lport=6910 | protocol=6 | dir=in | name=bittorent30 |
"{ECDD1D6F-681D-4207-BE7E-50B031505C82}" = lport=6887 | protocol=6 | dir=in | name=bittorent7 |
"{F28FE880-77C9-4C5E-B64D-D792DBE1B182}" = lport=138 | protocol=17 | dir=in | app=system |
"{F5241192-FF55-42BD-9B63-661361D5583D}" = lport=6901 | protocol=6 | dir=in | name=bittorent21 |
"{F5BCBC1A-5E49-402A-9804-B97266F78698}" = lport=6998 | protocol=6 | dir=in | name=bittorent118 |
"{F6A2DDF3-C8AF-4302-9F8D-C911367CAEE3}" = lport=6946 | protocol=6 | dir=in | name=bittorent66 |
"{F7268CA2-5958-41E7-B374-65E2741A963C}" = lport=6972 | protocol=6 | dir=in | name=bittorent92 |
"{F7574C9D-D11E-4FFE-87B3-8F093884BF04}" = lport=6944 | protocol=6 | dir=in | name=bittorent64 |
"{F9E3AB8E-9F06-4971-9647-5E58446D3740}" = lport=6918 | protocol=6 | dir=in | name=bittorent38 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013FCE0D-3E3D-417D-BD9C-A48C8FA621BE}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{0560800F-9AC6-4CB5-A825-A01E46D127E9}" = protocol=6 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{05A7932A-D78F-45A2-9719-8168D45AF570}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{0C7B6684-3F4D-413F-96D8-805CBA2F0DDA}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{122B1A5B-240C-423C-86A9-3D9B6E871EF5}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{14ECC95F-3552-423A-8371-FFDF0599148C}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{157ACAA7-7D39-47E5-964C-BBFD73844138}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{15FFF8BC-17C4-4BAF-B3FB-D1C283CC86CD}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{1D576A96-D0FC-4031-8891-E4CAC1A7989D}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{220C4876-ED68-44F6-8A39-B1D4DFD99EE8}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{257A0C09-898A-453A-B6FC-FD8667FF15E2}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{2F29D2BD-E90C-438F-A355-959008CB8C4E}" = protocol=17 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{3456131C-6D9D-4842-B0B6-1FDA62C07DC0}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{34FF9943-EB11-4E4E-BB48-CDBBB63C73AA}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{357A7663-B4C3-4809-AF3C-E7BE2B6CCBE3}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{3A73AA09-EA44-4157-910F-D74FAEB603A7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{404AB1A1-48A4-491B-A9F9-F861AF47B93E}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{421876B5-9D59-4292-B0D4-9B50E042ED59}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifetray.exe |
"{44F99B38-D36D-4933-8908-55660D1A2D0B}" = protocol=17 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flymonitor.exe |
"{45EA4A04-D099-4C36-B65E-7CCE9E9C14C9}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{53CC53B2-3CF2-4DAB-83AF-A0AE5C58B09C}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{53F1A75F-8D72-4226-8850-2420BDCE1229}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeexp.exe |
"{593F7820-FA59-4A87-AAAE-9402D2828ECC}" = protocol=58 | dir=out | [email protected],-28546 |
"{5BBBF519-5A0F-4B9E-B4E0-C94AEF09A968}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{5CB511B6-CDCF-4CBC-A1D2-5D600F5940CC}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{62D5E13C-FD98-4F44-9845-C6BD4B82C4DC}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{62E0CAC8-1A4C-4E76-BD92-BCAF04F664FA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{671C0246-D60D-4E6A-A897-2BF3B7D8219D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{6F7F37D7-129D-4281-811C-910FE888928E}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{740C8416-7216-41FB-BB34-B7FFC00CEA2E}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{742C0EB2-A621-48B5-9D29-EE5B965D646F}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{791B4B4D-B19E-4D58-8D6A-B30AF0703F1B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7995E2AA-5DD9-4089-9A1F-1C17481A5064}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{7F164539-6F1D-4712-81C1-2D342AE70FE6}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifecam.exe |
"{87A9CAC2-A551-4E97-A2F3-EBE7523F2B78}" = protocol=6 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{920C54CA-03EA-496D-A4CB-35430C97A62A}" = protocol=6 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flymonitor.exe |
"{9903C47C-6B1D-43EE-A67E-CC663008DE81}" = protocol=1 | dir=in | [email protected],-28543 |
"{9C402C81-45C4-411A-94F8-23A86BA58094}" = protocol=6 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{9EAD921A-2B11-4EAE-A191-5ECE128D4AB1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A28D1B25-EE61-4524-B438-89654C8771C1}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{A3AB168A-4F0B-4FC1-89EC-C2054F3BF42D}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{AE6AFF60-4406-4634-AA97-3B4C052EF9C9}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{B14797DB-7EC5-482E-8660-D246EF8C8FF1}" = protocol=6 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flyworld.exe |
"{B480139E-C575-4C62-8AA4-7FCC0172665D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B708B4ED-89C7-419F-9F94-4238C1B4B0D9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BF904914-40EB-4DF3-9398-5D3A437BCFAD}" = protocol=17 | dir=in | app=c:\program files\microsoft lifecam\lifeenc2.exe |
"{C0664700-15F1-4AA4-A857-A1D4804688C9}" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{C0DD821B-70C5-42ED-B0B2-2C06C7A2577E}" = protocol=17 | dir=in | app=c:\program files\rogers online protection\rogers servicepoint agent\servicepointservice.exe |
"{D02CF58E-A8A0-4C60-8D5B-C11ECA2A30A7}" = protocol=1 | dir=out | [email protected],-28544 |
"{D41B76CF-B724-4498-A406-5FB01083A0C3}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{DC36ACB3-D5F9-4579-8CFD-62274534C0E8}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{E43FC36D-131B-467C-B4B3-25EEE79162CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7079120-90FC-4E06-928A-1D54A9D2B488}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{EBB66FBB-9349-40BB-A30D-31B812262DD2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F263CFEC-C26F-4016-BB64-59F01FC1105C}" = protocol=58 | dir=in | [email protected],-28545 |
"{F7F151C7-6272-4F7E-BEE5-0386ADBC72A8}" = protocol=17 | dir=in | app=c:\program files\leapfrog\flyworld\bin\flyworld.exe |
"{F8AEBE1A-761A-4CC9-9125-5B602DE040CB}" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"{FE941D76-5E91-4C13-AAAA-07AC744CEBF3}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{FF8EA31F-1ED2-4A44-8AF1-482336E78CA3}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"TCP Query User{83BB59DD-4667-41BB-BB66-179254F026D0}C:\users\public\desktop\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\users\public\desktop\limewire\limewire.exe |
"TCP Query User{897B3907-5FEC-436D-850B-830508EFFCED}C:\users\heather\desktop\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\users\heather\desktop\limewire\limewire.exe |
"UDP Query User{3BCE407B-AF5A-42E2-9562-F37AF0690F88}C:\users\heather\desktop\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\users\heather\desktop\limewire\limewire.exe |
"UDP Query User{7E806297-5E59-415B-858E-4C382E621426}C:\users\public\desktop\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\users\public\desktop\limewire\limewire.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{107254A0-0ADF-11D4-9397-00D0B7020B38}" =
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 23
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel® Viiv™ Software
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{316CDA1E-4760-4772-94B0-0FFC56D85700}" = RPS CRT
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java™ SE Runtime Environment 6
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A783E8-DC11-427F-A56C-8ED43EEC0695}" = RPS CRT
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35AE9CC9-10A3-4A24-87DF-A6A99BDC1969}" = Rogers Online Protection
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}" = Browser Address Error Redirector
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{4449B83C-1257-4355-8F3E-71280E922B5F}" = Intel® Network Connections 14.7.23.0
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{47AA42FD-0450-4CB4-ADAF-B6E770AA7B2F}" = Sony Media Manager 2.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E79A62F-7A2D-4058-BCE0-94E6B9E2F162}" = USB Disk Win98 Driver
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{548B7B4A-B4F6-4074-A2D2-40154DC906B5}" = RPS PerfectDiskStub
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-gateway" = WildTangent Games App (Gateway Games)
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779C01A3-8466-499D-88FC-EB820EB3AC51}" = RPS RpsCore
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B08D306-7266-4647-A926-2F78817ED1E0}" = Microsoft Corporation
"{7B738CD9-D107-48C7-8E65-2E6639A39C8D}" = PerfectDisk 10 Professional
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84A78614-0E4B-4A4E-BA8C-2B0A05A08E4E}" = BlackBerry Desktop Software 6.0.1
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{881F5DE8-9367-4B81-A325-E91BBC6472F9}" = iTunes
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91130409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Small Business
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Picture Package Music Transfer
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F6333AB7-7C1F-4817-9805-40E048F95C7B}_is1" = AdvancedDefrag 4.2
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"Agere Systems Soft Modem" = Agere Systems PCI-SV92PP Soft Modem
"Akamai" = Akamai NetSession Interface
"avast" = avast! Internet Security
"AviSynth" = AviSynth 2.5
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.1
"Burger Shop 2 1.00" = Burger Shop 2 1.00
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"FLY World" = FLY World
"Google Desktop" = Google Desktop
"HDMI" = Intel® Graphics Media Accelerator Driver
"Hells Kitchen_is1" = Hells Kitchen
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Intel® Configuration Center" = Intel® Viiv™ Software
"LSI Soft Modem" = LSI PCI-SV92PP Soft Modem
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Messenger Plus! Live" = Messenger Plus! Live
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2006b" = Microsoft Money 2006
"Peggle Nights Deluxe 1.0" = Peggle Nights Deluxe 1.0
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"PowerISO" = PowerISO
"PROSetDX" = Intel® Network Connections 14.7.23.0
"RadialpointClientGateway_is1" = Rogers Servicepoint Agent 3.7.44
"RealPlayer 6.0" = RealPlayer
"Registry Patrol" = Registry Patrol
"Rogers Client CD" = Rogers Client CD 1.0
"setup" = Rogers Yahoo! Client CD (remove only)
"SHS" = Rogers Self Healing Software (remove only)
"UnityWebPlayer" = Unity Web Player
"Update Manager" = Update Manager (remove only)
"WildTangent gateway Master Uninstall" = Gateway Games
"WinLiveSuite" = Windows Live Essentials
"WT076454" = Burger Shop 2
"WT076616" = My Kingdom for the Princess
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2649331228-3696308728-864307741-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2649331228-3696308728-864307741-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 10 Event Log Errors ==========

Error: Unable to start EventLog service!

< End of report >

Edited by logicallady, 23 March 2011 - 09:41 AM.

  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP