Ok...I ran the OTL and TDS Killer.
OTL Log:
OTL logfile created on: 6/9/2011 9:28:43 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Tamara\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.53% Memory free
4.21 Gb Paging File | 2.65 Gb Available in Paging File | 62.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 291.83 Gb Total Space | 175.75 Gb Free Space | 60.22% Space Free | Partition Type: NTFS
Drive D: | 6.26 Gb Total Space | 0.87 Gb Free Space | 13.98% Space Free | Partition Type: NTFS
Drive K: | 1.86 Gb Total Space | 1.70 Gb Free Space | 91.09% Space Free | Partition Type: FAT32
Computer Name: MY-PC | User Name: Tamara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2011/05/30 11:31:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tamara\Desktop\OTL.exe
PRC - [2011/04/01 20:17:08 | 000,067,400 | ---- | M] (Microsoft Corporation) -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
PRC - [2011/01/30 11:45:14 | 001,306,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
PRC - [2010/09/07 11:12:02 | 002,838,912 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2009/11/23 20:53:58 | 004,781,352 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/11/23 20:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/11/23 20:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\Pen_Tablet.exe
PRC - [2009/11/23 20:53:56 | 001,823,528 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\System32\WTablet\Pen_TabletUser.exe
PRC - [2009/11/18 04:42:52 | 000,275,072 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/11/18 04:02:34 | 000,563,840 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
PRC - [2009/11/18 04:02:34 | 000,173,696 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe
PRC - [2009/11/17 20:49:08 | 000,366,720 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009/09/15 19:47:44 | 000,878,080 | ---- | M] (ActMask Co.,Ltd -
http://www.all2pdf.com) -- C:\WINDOWS\System32\PrintDisp.exe
PRC - [2009/06/16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd -
HTTP://WWW.ALL2PDF.COM) -- C:\WINDOWS\System32\PrintCtrl.exe
PRC - [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2009/02/15 17:34:39 | 001,358,384 | R--- | M] (Linksys, LLC) -- C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
PRC - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe
PRC - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
PRC - [2008/06/02 18:50:34 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/06/02 18:50:32 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008/01/19 03:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\WINDOWS\RtHDVCpl.exe
PRC - [2007/11/09 13:35:06 | 000,077,876 | ---- | M] (SafeNet) -- C:\Program Files\Juniper\NetScreen-Remote\SafeCfg.exe
PRC - [2007/11/09 13:35:04 | 000,413,746 | ---- | M] (SafeNet) -- C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe
PRC - [2007/11/09 13:35:04 | 000,073,782 | ---- | M] (SafeNet) -- C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe
PRC - [2007/08/29 22:12:30 | 000,344,064 | ---- | M] (Kmaestro) -- C:\Program Files\HP USB Multimedia Keyboard\Kmaestro.exe
PRC - [2007/07/03 17:30:46 | 005,585,408 | ---- | M] (Chicony) -- C:\WINDOWS\CNYHKey.exe
PRC - [2007/01/08 15:51:56 | 000,053,248 | ---- | M] (Chicony) -- C:\WINDOWS\ModLEDKey.exe
PRC - [2006/09/28 09:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/09/03 14:32:28 | 000,208,896 | ---- | M] () -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
PRC - [2002/03/19 12:15:46 | 000,036,864 | ---- | M] (D-Link) -- C:\Program Files\WZCBDL Service\WZCBDLS.exe
========== Modules (SafeList) ========== MOD - [2011/05/30 11:31:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tamara\Desktop\OTL.exe
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (CLTNetCnService)
SRV - [2011/04/01 20:17:08 | 000,067,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)
SRV - [2010/09/07 11:11:59 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/08/22 15:20:39 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/04/21 13:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 13:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2009/11/23 20:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/11/23 20:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\System32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/11/18 04:42:52 | 000,253,568 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/11/18 04:16:42 | 000,137,344 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/06/16 07:38:34 | 000,077,824 | ---- | M] (ActMask Co.,Ltd -
HTTP://WWW.ALL2PDF.COM) [Auto | Running] -- C:\WINDOWS\System32\PrintCtrl.exe -- (Printer Control)
SRV - [2009/04/11 02:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/09/16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
SRV - [2008/06/02 18:50:34 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/09 13:35:04 | 000,413,746 | ---- | M] (SafeNet) [Auto | Running] -- C:\Program Files\Juniper\NetScreen-Remote\IreIKE.exe -- (IreIKE)
SRV - [2007/11/09 13:35:04 | 000,073,782 | ---- | M] (SafeNet) [Auto | Running] -- C:\Program Files\Juniper\NetScreen-Remote\IPSecMon.exe -- (IPSECMON)
SRV - [2006/09/11 20:02:44 | 000,544,256 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe -- (Remote UI Service) Intel®
SRV - [2006/09/11 20:01:04 | 000,167,936 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe -- (MCLServiceATL) Intel®
SRV - [2006/09/11 19:56:32 | 000,075,264 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe -- (ISSM) Intel®
SRV - [2006/09/11 19:56:20 | 000,188,416 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe -- (AlertService) Intel®
SRV - [2006/09/03 14:32:28 | 000,208,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe -- (DQLWinService)
SRV - [2006/09/01 03:47:56 | 000,026,624 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe -- (M1 Server) Intel® Viiv
SRV - [2006/05/10 13:13:52 | 000,029,696 | R--- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe -- (IntelDHSvcConf)
SRV - [2002/03/19 12:15:46 | 000,036,864 | ---- | M] (D-Link) [Auto | Start_Pending] -- C:\Program Files\WZCBDL Service\WZCBDLS.exe -- (WZCBDLService)
========== Driver Services (SafeList) ========== DRV - [2010/09/07 10:52:25 | 000,046,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2010/09/07 10:52:03 | 000,165,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2010/09/07 10:47:46 | 000,023,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2010/09/07 10:47:30 | 000,050,768 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2010/09/07 10:47:07 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2010/06/01 23:15:04 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010/04/03 11:02:54 | 000,240,608 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\RsFx0150.sys -- (RsFx0150)
DRV - [2009/07/09 13:16:24 | 000,013,480 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\WacomVTHid.sys -- (WacomVTHid)
DRV - [2009/05/20 15:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2008/12/12 19:05:18 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 19:05:18 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/12/05 19:32:02 | 000,655,872 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2008/05/08 05:05:18 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2008/05/08 05:03:18 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/11/09 13:20:50 | 000,138,296 | ---- | M] (SafeNet) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\IpSecDrv.sys -- (IPSECDRV)
DRV - [2007/10/26 15:41:58 | 000,027,408 | ---- | M] (Deterministic Networks Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\vapco.sys -- (DniVap) SafeNet WAN Miniport (VA)
DRV - [2007/10/18 07:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/07 09:40:46 | 000,128,144 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\dne2000.sys -- (DNE)
DRV - [2007/02/16 15:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/07/13 14:14:16 | 000,004,608 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys -- (TSHWMDTCP)
DRV - [2005/12/12 12:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\PS2.sys -- (Ps2)
DRV - [2005/08/15 08:27:32 | 000,536,634 | ---- | M] (SafeNet) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\Crypto.sys -- (Crypto)
DRV - [2002/09/27 18:21:26 | 000,022,912 | ---- | M] (D-Link Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\NIOC.sys -- (NIOC)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.h...lion&pf=desktopIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.h...lion&pf=desktop IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.condui...&ctid=CT2418376IE - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\..\URLSearchHook: {DC94FEC3-3F89-46D5-B104-ABEBB4940DDA} - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/09/08 17:19:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/06/08 18:36:30 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/06/08 18:36:30 | 000,000,000 | ---D | M]
[2010/08/25 08:40:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\mozilla\Extensions
[2010/08/25 08:40:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\mozilla\Extensions\{fa12e233-4cc1-431c-be50-f3e47860a7ea}
[2009/07/31 10:30:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\mozilla\Extensions\
[email protected][2011/06/08 13:37:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\u7vwi61q.default\extensions
[2011/03/22 08:57:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\u7vwi61q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/03/13 18:55:55 | 000,000,000 | ---D | M] (PageTheme) -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\u7vwi61q.default\extensions\{A5DCA3F5-ED5A-4ed3-9671-DBB0C68FA469}
[2011/05/04 19:05:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Tamara\AppData\Roaming\mozilla\Firefox\Profiles\u7vwi61q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011/04/17 11:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/07/03 09:14:37 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/23 21:58:00 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010/10/27 06:46:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/04/17 11:33:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/06/08 18:36:25 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browsercomps.dll
[2009/11/19 18:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 18:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2011/06/08 18:36:27 | 000,002,252 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\bing.xml
O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (PageTheme) - {CC0F2900-8A5B-4D0D-9E44-10435BC40774} - C:\Program Files\PageTheme\PageTheme.dll (TODO: <Company name>)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\..\Toolbar\WebBrowser: (My Power Mall Toolbar) - {AB455519-4E14-498B-A0A9-7DCEF42440FC} - File not found
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BtcMaestro] C:\Program Files\HP USB Multimedia Keyboard\KMaestro.exe (Kmaestro)
O4 - HKLM..\Run: [CCUTRAYICON] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LchDrv] C:\Windows\LchDrvKey.exe ()
O4 - HKLM..\Run: [ledpointer] C:\Windows\CNYHKey.exe (Chicony)
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [NeroCheck] C:\Windows\System32\\NeroCheck.exe ()
O4 - HKLM..\Run: [nmctxth] C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [PrintDisp] C:\WINDOWS\System32\PrintDisp.exe (ActMask Co.,Ltd -
http://www.all2pdf.com)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SkypeCtl] File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\WINDOWS\System32\wpcumi.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001..\Run: [48F1E587052B947E85A0B40D73622E63] File not found
O4 - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001..\Run: [WindowsUpdate] C:\Users\Tamara\AppData\Roaming\WindowsUpdate\winupdate.exe.exe ()
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O4 - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10p_Plugin.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Tamara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ubisoft register.lnk = File not found
O7 - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3253985537-1783120850-3274599005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 216.196.228.36 207.40.122.15 216.68.1.100
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/01/17 20:44:10 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/11/22 14:08:16 | 000,000,110 | -H-- | M] () - K:\autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2011/06/08 19:15:11 | 000,580,096 | ---- | C] (OldTimer Tools) -- C:\Users\Tamara\Desktop\OTL.exe
[2011/06/08 19:15:07 | 000,586,240 | ---- | C] (AVAST Software) -- C:\Users\Tamara\Desktop\aswMBR.exe
[2011/06/06 10:06:57 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\TeamViewer
[2011/06/03 01:48:46 | 000,000,000 | ---D | C] -- C:\3fe860b0b1f8d3bf5550003d8aad6e73
[2011/05/23 20:11:23 | 000,000,000 | ---D | C] -- C:\Users\Tamara\AppData\Roaming\TS3Client
[2011/05/23 20:08:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/05/23 20:08:16 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2011/06/09 21:10:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3253985537-1783120850-3274599005-1001.job
[2011/06/09 21:03:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3253985537-1783120850-3274599005-1001UA.job
[2011/06/09 20:16:46 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/09 20:16:46 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/09 15:58:01 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Tamara.job
[2011/06/09 02:03:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3253985537-1783120850-3274599005-1001Core.job
[2011/06/08 19:15:58 | 000,743,952 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/06/08 19:15:57 | 000,153,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/05/30 11:31:06 | 000,580,096 | ---- | M] (OldTimer Tools) -- C:\Users\Tamara\Desktop\OTL.exe
[2011/05/30 10:15:43 | 000,000,905 | ---- | M] () -- C:\Users\Tamara\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/05/30 10:13:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/05/30 10:13:07 | 2137,485,312 | -HS- | M] () -- C:\hiberfil.sys
[2011/05/30 10:05:58 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011/05/30 10:05:58 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011/05/30 10:05:44 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011/05/30 09:32:38 | 000,586,240 | ---- | M] (AVAST Software) -- C:\Users\Tamara\Desktop\aswMBR.exe
[2011/05/23 20:08:43 | 000,000,921 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2011/06/08 18:36:31 | 000,000,820 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/05/30 10:05:44 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011/05/23 20:08:20 | 000,000,921 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/03/13 18:56:53 | 000,043,520 | ---- | C] () -- C:\Windows\System32\sutil32.dll
[2011/01/30 09:45:04 | 000,552,448 | ---- | C] () -- C:\Windows\mHotkey.exe
[2011/01/30 09:45:04 | 000,294,912 | ---- | C] () -- C:\Windows\PIC.dll
[2011/01/30 09:45:04 | 000,049,152 | ---- | C] () -- C:\Windows\CNYUSB.dll
[2011/01/30 09:45:04 | 000,036,864 | ---- | C] () -- C:\Windows\LchDrvKey.exe
[2011/01/30 09:45:04 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2011/01/30 09:45:04 | 000,011,776 | ---- | C] () -- C:\Windows\HIDMNT.dll
[2011/01/30 09:45:04 | 000,005,120 | ---- | C] () -- C:\Windows\HKCYDLL.dll
[2011/01/30 09:45:04 | 000,000,360 | ---- | C] () -- C:\Windows\CNYHKey.ini
[2010/09/08 17:09:50 | 000,172,241 | ---- | C] () -- C:\Windows\hpoins37.dat
[2010/08/25 08:40:21 | 000,691,200 | ---- | C] () -- C:\Windows\System32\PrintLog.exe
[2010/08/25 08:40:21 | 000,524,288 | ---- | C] () -- C:\Windows\System32\PrtPass.exe
[2010/08/23 22:22:04 | 000,148,984 | ---- | C] () -- C:\Windows\hpoins19.dat
[2010/08/23 22:21:47 | 000,026,952 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2010/07/06 06:08:51 | 000,143,360 | ---- | C] () -- C:\Windows\System32\nsldap32v50.dll
[2010/06/27 03:52:42 | 000,000,029 | ---- | C] () -- C:\Windows\PControl.ini
[2010/03/21 08:52:28 | 000,069,632 | R--- | C] () -- C:\Windows\System32\xmltok.dll
[2010/03/21 08:52:27 | 000,036,864 | R--- | C] () -- C:\Windows\System32\xmlparse.dll
[2010/02/02 16:05:58 | 000,000,558 | ---- | C] () -- C:\Windows\hpomdl37.dat
[2010/01/29 12:46:08 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2010/01/29 12:46:07 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/10/10 11:00:46 | 000,000,552 | ---- | C] () -- C:\Users\Tamara\AppData\Local\d3d8caps.dat
[2009/05/25 11:24:51 | 000,000,680 | ---- | C] () -- C:\Users\Tamara\AppData\Local\d3d9caps.dat
[2009/03/01 21:14:23 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/02/25 12:01:21 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2009/02/24 19:34:56 | 000,000,000 | ---- | C] () -- C:\Windows\Game.INI
[2008/11/14 19:37:16 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/03/29 08:51:08 | 000,031,007 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\UserTile.png
[2008/03/25 16:56:08 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1461.dll
[2008/01/24 21:23:45 | 000,000,715 | ---- | C] () -- C:\Windows\Edmark.ini
[2008/01/24 21:21:04 | 000,000,519 | ---- | C] () -- C:\Windows\pipeline.ini
[2008/01/23 22:35:09 | 000,000,087 | ---- | C] () -- C:\Windows\encore_launcher.ini
[2008/01/23 22:33:39 | 000,000,163 | ---- | C] () -- C:\Windows\compedia.ini
[2008/01/23 15:14:50 | 000,020,992 | ---- | C] () -- C:\Windows\jestertb.dll
[2008/01/23 14:24:57 | 000,000,035 | ---- | C] () -- C:\Windows\A4W.INI
[2008/01/23 14:15:30 | 000,000,196 | ---- | C] () -- C:\Windows\QTW.INI
[2008/01/01 12:40:47 | 000,083,216 | ---- | C] () -- C:\Windows\System32\KmRemove.exe
[2007/12/06 19:23:17 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/09/25 19:24:48 | 000,027,648 | ---- | C] () -- C:\Users\Tamara\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/09/18 16:19:17 | 000,000,110 | ---- | C] () -- C:\Users\Tamara\AppData\Roaming\wklnhst.dat
[2007/08/24 20:46:48 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1322.dll
[2007/03/06 11:49:42 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1227.dll
[2007/01/17 20:37:06 | 000,049,152 | ---- | C] () -- C:\Windows\System32\ChCfg.exe
[2007/01/17 20:32:58 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom24.dll
[2007/01/17 20:32:58 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes24.dll
[2007/01/17 20:23:22 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1114.dll
[2006/11/09 10:19:08 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/11/02 08:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:47:37 | 000,304,344 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 08:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 06:33:01 | 000,743,952 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 06:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 06:33:01 | 000,153,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 06:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 06:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 04:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 04:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 03:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 03:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/11 03:00:40 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/08/11 03:00:40 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/06/23 14:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2005/07/12 14:44:42 | 000,015,872 | ---- | C] () -- C:\Windows\System32\InsDrvZD64.DLL
[2004/09/16 16:24:26 | 003,375,104 | ---- | C] () -- C:\Windows\System32\qt-mt331.dll
[2004/03/23 16:38:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll
[2003/04/02 10:13:58 | 000,086,016 | ---- | C] () -- C:\Windows\System32\minunzip.dll
[2003/03/14 12:24:00 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ZyDelReg.exe
[2002/06/09 13:07:30 | 000,053,315 | ---- | C] () -- C:\Windows\System32\DevCtrl.dll
========== LOP Check ========== [2010/08/25 08:39:56 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\AVE INTERVISION
[2010/07/03 09:15:04 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\DAEMON Tools Lite
[2011/04/28 03:24:54 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\FileZilla
[2009/08/05 21:35:23 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\FrostWire
[2010/11/01 06:59:58 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\GetRightToGo
[2010/06/20 17:47:19 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Image Zone Express
[2009/07/31 10:49:40 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\LimeWire
[2010/07/03 09:25:15 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\My Games
[2009/10/02 18:36:33 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Notepad++
[2010/11/16 19:10:14 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\OverDrive
[2008/03/29 08:51:07 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\PeerNetworking
[2009/08/23 20:32:04 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\PlayFirst
[2008/06/16 22:05:02 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Printer Info Cache
[2007/09/04 11:02:06 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\School Zone Preferences
[2011/06/06 10:06:57 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\TeamViewer
[2007/09/18 16:19:19 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Template
[2011/06/01 12:52:01 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\TS3Client
[2011/01/02 10:54:43 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\Unity
[2011/04/23 10:46:34 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\WinBatch
[2010/05/28 08:07:17 | 000,000,000 | RHSD | M] -- C:\Users\Tamara\AppData\Roaming\WindowsUpdate
[2010/08/22 14:56:33 | 000,000,000 | ---D | M] -- C:\Users\Tamara\AppData\Roaming\WTouch
[2011/05/30 10:11:34 | 000,032,588 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2007/11/14 10:15:05 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2007/11/14 10:15:05 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 05:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 03:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\WINDOWS\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >[2006/11/02 05:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 03:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\System32\svchost.exe
[2008/01/19 03:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\WINDOWS\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\System32\userinit.exe
[2008/01/19 03:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 05:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\WINDOWS\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\System32\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 05:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 03:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\WINDOWS\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< %systemroot%\*. /mp /s > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/06/08 18:36:27 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/06/08 18:36:27 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/06/08 18:36:27 | 000,711,672 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/06/08 18:36:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/06/08 18:36:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/06/08 18:36:25 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\Tamara\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/06/06 01:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\Tamara\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/06/06 01:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\Tamara\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/06/06 01:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\Tamara\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/06/06 01:28:58 | 001,011,768 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/05/30 10:05:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/05/30 10:05:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/05/30 10:05:44 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/05/30 10:05:45 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/05/30 10:05:45 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2010/08/20 17:00:18 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2010/08/20 17:00:18 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2010/08/20 17:00:18 | 002,388,264 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2010/08/20 17:00:18 | 002,388,264 | ---- | M] (Apple Inc.)
========== Alternate Data Streams ========== @Alternate Data Stream - 98 bytes -> C:\ProgramData\TEMP:17639624
< End of report >
Extras:
OTL Extras logfile created on: 6/9/2011 9:28:43 PM - Run 1
OTL by OldTimer - Version 3.2.23.0 Folder = C:\Users\Tamara\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1.99 Gb Total Physical Memory | 1.03 Gb Available Physical Memory | 51.53% Memory free
4.21 Gb Paging File | 2.65 Gb Available in Paging File | 62.99% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 291.83 Gb Total Space | 175.75 Gb Free Space | 60.22% Space Free | Partition Type: NTFS
Drive D: | 6.26 Gb Total Space | 0.87 Gb Free Space | 13.98% Space Free | Partition Type: NTFS
Drive K: | 1.86 Gb Total Space | 1.70 Gb Free Space | 91.09% Space Free | Partition Type: FAT32
Computer Name: MY-PC | User Name: Tamara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OpenAsAWebSite] -- C:\Program Files\Microsoft WebMatrix\WebMatrix.exe #ExecuteCommand# SiteFromFolder %L (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 1
"AntiVirusOverride" = 1
"FirewallDisableNotify" = 1
"FirewallOverride" = 1
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{A0AF61D9-3042-4B97-AE07-8E3C4B4D3F9F}" = lport=9442 | protocol=17 | dir=in | name=intel® viiv media server discovery |
"{CE6DEE4A-F661-4B4B-B5CA-F6453625B751}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
"{EF3DB2ED-E806-4F72-84C2-CBB4AA919A52}" = lport=1900 | protocol=17 | dir=in | name=intel® viiv media server upnp discovery |
"{FE45D818-4851-4C7F-838E-9B20EBE595C0}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00DEE81B-CD45-4138-A267-79BAC7DCAA69}" = protocol=17 | dir=in | app=c:\program files\juniper\netscreen-remote\cmonapp.exe |
"{06286B84-176F-4DDC-9301-43BEFEE37911}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{0717F2AE-58C7-4797-8705-CFD41269A07B}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{13D437EB-ED42-4088-966B-D7616411B9C5}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgplgtupl.exe |
"{154FC7AE-ABB5-4160-B999-0B2A4A56362E}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{15E6FE3F-E3B3-47F6-A547-A12E64E336B7}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgpc01.exe |
"{16941101-7F2B-4446-8DCD-7DCD8919AC09}" = protocol=6 | dir=in | app=c:\program files\juniper\netscreen-remote\cmonapp.exe |
"{16C5E538-2E78-40B0-900B-B2ECF9ABC5B6}" = protocol=6 | dir=in | app=c:\program files\civilization4.exe |
"{1BDA3D4F-083F-443F-8739-8E2F8272314E}" = dir=in | app=c:\program files\hp connections\6811507\program\hp connections |
"{25372217-71F2-47D5-915D-53C66B7E532A}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{25E1E073-0282-454A-AEF5-4D24324C3F47}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{2BA5E981-F444-4993-95C3-00C4E1C6A58C}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{33AF887F-C5F4-4BC3-8A41-98ED6ABFADA8}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{3A9351EA-CFF7-43CA-9278-5C4895DEC9AF}" = protocol=17 | dir=in | app=c:\program files\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{3A9ABCA6-4D05-4896-A19D-40EBFBD05CBD}" = protocol=6 | dir=in | app=c:\program files\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{42D5136D-C316-4D1B-8804-D0D91C3001DC}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpiscnapp.exe |
"{43C90D98-FE68-4A2E-8737-94CAFF54305A}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{45A4F15B-B706-41DD-9976-80170ACDBBDD}" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{46790047-4CFE-45D0-8E1D-CE7ABFEF713C}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqcopy2.exe |
"{4BD45088-A832-4FF9-A87F-32DF94C40ABA}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{4CD9CB87-05CD-4943-AF37-0174411F1E09}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{52477BE7-12ED-43DA-9F70-B6210C65F7EC}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{616EE67D-D8D1-4C18-A60B-2E70605539B2}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{62B9A7FC-19BD-4087-B36A-7264D361B812}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{66B74225-33DD-4A62-B0EB-8CFB106DCD4A}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpfccopy.exe |
"{698E3B78-AC8D-4CFA-9328-00B05F3D4B42}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hposfx08.exe |
"{6D88740F-92A0-4DBB-85D2-D02781AD84EA}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\smart web printing\smartwebprintexe.exe |
"{708C009A-D06D-47FC-A326-A72BB23632A6}" = protocol=17 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{737D7A08-1210-4111-AA3D-8DA19A0FAC34}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe |
"{739BA119-8330-4CCD-9587-9637F0BCEEE9}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqnrs08.exe |
"{74BF18AF-DEC5-4517-B254-6E1ACB57085E}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{78792A47-51F4-41E8-9AC4-B17622078256}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{79CE4F2B-1FA3-426F-A965-B21A09EEF88B}" = protocol=17 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{7C997FC5-A4DF-491C-BD3C-9AE19ED1CD46}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpofxm08.exe |
"{7EB99517-2B38-445D-A588-541A99BFF8F4}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgh.exe |
"{80EACC51-7933-41F0-BEBD-A59E40966F1D}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{81F0050A-F8D6-4DCF-AC54-5E50AE83C5B9}" = protocol=6 | dir=in | app=c:\program files\juniper\netscreen-remote\ireike.exe |
"{84C5C837-31E2-4D86-826D-4314B8312FE7}" = protocol=6 | dir=in | app=c:\program files\starcraft ii\starcraft ii.exe |
"{85D16A45-54BE-4B01-9D00-19C0B3B18DDF}" = protocol=6 | dir=in | app=c:\program files\hp connections\6811507\program\hp connections.exe |
"{8D6D829B-43EA-470A-A2AB-8A0407948AE8}" = protocol=17 | dir=in | app=c:\program files\civilization4.exe |
"{A4C3AC46-F071-4B1E-B17C-CE79CE303465}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgm.exe |
"{A620986A-87EC-4ED8-B94F-B25173F98FF8}" = protocol=17 | dir=in | app=c:\program files\juniper\netscreen-remote\viewlog.exe |
"{AB83ABF1-1858-40D4-9F1F-04AF80B31493}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{B1713BAF-35CA-466A-8681-0E866C972996}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B4217B05-446C-4BFE-8609-E2B9ECC4AD32}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpoews01.exe |
"{B4BC03BB-5FAB-4259-89B6-EFB1C0EE455E}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqste08.exe |
"{C4BEB658-3D37-4038-8AEE-4F084AEF514F}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{C9279C9F-1914-4FC5-AE63-E1A6D6151CCC}" = protocol=17 | dir=in | app=c:\program files\juniper\netscreen-remote\ireike.exe |
"{CB5C8F58-9BF8-4760-883E-5B1B4C45FF2D}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hposid01.exe |
"{CE6F4D86-F9CB-42F9-9CB6-68D84686722B}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{CED77D9A-2859-4584-A45B-070B404FFE3D}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.0-enus-downloader.exe |
"{D37CA1CC-AE3E-42F4-8DA7-8F024EADC7E4}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqkygrp.exe |
"{D3CDEF08-A324-410D-AB25-FB45E6EC4307}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{DD67D7FD-1945-4A8F-94FB-1A990C5F72C7}" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\starcraft ii.exe |
"{E1322114-ADEC-47AC-85E2-E9D2332F8505}" = protocol=6 | dir=in | app=c:\program files\juniper\netscreen-remote\viewlog.exe |
"{EBF16CE9-8317-423D-B451-DDEDA55AED15}" = protocol=17 | dir=in | app=c:\program files\juniper\netscreen-remote\vpn.exe |
"{F1AADB8E-8B58-4E85-8F7B-DF781B6965ED}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpzwiz01.exe |
"{F32B3E96-E3E9-4952-84E5-C7D17B68E21B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{FA4D3992-8136-4E74-9CBA-FDB31CC6FBF0}" = protocol=6 | dir=in | app=c:\program files\juniper\netscreen-remote\vpn.exe |
"{FC2676CC-08B2-4158-8B61-57BBB1FFABBD}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpofxs08.exe |
"{FE95422C-3743-42FA-8078-E6281DEFE72F}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{07D0DA46-22F0-4815-A015-EA68369ADF06}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{0A210942-E6F0-481D-9702-DAFA30A9B989}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{0F6D634E-8BA9-4506-A2EB-3B5067951B17}C:\program files\starcraft-1153\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft-1153\starcraft\starcraft.exe |
"TCP Query User{129139B5-88C2-416A-B5B4-A99F22C5475A}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{19634A73-A89E-4200-91DB-7E78C2E1840E}C:\program files\starcraft ii beta\versions\base14219\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base14219\sc2.exe |
"TCP Query User{274EA35D-5370-41A6-83FB-E315EAAA2DF5}C:\perflogs\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\perflogs\starcraft\starcraft.exe |
"TCP Query User{318EEE96-7375-4499-ABD8-A455E733F327}C:\program files\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"TCP Query User{3FE7238F-35DD-441F-A1ED-6F43D78AD2AE}C:\perflogs\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe" = protocol=6 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe |
"TCP Query User{47F73C72-AAD6-45D3-9484-CBA914B36251}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{4A50AFBE-42C5-4144-923D-6FD625E10FC9}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{5244937F-2721-4C57-8621-EE28C651361F}C:\users\tamara\desktop\pictures\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\users\tamara\desktop\pictures\limewire\limewire.exe |
"TCP Query User{57E569AC-6813-4C41-8809-35CB7F259647}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe |
"TCP Query User{5CFE1EFC-87E1-4687-9103-9EFE293D8467}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{5ED85274-33E6-4926-B4FE-ADC07BBB448A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{60A20F1F-C58E-4186-BE5C-3659CBF97EA8}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14803\sc2.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14803\sc2.exe |
"TCP Query User{6897CC40-59CE-45D7-9E54-B4D19A2EA9BE}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
"TCP Query User{734D6B25-B433-4C2E-9224-448CC08C06EB}C:\users\tamara\downloads\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\starcraft\starcraft.exe |
"TCP Query User{784BE5DC-53DC-4046-AB03-A0A9EE2B77D9}C:\perflogs\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe |
"TCP Query User{7B1F2BCD-3AF3-42E4-9AF3-8AC7EDB5B211}C:\program files\starcraft shareware(ed)\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft shareware(ed)\starcraft.exe |
"TCP Query User{7BF992C9-12ED-4462-8AA0-CBECC1D168A6}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe |
"TCP Query User{7DEB7A71-0069-4B0E-9BCF-EBA3B66814F0}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{86F79C8F-ED1A-43BE-ABA0-6D7F4F0F4D7F}C:\program files\gamehouse\whatword\whatword.exe" = protocol=6 | dir=in | app=c:\program files\gamehouse\whatword\whatword.exe |
"TCP Query User{8DD68BD3-9527-4FA7-BAE5-936682C95DCB}C:\users\tamara\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\tamara\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{932B1675-13F5-43AC-8BF0-619A93DC1A8D}C:\users\tamara\downloads\starcraft_2_eu_en-gb.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\starcraft_2_eu_en-gb.exe |
"TCP Query User{9DC313A7-84AA-4C91-9A2D-2B60A4FD0255}C:\program files\starcraft ii beta\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"TCP Query User{B50ADD63-158A-467F-836A-744F0301E3B3}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=6 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"TCP Query User{B5B8EF10-E845-40FB-BA3A-6AEEAFE22201}C:\program files\hp games\jeopardy\jeopardy!.exe" = protocol=6 | dir=in | app=c:\program files\hp games\jeopardy\jeopardy!.exe |
"TCP Query User{B759A955-B631-42CF-AB95-4DDE6B2515AF}C:\perflogs\starcraft 2\starcraft ii beta\versions\base15580\sc2.exe" = protocol=6 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\versions\base15580\sc2.exe |
"TCP Query User{B9FD0615-B5CF-4867-9BDD-8D41B9FE038A}C:\perflogs\starcraft 2\starcraft ii beta\starcraft ii.exe" = protocol=6 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\starcraft ii.exe |
"TCP Query User{BB16E8C2-10D2-4892-ADBF-6BE31CC2ED61}C:\program files\starcraft ii beta\versions\base13891\sc2.exe" = protocol=6 | dir=in | app=c:\program files\starcraft ii beta\versions\base13891\sc2.exe |
"TCP Query User{BFD97AD4-B724-404D-8186-A66034B866B1}C:\users\tamara\downloads\utorrent.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\utorrent.exe |
"TCP Query User{C3CE42FA-3CC2-4BCA-985A-3AB4EDE51CC8}C:\perflogs\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe" = protocol=6 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe |
"TCP Query User{C834839F-B6E6-4F52-AE39-CAD8BCE0916E}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\starcraft ii.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\starcraft ii.exe |
"TCP Query User{CA92F4C2-DE67-4B2F-BF1D-ED04D1087219}C:\perflogs\utorrent.exe" = protocol=6 | dir=in | app=c:\perflogs\utorrent.exe |
"TCP Query User{CB207697-EC0A-40E4-A6FD-39270F5ED72D}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe |
"TCP Query User{D395774B-5479-4A56-BC38-FC0B7B99160C}C:\users\tamara\desktop\utorrent.exe" = protocol=6 | dir=in | app=c:\users\tamara\desktop\utorrent.exe |
"TCP Query User{D6F24360-92D8-4C67-A3A9-04D267CFCCAC}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{DFEA96EF-6744-47EE-A281-8862AC188CAC}C:\program files\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"TCP Query User{E98C91E5-352A-4D69-B6F6-07BF7E58BDF9}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe" = protocol=6 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe |
"TCP Query User{EE7355AC-073E-45BF-B4E9-07BE5BB50D78}C:\program files\starcraft shareware(ed)\starcraft.exe" = protocol=6 | dir=in | app=c:\program files\starcraft shareware(ed)\starcraft.exe |
"TCP Query User{F2997359-F62B-4977-ACAC-F4196B6989A3}C:\users\tamara\desktop\pictures\frostwire\frostwire.exe" = protocol=6 | dir=in | app=c:\users\tamara\desktop\pictures\frostwire\frostwire.exe |
"UDP Query User{05DE5EC7-DB8F-4108-9528-B78B0AEEFD57}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0B24FCBB-6C70-4D4E-8288-E7D8017393FF}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe |
"UDP Query User{1889751D-495B-47FD-9A7A-30670A8FF4DC}C:\perflogs\starcraft 2\starcraft ii beta\starcraft ii.exe" = protocol=17 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\starcraft ii.exe |
"UDP Query User{1F7F3E27-D6A6-4BC6-9B22-885F1CB39FA3}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe |
"UDP Query User{24614A4A-97AA-41C1-983F-CDCF34D49347}C:\program files\hp games\jeopardy\jeopardy!.exe" = protocol=17 | dir=in | app=c:\program files\hp games\jeopardy\jeopardy!.exe |
"UDP Query User{25039EE8-5735-4FCD-9ACC-7FDB3FDB59AF}C:\perflogs\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe" = protocol=17 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\versions\base14093\sc2.exe |
"UDP Query User{262360D5-A44B-4073-8B6B-1C48FFD68D77}C:\program files\starcraft shareware(ed)\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft shareware(ed)\starcraft.exe |
"UDP Query User{2E95F22D-5531-4DB4-A67D-9D23FAF9469F}C:\users\tamara\downloads\utorrent.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\utorrent.exe |
"UDP Query User{326B9ABE-9868-4D69-89CE-1FEE108D2F09}C:\perflogs\utorrent.exe" = protocol=17 | dir=in | app=c:\perflogs\utorrent.exe |
"UDP Query User{32E908F8-E522-42FD-A9FE-446F4F7ED12B}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\starcraft ii.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\starcraft ii.exe |
"UDP Query User{453933B8-C934-4C82-8649-A94D961646EA}C:\program files\starcraft-1153\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft-1153\starcraft\starcraft.exe |
"UDP Query User{4B54F997-31AE-4D8C-B94F-B22EDA3A69DA}C:\users\tamara\desktop\utorrent.exe" = protocol=17 | dir=in | app=c:\users\tamara\desktop\utorrent.exe |
"UDP Query User{4ED27D2A-2C29-4C7D-BA34-011CCC179503}C:\perflogs\starcraft 2\starcraft ii beta\versions\base15580\sc2.exe" = protocol=17 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\versions\base15580\sc2.exe |
"UDP Query User{4F6A98F3-BF05-483F-A9D0-AB8A8C7F38B0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{5A3818B6-F744-4607-89D0-DDCBC8D5B86F}C:\users\tamara\downloads\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\starcraft\starcraft.exe |
"UDP Query User{5A91AB44-2179-4949-A018-9BA232E15466}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{6AB719EC-5081-4985-8DF6-AB0E395AACE3}C:\perflogs\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\perflogs\starcraft\starcraft.exe |
"UDP Query User{74045332-999E-4775-A20C-F1B85C9875E6}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{7AEF1390-12CD-4AAD-A867-780C5C62083B}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{7FB1F021-0EDD-44E5-9C1D-F9F752029F23}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{80196D89-6514-40F2-A997-8FE1EA34392E}C:\users\tamara\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\tamara\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{8228B638-52F7-4E86-ACBD-9D0666BD8C07}C:\program files\starcraft ii beta\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\support\blizzarddownloader.exe |
"UDP Query User{977449F4-0D80-4837-9764-3C668155FCC9}C:\program files\starcraft ii\versions\base18574\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18574\sc2.exe |
"UDP Query User{A07AA142-2A00-4558-AB63-7CAF8D926DDD}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14803\sc2.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base14803\sc2.exe |
"UDP Query User{A740C51C-1780-4A64-888A-9EE5E6C013BD}C:\program files\hp games\wheel of fortune\wheel of fortune.exe" = protocol=17 | dir=in | app=c:\program files\hp games\wheel of fortune\wheel of fortune.exe |
"UDP Query User{AD287631-1D80-4718-A762-BCA746B85A1C}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{B2A89861-8369-4355-91F5-58F0CB3C4F46}C:\perflogs\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe" = protocol=17 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe |
"UDP Query User{B7412801-4488-4513-9F0A-EC8C6E347F15}C:\program files\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\launcher.exe |
"UDP Query User{B949EEB8-C89A-4870-97F0-89B9008C89E9}C:\program files\starcraft ii\versions\base18092\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii\versions\base18092\sc2.exe |
"UDP Query User{BD757A21-0567-474F-A8E3-E91F8CB95EE6}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{C30B39D1-D4F4-4C98-8CD2-399E37C44C7C}C:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\starcraft 2\starcraft ii beta\versions\base15449\sc2.exe |
"UDP Query User{D2382738-BC3C-483E-9C2E-B9EBBC9DC202}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{D40928A6-1491-4C73-BD7D-C40A83ECCE27}C:\program files\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft\starcraft.exe |
"UDP Query User{D70153D0-100F-4F6A-81E7-B398565714B1}C:\program files\starcraft ii beta\versions\base14219\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base14219\sc2.exe |
"UDP Query User{D90B0B32-7AAC-48CB-AB5A-5579E950BA76}C:\users\tamara\downloads\starcraft_2_eu_en-gb.exe" = protocol=17 | dir=in | app=c:\users\tamara\downloads\starcraft_2_eu_en-gb.exe |
"UDP Query User{DBD35C31-F349-4371-9A92-47644DE0D2D0}C:\program files\starcraft shareware(ed)\starcraft.exe" = protocol=17 | dir=in | app=c:\program files\starcraft shareware(ed)\starcraft.exe |
"UDP Query User{E23774C9-91CB-4D12-A0AD-226AD92D4D22}C:\program files\gamehouse\whatword\whatword.exe" = protocol=17 | dir=in | app=c:\program files\gamehouse\whatword\whatword.exe |
"UDP Query User{EE271BD1-E902-42B0-92F2-103710770847}C:\program files\starcraft ii beta\versions\base13891\sc2.exe" = protocol=17 | dir=in | app=c:\program files\starcraft ii beta\versions\base13891\sc2.exe |
"UDP Query User{F009A904-75A5-4091-AE95-9610730281DA}C:\users\tamara\desktop\pictures\frostwire\frostwire.exe" = protocol=17 | dir=in | app=c:\users\tamara\desktop\pictures\frostwire\frostwire.exe |
"UDP Query User{F29D1FEB-C404-451E-B528-D2E6DD6EF907}C:\users\tamara\desktop\pictures\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\users\tamara\desktop\pictures\limewire\limewire.exe |
"UDP Query User{F64E1B19-BA88-4E3A-80AD-2C3B421C2FC4}C:\perflogs\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\perflogs\starcraft 2\starcraft ii beta\support\blizzarddownloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08067AFD-4ECE-4454-80B4-31C859D4EDC1}" = F4400
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{20ACB2F8-3BCA-45A8-80A2-9D3CB5C25F43}" = Safari
"{22025051-1991-48EB-8BE8-7A3329DAE7ED}" = IIS 7.5 Express
"{26595B84-25F5-43E2-9696-B1720E813850}" = WZCBDL Service
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 24
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2F141715-E144-48C0-8562-D193B7AB85BC}" = Microsoft SQL Server Compact 4.0 ENU
"{2F931B84-0CEE-11D1-AA7D-0080AD1AC47A}" = NetScreen-Remote
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}" = Microsoft SQL Server VSS Writer
"{47C39E4A-28F2-33B1-B9B7-97F24E52D917}" = Microsoft Help Viewer 1.0
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB6A079-178B-4144-B21F-4D1AE71666A2}" = Microsoft SQL Server 2008 R2 Native Client
"{4C9D82EB-9001-4E59-8F64-0BEEE5F4A30A}" = SQL Server 2008 R2 Database Engine Shared
"{5134B35A-B559-4762-94A4-FD4918977953}" = Microsoft Web Deploy 2.0
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{56EC96C1-1FC1-4188-9A96-8142A2EE694F}" = Pure Networks Platform
"{574157B0-9D84-49d9-B08B-5296638BF5EE}" = 4300_Help
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = SQL Server 2008 R2 Database Engine Services
"{5BDFAB82-060E-438B-AB4F-A2331B2294C0}" = Microsoft ASP.NET MVC 2 - VWD Express 2010 Tools
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}" = Intel® Viiv™ Software
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}" = Microsoft SQL Server 2008 R2 Setup (English)
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{76BB7B2D-748F-4AE9-89C3-78C051833EA1}" = OpenOffice.org 2.0
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{7C8EAD2B-A954-4F73-AAFC-C3EC60D49ADA}" = Microsoft SQL Server 2008 R2 RsFx Driver
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{85076DFF-7A17-3566-9CC0-488E6E6D4494}" = Microsoft Visual Web Developer 2010 Express - ENU
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{93998800-1608-403F-9A51-420A77D23C25}" = Sql Server Customer Experience Improvement Program
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A4D7B764-4140-11D4-88EB-0050DA3579C0}" = Nero - Burning Rom
"{A51500FE-6408-4305-B071-B961F691A4CE}" = Microsoft SQL Server Compact 4.0 Web Tools ENU
"{A6359CCF-215D-43D9-8366-479D231F2A72}" = Belkin Wireless USB Utility
"{A800FCC9-8E1E-4D84-9CED-47870701FDE1}" = HP Deskjet F4400 Printer Driver Software 14.0 Rel. 5
"{A835C187-691C-4827-BCEA-1611179C96B9}" = DJ_AIO_05_F4400_Software_Min
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X (10.0.1)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0B2407C-AA1A-4812-85DA-E833D5BC3E97}" = 4300
"{B338EA45-9F18-4FE4-A079-89668D1F6519}" = USB Wireless Keyboard Driver
"{B3D1CFF9-C5DA-3590-894B-40821DDB67C5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = SQL Server 2008 R2 Database Engine Services
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B83A15A7-2BD5-4416-BC43-AF5F9A4B08A9}" = muvee autoProducer 5.0
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BCF4E5BE-C249-4ED3-BA3B-C4257C743995}" = NIOC Service
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF9BF038-FE03-429D-9B26-2FA0FD756052}" = Microsoft SQL Server Browser
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{CACEA8C8-3D38-4F51-953D-1E6FC3346FEF}" = SQL Server 2008 R2 Common Files
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB6075D9-F912-40AE-BEA6-E590DA24F16B}" = Adobe Photoshop Elements 7.0
"{CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}" = Microsoft Web Platform Installer 3.0
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D10F4E09-E88F-481D-B607-8FE79C4536B7}" = Microsoft WebMatrix
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E1180142-3B31-4DCC-9D27-7AC2D37662BF}" = LightScribe 1.4.124.1
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{E8843212-F0FC-4C3B-BFF3-D51829CB4F19}" = iTunes
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EBEAF45A-58C3-44c8-8714-87909EBD6BC2}" = 4300Trb
"{ED780CA9-0687-3C12-B439-3369F224941F}" = Microsoft Visual Studio 2010 Service Pack 1
"{F021CC0C-21C3-4038-AA4A-6E3CBC669CE8}" = SQL Server 2008 R2 Database Engine Shared
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F94234DB-FD06-42C3-B88D-6FC4DC9F988C}" = HP Easy Setup - Core
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FC835376-FF3B-4CAA-83E0-2148B3FB7C98}" = SQL Server 2008 R2 Common Files
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop Elements 7" = Adobe Photoshop Elements 7.0
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AMVONET" = AMVONET
"Arcade Games_is1" = Arcade Games
"BFGC" = Big Fish Games: Game Manager
"BFG-Zhu Zhu Pets" = Zhu Zhu Pets
"BtcMaestro" = HP USB Multimedia Keyboard Driver V1.1
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"Color Efex Pro 3.0 Wacom Edition 3" = Color Efex Pro 3.0 Wacom Edition 3
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"Digital Editions" = Adobe Digital Editions
"FileZilla Client" = FileZilla Client 3.4.0
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = HP OCR Software 8.0
"HPOOVClient-6811507 Uninstaller" = HP Connections (remove only)
"InstallShield_{26595B84-25F5-43E2-9696-B1720E813850}" = WZCBDL Service
"InstallShield_{A6359CCF-215D-43D9-8366-479D231F2A72}" = Belkin Wireless USB Utility
"InstallShield_{BCF4E5BE-C249-4ED3-BA3B-C4257C743995}" = NIOC Service
"Intel® Configuration Center" = Intel® Viiv™ Software
"Linksys Wireless Manager" = Linksys Wireless Manager
"Math Odyssey Pre-Algebra" = Math Odyssey Pre-Algebra
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 R2
"Microsoft SQL Server 2008 R2" = Microsoft SQL Server 2008 R2
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Web Developer 2010 Express - ENU" = Microsoft Visual Web Developer 2010 Express - ENU
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"NSS" = Norton Security Scan
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Pen Tablet Driver" = Bamboo
"QuickTime32" = QuickTime for Windows (32-bit)
"Shop for HP Supplies" = Shop for HP Supplies
"StarCraft II" = StarCraft II
"TBSB06984.TBSB06984Toolbar" = My Power Mall Toolbar
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WildTangent hp Master Uninstall" = HP Games
"WildTangent hpdesktop Master Uninstall" = My HP Games
"WorldCast_is1" = WorldCast 4.0
"WT016061" = Tornado Jockey
"Xfire" = Xfire (remove only)
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3253985537-1783120850-3274599005-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = Roblox for Tamara
"Google Chrome" = Google Chrome
"UnityWebPlayer" = Unity Web Player
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 3/6/2010 6:15:35 PM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/8/2010 6:22:57 PM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/13/2010 4:46:45 PM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/14/2010 10:50:32 PM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/21/2010 9:36:06 AM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/21/2010 5:50:20 PM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/21/2010 6:16:53 PM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/23/2010 9:54:27 AM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 3/25/2010 12:42:15 PM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
Error - 4/2/2010 7:34:33 AM | Computer Name = My-PC | Source = avast! | ID = 33554522
Description =
[ Application Events ]
Error - 5/7/2011 8:46:09 PM | Computer Name = My-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 5/11/2011 4:51:47 PM | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4127, time
stamp 0x4daf62c6, faulting module ntdll.dll, version 6.0.6002.18327, time stamp
0x4cb73436, exception code 0xc0000005, fault offset 0x00048822, process id 0x27c,
application start time 0x01cc0cb6546d43ea.
Error - 5/11/2011 4:53:42 PM | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4127, time
stamp 0x4daf62c6, faulting module ntdll.dll, version 6.0.6002.18327, time stamp
0x4cb73436, exception code 0xc0000005, fault offset 0x00048822, process id 0x1320,
application start time 0x01cc101d5987cd4a.
Error - 5/12/2011 8:47:45 AM | Computer Name = My-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.2.4127 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: c5c Start Time: 01cc101db619ec0a Termination Time: 192
Error - 5/12/2011 6:22:13 PM | Computer Name = My-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 5/13/2011 2:00:49 AM | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Faulting application MHotkey.exe, version 3.0.0.12, time stamp 0x00000000,
faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436, exception
code 0xc0000008, fault offset 0x0007442c, process id 0x11f8, application start time
0x01cc10f3292fb700.
Error - 5/18/2011 8:22:33 AM | Computer Name = My-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 5/18/2011 10:19:53 PM | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Faulting application MHotkey.exe, version 3.0.0.12, time stamp 0x00000000,
faulting module ntdll.dll, version 6.0.6002.18327, time stamp 0x4cb73436, exception
code 0xc0000008, fault offset 0x00074548, process id 0x11fc, application start time
0x01cc1556edd86343.
Error - 5/23/2011 12:07:34 PM | Computer Name = My-PC | Source = Application Error | ID = 1000
Description = Faulting application plugin-container.exe, version 1.9.2.4127, time
stamp 0x4daf62c6, faulting module ntdll.dll, version 6.0.6002.18327, time stamp
0x4cb73436, exception code 0xc0000005, fault offset 0x00048822, process id 0x1fcc,
application start time 0x01cc17036dd46ac0.
Error - 5/26/2011 7:55:07 AM | Computer Name = My-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
[ Media Center Events ]
Error - 5/30/2008 1:33:14 PM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/2/2008 9:20:34 PM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/7/2008 10:43:25 PM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 6/8/2008 6:42:16 AM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 7/17/2008 6:22:01 PM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 8/28/2008 5:54:29 AM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 12/2/2008 2:53:13 AM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 2/3/2009 2:52:30 AM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 9/5/2009 4:08:13 PM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 9/6/2009 4:08:11 PM | Computer Name = Tamara-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
[ System Events ]
Error - 6/7/2011 2:55:06 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.184 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 2:56:14 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.206 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 3:00:34 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.86 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 3:48:20 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.118 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 3:50:09 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.156 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 3:53:11 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.75 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 3:53:15 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 0.0.0.0 for the Network Card with network address
001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a
DHCPNACK message).
Error - 6/7/2011 4:21:19 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.139 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 4:25:07 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.137 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
Error - 6/7/2011 4:25:31 PM | Computer Name = My-PC | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.189 for the Network Card with network
address 001EE5E96C91 has been denied by the DHCP server 0.0.0.0 (The DHCP Server
sent a DHCPNACK message).
< End of report >