sorry...it did run!
OTL.Txt
seOTL logfile created on: 5/14/2012 8:55:21 PM - Run 2
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\michelle618\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 2.97 Gb Available Physical Memory | 74.34% Memory free
4.16 Gb Paging File | 3.31 Gb Available in Paging File | 79.45% Paging File free
Paging file location(s): c:\pagefile.sys 300 500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.01 Gb Total Space | 21.53 Gb Free Space | 7.48% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.92 Gb Free Space | 99.21% Space Free | Partition Type: NTFS
Computer Name: MICHELLE618-PC | User Name: michelle618 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/05/14 20:54:32 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\michelle618\Downloads\OTL (4).exe
========== Modules (No Company Name) ========== ========== Win32 Services (SafeList) ========== SRV - [2012/02/10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/04/29 11:30:44 | 000,091,456 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Motorola\MotoConnectService\MotoConnectService.exe -- (MotoConnect Service)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/01/29 16:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2007/05/31 11:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 11:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/04/26 10:38:48 | 000,033,712 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/04/26 10:38:38 | 000,517,040 | ---- | M] ( ) [Auto | Stopped] -- C:\Windows\SysWOW64\lxdicoms.exe -- (lxdi_device)
========== Driver Services (SafeList) ========== ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://us.rd.yahoo.c...rch/search.htmlIE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" =
http://search.yahoo....ei=utf-8&fr=yspIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://securityrespo...er/fix_homepageIE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}
IE - HKU\S-1-5-19\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" =
http://search.yahoo....ei=utf-8&fr=yspIE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/w...q={SEARCHTERMS} IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://securityrespo...er/fix_homepageIE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {2381E4B7-5C04-459E-9D46-2F9AC1608B66}
IE - HKU\S-1-5-20\..\SearchScopes\{2381E4B7-5C04-459E-9D46-2F9AC1608B66}: "URL" =
http://search.yahoo....ei=utf-8&fr=yspIE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/w...q={SEARCHTERMS} IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://yahoo.com/IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes,DefaultScope = {5E81B497-B701-4EEC-8660-2BCA707B943D}
IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...Box&FORM=IE8SRCIE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes\{5E81B497-B701-4EEC-8660-2BCA707B943D}: "URL" =
http://www.google.co...1I7GPEA_enUS303IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes\{9166BC95-9BAC-49D3-9413-7293CB0ECEC7}: "URL" =
http://search.about....s={searchTerms}IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" =
http://search.yahoo....ms}&fr=chr-tyc8IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes\{F74F753E-8D4D-4117-9646-F17E5F047CC4}: "URL" =
http://en.wikipedia....h={searchTerms}IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..\SearchScopes\Comcast: "URL" =
http://search.comcas...q={searchTerms}IE - HKU\S-1-5-21-761255007-4257669193-40547742-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaulturl: "
http://search.yahoo....ch?fr=ffsp1&p="FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Answers.com"
FF - prefs.js..browser.startup.homepage: "
http://www.yahoo.com/"FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.1
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.36.0
FF - prefs.js..extensions.enabledItems:
[email protected]:2.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..keyword.URL: "
http://search.yahoo....ch?fr=ffds1&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files (x86)\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files (x86)\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files (x86)\Google\Google Gears\Firefox\ [2010/03/16 20:12:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/01/06 00:25:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/05/14 19:00:39 | 000,000,000 | ---D | M]
[2008/08/05 01:10:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michelle618\AppData\Roaming\Mozilla\Extensions
[2012/05/03 18:17:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\michelle618\AppData\Roaming\Mozilla\Firefox\Profiles\5bsmabgk.default\extensions
[2009/12/17 08:30:40 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\michelle618\AppData\Roaming\Mozilla\Firefox\Profiles\5bsmabgk.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2009/09/04 22:48:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\michelle618\AppData\Roaming\Mozilla\Firefox\Profiles\5bsmabgk.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/06/21 08:31:02 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\michelle618\AppData\Roaming\Mozilla\Firefox\Profiles\5bsmabgk.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/08/31 18:47:40 | 000,000,000 | ---D | M] (Targeted Advertising Cookie Opt-Out (TACO)) -- C:\Users\michelle618\AppData\Roaming\Mozilla\Firefox\Profiles\5bsmabgk.default\extensions\
[email protected][2012/02/07 22:58:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/16 20:12:57 | 000,000,000 | ---D | M] (Google Gears) -- C:\PROGRAM FILES (X86)\GOOGLE\GOOGLE GEARS\FIREFOX
[2011/12/09 12:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
O1 HOSTS File: ([2012/05/14 19:01:42 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O2 - BHO: (Yahooo Search Protection) - {25BC7718-0BFA-40EA-B381-4B2D9732D686} - C:\Program Files (x86)\Yahoo!\Search Protection\ysp.dll (Yahoo! Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-21-761255007-4257669193-40547742-1000..\Run: [Easy Dock] File not found
O4 - HKU\S-1-5-21-761255007-4257669193-40547742-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-761255007-4257669193-40547742-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files (x86)\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\SysWow64\wpclsp.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-761255007-4257669193-40547742-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
http://appldnld.appl...ex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Bejeweled%202/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000}
http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
http://photo2.walgre...eensActivia.cab (Snapfish Activia)
O16 - DPF: {44990B00-3C9D-426D-81DF-AAB636FA4345}
https://www-secure.s...abs/tgctlcm.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Bejeweled%202/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
http://l.yimg.com/jh...aploader_v6.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE99E5B6-49B1-43CE-8EF9-CD0185398B8E}: DhcpNameServer = 192.168.2.1
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GO333C~1\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img6.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img6.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1084
========== Files/Folders - Created Within 30 Days ========== [2012/05/14 19:00:39 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/05/14 17:17:24 | 000,000,000 | ---D | C] -- C:\Users\michelle618\Desktop\RK_Quarantine
[2012/05/14 08:32:26 | 000,000,000 | ---D | C] -- C:\Users\michelle618\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smart Virus Remover
[2012/05/14 08:32:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Smart Virus Remover
[2012/05/14 05:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/05/14 02:17:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/05/14 02:17:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/05/14 01:40:30 | 000,000,000 | ---D | C] -- C:\Users\michelle618\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012/05/10 03:11:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/04/27 03:02:15 | 000,000,000 | ---D | C] -- C:\Windows\TempBA89CA02-D233-2498-1A99-359441EF65C1-Signatures
[2012/04/22 09:19:22 | 000,000,000 | ---D | C] -- C:\Users\michelle618\Desktop\New Folder (2)
[2 C:\Users\michelle618\Desktop\*.tmp files -> C:\Users\michelle618\Desktop\*.tmp -> ]
[1 C:\Users\michelle618\Documents\*.tmp files -> C:\Users\michelle618\Documents\*.tmp -> ]
[1 C:\Users\michelle618\AppData\Local\*.tmp files -> C:\Users\michelle618\AppData\Local\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/05/14 20:36:07 | 000,000,512 | ---- | M] () -- C:\Users\michelle618\Desktop\MBR.dat
[2012/05/14 20:25:23 | 000,001,460 | ---- | M] () -- C:\Users\michelle618\AppData\Local\d3d9caps64.dat
[2012/05/14 20:01:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/14 17:55:00 | 000,004,268 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/05/14 17:54:19 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/05/14 17:48:07 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/14 08:32:26 | 000,001,114 | ---- | M] () -- C:\Users\michelle618\Desktop\Smart Virus Remover.lnk
[2012/05/14 06:33:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/14 02:17:20 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/14 02:12:43 | 000,000,112 | ---- | M] () -- C:\Users\michelle618\Desktop\rk-proxy.reg
[2012/04/27 03:04:51 | 000,002,141 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/04/14 23:02:46 | 000,002,661 | ---- | M] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2 C:\Users\michelle618\Desktop\*.tmp files -> C:\Users\michelle618\Desktop\*.tmp -> ]
[1 C:\Users\michelle618\Documents\*.tmp files -> C:\Users\michelle618\Documents\*.tmp -> ]
[1 C:\Users\michelle618\AppData\Local\*.tmp files -> C:\Users\michelle618\AppData\Local\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/05/14 20:36:07 | 000,000,512 | ---- | C] () -- C:\Users\michelle618\Desktop\MBR.dat
[2012/05/14 17:18:33 | 000,002,129 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet Pro 8500 A910.lnk
[2012/05/14 17:18:33 | 000,002,117 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012/05/14 17:18:33 | 000,001,939 | ---- | C] () -- C:\Users\Public\Desktop\Susteen Launcher.lnk
[2012/05/14 17:18:33 | 000,001,919 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/05/14 17:18:33 | 000,001,904 | ---- | C] () -- C:\Users\Public\Desktop\Play Penguins!.lnk
[2012/05/14 17:18:33 | 000,001,803 | ---- | C] () -- C:\Users\Public\Desktop\HP ePrintCenter - HP Officejet Pro 8500 A910.lnk
[2012/05/14 17:18:33 | 000,001,643 | ---- | C] () -- C:\Users\Public\Desktop\Quicken Home & Business 2011.lnk
[2012/05/14 17:18:33 | 000,001,129 | ---- | C] () -- C:\Users\Public\Desktop\HP Officejet Pro 8500 A910 Scan.lnk
[2012/05/14 17:18:33 | 000,001,127 | ---- | C] () -- C:\Users\Public\Desktop\Google Desktop.lnk
[2012/05/14 17:18:33 | 000,001,092 | ---- | C] () -- C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8500 A910.lnk
[2012/05/14 17:18:33 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Cooking Academy.lnk
[2012/05/14 17:18:33 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\Yahoo! Messenger.lnk
[2012/05/14 17:18:33 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/05/14 17:18:33 | 000,000,840 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
[2012/05/14 17:18:33 | 000,000,840 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Zune.lnk
[2012/05/14 17:18:33 | 000,000,820 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012/05/14 17:18:33 | 000,000,357 | ---- | C] () -- C:\Users\Public\Desktop\Free Credit Report and Score.url
[2012/05/14 17:18:33 | 000,000,342 | ---- | C] () -- C:\Users\Public\Desktop\Complete Installation of Lexmark 5600-6600 Series.LNK
[2012/05/14 17:18:32 | 000,002,661 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Word 2010.lnk
[2012/05/14 17:18:32 | 000,002,629 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft PowerPoint 2010.lnk
[2012/05/14 17:18:32 | 000,002,619 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Excel 2010.lnk
[2012/05/14 17:18:32 | 000,002,617 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Access 2010.lnk
[2012/05/14 17:18:32 | 000,002,593 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft OneNote 2010.lnk
[2012/05/14 17:18:32 | 000,001,804 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/05/14 17:18:32 | 000,000,996 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/05/14 17:18:32 | 000,000,975 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/05/14 17:18:32 | 000,000,970 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/05/14 17:18:32 | 000,000,844 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk
[2012/05/14 17:18:32 | 000,000,258 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/05/14 17:18:32 | 000,000,240 | ---- | C] () -- C:\Users\michelle618\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/05/14 08:32:26 | 000,001,114 | ---- | C] () -- C:\Users\michelle618\Desktop\Smart Virus Remover.lnk
[2012/05/14 02:12:43 | 000,000,112 | ---- | C] () -- C:\Users\michelle618\Desktop\rk-proxy.reg
[2012/02/07 19:36:29 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2012/02/07 19:36:29 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2012/02/07 19:36:29 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2011/05/31 00:05:01 | 000,000,000 | ---- | C] () -- C:\Users\michelle618\AppData\Local\{529D51F3-E2D5-4A1F-B241-E9B3C8BBA379}
[2011/05/23 13:10:05 | 000,000,000 | ---- | C] () -- C:\Users\michelle618\AppData\Local\{2F510375-0214-4A26-AAB5-2353BF37E387}
[2011/03/29 15:22:01 | 000,722,192 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/11 20:36:33 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2011/03/09 22:08:37 | 000,683,801 | ---- | C] () -- C:\Windows\unins000.exe
[2011/03/09 22:08:37 | 000,005,480 | ---- | C] () -- C:\Windows\unins000.dat
========== LOP Check ========== [2008/10/02 18:17:26 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\ITTNord
[2009/02/05 21:45:52 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\Lexmark Productivity Studio
[2009/01/16 17:11:59 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\OpenOffice.org
[2008/08/05 01:33:17 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\PeerNetworking
[2009/03/18 01:26:15 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\Pogo Games
[2008/11/16 03:27:24 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\SecondLife
[2008/12/25 22:47:02 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\SpinTop
[2008/08/04 17:55:49 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\Template
[2010/01/02 02:06:02 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\Tific
[2009/07/08 12:32:27 | 000,000,000 | ---D | M] -- C:\Users\michelle618\AppData\Roaming\uTorrent
[2012/05/14 17:54:59 | 000,032,564 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_b5f700fe698beb14\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_b7eb106e66a7ac19\explorer.exe
[2008/10/29 01:15:50 | 003,087,360 | ---- | M] (Microsoft Corporation) MD5=50514057C28A74BAC2BD04B7B990D615 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_aba256ac352b2919\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_b8583e9d7fda0512\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\ERDNT\cache86\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\explorer.exe
[2009/04/11 02:10:17 | 003,079,168 | ---- | M] (Microsoft Corporation) MD5=6B08E54A451B3F95E4109DBA7E594270 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_afbebba22f3bab41\explorer.exe
[2008/10/27 21:30:12 | 003,086,848 | ---- | M] (Microsoft Corporation) MD5=72B9990E45C25AA3C75C4FB50A9D6CE0 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_ac5266dd4e2b0a41\explorer.exe
[2008/10/29 01:49:22 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=BBD8E74F23D7605CB0CDB57A1B25D826 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_ad96661c3246ea1e\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SysWOW64\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_ba1365f4639c6d3c\explorer.exe
[2008/10/30 00:30:07 | 003,081,216 | ---- | M] (Microsoft Corporation) MD5=E404A65EF890140410E9F3D405841C95 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_ae03944b4b794317\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_b6a7112f828bcc3c\explorer.exe
[2008/01/20 21:48:44 | 003,080,704 | ---- | M] (Microsoft Corporation) MD5=F6D765FB6B457542D954682F50C26E4F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_add342963219dff5\explorer.exe
[2008/01/20 21:49:23 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_b827ece8667aa1f0\explorer.exe
< MD5 for: SVCHOST.EXE >[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2008/01/20 21:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache86\svchost.exe
[2008/01/20 21:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\SysWOW64\svchost.exe
[2008/01/20 21:48:05 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\ERDNT\cache64\svchost.exe
[2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\SysNative\svchost.exe
[2008/01/20 21:50:24 | 000,027,648 | ---- | M] (Microsoft Corporation) MD5=CDA9F1373805AF88F6FA4F2064BBA24D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_11d9f524bdab2f1b\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache86\userinit.exe
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008/01/20 21:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\ERDNT\cache64\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008/01/20 21:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
< MD5 for: WINLOGON.EXE >[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\ERDNT\cache64\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009/04/11 02:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008/01/20 21:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >"DisplayName" = NETBT
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys
"Description" = This service implements NetBios over TCP/IP.
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
"DhcpNodeType" = 8
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{A32E2B4E-EB81-4865-BFF1-E440FAF1DDB3}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{A7F45A49-3021-488E-9E2B-C208762D5AFD}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{DE99E5B6-49B1-43CE-8EF9-CD0185398B8E}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 07 01 04 01 02 01 00 01 06 01 09 01 0B 01 08 01 05 01 03 01 01 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 11
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1
< hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/01/06 00:25:54 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/01/06 00:25:54 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/01/06 00:25:54 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2010/01/06 00:25:54 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2010/01/06 00:25:54 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2010/01/06 00:25:54 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -hide [2011/05/06 19:08:23 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -show [2011/05/06 19:08:23 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\SysWOW64\ie4uinit.exe" -reinstall [2011/05/06 19:08:23 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/05/06 19:08:24 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" [2011/05/06 19:08:24 | 000,748,336 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/05/06 19:08:14 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/05/06 19:08:14 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/05/06 19:08:14 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/05/06 19:08:24 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" [2011/05/06 19:08:24 | 000,748,336 | ---- | M] (Microsoft Corporation)
< C:\Windows\assembly\tmp\U\*.* /s > < C:\Program Files\Common Files\ComObjects\*.* /s > < C:\windows\*. /RP /s > < %Temp%\smtmp\1\*.* > < %Temp%\smtmp\2\*.* > < %Temp%\smtmp\3\*.* > < %Temp%\smtmp\4\*.* > < type c:\diskreport.txt /c >Microsoft DiskPart version 6.0.6002
Copyright © 1999-2007 Microsoft Corporation.
On computer: MICHELLE618-PC
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
Volume 0 F RAW DVD-ROM 2048 B Healthy
Volume 1 D RECOVERY NTFS Partition 10 GB Healthy
Volume 2 C OS NTFS Partition 288 GB Healthy System
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[C:\windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\windows\System32\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\windows\System32\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\windows\System32\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\SysWOW64\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\SysWOW64\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\SysWOW64\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\windows\SysWOW64\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\windows\SysWOW64\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\windows\SysWOW64\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\SysWOW64\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\windows\SysWOW64\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\windows\SysWOW64\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\windows\SysWOW64\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\windows\SysWOW64\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\windows\SysWOW64\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\windows\SysWOW64\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction
========== Alternate Data Streams ========== @Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:C7F04040
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:A8ADE5D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:57DC3B52
< End of report >
EXTRAS.txt
OTL Extras logfile created on: 5/14/2012 8:55:21 PM - Run 2
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\michelle618\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.99 Gb Total Physical Memory | 2.97 Gb Available Physical Memory | 74.34% Memory free
4.16 Gb Paging File | 3.31 Gb Available in Paging File | 79.45% Paging File free
Paging file location(s): c:\pagefile.sys 300 500 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 288.01 Gb Total Space | 21.53 Gb Free Space | 7.48% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 9.92 Gb Free Space | 99.21% Space Free | Partition Type: NTFS
Computer Name: MICHELLE618-PC | User Name: michelle618 | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_USERS\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\BitTorrent\bittorrent.exe" = C:\Program Files (x86)\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{056170F8-77DF-45E7-98E6-C7F8C6275735}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0B09C4CD-5B90-42E0-BB97-8D27B28B8BF8}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{11BED819-B214-46F1-806B-141953356F23}" = lport=10243 | protocol=6 | dir=in | app=system |
"{1B1E87EC-FB0D-4702-8256-BFCF807D80FB}" = lport=138 | protocol=17 | dir=in | app=system |
"{246D7468-3F28-4DC3-8543-1F2D77832FFB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{2DD68B0A-323D-4B20-BAF4-B08FFC39CA48}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3E852B88-6D7C-42E1-9B10-25665B1F8FFC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3F141A2D-5E6C-45A5-8CCE-D6CC8FD68FB1}" = lport=137 | protocol=17 | dir=in | app=system |
"{499D7E5B-80A0-43CD-9F13-D5BD915078EF}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{4A2AAE05-6260-474D-AE22-150E3509191B}" = rport=2869 | protocol=6 | dir=out | app=system |
"{58ACDAA5-73F7-4754-B92E-58F530F02CEC}" = rport=138 | protocol=17 | dir=out | app=system |
"{5CBB11E2-A211-4D4B-86D5-D8256D9352E6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{63AD7DA1-8BF1-4F72-AC3B-E91F7DF8D780}" = lport=445 | protocol=6 | dir=in | app=system |
"{969ABC4E-C720-410B-BB8B-E715A62572A6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9AD13258-911B-409D-81A0-9EDEFC69B02F}" = lport=139 | protocol=6 | dir=in | app=system |
"{A3B548F5-B83D-44AF-9FD1-7C67FAC8358E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AAD4F92C-2616-4413-9DB7-F5F3EFDFF2E6}" = rport=137 | protocol=17 | dir=out | app=system |
"{AD52531B-2904-4A03-98CA-02736B4973FE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B139F1BD-D22B-4BCF-AF77-E2C174CC245B}" = rport=139 | protocol=6 | dir=out | app=system |
"{BCBD3130-21A2-40CA-AB22-7C86B6405363}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{CD59E230-7143-4503-88FE-E01677C38AD7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D15B5DA3-3A4D-4D02-B3AB-070A21B559D9}" = rport=445 | protocol=6 | dir=out | app=system |
"{D3163369-5563-4923-A789-0CABB6A56124}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D4BAB3F4-D94E-4A71-867A-25D0FBD5F9EB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DDF973B7-00E1-4D35-9D24-30D39957A341}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EA71B870-9D31-4AE7-97CF-356BEAFCFFE1}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{FA580432-E9B6-4EB0-806B-8028D9DF0D16}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FE6B6A1A-1F75-472E-BE37-1D526B74AFC4}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{012B0BCC-1720-4E39-AC6C-7E1A28B04A12}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{047CDCDF-7C09-4C18-BEEF-7C6B7A00A5A7}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{060E8D3E-93D7-473D-AE11-E810162F124C}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{061777C8-B0EE-4BBB-AF9D-B0D92290E3ED}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{0B9AF5C9-435C-49C8-860B-F3CA3C370070}" = dir=in | app=c:\program files (x86)\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{0CD4E40C-C26B-4629-8241-C2059B1D032A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0DD1AE12-E369-429E-905C-5FFFFE5A5317}" = dir=in | app=c:\program files (x86)\dell\mediadirect\kernel\dms\clmsservice.exe |
"{14318FE2-6D70-45FC-830C-C4BB3EF4C75A}" = protocol=6 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{1560C3A5-CE7F-4A8F-B762-1B2964A2354D}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxditime.exe |
"{16840DC3-21A3-45FF-88B3-131CC8FF070A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1C21CB8F-649C-444D-8AD4-F8C45FE944CC}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{1DB2207B-B661-4DF3-BD83-C86BBC580205}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{27F02AD7-99B4-49B2-99EF-40C912DB782D}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
"{3137DECE-0876-4875-8287-FE6A02E0A4A6}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{357A8688-2995-46FF-BDD1-326CE3792112}" = protocol=58 | dir=in |
[email protected],-28545 |
"{367632C8-B4C4-426C-BC37-CF5741A43C47}" = dir=in | app=c:\program files (x86)\dell\mediadirect\pcmservice.exe |
"{373E9BEE-9B7D-4BEE-A397-FFDC2F8F54F3}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3BE830EE-1CA4-4E12-B7ED-8AE4E4A2E545}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4C42F400-3315-43BB-8DB0-4A702375435C}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdicoms.exe |
"{4FE947DB-CFD2-4E34-9498-2F97963EE66A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{55181CC3-D033-4EDE-BCBB-8E5BFF525BC4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{557EBA09-7F63-45B4-AE06-4137ECDBAF47}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5985D0EF-06FA-4472-9D22-2A67CEF43D28}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5B28712B-9A73-438C-8A19-5D558CEC9230}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{5B6F631A-2DE9-45C9-8F93-2F5F0B513699}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C0F4429-854C-4A45-BCA9-ECA1F87A4B67}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe |
"{67906598-7D77-46E2-9DD0-09F72AFD9055}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe |
"{6B620CE4-F1FC-4C65-AB48-850653CB8A34}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxditime.exe |
"{6BD39850-A8FD-4670-99AC-2247833B2277}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7268E0ED-368E-41D7-B0F4-5E308841E6B8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{74AEE663-6353-484A-A5D2-89D7C937389F}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{775A3754-64EA-46AE-AFA4-8D57F2285D2D}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe |
"{783228A5-9169-4CFA-90AF-E96084C6782D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{78F2D88B-52E6-4B20-B272-023548E570D0}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdimon.exe |
"{81B2BD83-7B09-4F03-9AB7-86F9B572B29A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{86637361-ACF8-415A-AD1B-06E0BBDF4219}" = protocol=58 | dir=out |
[email protected],-28546 |
"{86B44815-BEB3-4924-B6A7-24FBBF278150}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{877FA3D1-9531-4E98-9E38-E1663D43A428}" = protocol=6 | dir=out | app=system |
"{8787B68F-279C-499C-A4D1-ED345AE35292}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\app4r.exe |
"{89444DA5-0E42-4F34-8E0A-B969FB270167}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{8B37AD8F-AEEE-4A62-8F2A-F706ABA47D62}" = protocol=17 | dir=in | app=c:\program files (x86)\dna\btdna.exe |
"{8BD84755-0458-4BBE-A777-49FC4899485C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8CFA19B7-0B1D-443E-B668-A07B96920174}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe |
"{8EE87B9A-E771-4D38-8E34-B3F53047EEC0}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\app4r.exe |
"{9C8872B7-AA83-4097-917E-AF2836CAD614}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A2E8863E-D1FB-4B13-A26A-8C38DCA125FD}" = protocol=1 | dir=in |
[email protected],-28543 |
"{A764A790-97BE-47B7-AA89-C5EB5C6E7A47}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 3500-4500 series\lxdiamon.exe |
"{A7E7107E-4AFA-44E8-80A2-5E26557DD8AC}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{A84A1132-3763-4D01-8093-4F695ADA168E}" = dir=in | app=c:\program files (x86)\dell\mediadirect\mediadirect.exe |
"{ACBD3C6D-6944-4D22-BA27-8B047A254FF5}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark fax solutions\faxctr.exe |
"{B6571456-2797-4A5C-A9AB-C5CE003492CE}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{BC2CADCD-3D4A-490A-84AB-5196DD977A1E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BDFE5207-2225-46E2-A0CD-04625BBD9156}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe |
"{BEBD71D7-95CE-4D5A-A748-9C7017235E11}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\devicesetup.exe |
"{BF98207C-B0D8-49C3-A796-80876D83844E}" = protocol=6 | dir=in | app=c:\windows\system32\lxdicoms.exe |
"{C07975A0-2E6E-4BCC-9560-5C0803E9924F}" = protocol=1 | dir=out |
[email protected],-28544 |
"{C25412BF-4935-4730-A544-BC73D07E6C22}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet pro 8500 a910\bin\hpnetworkcommunicator.exe |
"{CA544369-046F-4C97-B3B5-FB6FC1D15DDE}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdipswx.exe |
"{CD5D20C1-314A-46AD-ADC0-92EBE4A87355}" = protocol=58 | dir=in |
[email protected],-148 |
"{D4386B4D-3730-4EBE-A377-1E096F247418}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdicoms.exe |
"{DD81F8F8-24BF-4F20-BC1C-A58AD0591842}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{E94E0D8F-A54D-4297-8A8A-A3E5033900A4}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{EAC2DC64-D03E-4892-8070-343889515A0B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EE1C73CA-3E4B-417C-8C29-1C5E78384FA7}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdipswx.exe |
"{F9985965-033B-4735-A34D-00BC1C3CBD69}" = protocol=17 | dir=in | app=c:\windows\system32\lxdicoms.exe |
"{FFFED267-246C-44C5-8344-9DC25BD0FE5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{BFCD478B-DBD6-48D2-A766-C4AE0FE2A772}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{703B56CE-C440-4DAE-8051-B964C3AEA4B8}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{16FCDD97-AE09-476B-88CD-261D852BD34C}" = Marketsplash Shortcuts
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{20C53FA2-4307-4671-A93F-9463B29DFCF1}" = Symantec Technical Support Web Controls
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 17
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{2EAF7E61-068E-11DF-953C-005056806466}" = Google Earth
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{54AE3C08-D7D8-45FF-9348-0B4BE0D5A6CB}" = Comcast Universal Installer v1.2
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5FE545A1-D215-4216-9189-E7B39C9D1CC1}" = Quicken 2011
"{61933675-EFC7-4190-90B6-5AD56E1D9294}" = Marketsplash Print Software
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{6D3963B0-E13B-4FC3-B0FF-506A304BB043}" = Cisco EAP-FAST Module
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{750B354A-BF46-45E0-86D6-620026703B92}" = Nancy Drew: The Haunted Carousel
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}" = HP Officejet Pro 8500 A910 Help
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{99ED894F-60CF-4D71-A645-442CD041D595}" = Susteen Launcher
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB6E9CF7-7A9B-4973-9A1D-96FB27F4B6AC}" = DataPilot
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DDC5B3E0-C656-4070-9CF0-E592EC60AD42}" = MotoConnect
"{E40CE517-0D42-4198-96B4-C8232B257EB5}" = Data Lifeguard Diagnostic for Windows
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F44DA61E-720D-4E79-871F-F6E628B33242}" = OpenOffice.org 3.0
"{FCED9B62-34FF-4C15-8A23-F65221F7874D}" = ITECIR Driver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Audacity_is1" = Audacity 1.2.6
"Bejeweled 2" = Bejeweled 2
"Bejeweled 2 Deluxe 1.1" = Bejeweled 2 Deluxe 1.1
"Bookworm Deluxe 1.13" = Bookworm Deluxe 1.13
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Cooking Academy" = Cooking Academy
"Dell Video Chat" = Dell Video Chat (remove only)
"Dell Webcam Central" = Dell Webcam Central
"Discovery" = Discovery
"Fashion Apprentice" = Fashion Apprentice
"GameHouse" = GameHouse
"Google Desktop" = Google Desktop
"Google Updater" = Google Updater
"InstallShield_{99ED894F-60CF-4D71-A645-442CD041D595}" = Susteen Launcher
"InstallShield_{AB6E9CF7-7A9B-4973-9A1D-96FB27F4B6AC}" = DataPilot
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7)
"MyITLab ActiveX Installer_is1" = MyITLab ActiveX Installer 2, 9, 8, 65535
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"Peggle Deluxe 1.0" = Peggle Deluxe 1.0
"Picasa2" = Picasa 2
"RCA Detective™_is1" = RCA Detective™ 3.0.0.101
"RCA easyRip_is1" = RCA easyRip 2.5.2.0
"RCA Updater_is1" = RCA Updater 1.0.4.0
"Wheel Of Fortune 2" = Wheel Of Fortune 2 (remove only)
"Winamp" = Winamp
"WT016060" = Penguins!
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Mail Advisor" = Yahoo! Mail Advisor
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-761255007-4257669193-40547742-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Detector Plug-in
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 7/14/2008 2:22:58 AM | Computer Name = michelle618-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 7/14/2008 2:22:58 AM | Computer Name = michelle618-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 7/14/2008 2:48:30 AM | Computer Name = michelle618-PC | Source = WinMgmt | ID = 10
Description =
Error - 7/14/2008 2:48:41 AM | Computer Name = michelle618-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 7/14/2008 2:55:43 AM | Computer Name = michelle618-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
Error - 3/29/2011 4:25:15 PM | Computer Name = michelle618-PC | Source = WinMgmt | ID = 10
Description =
Error - 3/29/2011 4:28:15 PM | Computer Name = michelle618-PC | Source = EventSystem | ID = 4621
Description =
Error - 3/29/2011 4:29:54 PM | Computer Name = michelle618-PC | Source = WinMgmt | ID = 10
Description =
Error - 3/29/2011 4:53:44 PM | Computer Name = michelle618-PC | Source = WinMgmt | ID = 10
Description =
Error - 3/30/2011 12:01:03 PM | Computer Name = michelle618-PC | Source = WinMgmt | ID = 10
Description =
[ Broadcom Wireless LAN Events ]
Error - 2/14/2012 6:19:13 AM | Computer Name = michelle618-PC | Source = WLAN-Tray | ID = 0
Description = 04:19:12, Tue, Feb 14, 12 Error - Unable to gain access to user store
Error - 2/18/2012 6:26:57 PM | Computer Name = michelle618-PC | Source = WLAN-Tray | ID = 0
Description = 16:26:57, Sat, Feb 18, 12 Error - Unable to gain access to user store
Error - 2/18/2012 6:31:03 PM | Computer Name = michelle618-PC | Source = WLAN-Tray | ID = 0
Description = 16:31:03, Sat, Feb 18, 12 Error - Unable to gain access to user store
Error - 2/18/2012 8:18:25 PM | Computer Name = michelle618-PC | Source = WLAN-Tray | ID = 0
Description = 18:18:24, Sat, Feb 18, 12 Error - Unable to gain access to user store
Error - 2/21/2012 8:07:33 PM | Computer Name = michelle618-PC | Source = WLAN-Tray | ID = 0
Description = 18:07:32, Tue, Feb 21, 12 Error - Unable to gain access to user store
Error - 4/12/2012 11:06:52 PM | Computer Name = michelle618-PC | Source = WLAN-Tray | ID = 0
Description = 22:06:51, Thu, Apr 12, 12 Error - Unable to gain access to user store
Error - 5/14/2012 6:33:13 AM | Computer Name = michelle618-PC | Source = WLAN-Tray | ID = 0
Description = 05:33:12, Mon, May 14, 12 Error - Unable to gain access to user store
[ Media Center Events ]
Error - 10/4/2008 5:35:27 PM | Computer Name = michelle618-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 10/12/2008 12:35:39 PM | Computer Name = michelle618-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 11/9/2008 1:39:55 PM | Computer Name = michelle618-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 2/20/2009 6:42:17 PM | Computer Name = michelle618-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 4/30/2009 12:07:03 AM | Computer Name = michelle618-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 5/10/2009 1:28:39 PM | Computer Name = michelle618-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 1/26/2009 6:18:40 AM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/26/2009 8:36:09 AM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/26/2009 9:51:08 AM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/26/2009 3:50:32 PM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/26/2009 5:46:37 PM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/26/2009 8:56:01 PM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/27/2009 10:09:48 AM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/27/2009 6:53:15 PM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/27/2009 11:55:58 PM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
Error - 1/28/2009 12:59:58 AM | Computer Name = michelle618-PC | Source = BTHUSB | ID = 327697
Description = The local Bluetooth adapter has failed in an undetermined manner and
will not be used. The driver has been unloaded.
< End of report >