Thanks for getting back. The request to reinstall KB2556532 does not happen anymore. I just get the "unable to update windows" error. Computer is very slow though. Here's the info you wanted.
OTL logfile created on: 3/26/2012 7:49:58 PM - Run 2
OTL by OldTimer - Version 3.2.37.1 Folder = C:\Users\abaray\Documents\Adya writings
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.99 Gb Total Physical Memory | 4.22 Gb Available Physical Memory | 70.52% Memory free
12.09 Gb Paging File | 10.32 Gb Available in Paging File | 85.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 586.37 Gb Total Space | 265.61 Gb Free Space | 45.30% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.30 Gb Free Space | 33.82% Space Free | Partition Type: NTFS
Drive K: | 189.92 Gb Total Space | 142.31 Gb Free Space | 74.93% Space Free | Partition Type: NTFS
Computer Name: ABARAY-PC | User Name: abaray | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Processes (SafeList) ========== PRC - [2012/03/15 22:21:44 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\abaray\Documents\Adya writings\OTL.exe
PRC - [2012/02/19 21:15:13 | 000,250,016 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11f_ActiveX.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/01/08 23:01:58 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\janice\Real Player\Update\realsched.exe
PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/08/12 18:13:26 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2011/06/06 15:55:32 | 002,903,448 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
PRC - [2010/11/17 16:50:08 | 000,304,496 | ---- | M] (Juniper Networks) -- C:\Users\abaray\AppData\Roaming\Juniper Networks\Cache Cleaner 6.5.0\dsCacheCleaner.exe
PRC - [2010/11/09 08:31:00 | 000,497,008 | ---- | M] (Juniper Networks) -- C:\Users\abaray\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV:
64bit: - [2011/08/27 15:16:32 | 000,094,992 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Program Files\janice\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:
64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:
64bit: - [2006/08/04 20:48:30 | 000,410,624 | ---- | M] (Conexant Systems, Inc.) [Disabled | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/12 18:13:26 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/06/26 13:17:39 | 000,655,624 | ---- | M] (Acresso Software Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/25 09:22:56 | 000,245,760 | ---- | M] (Brother Industries, Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/25 22:23:58 | 000,894,976 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2007/05/17 17:45:33 | 000,443,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
========== Driver Services (SafeList) ========== DRV:
64bit: - File not found [Kernel | On_Demand | Stopped] -- c:\program files\dell support center\pcdsrvc_x64.pkms -- (PCDSRVC{1E208CE0-FB7451FF-06020101}_0)
DRV:
64bit: - [2011/10/07 06:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64)
DRV:
64bit: - [2011/09/13 06:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64)
DRV:
64bit: - [2011/08/27 15:16:30 | 000,156,288 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Program Files\janice\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:
64bit: - [2011/08/08 06:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64)
DRV:
64bit: - [2011/07/11 01:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia)
DRV:
64bit: - [2011/07/11 01:13:56 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter)
DRV:
64bit: - [2011/07/11 01:13:54 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV:
64bit: - [2011/07/11 01:13:52 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver)
DRV:
64bit: - [2010/06/25 16:08:56 | 000,036,928 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\htcnprot.sys -- (htcnprot)
DRV:
64bit: - [2010/03/23 02:53:01 | 001,020,192 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ae1000va.sys -- (AE1000)
DRV:
64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:
64bit: - [2009/06/10 00:46:06 | 000,031,744 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:
64bit: - [2009/05/20 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:
64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2009/04/11 01:43:06 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usb8023x.sys -- (usb_rndisx)
DRV:
64bit: - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\mcdbus.sys -- (mcdbus)
DRV:
64bit: - [2008/05/05 05:31:38 | 000,313,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel®
DRV:
64bit: - [2008/02/11 20:48:28 | 007,709,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:
64bit: - [2008/01/20 22:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:
64bit: - [2007/04/10 17:46:36 | 002,105,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\VX3000.sys -- (VX3000)
DRV:
64bit: - [2006/11/02 03:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
DRV:
64bit: - [2006/10/18 14:33:34 | 001,513,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DPV.sys -- (HSF_DPV)
DRV:
64bit: - [2006/10/18 14:31:18 | 000,403,456 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:
64bit: - [2006/10/18 14:30:10 | 000,731,648 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:
64bit: - [2006/08/04 20:42:48 | 000,009,728 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:
64bit: - [2006/06/19 17:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2098/01/01 00:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010/11/16 22:38:26 | 000,000,000 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysWow64\null -- (Null)
DRV - [2009/02/24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [1999/09/10 07:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\aspi32.sys -- (Aspi32)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.comIE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.dell.comIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..\URLSearchHook: {32b29df0-2237-4370-9a29-37cebb730e9b} - No CLSID value found
IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..\SearchScopes\{D1294947-28FA-4E5E-8BD6-A70A5B6E74EC}: "URL" =
http://search.imgag....q={searchTerms}IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..\SearchScopes\{E0A8B7B0-6697-47F5-9D8B-8362D0B740B3}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\janice\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\janice\Real Player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\janice\Real Player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\janice\Real Player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\abaray\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/02/01 10:24:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011/07/10 18:37:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/03/15 19:47:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\abaray\AppData\Roaming\Move Networks [2010/01/17 20:57:18 | 000,000,000 | ---D | M]
[2010/10/03 16:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\abaray\AppData\Roaming\Mozilla\Extensions
[2010/10/03 16:12:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\abaray\AppData\Roaming\Mozilla\Extensions\
[email protected] ========== Chrome ========== CHR - default_search_provider: Live Search ()
CHR - default_search_provider: search_url =
http://search.live.c...Box&Form=IE8SRCCHR - default_search_provider: suggest_url =
O1 HOSTS File: ([2011/07/10 17:59:53 | 000,002,048 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
O1 - Hosts: 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 1 more lines...
O2:
64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files (x86)\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:
64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:
64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\janice\Real Player\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1461265785-473199823-4216479891-1000..\Run: [Cache Cleaner] C:\Users\abaray\AppData\Roaming\Juniper Networks\Cache Cleaner 6.5.0\dsCacheCleaner.exe (Juniper Networks)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:
64bit: - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:
64bit: - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..Trusted Domains: real.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..Trusted Domains: real.com ([rhapreg] https in Trusted sites)
O15 - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..Trusted Domains: rhapsody.com ([rhap-app-4-0] https in Trusted sites)
O15 - HKU\S-1-5-21-1461265785-473199823-4216479891-1000\..Trusted Domains: rhapsody.com ([rhapreg] https in Trusted sites)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089}
http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6}
http://support.dell....r/SysProExe.CAB (WMI Class)
O16 - DPF: {67DDCD98-1120-47C3-B47E-A4E6820A571F}
http://www.pbworldne...ts/intranet.CAB (intranet.download)
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C}
http://www.facebook....ls/contactx.dll (ContactExtractor Class)
O16 - DPF: {7FA319FB-FFB9-4089-87EB-63179244E6E6}
https://portal.pbwor...e/NetDirect.cab (NetDirect)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Value error.)
O16 - DPF: {A2505C6C-6F17-456F-89D2-4301FBDC6EC7}
https://portal.pbwor...ble/iewiper.cab (Iewiper Control)
O16 - DPF: {B80CD4E6-5B02-4B6C-99BE-68F1511E9549}
http://plugin.slingb...SlingPlayer.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F}
https://sra.dot.gov/...SetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.17.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{751D71A9-A55B-4D39-869E-2C4C774FD8E6}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{821B4844-FE6E-4185-9DFF-38DCB8462C5A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0E67F9D-14BB-4545-B65C-1917540C6939}: DhcpNameServer = 192.168.17.1
O18:
64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:
64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:
64bit: - Protocol\Handler\livecall - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:
64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:
64bit: - Protocol\Handler\msnim - No CLSID value found
O18:
64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:
64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:
64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img33.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img33.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 90 Days ========== [2012/03/26 19:13:13 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/03/24 17:31:52 | 000,000,000 | ---D | C] -- C:\Users\abaray\Documents\TRowe Price
[2012/03/18 19:21:06 | 000,000,000 | ---D | C] -- C:\ProgramData\YouTube Downloader
[2012/03/18 19:21:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Downloader
[2012/03/18 14:02:05 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Roaming\AVG
[2012/03/18 14:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2012/03/15 21:54:24 | 000,139,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/15 21:54:24 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/15 21:54:24 | 000,135,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/15 21:45:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/14 18:35:23 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Local\ElevatedDiagnostics
[2012/03/03 16:32:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rhapsody
[2012/03/03 16:21:27 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SanDisk
[2012/03/03 16:21:01 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Roaming\SanDisk
[2012/02/27 12:49:47 | 000,000,000 | ---D | C] -- C:\Users\abaray\Documents\taxes
[2012/02/21 22:45:32 | 000,000,000 | ---D | C] -- C:\Users\abaray\Documents\P90X
[2012/02/19 21:15:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012/02/10 21:13:38 | 000,000,000 | ---D | C] -- C:\Users\abaray\Documents\My Kindle Content
[2012/02/10 21:13:27 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
[2012/02/10 21:13:23 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Local\Amazon
[2012/01/27 14:44:55 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Roaming\aignes
[2012/01/23 21:15:28 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012/01/23 21:15:26 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012/01/23 21:15:26 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012/01/23 21:15:22 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012/01/23 21:15:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012/01/23 21:15:22 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012/01/23 21:15:22 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012/01/23 21:15:21 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2012/01/23 21:15:21 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
[2012/01/23 21:15:21 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
[2012/01/23 21:15:21 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
[2012/01/23 21:15:21 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
[2012/01/23 21:15:20 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012/01/23 21:13:42 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012/01/23 21:13:42 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012/01/09 20:36:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/01/09 20:28:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/01/08 23:02:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Real
[2012/01/08 23:02:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012/01/08 23:02:12 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/01/08 23:02:03 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/01/08 23:02:03 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/01/08 23:02:02 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/01/08 23:02:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real
[2012/01/05 20:09:07 | 000,000,000 | ---D | C] -- C:\Users\abaray\AppData\Local\Htc
[2012/01/02 14:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2012/01/02 14:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2012/01/02 14:13:25 | 000,000,000 | ---D | C] -- C:\Users\abaray\Documents\Kids T giving 2011
[2012/01/02 13:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Second Life Viewer
[2011/12/28 23:44:50 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/12/28 23:22:20 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/28 23:22:20 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/28 23:22:20 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/28 23:22:20 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/28 23:22:20 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/28 23:22:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/28 23:22:19 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/28 23:22:19 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/28 23:22:19 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/28 23:22:19 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/28 23:22:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/28 23:22:19 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/28 23:22:19 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/28 23:22:19 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/28 23:22:19 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/28 23:22:19 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/28 23:22:19 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/28 23:22:18 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/28 23:22:18 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/28 23:22:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/28 23:22:18 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/28 23:22:18 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/28 23:22:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/28 23:22:18 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/28 23:22:18 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/28 23:22:18 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/28 23:22:18 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/28 23:22:18 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/28 23:22:17 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/28 23:22:17 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/28 23:22:17 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/28 23:22:17 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/28 23:22:17 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/28 23:22:16 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/28 23:22:16 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/28 23:22:16 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/28 23:22:16 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/28 23:22:16 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/28 23:22:16 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/28 23:22:16 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/28 23:22:16 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/28 23:22:16 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/28 23:22:16 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/28 23:22:16 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/28 23:22:16 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/28 23:22:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/28 23:22:16 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/28 23:22:15 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/28 23:22:15 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/28 23:22:15 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/28 23:22:15 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/28 23:22:15 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/28 23:22:15 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/28 23:22:15 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/28 23:22:15 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/28 23:22:15 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/28 23:22:15 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/28 23:22:15 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/28 23:22:15 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/28 23:22:15 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/28 23:22:15 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/28 23:22:15 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/28 23:22:15 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/28 23:22:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/28 23:22:15 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/28 23:22:15 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/28 23:22:14 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/28 23:22:14 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/28 23:22:14 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/28 23:22:14 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/28 23:22:14 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/28 23:22:14 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/28 23:22:14 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/28 23:22:14 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
========== Files - Modified Within 90 Days ========== [2012/03/26 19:44:16 | 000,002,635 | ---- | M] () -- C:\Users\abaray\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2012/03/26 19:35:25 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/26 19:34:05 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/26 19:34:05 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/26 19:33:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/26 19:29:39 | 000,775,474 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/26 19:29:39 | 000,643,524 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/26 19:29:39 | 000,119,716 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/26 19:22:03 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/26 19:05:39 | 092,755,299 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/03/25 18:07:48 | 000,002,593 | ---- | M] () -- C:\Users\abaray\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2012/03/22 21:06:57 | 000,870,128 | ---- | M] () -- C:\Users\abaray\AppData\Roaming\mcs.rma
[2012/03/22 21:06:57 | 000,000,004 | ---- | M] () -- C:\Users\abaray\AppData\Roaming\426ECC
[2012/03/18 19:42:00 | 000,039,424 | ---- | M] () -- C:\Users\abaray\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/18 19:39:46 | 000,000,903 | ---- | M] () -- C:\Users\Public\Desktop\Prism Video File Converter.lnk
[2012/03/18 19:21:03 | 000,001,034 | ---- | M] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2012/03/18 18:04:22 | 000,255,912 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/03/18 14:01:00 | 000,000,939 | ---- | M] () -- C:\Users\abaray\Desktop\AVG PC Tuneup 2011.lnk
[2012/03/15 21:54:08 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/15 21:45:26 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/15 21:07:05 | 000,754,944 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/03/03 16:34:15 | 000,000,859 | ---- | M] () -- C:\Users\abaray\Application Data\Microsoft\Internet Explorer\Quick Launch\Rhapsody.lnk
[2012/03/03 16:34:15 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\Rhapsody.lnk
[2012/02/19 21:15:13 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/02/11 23:36:23 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2012/02/11 22:44:04 | 000,232,101 | ---- | M] () -- C:\Users\abaray\Documents\me2.jpg
[2012/02/11 22:43:17 | 003,166,258 | ---- | M] () -- C:\Users\abaray\Documents\me.pdf
[2012/02/10 21:15:34 | 000,002,025 | ---- | M] () -- C:\Users\abaray\Desktop\Kindle.lnk
[2012/02/01 10:24:08 | 000,000,834 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/01/30 23:31:48 | 001,454,342 | ---- | M] () -- C:\Users\abaray\Documents\Cowgirl Emma.avi
[2012/01/30 23:31:18 | 004,037,455 | ---- | M] () -- C:\Users\abaray\Documents\Cowgirl Emma.wmv
[2012/01/30 23:27:53 | 001,494,496 | ---- | M] () -- C:\Users\abaray\Documents\Cowgirl Emma.MOV
[2012/01/28 23:35:10 | 000,000,902 | ---- | M] () -- C:\Users\abaray\Desktop\magicJack.lnk
[2012/01/28 22:10:39 | 000,921,624 | ---- | M] () -- C:\img2-001.raw
[2012/01/09 20:28:50 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/01/09 14:26:21 | 000,086,950 | ---- | M] () -- C:\Users\abaray\Documents\BreathworkersTrainingFlier2012.pdf
[2012/01/08 23:02:32 | 000,000,891 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/01/08 23:02:12 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll
[2012/01/08 23:02:03 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll
[2012/01/08 23:02:03 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll
[2012/01/08 23:02:02 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012/01/08 22:40:44 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012/01/05 21:49:37 | 000,010,421 | ---- | M] () -- C:\Users\abaray\AppData\Roaming\Comma Separated Values (Windows).CAL
[2012/01/05 20:08:26 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2012/01/02 14:22:33 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2012/01/01 15:13:30 | 000,000,930 | ---- | M] () -- C:\Users\abaray\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk
[2011/12/31 17:58:53 | 000,036,631 | ---- | M] () -- C:\Users\abaray\Documents\Final product made on computer.pdf
[2011/12/31 17:52:31 | 000,211,719 | ---- | M] () -- C:\Users\abaray\Documents\Hand sketch to start.pdf
[2011/12/31 17:51:08 | 000,002,709 | ---- | M] () -- C:\Users\abaray\.recently-used.xbel
[2011/12/28 23:22:31 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011/12/28 23:22:31 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2011/12/28 23:22:31 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011/12/28 23:22:31 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2011/12/28 23:22:20 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/12/28 23:22:20 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2011/12/28 23:22:20 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/12/28 23:22:20 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2011/12/28 23:22:20 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2011/12/28 23:22:20 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2011/12/28 23:22:19 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2011/12/28 23:22:19 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/12/28 23:22:19 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2011/12/28 23:22:19 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/12/28 23:22:19 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011/12/28 23:22:19 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/12/28 23:22:19 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/12/28 23:22:19 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/28 23:22:19 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2011/12/28 23:22:19 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2011/12/28 23:22:19 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/12/28 23:22:19 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/12/28 23:22:18 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011/12/28 23:22:18 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2011/12/28 23:22:18 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2011/12/28 23:22:18 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2011/12/28 23:22:18 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2011/12/28 23:22:18 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/12/28 23:22:18 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/12/28 23:22:18 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2011/12/28 23:22:18 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2011/12/28 23:22:18 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/12/28 23:22:18 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2011/12/28 23:22:17 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2011/12/28 23:22:17 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/12/28 23:22:17 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\advpack.dll
[2011/12/28 23:22:17 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2011/12/28 23:22:17 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/12/28 23:22:16 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011/12/28 23:22:16 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011/12/28 23:22:16 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2011/12/28 23:22:16 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2011/12/28 23:22:16 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2011/12/28 23:22:16 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2011/12/28 23:22:16 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/12/28 23:22:16 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\advpack.dll
[2011/12/28 23:22:16 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2011/12/28 23:22:16 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2011/12/28 23:22:16 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2011/12/28 23:22:16 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2011/12/28 23:22:16 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2011/12/28 23:22:16 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/12/28 23:22:15 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2011/12/28 23:22:15 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/12/28 23:22:15 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2011/12/28 23:22:15 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2011/12/28 23:22:15 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/12/28 23:22:15 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2011/12/28 23:22:15 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/12/28 23:22:15 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011/12/28 23:22:15 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2011/12/28 23:22:15 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/12/28 23:22:15 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2011/12/28 23:22:15 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2011/12/28 23:22:15 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/12/28 23:22:15 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/12/28 23:22:15 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2011/12/28 23:22:15 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2011/12/28 23:22:15 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/28 23:22:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2011/12/28 23:22:15 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/12/28 23:22:15 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/12/28 23:22:14 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/12/28 23:22:14 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2011/12/28 23:22:14 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/12/28 23:22:14 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2011/12/28 23:22:14 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2011/12/28 23:22:14 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/12/28 23:22:14 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/12/28 23:22:14 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
========== Files Created - No Company Name ========== [2012/03/18 19:21:03 | 000,001,034 | ---- | C] () -- C:\Users\Public\Desktop\YouTube Downloader.lnk
[2012/03/18 14:01:00 | 000,000,939 | ---- | C] () -- C:\Users\abaray\Desktop\AVG PC Tuneup 2011.lnk
[2012/03/15 21:45:26 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/03 16:37:44 | 000,870,128 | ---- | C] () -- C:\Users\abaray\AppData\Roaming\mcs.rma
[2012/03/03 16:37:44 | 000,000,004 | ---- | C] () -- C:\Users\abaray\AppData\Roaming\426ECC
[2012/03/03 16:34:15 | 000,000,859 | ---- | C] () -- C:\Users\abaray\Application Data\Microsoft\Internet Explorer\Quick Launch\Rhapsody.lnk
[2012/03/03 16:32:03 | 000,000,841 | ---- | C] () -- C:\Users\Public\Desktop\Rhapsody.lnk
[2012/02/11 22:44:04 | 000,232,101 | ---- | C] () -- C:\Users\abaray\Documents\me2.jpg
[2012/02/11 22:43:17 | 003,166,258 | ---- | C] () -- C:\Users\abaray\Documents\me.pdf
[2012/02/10 21:13:31 | 000,002,025 | ---- | C] () -- C:\Users\abaray\Desktop\Kindle.lnk
[2012/01/30 23:31:42 | 001,454,342 | ---- | C] () -- C:\Users\abaray\Documents\Cowgirl Emma.avi
[2012/01/30 23:31:09 | 004,037,455 | ---- | C] () -- C:\Users\abaray\Documents\Cowgirl Emma.wmv
[2012/01/30 23:27:53 | 001,494,496 | ---- | C] () -- C:\Users\abaray\Documents\Cowgirl Emma.MOV
[2012/01/28 23:34:19 | 000,000,902 | ---- | C] () -- C:\Users\abaray\Desktop\magicJack.lnk
[2012/01/09 20:28:50 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/01/09 14:26:20 | 000,086,950 | ---- | C] () -- C:\Users\abaray\Documents\BreathworkersTrainingFlier2012.pdf
[2012/01/08 23:02:32 | 000,000,891 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012/01/05 20:08:26 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\HTC Sync.lnk
[2012/01/02 14:22:33 | 000,000,943 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
[2012/01/02 14:22:33 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\VideoPad Video Editor.lnk
[2012/01/02 14:22:04 | 000,000,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Video File Converter.lnk
[2012/01/02 14:22:04 | 000,000,903 | ---- | C] () -- C:\Users\Public\Desktop\Prism Video File Converter.lnk
[2012/01/02 13:52:25 | 000,001,037 | ---- | C] () -- C:\Users\Public\Desktop\Second Life Viewer.lnk
[2011/12/31 17:51:31 | 000,211,719 | ---- | C] () -- C:\Users\abaray\Documents\Hand sketch to start.pdf
[2011/12/31 17:51:08 | 000,002,709 | ---- | C] () -- C:\Users\abaray\.recently-used.xbel
[2011/12/31 17:49:14 | 000,036,631 | ---- | C] () -- C:\Users\abaray\Documents\Final product made on computer.pdf
[2011/12/28 23:22:19 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011/12/28 23:22:15 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011/12/18 17:31:02 | 000,165,888 | ---- | C] () -- C:\Windows\hpoins31.dat
[2011/11/13 22:47:10 | 000,003,037 | ---- | C] () -- C:\Users\abaray\AppData\Roaming\SAS7_000.DAT
[2011/03/15 21:31:43 | 000,001,963 | ---- | C] () -- C:\Windows\CDMaster.ini
[2011/02/11 20:24:04 | 000,029,516 | ---- | C] () -- C:\Users\abaray\AppData\Roaming\UserTile.png
[2011/01/11 12:44:47 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2011/01/11 12:44:45 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2010/12/18 13:11:15 | 000,077,406 | ---- | C] () -- C:\Windows\hpqins05.dat
[2010/12/17 11:41:59 | 000,001,970 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2010/11/08 13:04:21 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2010/11/08 13:03:52 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2010/11/08 13:03:22 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2010/11/05 17:08:45 | 000,010,421 | ---- | C] () -- C:\Users\abaray\AppData\Roaming\Comma Separated Values (Windows).CAL
[2010/09/17 15:51:04 | 000,000,680 | ---- | C] () -- C:\Users\abaray\AppData\Local\d3d9caps.dat
[2010/08/11 13:43:46 | 000,124,264 | R--- | C] () -- C:\Windows\SysWow64\mp3dec.dll
[2010/08/11 13:43:46 | 000,081,920 | R--- | C] () -- C:\Windows\SysWow64\dsp_trc.dll
[2010/08/11 13:43:46 | 000,010,600 | R--- | C] () -- C:\Windows\SysWow64\IcdSptSvps.dll
[2010/06/17 21:46:28 | 000,038,433 | ---- | C] () -- C:\Users\abaray\AppData\Roaming\Comma Separated Values (Windows).ADR
[2010/05/24 15:33:00 | 004,670,829 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2010/05/24 15:33:00 | 001,529,856 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2010/05/24 15:33:00 | 001,447,921 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2010/05/24 15:33:00 | 000,877,385 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2010/05/24 15:33:00 | 000,336,384 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2010/05/24 15:33:00 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010/05/24 15:33:00 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2010/05/24 15:33:00 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2010/05/24 15:33:00 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2010/05/24 15:33:00 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010/05/24 15:33:00 | 000,139,944 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010/05/24 15:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2010/05/24 15:33:00 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2010/05/24 15:33:00 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/05/24 15:33:00 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2010/05/24 15:33:00 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2010/05/19 16:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2010/05/19 16:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2010/05/19 16:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2010/05/19 16:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2010/05/19 16:58:24 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2010/05/19 16:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2010/05/19 16:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2010/05/19 16:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2010/05/19 16:57:38 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2010/05/19 16:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010/05/19 16:57:20 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2010/05/19 16:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2010/05/19 16:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2010/05/12 11:58:17 | 000,754,944 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== LOP Check ========== [2010/01/30 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Acoustica
[2012/01/27 14:44:55 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\aignes
[2011/08/27 11:44:48 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Audacity
[2012/03/18 14:35:08 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\AVG
[2011/12/13 21:01:05 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\AVG2012
[2010/08/07 12:14:20 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\BitZipper
[2010/04/05 18:43:18 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Canneverbe Limited
[2010/10/27 11:38:05 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/05/11 19:34:17 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Dropbox
[2011/12/09 23:05:44 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\DVDVideoSoft
[2011/12/09 23:05:39 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/08/09 18:09:41 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\FileZilla
[2011/07/25 10:12:21 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Free Sound Recorder
[2010/12/24 13:19:32 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\GetRightToGo
[2011/08/11 22:21:51 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\GrabPro
[2011/12/31 19:59:16 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\gtk-2.0
[2012/01/05 20:09:41 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\HTC
[2011/08/13 16:06:23 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2011/12/14 21:36:36 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\IObit
[2012/03/23 18:10:38 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Juniper Networks
[2011/11/26 10:41:09 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\LimeWire
[2012/01/28 23:35:14 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\mjusbsp
[2011/06/18 20:43:30 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\MyPhoneExplorer
[2010/12/31 12:59:22 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\NCH Swift Sound
[2008/12/28 19:33:29 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\NoteCable
[2011/11/26 18:03:36 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Nuance
[2011/08/28 13:11:40 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Orbit
[2011/06/06 21:31:09 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Outlook
[2008/12/25 10:54:38 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\OverDrive
[2011/05/24 19:32:34 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\PCDr
[2011/02/11 20:24:04 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\PeerNetworking
[2010/12/24 12:40:17 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Power Sound Editor Free
[2011/08/11 22:21:57 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\ProgSense
[2012/03/03 16:21:01 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\SanDisk
[2010/06/20 21:30:27 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\SecondLife
[2011/11/26 18:53:11 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Simply Super Software
[2011/07/25 17:08:00 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Sonarca Sound Recorder Free
[2011/08/28 14:29:27 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\SynthMaker
[2008/11/28 13:27:59 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Template
[2010/09/08 13:25:43 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\Toon Boom Animation
[2012/03/24 13:06:08 | 000,000,000 | ---D | M] -- C:\Users\abaray\AppData\Roaming\uTorrent
[2011/06/05 23:33:46 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\IObit
[2011/06/05 23:33:46 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\IObit
[2012/03/26 19:34:02 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 02:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 03:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 22:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 02:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 01:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 22:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 22:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/01/20 22:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/20 22:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/20 22:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 22:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/20 22:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 22:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 22:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 22:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: WINLOGON.EXE >[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 03:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 22:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 22:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >"DisplayName" = NETBT
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = This service implements NetBios over TCP/IP.
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 87
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
"DhcpNodeType" = 8
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{751D71A9-A55B-4D39-869E-2C4C774FD8E6}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{821B4844-FE6E-4185-9DFF-38DCB8462C5A}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{A0E67F9D-14BB-4545-B65C-1917540C6939}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 06 01 04 01 02 01 07 01 08 01 05 01 00 01 03 01 01 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 8
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1
< hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2011/12/28 23:22:19 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2011/12/28 23:22:19 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2011/12/28 23:22:19 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/12/28 23:22:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/12/28 23:22:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/12/28 23:22:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/12/28 23:22:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/12/28 23:22:15 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/12/28 23:22:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/12/28 23:22:20 | 000,748,336 | ---- | M] (Microsoft Corporation)
< C:\Windows\assembly\tmp\U\*.* /s > < C:\Program Files\Common Files\ComObjects\*.* /s > < %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > < >C:\commands.txt echo list vol /raw /hide /c > < /wait >Invalid Switch: wait
< >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c > < /wait >Invalid Switch: wait
< type c:\diskreport.txt /c >Microsoft DiskPart version 6.0.6002
Copyright © 1999-2007 Microsoft Corporation.
On computer: ABARAY-PC
Microsoft DiskPart syntax:
diskpart [/s <script>] [/?]
/s <script> - Use a DiskPart script.
/? - Show this help screen.
< /wait >Invalid Switch: wait
< erase c:\commands.txt /hide /c > < /wait >Invalid Switch: wait
< erase c:\diskreport.txt /hide /c > ========== Alternate Data Streams ========== @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:0FF263E8
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0B4227B4
< End of report >
---------------------
OTL Extras logfile created on: 3/26/2012 7:49:58 PM - Run 2
OTL by OldTimer - Version 3.2.37.1 Folder = C:\Users\abaray\Documents\Adya writings
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.99 Gb Total Physical Memory | 4.22 Gb Available Physical Memory | 70.52% Memory free
12.09 Gb Paging File | 10.32 Gb Available in Paging File | 85.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 586.37 Gb Total Space | 265.61 Gb Free Space | 45.30% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 3.30 Gb Free Space | 33.82% Space Free | Partition Type: NTFS
Drive K: | 189.92 Gb Total Space | 142.31 Gb Free Space | 74.93% Space Free | Partition Type: NTFS
Computer Name: ABARAY-PC | User Name: abaray | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1461265785-473199823-4216479891-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = C1 87 5A 24 6C 7F CB 01 [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0C2C062A-3ABE-4AA3-BA12-62BC7F53B23D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1D550267-96D0-404B-A632-E29CAA2C9A0E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{21C01D6D-8F02-47FC-8036-F06760B7AD57}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{21C6DD6F-4687-48FE-81CA-A262C84D3487}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{2905AD36-2611-40D6-878C-2F43266D07CC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{459E9627-A9D0-4D42-8BBB-BA1718865E33}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4C7F345E-EB33-4916-80F7-ABE73493180F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{60F15527-EC19-4710-9636-0C6504647CFC}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{62114BF8-E43A-48D4-B9CE-9B1C60097F39}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{84B39A9D-4BD4-44FC-99B1-F9B23C2E9564}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{850A6488-65F1-4CE9-8BF8-9AE98A288B6D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E6A3AC2D-196C-4589-9C5A-C58EDA524C0F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AD9979E-04D4-47CF-ADB1-106E874624BE}" = dir=in | app=c:\program files (x86)\janice\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{1536D880-436C-488C-BF9E-2F7B307D3750}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1F2B59B3-21BA-4302-A2D4-114733DE23C0}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{257CB50D-D55D-44DB-9CD6-7C3F562C445F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{31B8C962-CA05-4F94-A402-65AFAC85F2AE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{331502AD-D1B9-474F-91E7-0D3DEC705306}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{39ED1E9A-C8C6-40AA-888A-72C964BFA045}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{3D84F971-C6B1-4B68-8AC9-928F5718E080}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41224ADF-5E8F-4FA6-95BD-6E48BB12B0FE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{41DBB72A-4E41-46F2-921E-0D87FBD96B3C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{42062E23-A3D6-44E9-A4F0-F20B42B4F187}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{457C6862-DF3B-4EB5-9844-A702B2388B7F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{52EEBC43-AF7A-4CBB-9764-000B7DF486E9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{53379A81-551E-4654-9A6E-FE040E8BA8D4}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{56378B03-AB66-45C1-96D4-2AB0C843542B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5A0214D8-32B0-4D0F-A422-EC2CD7FCB042}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5A140C2D-39CD-46F0-8623-6EA74F59ECB7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5E9F2D24-B85B-4666-9789-BCF68CF370E8}" = protocol=6 | dir=out | app=c:\program files (x86)\janice\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe |
"{61B8AEAA-F831-4098-A9FA-2DE955F323AE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{672EADEB-ADC3-4C68-A142-8AD2E8433D1C}" = dir=in | app=c:\program files (x86)\janice\itunes\itunes.exe |
"{6C0C8C6C-64AE-41D6-9470-D72EA41DEB43}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6C671A17-A0A5-4462-A53E-FEFBE2A35A5F}" = protocol=6 | dir=in | app=c:\users\abaray\appdata\roaming\dropbox\bin\dropbox.exe |
"{6F7CB4C7-F4D5-406F-B3DB-498BF4BA55A4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{702E7A85-0C92-463F-AED4-FE1159E54EA4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{733C5241-B6F1-4E11-A8C8-AED5123DF634}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{73F82F73-2841-4D17-BFCE-C0CE626C8AAB}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{788817AE-8690-4361-8711-8666EB1A2433}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7C1B1CAC-35D6-440D-AB1B-1E7A536833AA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{7C57939F-15AA-4AAC-B9E1-E428F27A502B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{857F510A-2D5A-4DB7-A232-2A936FDB7F27}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{8B3DB13E-AF8A-498E-8AD2-049384841641}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{8E6C0841-764D-4107-B965-FEA1ABDBEB55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8F0E9BE6-73CE-44C2-9365-E0D64E8A4D08}" = protocol=17 | dir=in | app=c:\users\abaray\appdata\roaming\dropbox\bin\dropbox.exe |
"{917D4C75-DEB3-4EEA-ACD4-A06011196C98}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{940CB5B1-0BE3-4581-A375-6CF4DFD0A992}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{961A1CBB-0641-4246-89CD-368FB25A233D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{9A5D2105-EE1B-422C-8C1A-1F7D1638192C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{9B3B349E-C478-4353-A48D-4D816C3012E7}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{9BB80FF9-4515-4C9B-BEAC-0CC9C48E96A4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{A624E851-3E31-49DB-97EB-71E01FCA6A97}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A774C4B8-214F-4ABE-A25C-5D0BA9D80B17}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{A7FA684C-C6F7-4B9B-B7C8-FB2B38FFEE33}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{B2ADFC39-E93A-4937-8461-E461CCC4CF74}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{B442AFB6-C52D-4CD2-A760-76A43CB6523B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{B92FB002-C675-4148-8BC6-886250C6C61E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BD215695-BCBA-4F0F-B243-C882C0977B41}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{C886B5BE-2E65-41E0-9404-0C168FC97E8B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{D5B06320-9BF0-4935-BE94-53DC2148F51D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{E3B40389-4AFE-446F-BEDF-7224AEC61F67}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{E65ECDAA-602D-4FB2-900F-AA70CC546B1B}" = dir=in | app=e:\setup\hpznui40.exe |
"{E9A26439-6367-47D4-84EE-B16314F59F85}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EA136F3C-EC7F-46A4-9118-85890ECBA4DB}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{EC62A883-D5D1-4B16-BA01-7BF78CAA4EE8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EDCA0D40-EC52-4E75-B77D-1EDB36B0BF3E}" = protocol=6 | dir=out | app=c:\program files (x86)\janice\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"{F1A5C2FA-1036-4504-A686-8A1BF16191AE}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{F6B579AF-2566-4700-860A-969B30886984}" = dir=in | app=c:\program files (x86)\janice\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe |
"TCP Query User{0F3F7F91-5EE7-483E-A71D-CFA481C4502B}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{1B04F7C7-23A3-42EF-A64B-1A5AA20DA16A}C:\program files (x86)\janice\sprint mobile email\desktop connector\desktopconnector.exe" = protocol=6 | dir=in | app=c:\program files (x86)\janice\sprint mobile email\desktop connector\desktopconnector.exe |
"TCP Query User{249A66E3-031A-4956-B89C-99B8251D61E4}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{2F2853A5-0D9A-48B5-B221-8F0428DEA357}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{377361DD-82AC-4751-B97F-C43E12743CCF}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"TCP Query User{4717E204-184A-4015-AD85-EC1483ACD769}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{6542EC84-3A8F-489A-A286-E64E70D18FC5}C:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{81C8618E-62F3-4F30-8F75-D7D4F27127E5}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{89307F0D-D599-4D6F-89D5-4979A85BC201}C:\program files (x86)\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"TCP Query User{AFF2D003-7EAF-486F-A412-131625C308F8}C:\program files (x86)\janice\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\janice\limewire\limewire.exe |
"TCP Query User{BA25CB8C-BBF5-4B1B-9839-6AE2E5AAA580}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{BF9AF259-2CCE-4112-88FD-AB7CCD5B029A}C:\program files (x86)\janice\secondlifeviewer\slvoice.exe" = protocol=6 | dir=in | app=c:\program files (x86)\janice\secondlifeviewer\slvoice.exe |
"TCP Query User{CCFFB4F3-AFED-4F2B-AF70-7ECB6AB5F4AB}C:\program files (x86)\janice\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\janice\limewire\limewire.exe |
"TCP Query User{F548E944-3A99-4FAE-A10F-6D5CF3C8A0CC}C:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{0F0D3BC0-60E5-409A-9EAF-74123FD88C24}C:\program files (x86)\janice\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\janice\limewire\limewire.exe |
"UDP Query User{4B7E9281-12F1-4E63-A639-01B114FD9758}C:\program files (x86)\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"UDP Query User{4D95CD87-606F-452C-9BAA-7C6D64D6B07C}C:\program files (x86)\janice\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\janice\limewire\limewire.exe |
"UDP Query User{99DE0140-4666-4305-89B6-E2EAF68C6EB8}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{9A9A273F-0A7E-4ECC-9465-E3C6DFF352D2}C:\program files (x86)\janice\secondlifeviewer\slvoice.exe" = protocol=17 | dir=in | app=c:\program files (x86)\janice\secondlifeviewer\slvoice.exe |
"UDP Query User{A43A7E32-2B8E-4210-B6F1-6D5A0B5E8010}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{A4E46761-1204-4BAD-AE79-FAABCF8495F4}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{A8361959-C288-4332-A309-6DC8131423B4}C:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{B5261AA8-45E5-438E-B7EE-ABA4D21961DB}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{B80B7436-26F1-4545-B223-5DBD77E614E2}C:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\abaray\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{DF4B4A4B-8C72-4B02-AE79-A04535660A8C}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{E976FA4E-2DB8-4500-A4CF-C1146C91EEA4}C:\program files (x86)\janice\sprint mobile email\desktop connector\desktopconnector.exe" = protocol=17 | dir=in | app=c:\program files (x86)\janice\sprint mobile email\desktop connector\desktopconnector.exe |
"UDP Query User{F271CB69-40FC-47E9-B4AA-0F5574A0B8A9}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{FA44D172-9545-4024-8116-17C8462BE034}C:\program files (x86)\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C89932F-1D9D-4776-AD7A-9156FF792539}" = Modem Diagnostic Tool
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90B5B05F-AFDA-4922-A153-45B14200BA77}" = SPBBC 64bit
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B24A47E5-F196-461E-A7A4-AADB72CB19DD}" = iTunes
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8732DC3-1736-44b2-B741-2D636DE58605}" = HP Photosmart C6300 All-In-One Driver Software 11.0 Rel .4
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DDEDFD63-E430-4b0c-8D61-5E4E7280F027}" = Network64
"{E3EC7FC4-B4BF-4911-9A43-F7C753CE03F5}" = AVG 2012
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"AVG" = AVG 2012
"Bulk Rename Utility_is1" = Bulk Rename Utility 2.7.1.2
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 PCI V.92 Modem
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Sandboxie" = Sandboxie 3.58 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{32622F02-640A-4335-86FF-557325DC39D4}" = PS_AIO_04_C6300_Software_Min
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{526B2AE8-73DF-4CE0-B140-9968677A7C93}" = HTC Sync
"{52E819E9-C69A-4AF6-B2B3-BC01F8B0ECA3}" = Toon Boom Storyboard Pro Trial
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AFACBC-4795-4A1B-8037-5085DC03FC54}" = Microsoft LifeCam
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97C82B44-D408-4F14-9252-47FC1636D23E}_is1" = IZArc 4.1.2
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{99832252-D489-4276-B961-6D505CF0AFAA}" = PS_AIO_04_C6300_Software
"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.6
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D063F201-FAC4-4D5C-B10B-615058ADE5A7}" = HP Update
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}" = Windows Resource Kit Tools - SubInAcl.exe
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4AFC7AD-F637-4EDD-BC76-767E4AF78CE1}" = OverDrive Media Console
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2A97415-BD97-4867-B906-05E39E9EE51F}" = HL-2270DW
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC6B304A-044A-46AE-B761-D1202720D93A}" = VOB2MPG v3
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"aignesamdeadlink_is1" = AM-DeadLink 4.4
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"BHODemon_is1" = BHODemon 2.0.0.23
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Debut" = Debut Video Capture Software
"Desktop Connector" = Desktop Connector
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.3.815
"LimeWire" = LimeWire 5.5.16
"MagicDisc 2.7.106" = MagicDisc 2.7.106
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"MixPad" = MixPad Audio Mixer
"NoteCable_is1" = NoteCable 1.1.1
"Pixillion" = Pixillion Image Converter
"Power Sound Editor Free" = Power Sound Editor Free
"Prism" = Prism Video File Converter
"RealPlayer 15.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.92
"Rhapsody" = Rhapsody
"SecondLifeViewer" = SecondLifeViewer (remove only)
"Slice" = Slice Audio File Splitter
"SUPER ©" = SUPER © Version 2010.bld.38 (May 2, 2010)
"Switch" = Switch Sound File Converter
"TwelveKeys" = TwelveKeys Music Transcription Software
"VideoPad" = VideoPad Video Editor
"VLC media player" = VLC media player 1.0.1
"WavePad" = WavePad Sound Editor
"WinGimp-2.0_is1" = GIMP 2.6.10
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1461265785-473199823-4216479891-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"Juniper_Networks_Cache_Cleaner 6.5.0" = Juniper Networks Cache Cleaner 6.5.0
"Juniper_Setup_Client" = Juniper Networks Setup Client
"Juniper_Term_Services" = Juniper Terminal Services Client
"magicJack" = magicJack
"Move Media Player" = Move Media Player
"Neoteris_Host_Checker" = Juniper Networks Host Checker
"Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player
"Sansa Updater" = Sansa Updater
"uTorrent" = µTorrent
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 9/25/2011 4:08:48 PM | Computer Name = abaray-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9/25/2011 4:19:07 PM | Computer Name = abaray-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9/25/2011 4:19:07 PM | Computer Name = abaray-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9/28/2011 5:44:08 PM | Computer Name = abaray-PC | Source = WinMgmt | ID = 10
Description =
Error - 9/30/2011 8:11:56 PM | Computer Name = abaray-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9/30/2011 8:11:56 PM | Computer Name = abaray-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9/30/2011 8:12:17 PM | Computer Name = abaray-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 9/30/2011 8:12:17 PM | Computer Name = abaray-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 10/3/2011 8:40:08 PM | Computer Name = abaray-PC | Source = WinMgmt | ID = 10
Description =
Error - 10/8/2011 12:44:24 AM | Computer Name = abaray-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 3/21/2009 7:33:57 PM | Computer Name = abaray-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 6/9/2009 6:28:16 PM | Computer Name = abaray-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/11/2009 1:33:56 PM | Computer Name = abaray-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 1/23/2010 4:30:16 PM | Computer Name = abaray-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ OSession Events ]
Error - 4/3/2010 1:46:00 PM | Computer Name = abaray-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 140
seconds with 60 seconds of active time. This session ended with a crash.
Error - 5/12/2010 12:30:07 PM | Computer Name = abaray-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 18990
seconds with 1020 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 3/26/2012 7:19:49 PM | Computer Name = abaray-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Aspi32.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 3/26/2012 7:21:06 PM | Computer Name = abaray-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 3/26/2012 7:21:06 PM | Computer Name = abaray-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 3/26/2012 7:21:06 PM | Computer Name = abaray-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 3/26/2012 7:33:30 PM | Computer Name = abaray-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 3/26/2012 7:33:45 PM | Computer Name = abaray-PC | Source = volmgr | ID = 262190
Description = Crash dump initialization failed!
Error - 3/26/2012 7:34:04 PM | Computer Name = abaray-PC | Source = Application Popup | ID = 1060
Description = \SystemRoot\SysWow64\Drivers\Aspi32.SYS has been blocked from loading
due to incompatibility with this system. Please contact your software vendor for
a compatible version of the driver.
Error - 3/26/2012 7:35:24 PM | Computer Name = abaray-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 3/26/2012 7:35:24 PM | Computer Name = abaray-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 3/26/2012 7:35:24 PM | Computer Name = abaray-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
-----------------------
aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-03-26 20:09:21
-----------------------------
20:09:21.350 OS Version: Windows x64 6.0.6002 Service Pack 2
20:09:21.350 Number of processors: 4 586 0xF0B
20:09:21.350 ComputerName: ABARAY-PC UserName: abaray
20:09:23.987 Initialize success
20:10:45.223 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
20:10:45.239 Disk 0 Vendor: WDC_WD6400AAKS-75A7B0 01.03B01 Size: 610480MB BusType: 3
20:10:45.254 Disk 0 MBR read successfully
20:10:45.254 Disk 0 MBR scan
20:10:45.254 Disk 0 Windows VISTA default MBR code
20:10:45.254 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
20:10:45.270 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 81920
20:10:45.301 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 600439 MB offset 20561920
20:10:45.332 Disk 0 scanning C:\Windows\system32\drivers
20:10:54.770 Service scanning
20:11:10.604 Modules scanning
20:11:10.620 Disk 0 trace - called modules:
20:11:10.651 ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
20:11:10.667 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80074df320]
20:11:10.667 3 CLASSPNP.SYS[fffffa6000fd3c33] -> nt!IofCallDriver -> [0xfffffa800611c930]
20:11:10.682 5 acpi.sys[fffffa60008fefde] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006139510]
20:11:10.698 Scan finished successfully
20:11:19.683 Disk 0 MBR has been saved successfully to "C:\Users\abaray\Documents\Adya writings\MBR.dat"
20:11:19.683 The log file has been saved successfully to "C:\Users\abaray\Documents\Adya writings\aswMBR.txt"