I scanned with OldTimer.. Here is the report.
OTL logfile created on: 11/14/2011 6:03:11 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Krys\Documents
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.21 Mb Total Physical Memory | 282.74 Mb Available Physical Memory | 27.91% Memory free
2.24 Gb Paging File | 1.21 Gb Available in Paging File | 54.02% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 161.61 Gb Free Space | 56.11% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.93 Gb Free Space | 59.26% Space Free | Partition Type: NTFS
Computer Name: RACHEL-PC | User Name: Krys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Krys\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
PRC - C:\Users\Krys\Documents\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (Trend Micro Inc.)
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
PRC - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
PRC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
PRC - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Trend Micro Inc.)
PRC - C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe (Trend Micro Inc.)
PRC - C:\Windows\System32\Wacom_Tablet.exe (Wacom Technology, Corp.)
PRC - C:\Windows\System32\WTablet\Wacom_TabletUser.exe (Wacom Technology, Corp.)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lxcgcoms.exe ( )
PRC - C:\Windows\sttray.exe (SigmaTel, Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\ppgooglenaclpluginchrome.dll ()
MOD - C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll ()
MOD - C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\avutil-51.dll ()
MOD - C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\avformat-53.dll ()
MOD - C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\avcodec-53.dll ()
MOD - C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll ()
MOD - C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll ()
MOD - C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll ()
MOD - C:\Windows\System32\igfxTMM.dll ()
MOD - C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll ()
========== Win32 Services (SafeList) ==========
SRV - (WUSB54GCSVC) -- File not found
SRV - (Nero BackItUp Scheduler 4.0) -- File not found
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_dac4cfd.dll ()
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (WDFME) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
SRV - (WDSC) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
SRV - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV - (Amsp) -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.)
SRV - (BITCOMET_HELPER_SERVICE) -- C:\Program Files\BitComet\tools\BitCometService.exe (www.BitComet.com)
SRV - (SwitchBoard) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (TabletServiceWacom) -- C:\Windows\System32\Wacom_Tablet.exe (Wacom Technology, Corp.)
SRV - (FlipShare Service) -- C:\Program Files\Pure Digital Technologies\FlipShare\FlipShareService.exe ()
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxcg_device) -- C:\Windows\System32\lxcgcoms.exe ( )
========== Driver Services (SafeList) ==========
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (tmcomm) -- C:\Windows\System32\drivers\tmcomm.sys (Trend Micro Inc.)
DRV - (tmtdi) -- C:\Windows\System32\drivers\tmtdi.sys (Trend Micro Inc.)
DRV - (tmactmon) -- C:\Windows\System32\drivers\tmactmon.sys (Trend Micro Inc.)
DRV - (tmevtmgr) -- C:\Windows\System32\drivers\tmevtmgr.sys (Trend Micro Inc.)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM) -- C:\Windows\System32\drivers\sscdserd.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (wacmoumonitor) -- C:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV - (wacomvhid) -- C:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV - (mcdbus) -- C:\Windows\System32\drivers\mcdbus.sys (MagicISO, Inc.)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)
DRV - (e1express) Intel® -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation)
DRV - (netr73) -- C:\Windows\System32\drivers\WUSB54GCx86.sys (Ralink Technology Inc.)
DRV - (wacommousefilter) -- C:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (RT73) -- C:\Windows\System32\drivers\rt73.sys (Ralink Technology, Corp.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {E38FA08E-F56A-4169-ABF5-5C71E3C153A1} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:8118
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Krys\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Krys\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/01/25 17:02:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2011/07/29 18:41:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1504\6.6.1088\firefoxextension\ [2011/10/18 00:51:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Pale Moon 4.0.5\extensions\\Components: C:\Program Files\Pale Moon\components [2011/05/29 07:56:58 | 000,000,000 | ---D | M]
[2011/05/24 00:15:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krys\AppData\Roaming\Mozilla\Extensions
[2009/08/13 02:28:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krys\AppData\Roaming\Mozilla\Extensions\[email protected]
[2009/12/22 09:35:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Krys\AppData\Roaming\Mozilla\Extensions\[email protected]
[2011/05/24 00:16:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/16 13:59:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/08/11 18:45:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2009/07/25 16:09:53 | 000,000,000 | ---D | M] (The Browser Highlighter) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
() (No name found) -- C:\PROGRAM FILES\PALE MOON\EXTENSIONS\[email protected]
() (No name found) -- C:\USERS\KRYS\APPDATA\ROAMING\MOONCHILD PRODUCTIONS\PALE MOON\PROFILES\V2BHUXJY.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
() (No name found) -- C:\USERS\KRYS\APPDATA\ROAMING\MOONCHILD PRODUCTIONS\PALE MOON\PROFILES\V2BHUXJY.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2008/01/23 01:20:30 | 000,491,520 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.5.5 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.210.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U21 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Krys\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Krys\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Pencil Sketch = C:\Users\Krys\AppData\Local\Google\Chrome\User Data\Default\Extensions\khoppfeapecnfbjkbibiljlffnhlpndk\1.0_1\
O1 HOSTS File: ([2010/08/31 08:04:57 | 000,267,620 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 123topsearch.com
O1 - Hosts: 127.0.0.1 www.123topsearch.com
O1 - Hosts: 127.0.0.1 132.com
O1 - Hosts: 127.0.0.1 www.132.com
O1 - Hosts: 127.0.0.1 www.136136.net
O1 - Hosts: 9268 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O2 - BHO: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll (Conduit Ltd.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\tbIMVU.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files\IMVU_Inc\tbIMVU.dll (Conduit Ltd.)
O4 - HKLM..\Run: [LXCGCATS] C:\Windows\System32\spool\DRIVERS\W32X86\3\LXCGtime.DLL ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Krys\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.liv...m/quickadd.aspx File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Krys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 207.69.188.186 207.69.188.187
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{50969399-80B4-4BE1-AB4C-F2AC5D83C094}: DhcpNameServer = 207.69.188.186 207.69.188.187
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C071FBFD-221E-4267-9783-53DDF7E1FDD0}: DhcpNameServer = 207.69.188.186 207.69.188.187
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DAE306B5-4F4F-404B-BF2B-2A92E380DE00}: DhcpNameServer = 207.69.188.186 207.69.188.187
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FC52BE0F-9194-4836-ABD9-EA04F0146207}: DhcpNameServer = 207.69.188.186 207.69.188.187
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1504\6.6.1088\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmtbim {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll (Trend Micro Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Krys\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Krys\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O27 - HKLM IFEO\acrord32.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\bitcomet.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\flipshare.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\switchboard.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0504f7dc-0ac3-11df-8f52-001676bab78f}\Shell - "" = AutoRun
O33 - MountPoints2\{0504f7dc-0ac3-11df-8f52-001676bab78f}\Shell\AutoRun\command - "" = F:\install.exe
O33 - MountPoints2\{3a0c3afe-d133-11dd-90b5-0018f82ce1e4}\Shell\AutoRun\command - "" = J:\Setup_FlipShare.exe
O33 - MountPoints2\{3a0c3afe-d133-11dd-90b5-0018f82ce1e4}\Shell\Setup FlipShare\command - "" = J:\Setup_FlipShare.exe
O33 - MountPoints2\{a424ca50-0ac7-11df-9d1b-001676bab78f}\Shell - "" = AutoRun
O33 - MountPoints2\{a424ca50-0ac7-11df-9d1b-001676bab78f}\Shell\AutoRun\command - "" = G:\install.exe
O33 - MountPoints2\{a424cb1b-0ac7-11df-9d1b-001676bab78f}\Shell - "" = AutoRun
O33 - MountPoints2\{a424cb1b-0ac7-11df-9d1b-001676bab78f}\Shell\AutoRun\command - "" = H:\kichiku_r_setup.exe
O33 - MountPoints2\{a424cb1b-0ac7-11df-9d1b-001676bab78f}\Shell\checker\command - "" = H:\TEST\CHECKER.exe
O33 - MountPoints2\{a424cb1b-0ac7-11df-9d1b-001676bab78f}\Shell\dstest\command - "" = H:\TEST\DSTEST.exe
O33 - MountPoints2\{a424cbb7-0ac7-11df-9d1b-001676bab78f}\Shell - "" = AutoRun
O33 - MountPoints2\{a424cbb7-0ac7-11df-9d1b-001676bab78f}\Shell\AutoRun\command - "" = I:\kichiku_r_setup.exe
O33 - MountPoints2\{a424cbb7-0ac7-11df-9d1b-001676bab78f}\Shell\checker\command - "" = I:\TEST\CHECKER.exe
O33 - MountPoints2\{a424cbb7-0ac7-11df-9d1b-001676bab78f}\Shell\dstest\command - "" = I:\TEST\DSTEST.exe
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Setup_FlipShare.exe
O33 - MountPoints2\F\Shell\Setup FlipShare\command - "" = F:\Setup_FlipShare.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011/11/14 17:00:54 | 000,000,000 | ---D | C] -- C:\Users\Krys\Documents\PaintTool SAI English Pack
[2011/11/14 16:29:55 | 000,000,000 | ---D | C] -- C:\Users\Krys\AppData\Local\Western_Digital
[2011/11/14 16:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Western Digital
[2011/11/14 16:24:34 | 000,000,000 | ---D | C] -- C:\Program Files\Western Digital
[2011/11/14 16:24:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD SmartWare
[2011/11/14 16:06:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Cached Installations
[2011/11/14 15:48:29 | 000,000,000 | ---D | C] -- C:\Users\Krys\AppData\Local\Western Digital
[2011/11/09 20:54:47 | 000,000,000 | ---D | C] -- C:\Users\Krys\AppData\Local\Akamai
[2011/11/08 21:15:46 | 000,000,000 | ---D | C] -- C:\Users\Krys\AppData\Local\Sony
[2011/11/08 21:15:06 | 000,000,000 | ---D | C] -- C:\Users\Krys\Podcasts
[2011/11/08 21:15:05 | 000,000,000 | ---D | C] -- C:\Users\Krys\Documents\Media Go
[2011/11/08 21:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
[2011/11/08 21:14:00 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Sony Shared
[2011/11/08 21:12:48 | 000,000,000 | ---D | C] -- C:\Users\Krys\AppData\Local\Downloaded Installations
[2011/11/08 21:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2011/11/08 21:12:24 | 000,000,000 | ---D | C] -- C:\Program Files\Sony
[2011/11/08 21:07:08 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Media Go Install
[2011/11/08 21:07:08 | 000,000,000 | ---D | C] -- C:\Users\Krys\AppData\Roaming\Sony
[2011/11/07 21:33:07 | 000,031,552 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011/11/07 21:33:06 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011/11/07 21:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2011/11/07 21:32:09 | 000,000,000 | ---D | C] -- C:\Users\Krys\AppData\Roaming\TuneUp Software
[2011/11/07 21:31:05 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2012
[2011/11/07 21:29:47 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011/11/07 21:29:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011/11/07 21:13:35 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Krys\Documents\OTL.exe
[2011/11/07 20:07:00 | 000,000,000 | ---D | C] -- C:\Users\Krys\Documents\Websites update
[2011/10/16 03:37:19 | 000,000,000 | ---D | C] -- C:\Users\Krys\Documents\Manga
[2009/07/10 17:14:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcgserv.dll
[2009/07/10 17:14:58 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\lxcgusb1.dll
[2009/07/10 17:14:58 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcgpmui.dll
[2009/07/10 17:14:58 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcglmpm.dll
[2009/07/10 17:14:58 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcginpa.dll
[2009/07/10 17:14:58 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcgiesc.dll
[2009/07/10 17:14:58 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcgih.exe
[2009/07/10 17:14:58 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\lxcghcp.dll
[2009/07/10 17:14:58 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcgprox.dll
[2009/07/10 17:14:58 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcgpplc.dll
[2009/07/10 17:14:57 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\lxcghbn3.dll
[2009/07/10 17:14:57 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomc.dll
[2009/07/10 17:14:57 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcgcoms.exe
[2009/07/10 17:14:57 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcgcomm.dll
[2009/07/10 17:14:57 | 000,381,872 | ---- | C] ( ) -- C:\Windows\System32\lxcgcfg.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011/11/14 18:02:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1806840690-3249109373-4186218742-1001UA.job
[2011/11/14 18:00:06 | 000,000,440 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2011/11/14 17:59:33 | 000,002,080 | ---- | M] () -- C:\Users\Krys\Desktop\Google Chrome.lnk
[2011/11/14 17:59:33 | 000,002,042 | ---- | M] () -- C:\Users\Krys\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/14 17:56:42 | 000,627,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/14 17:56:42 | 000,111,468 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/14 17:53:29 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1806840690-3249109373-4186218742-1001Core.job
[2011/11/14 17:51:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 17:51:12 | 000,003,664 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 17:51:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 17:50:59 | 1063,182,336 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/14 16:26:59 | 000,001,183 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2011/11/14 16:18:08 | 000,000,224 | ---- | M] () -- C:\Windows\System32\9B13A86D.plf
[2011/11/14 15:58:20 | 000,088,576 | ---- | M] () -- C:\Users\Krys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/13 23:05:25 | 000,002,337 | ---- | M] () -- C:\Users\Krys\Desktop\Skype.lnk
[2011/11/08 21:14:04 | 000,001,724 | ---- | M] () -- C:\Users\Public\Desktop\Media Go.lnk
[2011/11/07 21:33:00 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011/11/07 21:13:31 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Krys\Documents\OTL.exe
[2011/11/07 21:05:43 | 003,628,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/02 20:29:26 | 000,031,552 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2011/11/02 20:29:08 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2011/10/16 03:17:00 | 000,001,136 | ---- | M] () -- C:\Users\Krys\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011/11/14 16:26:59 | 000,001,183 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk
[2011/11/14 16:18:08 | 000,000,224 | ---- | C] () -- C:\Windows\System32\9B13A86D.plf
[2011/11/14 16:11:17 | 000,000,440 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2011/11/08 21:14:04 | 000,001,724 | ---- | C] () -- C:\Users\Public\Desktop\Media Go.lnk
[2011/11/07 21:33:00 | 000,001,825 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2012.lnk
[2011/11/07 21:32:58 | 000,001,837 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2011/10/16 03:17:00 | 000,001,136 | ---- | C] () -- C:\Users\Krys\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk
[2010/08/31 09:09:42 | 000,000,132 | ---- | C] () -- C:\Users\Krys\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010/05/18 19:34:45 | 000,000,036 | ---- | C] () -- C:\Users\Krys\AppData\Local\housecall.guid.cache
[2010/05/03 13:20:31 | 000,000,065 | ---- | C] () -- C:\Windows\FISHUI.INI
[2010/01/26 23:02:54 | 000,151,560 | ---- | C] () -- C:\Windows\System32\SARCheck.dll
[2010/01/26 22:42:07 | 015,163,218 | ---- | C] () -- C:\Program Files\cg1.npa
[2010/01/26 22:42:07 | 001,781,561 | ---- | C] () -- C:\Program Files\nss.npa
[2010/01/26 22:42:07 | 000,964,664 | ---- | C] () -- C:\Program Files\voice1.npa
[2010/01/26 22:42:07 | 000,001,459 | ---- | C] () -- C:\Program Files\system.npa
[2009/12/22 02:17:08 | 000,000,680 | ---- | C] () -- C:\Users\Krys\AppData\Local\d3d9caps.dat
[2009/09/16 17:10:14 | 000,003,153 | ---- | C] () -- C:\Windows\dhstatus.dat
[2009/08/21 10:54:40 | 000,000,112 | ---- | C] () -- C:\Windows\wininit.ini
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/07/10 17:14:58 | 000,274,432 | ---- | C] () -- C:\Windows\System32\lxcginst.dll
[2009/04/16 17:58:20 | 000,056,880 | ---- | C] () -- C:\Windows\System32\scvideo.dll
[2009/04/01 14:54:59 | 000,081,984 | ---- | C] () -- C:\Windows\System32\bdod.bin
[2009/03/27 20:40:36 | 000,007,259 | ---- | C] () -- C:\ProgramData\N360BUOptions.ini
[2009/03/21 16:16:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/03/18 11:37:41 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009/03/18 11:37:38 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009/03/18 11:37:38 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009/03/18 11:37:36 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/12/16 16:22:50 | 000,061,678 | ---- | C] () -- C:\Users\Krys\AppData\Roaming\PFP120JPR.{PB
[2008/12/16 16:22:50 | 000,012,358 | ---- | C] () -- C:\Users\Krys\AppData\Roaming\PFP120JCM.{PB
[2008/11/15 20:16:28 | 000,094,208 | ---- | C] () -- C:\Windows\System32\GTW32N50.dll
[2008/11/03 12:23:11 | 000,000,025 | ---- | C] () -- C:\Windows\EPCX6000.ini
[2008/10/29 15:58:45 | 000,088,576 | ---- | C] () -- C:\Users\Krys\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/27 02:02:11 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/10/27 02:02:11 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/10/19 01:54:24 | 000,073,220 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2008/10/19 01:54:24 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2008/10/19 01:54:24 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2008/10/19 01:54:24 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2008/10/19 01:54:24 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2008/10/19 01:54:24 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2008/10/19 01:54:24 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2008/10/19 01:54:24 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2008/10/19 01:54:24 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2008/10/19 01:54:24 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2008/10/19 01:54:24 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2008/10/19 01:54:24 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2008/10/19 01:54:24 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2008/10/19 01:54:24 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2008/10/19 01:54:24 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2008/10/19 01:54:24 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2008/10/18 21:58:15 | 000,003,638 | ---- | C] () -- C:\Windows\checkip.dat
[2008/09/19 16:57:34 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2008/01/02 15:57:36 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/01/02 15:47:22 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/01/02 15:47:22 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/01/02 15:47:22 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2007/02/22 17:32:00 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcgcoin.dll
[2006/12/12 10:13:50 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2006/12/12 09:48:16 | 000,467,264 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2006/12/12 09:04:00 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/12/12 09:02:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2006/12/12 09:01:48 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 003,628,632 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,627,088 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,111,468 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/08/25 03:31:13 | 000,001,361 | ---- | C] () -- C:\Windows\System32\WLAN.INI
[2005/08/18 05:26:46 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcgvs.dll
[2005/03/13 13:32:14 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcgcnv4.dll
[1999/07/06 19:00:00 | 000,000,006 | RHS- | C] () -- C:\ProgramData\D81EDBF9-D167-4011-B77D-211DF920EB80
========== LOP Check ==========
[2009/10/12 17:50:43 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\acccore
[2011/02/16 20:55:18 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Amazon
[2010/11/27 23:24:54 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\AVG
[2010/11/27 22:57:05 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\AVG10
[2011/10/10 17:54:37 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Barnes & Noble
[2011/10/05 12:51:07 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\BitComet
[2009/08/21 09:24:40 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\blinkx
[2010/01/26 16:43:26 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\DAEMON Tools Lite
[2010/05/03 13:50:21 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\DataCast
[2011/05/29 07:13:40 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\DriverCure
[2008/10/29 06:08:08 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\EPSON
[2009/11/17 16:49:54 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\EuroTalk
[2010/04/07 12:59:50 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\FrostWire
[2008/10/19 01:59:57 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Furnarchy2
[2011/05/24 01:37:05 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\GlarySoft
[2011/10/04 16:15:14 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\IMVU
[2011/02/09 22:16:25 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\IMVUClient
[2010/09/30 05:47:45 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\ManyCam
[2011/04/19 10:33:25 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Moonchild Productions
[2009/01/24 12:16:31 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\NCH Swift Sound
[2010/01/26 23:12:54 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\NitroplusCHiRAL
[2009/05/21 20:04:44 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\ooVoo Details
[2009/06/25 05:13:23 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Opera
[2011/05/29 07:13:39 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\ParetoLogic
[2010/08/12 02:30:20 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Smith Micro
[2011/11/08 21:15:00 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Sony
[2009/03/08 21:07:55 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\SYSTEMAX Software Development
[2011/07/02 15:45:53 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Trillian
[2011/11/07 21:32:09 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\TuneUp Software
[2010/11/30 01:52:21 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Uniblue
[2010/04/06 03:47:47 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Vivox
[2009/11/16 21:31:22 | 000,000,000 | ---D | M] -- C:\Users\Krys\AppData\Roaming\Windows Live Writer
[2011/11/14 18:00:06 | 000,000,440 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2011/11/14 17:45:53 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >
OTL Extras logfile created on: 11/14/2011 6:03:11 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Krys\Documents
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
1013.21 Mb Total Physical Memory | 282.74 Mb Available Physical Memory | 27.91% Memory free
2.24 Gb Paging File | 1.21 Gb Available in Paging File | 54.02% Paging File free
Paging file location(s): ?:\pagefile.sys
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.04 Gb Total Space | 161.61 Gb Free Space | 56.11% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 5.93 Gb Free Space | 59.26% Space Free | Partition Type: NTFS
Computer Name: RACHEL-PC | User Name: Krys | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02ECD784-0E6F-4F08-AA3C-4A7ECAB72CC3}" = lport=37675 | protocol=17 | dir=in | name=oovoo udp port 37675 |
"{207BF50D-FC1A-4BE7-AE01-C43C201B4D03}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{21BE1C50-DB2B-46BF-B697-93B6A296062F}" = lport=2869 | protocol=6 | dir=in | app=system |
"{24182424-D848-4F71-AF59-C168C22DCF1E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{26E27986-BD19-4EEF-9231-31C64F7CD4D9}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2BCC5D82-4174-481B-81FF-EBE215BDAF52}" = rport=10244 | protocol=6 | dir=out | app=system |
"{3161687B-E13A-476E-8759-AE97CD37B1D3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31CF08C7-5E31-4F99-8237-9151B7ED7F72}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38358D64-E9CC-470D-A8A2-3CF4D2588704}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{3C8B3643-0BDA-44D0-BD0C-9DA939B27B81}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{40BF795D-B387-4858-AA57-F6327A9C0F07}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{54F5C215-E388-4C2B-B2DF-9FB4A94DEBDD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{5502695E-86C4-46FE-96A3-A985CCEA2D00}" = rport=2869 | protocol=6 | dir=out | app=system |
"{577130DE-D6B0-4ADB-B2E9-94162FDF7937}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58DD7815-3536-4650-9AD5-7497A73D3EBC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6102524C-BA31-4DED-8F88-8D5A2FF06215}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{62FA37FA-C019-4ECE-ABC9-26D1E019F10B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6D6D6805-85A8-4A43-AB1C-DF9D4DE5EB95}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{6F08A12B-51F9-4660-BA55-29D9D9238708}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{73FFBC54-764D-4589-AD30-397D52D21117}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{85EB7D52-F7F2-4F38-AEB3-D80AEA07BB65}" = lport=3390 | protocol=6 | dir=in | app=system |
"{8F22FB8C-76D7-4947-8735-508143BA4D3B}" = lport=10244 | protocol=6 | dir=in | app=system |
"{9052F42C-75F6-4D90-B9D8-7A2165F3EA55}" = lport=3390 | protocol=6 | dir=in | app=system |
"{9AF66ECF-C96C-4122-89D9-16B5C72FE8D6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9CC0BE3A-E2DE-445B-B0B8-215A033C60C5}" = lport=10244 | protocol=6 | dir=in | app=system |
"{AEDD6D32-A605-4BE5-9A50-2DFDD889A5F0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AFD6FCA9-E205-4DDA-AB4A-5C9BFD2E871E}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B3A2CCA9-072E-4129-91B2-8192E9199A46}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B8D5E152-F2F5-46AB-814A-62CFFAABEE48}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{DBB18656-80D7-4B47-9466-E8806AFCDDFC}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{DF6F9313-CC2B-496D-A5E7-FEF440D6138A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E4C17DC4-C47A-4E21-9948-30A7F0F611C9}" = rport=10244 | protocol=6 | dir=out | app=system |
"{E7526F79-6843-44F9-9D70-AD41081C5395}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EC0A629A-5B60-4CE3-A5EC-F089428966B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F2CAF477-5152-45F0-87D1-0759448AFA1E}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F9F2DFAB-0D4E-4EE2-BB36-E4E12F0BC04C}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FA437D0A-C50B-40D8-BC0B-5E23B667FE5C}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{FAEC846B-5745-4070-9537-5DA13B3C28ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013CE074-7118-4B90-84DF-0812D94CA996}" = protocol=6 | dir=in | app=c:\program files\compact wireless-g usb adapter wireless network monitor\invokesvc2.exe |
"{04AF9681-5C5F-4D40-BC69-7DA73773B249}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe |
"{08BC3098-3F84-4383-92AE-4FB4D3645064}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{0968F5BA-E0E2-412A-94E4-DD4D14FC24BE}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{0FC31434-571A-4834-AC3B-F72C11809B0B}" = protocol=58 | dir=in | [email protected],-148 |
"{11F556E5-514F-4B6A-9066-F5B38E3C1974}" = protocol=17 | dir=in | app=c:\users\krys\appdata\local\akamai\netsession_win.exe |
"{136CE146-A29E-4DBA-91A4-71991032962E}" = protocol=6 | dir=out | app=system |
"{19D26592-7ACE-46EA-8127-DB758BD4EB76}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E48613C-3334-472B-A6A5-E564131FFB65}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{37B16281-A385-4012-975A-CBAE92111A44}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"{3E2C1167-8F26-4863-B9F7-7A9EDC97C998}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{3EBF4431-A055-4A34-B087-B6099475306C}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{4948A4D2-D51C-4659-8D81-727DF565CA9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{4A335FBB-2EB1-4A86-9D69-1B0A936DB8A7}" = protocol=17 | dir=in | app=c:\program files\compact wireless-g usb adapter wireless network monitor\invokesvc2.exe |
"{4EF0206A-880F-4F7F-9290-77E3569DBA99}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{4FC8C024-9740-482E-AD36-9704078ED3D3}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{5C62B995-D2DC-4016-B472-D42F250A00D8}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{5D13B8CC-B6A6-4F96-8222-85BE10A082F3}" = protocol=6 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{60EE2D10-C569-4D2F-8428-D96EDF5D0AF0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{6BE3B63D-E9B8-4DE0-A711-5C07B2419CF6}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{7AB711DF-7333-43C7-A5F6-5F71DD84F31E}" = protocol=17 | dir=in | app=c:\windows\system32\lxcgcoms.exe |
"{890C7894-0AE8-405F-A548-AB52CB958A1F}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{92EA8B29-8E5B-4033-B082-01B74AAD085C}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{9532AB5D-F7C3-4277-89FF-AF6DC0087618}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{99881661-A1E5-4405-8C78-1154971CE98B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{A4CCB120-F150-4F7F-AC24-BCAB544953E5}" = protocol=6 | dir=in | app=c:\users\krys\appdata\local\akamai\netsession_win.exe |
"{AC3550E3-3488-4FD9-B159-1BEB26807EED}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{AE967BA1-8E6B-4AF9-8236-891BC48ADAE1}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{B0EBDA42-4666-4594-8169-81629E678FDA}" = protocol=6 | dir=in | app=c:\windows\system32\msra.exe |
"{B1BDAE4C-7FB1-4E90-B009-752C09DA1F46}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\lxcgpswx.exe |
"{BD9F63A9-6D19-42F4-BD58-73F68D14F576}" = protocol=6 | dir=out | app=c:\windows\system32\msra.exe |
"{BECC9013-D68D-4D96-A4FE-1B0DD98111A1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{C6EC6872-8C95-4802-89CD-BDEAAD698F28}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E12DDB8A-3477-432B-B8D4-38AA4EA5A167}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{E18B4DF5-6CDC-4910-800B-32B821199A08}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{E5D21F74-F7F9-40F2-BD54-4F61FC6038BA}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{E7F7DFBE-5472-4AF9-B8FA-214091629A6D}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{E8BE394E-DFC5-4AC8-8F2A-5193A460DE84}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{F7059309-03E0-4FB7-AD00-C5EB87AB6F08}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"{FD76561E-93DA-415A-8AAE-AAC480CF8E58}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"TCP Query User{1B1F7728-EB7B-468A-9CB8-E4DCE63E47C6}C:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe |
"TCP Query User{415BAA23-2467-4703-9F0F-0F7CFC530C8F}C:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe |
"TCP Query User{806BED99-D11F-4C3C-8BB1-6E4AABC9C309}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"TCP Query User{816E6713-81A7-4FBC-A496-7F89F81B70CF}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{965969B7-F250-424D-9EFF-6EFA4C5B8952}C:\users\krys\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\krys\appdata\local\akamai\netsession_win.exe |
"TCP Query User{B5857691-0011-4FE6-ADF7-F0B63764103D}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{FC1CA0CD-2BC0-4834-9F19-5219164ED11C}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{105B02E9-4E24-412E-9DEA-49167E9EEC3F}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"UDP Query User{7C2513B3-7BF9-49E0-B90E-D611D9D11795}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{9773E391-A5BB-42B4-AFE4-3C26499A79A7}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{9F88AB0E-585C-4AE3-9D36-ACB0E62C16D2}C:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe |
"UDP Query User{CE7088FE-7669-4CF0-AEF0-619E6AADDFAD}C:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\krys\appdata\roaming\imvuclient\1vivoxvoice.exe |
"UDP Query User{EAA2B343-76B9-4986-979C-67A7DC053A40}C:\users\krys\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\krys\appdata\local\akamai\netsession_win.exe |
"UDP Query User{ED6B30CC-346F-4334-92AE-06C4C1794DC3}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.0+ (r484)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08DEC21F-F7E5-46F9-81D1-3ED30BD3AEC9}" = CASIO USB Driver V1.2.2474.0623
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation®Store
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{167A1F6A-9BF2-4B24-83DB-C6D659F680EA}" = Media Go
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 21
"{2764CA82-DFB9-4498-AF85-719340BF5305}" = Dell Resource CD
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{341201D4-4F61-4ADB-987E-9CCE4D83A58D}" = Windows Live Toolbar Extension (Windows Live Toolbar)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{531447F3-0BEB-408C-818F-AE0F31144C62}" = Livestream Procaster
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D51C5DC-3604-4C3B-981B-309340755447}" = Pantech Handset Driver
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7732DA71-2FB6-5C99-D0D9-58A2DB360895}" = FlipShare
"{7745B7A9-F323-4BB9-9811-01BF57A028DA}" = Map Button (Windows Live Toolbar)
"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites for Windows Live Toolbar
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5C4AD72-25FE-4899-B6DF-6D8DF63C93CF}" = Highlight Viewer (Windows Live Toolbar)
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A95A76C9-6F65-477E-83A0-9F884B6DC21B}" = TuneUp Utilities Language Pack (en-US)
"{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro Titanium Maximum Security
"{ABBD4BA9-6703-40D2-AB1E-5BB1F7DB49A4}" = Trend Micro™ Titanium™ Maximum Security
"{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation®Network Downloader
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"{F004C3DF-05BA-48AA-98E4-22A7F686AD1F}" = 咎狗の血
"{F084395C-40FB-4DB3-981C-B51E74E1E83D}" = Smart Menus (Windows Live Toolbar)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F855C3AE-992D-4B84-A09D-07103CDCDAC2}" = Compact Wireless-G USB Adapter
"{FDF64A37-4842-48CD-A424-2C38444D36FD}" = LG Android Drivers
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM_7" = AIM 7
"Akamai" = Akamai NetSession Interface Service
"BitComet" = BitComet 1.28
"BN_DesktopReader" = NOOK for PC
"CleanUp!" = CleanUp!
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"conduitEngine" = Conduit Engine
"Furcadia" = Furcadia
"HDMI" = Intel® Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"IMVU_Inc Toolbar" = IMVU Inc Toolbar
"InstallShield_{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.7.0 (Full)
"Lexmark 2300 Series" = Lexmark 2300 Series
"ManyCam" = ManyCam 2.5.74 (remove only)
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Pale Moon 4.0.5 (x86 en-US)" = Pale Moon 4.0.5 (x86 en-US)
"Perfect Uninstaller_is1" = Perfect Uninstaller v6.3.3.9
"Quick Startup_is1" = Quick Startup 2.8.0.718
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"Wacom Tablet Driver" = Wacom Tablet
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WavePad" = WavePad Sound Editor
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Amazon Kindle" = Amazon Kindle
"Google Chrome" = Google Chrome
"IMVU Avatar chat client software BETA" = IMVU Avatar Chat Software
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 12/23/2009 1:11:22 AM | Computer Name = Rachel-PC | Source = Application Error | ID = 1000
Description = Faulting application winamp.exe, version 5.5.7.2810, time stamp 0x4b2f0bcd,
faulting module pmp_p4s.dll, version 0.0.0.0, time stamp 0x4b2f0bda, exception
code 0xc0000005, fault offset 0x000017d3, process id 0xd98, application start time
0x01ca8387a892b704.
Error - 12/24/2009 5:26:44 PM | Computer Name = Rachel-PC | Source = Application Error | ID = 1000
Description = Faulting application furc_on.exe, version 2.7.2.0, time stamp 0x49f4bf36,
faulting module furc_on.exe, version 2.7.2.0, time stamp 0x49f4bf36, exception
code 0xc0000005, fault offset 0x0004e5fc, process id 0x10e8, application start time
0x01ca837d96849154.
Error - 12/26/2009 12:46:11 AM | Computer Name = Rachel-PC | Source = Application Error | ID = 1000
Description = Faulting application furc_on.exe, version 2.7.2.0, time stamp 0x49f4bf36,
faulting module furc_on.exe, version 2.7.2.0, time stamp 0x49f4bf36, exception
code 0xc0000005, fault offset 0x0004e5fc, process id 0xfd4, application start time
0x01ca8507653a8bf4.
Error - 12/26/2009 12:54:07 AM | Computer Name = Rachel-PC | Source = Application Error | ID = 1000
Description = Faulting application furc_on.exe, version 2.7.2.0, time stamp 0x49f4bf36,
faulting module furc_on.exe, version 2.7.2.0, time stamp 0x49f4bf36, exception
code 0xc0000005, fault offset 0x0004e5fc, process id 0x1884, application start time
0x01ca85e665f1686c.
Error - 12/26/2009 5:50:22 AM | Computer Name = Rachel-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 12/26/2009 5:50:22 AM | Computer Name = Rachel-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 12/26/2009 5:50:23 AM | Computer Name = Rachel-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 12/26/2009 5:50:23 AM | Computer Name = Rachel-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 12/26/2009 2:19:08 PM | Computer Name = Rachel-PC | Source = WindowsLiveMessenger | ID = 15728647
Description =
Error - 12/29/2009 1:33:37 AM | Computer Name = Rachel-PC | Source = Application Hang | ID = 1002
Description = The program firefox.exe version 1.9.1.3622 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1acc Start Time: 01ca884831dc3b60 Termination Time: 4
[ Media Center Events ]
Error - 6/27/2009 2:41:03 AM | Computer Name = Rachel-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 8/16/2009 12:07:16 AM | Computer Name = Rachel-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 8/25/2009 11:45:40 PM | Computer Name = Rachel-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 9/5/2009 11:42:46 PM | Computer Name = Rachel-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 9/8/2009 11:42:46 PM | Computer Name = Rachel-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 9/11/2009 11:42:58 PM | Computer Name = Rachel-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 9/14/2009 11:42:48 PM | Computer Name = Rachel-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 9/14/2009 11:56:56 PM | Computer Name = Rachel-PC | Source = Mcx2Dvcs | ID = 401
Description =
Error - 9/15/2009 12:14:26 AM | Computer Name = Rachel-PC | Source = Mcx2Prov | ID = 505
Description =
Error - 9/15/2009 12:14:26 AM | Computer Name = Rachel-PC | Source = Mcx2Dvcs | ID = 405
Description =
[ System Events ]
Error - 11/8/2011 12:05:04 AM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 11/9/2011 9:54:17 PM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 11/9/2011 9:56:55 PM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 11/11/2011 1:07:51 AM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 11/12/2011 12:13:54 AM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 11/14/2011 6:16:54 PM | Computer Name = Rachel-PC | Source = HTTP | ID = 15016
Description =
Error - 11/14/2011 6:17:25 PM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 11/14/2011 6:51:07 PM | Computer Name = Rachel-PC | Source = HTTP | ID = 15016
Description =
Error - 11/14/2011 6:52:00 PM | Computer Name = Rachel-PC | Source = Service Control Manager | ID = 7023
Description =
Error - 11/14/2011 6:52:37 PM | Computer Name = Rachel-PC | Source = ipnathlp | ID = 31004
Description = The DNS proxy agent was unable to allocate 0 bytes of memory. This
may indicate that the system is low on virtual memory, or that the memory manager
has encountered an internal error.
< End of report >