Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cleaning up daughter's laptop [Solved]


  • This topic is locked This topic is locked

#1
briz_dad

briz_dad

    Member

  • Member
  • PipPipPip
  • 251 posts
Hello Support,

My daughter received a laptop from my mother. She's been using it for a while and it is "bogging down". As is normal for teenagers, she is visiting places that she shouldn't be. We've had a talk about all that.. so I said I'd clean-up her computer.

Is anyone up for walking me through this process?

Sincerely,
Greg
  • 0

Advertisements


#2
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Hi! My name is Jasmyne and Welcome to Geeks to Go!

I'm sorry you are having issues with your computer but I will do my best to resolve them as quickly as possible. I know having an infected computer is frustrating because I was once where you are now!

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

  • You may want to print out these instructions, or copy them to a text file so that will have a copy in case you loose your connection to the internet during a removal process.
  • Please make sure to carefully read any instruction that I give you and in perform them in the order they are posted. If you're not sure, or if something unexpected happens, do NOT continue! Stop and ask! Never be afraid to ask questions! :)
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please note that there is no "Quick & Easy Fix" to most malware infections and we may need to use several different tools to get your system clean.
  • Please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.
  • Please reply within 3 days. Topics with no reply in 4 days are closed!

With that all stated, let's get started! :)

Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Please check the box next to Scan All Users.
  • Make sure Use SafeList is selected under Extra Registry.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    /md5start
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    dir C:\ /S /A:L /C
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0

#3
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts

Hi! My name is Jasmyne and Welcome to Geeks to Go!


Hello Jasmyne - thank you for your help.

OTL.Txt

OTL logfile created on: 7/15/2013 7:40:58 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robyn Bri\Desktop\fix
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 45.00% Memory free
3.94 Gb Paging File | 2.41 Gb Available in Paging File | 61.15% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 63.57 Gb Free Space | 44.93% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 148.49 Gb Free Space | 99.63% Space Free | Partition Type: NTFS

Computer Name: MARGIE | User Name: Robyn Bri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/14 21:37:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\fix\OTL.exe
PRC - [2013/07/12 11:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/08/04 15:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/07/19 06:23:08 | 002,567,272 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/22 05:25:30 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2007/07/31 06:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/07/24 19:26:38 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/07/24 19:26:38 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/06/28 08:53:04 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
PRC - [2007/06/28 08:53:02 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007/06/28 08:53:00 | 000,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007/06/28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007/06/25 14:41:08 | 004,489,216 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/20 15:35:06 | 002,523,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
PRC - [2007/06/20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
PRC - [2007/06/20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
PRC - [2007/06/15 12:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007/06/07 14:30:30 | 005,742,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
PRC - [2007/06/05 07:49:30 | 003,682,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
PRC - [2007/05/31 09:32:14 | 000,551,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/02/20 06:10:26 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/02/12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/01/10 16:51:06 | 000,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/15 07:37:35 | 000,130,560 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\Temp\b4dc2f579a2245498bd2842fc15fa942\http.dll
MOD - [2013/07/15 07:37:34 | 000,155,648 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\Temp\b4dc2f579a2245498bd2842fc15fa942\filesys.dll
MOD - [2012/12/21 14:17:47 | 000,139,264 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2012/12/21 14:17:46 | 002,052,096 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmp.dll
MOD - [2012/12/21 14:17:46 | 001,339,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommon.dll
MOD - [2012/12/21 14:17:46 | 000,835,584 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBase.dll
MOD - [2012/12/21 14:17:46 | 000,786,432 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2.dll
MOD - [2012/12/21 14:17:46 | 000,770,048 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxIm.dll
MOD - [2012/12/21 14:17:46 | 000,679,936 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2012/12/21 14:17:46 | 000,495,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProc.dll
MOD - [2012/12/21 14:17:46 | 000,430,080 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFF.dll
MOD - [2012/12/21 14:17:46 | 000,232,448 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2012/12/21 14:17:46 | 000,086,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2012/12/21 14:17:46 | 000,057,344 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2012/12/21 14:17:46 | 000,013,824 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\MEshim.dll
MOD - [2012/12/21 14:17:46 | 000,009,728 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2012/12/21 14:17:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2012/12/21 14:17:45 | 000,405,504 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2012/12/21 14:17:45 | 000,338,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2012/12/21 14:17:45 | 000,338,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2012/12/21 14:17:45 | 000,120,832 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2012/12/21 14:17:45 | 000,083,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2012/12/21 14:17:45 | 000,061,952 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2012/12/21 14:17:45 | 000,051,712 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2012/12/21 14:17:44 | 001,035,264 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2012/12/21 14:17:44 | 000,667,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2012/12/21 14:17:44 | 000,335,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2012/12/21 14:17:44 | 000,303,104 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2012/12/21 14:17:44 | 000,246,272 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2012/12/21 14:17:44 | 000,223,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2012/12/21 14:17:44 | 000,171,008 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2012/12/21 14:17:44 | 000,115,200 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2012/12/21 14:17:44 | 000,095,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2012/12/21 14:17:44 | 000,081,920 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2012/12/21 14:17:44 | 000,077,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/02/20 06:10:20 | 000,192,512 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx
MOD - [2007/02/20 06:09:22 | 000,094,208 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VPCD.dll
MOD - [2007/02/20 04:34:48 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll


========== Services (SafeList) ==========

SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/11 18:31:11 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2008/10/22 05:25:30 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/31 06:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 19:26:38 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/07/13 10:55:56 | 000,292,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007/07/05 17:43:04 | 000,079,736 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007/06/28 08:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/06/28 08:53:02 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007/06/28 08:53:00 | 000,188,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007/06/28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007/06/20 15:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/06/20 15:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007/06/20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007/06/20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007/06/20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007/06/20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007/05/24 08:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/02/12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/01/10 16:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\point32k.sys -- (Point32)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009/08/14 06:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 06:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/01/04 21:34:36 | 000,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/12/04 17:10:30 | 000,016,640 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/09/01 11:06:13 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/08/16 10:01:06 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/31 06:04:34 | 000,328,704 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/30 04:04:02 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/06/27 19:29:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/06/15 09:28:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/06/14 12:02:13 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/06/14 12:02:13 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/06/05 05:17:29 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/05/24 17:36:21 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/19 06:07:14 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007/04/19 06:07:14 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/11/06 00:09:26 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{5B58F4CF-2D74-4EBB-AD8C-1DDAA576FA7D}: "URL" = http://search.aol.co...onType=sny_ie7;
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=EIE9HP&PC=UP50
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\..\SearchScopes\{B428C76D-8FFC-4BB2-A2B9-D373B17575D3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/24 09:29:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/24 09:29:58 | 000,000,000 | ---D | M]

[2011/08/10 21:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/10 21:33:01 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/06/22 22:30:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/22 22:29:55 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/06/30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/07/29 21:13:15 | 000,002,236 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\askcom.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://blekkosearch....=homepage&v=1_2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: Angry Birds = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Click to call with Skype = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\
CHR - Extension: Gmail = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
O7 - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (Reg Error: Key error.)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...5/uploader2.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Reg Error: Key error.)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (Reg Error: Key error.)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Reg Error: Key error.)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2007\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O20 - Winlogon\Notify\DfLogon: DllName - (LogonDll.dll) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Robyn Bri\Pictures\Pantone.jpg
O24 - Desktop BackupWallPaper: C:\Users\Robyn Bri\Pictures\Pantone.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2013/07/14 21:38:45 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\Desktop\fix
[2013/07/14 17:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/07/14 17:57:37 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2013/07/11 19:04:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013/07/11 19:04:11 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013/07/11 19:04:11 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013/07/11 19:04:11 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013/07/11 19:04:10 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013/07/11 19:04:08 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013/07/11 19:04:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013/07/11 19:04:05 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013/07/11 18:47:57 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\AppData\Roaming\Mozilla
[2013/07/11 18:24:26 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013/07/11 18:24:21 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2013/07/11 18:24:20 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2013/07/11 18:24:19 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2013/07/11 18:24:18 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2013/07/11 18:24:17 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2013/07/11 18:24:16 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2013/07/11 18:24:16 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2013/07/11 18:24:16 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2013/07/11 18:23:41 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qedit.dll
[2013/07/11 18:23:40 | 001,548,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2013/06/28 16:25:40 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\Documents\My Media
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/07/15 07:41:59 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1002UA.job
[2013/07/15 07:37:18 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2013/07/15 07:37:07 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/15 07:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/15 07:30:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/15 06:51:59 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006UA.job
[2013/07/15 05:49:08 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 05:49:08 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/14 21:49:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/14 21:10:42 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/07/14 20:53:07 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006Core.job
[2013/07/14 20:42:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1002Core.job
[2013/07/14 17:59:59 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2013/07/14 04:28:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Pro.job
[2013/07/13 19:57:15 | 000,420,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/07/11 19:20:21 | 000,615,984 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/11 19:20:21 | 000,108,954 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/09 07:10:41 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2013/06/24 17:06:02 | 000,002,627 | ---- | M] () -- C:\Users\Robyn Bri\Desktop\Microsoft Office Word 2007.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/07/14 21:10:42 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/07/14 17:59:37 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/02/08 13:38:33 | 000,007,680 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/18 10:38:50 | 000,005,689 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\My Profile.xml
[2013/01/16 10:51:25 | 000,047,403 | ---- | C] () -- C:\Users\Robyn Bri\domain names.pdf
[2013/01/15 21:35:13 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2013/01/15 21:35:10 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2012/12/11 14:17:28 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2011/02/13 22:03:27 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007/09/12 05:16:22 | 001,132,112 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Custom Scans ==========

========== Base Services ==========
SRV - [2006/11/02 02:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/19 00:33:43 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/19 00:33:01 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/10 23:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/10 23:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/10 23:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/19 00:33:49 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2013/04/23 21:00:30 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/10 23:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/10 23:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 08:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/19 00:34:08 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/10 23:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/19 00:34:34 | 000,288,256 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/10 23:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2009/04/10 23:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/19 00:34:49 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/19 00:35:36 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/19 00:35:36 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/19 00:35:38 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/19 00:35:57 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/10 23:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 07:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/10 23:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/19 00:36:15 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/10 23:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/10 23:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/19 00:36:20 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/10 23:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 09:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/10 23:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 11:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/10 23:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/10 23:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/10 23:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/10 23:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/10 23:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/19 00:36:20 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/10 23:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/10 23:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/10 23:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/10 23:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/10 23:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 15:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/10 23:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 12:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 04:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< MD5 for: EXPLORER.EXE >
[2008/10/28 23:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/28 23:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 20:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/03/10 22:54:13 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2008/03/10 22:54:12 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 19:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006/11/02 02:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008/01/19 00:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SERVICES >
[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services

< MD5 for: SERVICES.CFG >
[2013/05/10 00:57:30 | 000,558,879 | ---- | M] () MD5=3679F8D3253DC110D1D8F2AE115EE00C -- C:\Program Files\Adobe\Reader 10.0\Reader\Services\Services.cfg
[2011/06/06 13:55:30 | 000,584,045 | R--- | M] () MD5=B82DD53FA8C260DDD7FDC42182DB816E -- C:\Windows\Installer\$PatchCache$\Managed\68AB67CA7DA73301B744AA0100000010\10.1.0\services.cfg

< MD5 for: SERVICES.CSS >
[2005/06/29 15:48:58 | 000,014,339 | ---- | M] () MD5=9D415BDEF74ADF7B0CD791E40A911A38 -- C:\Program Files\Intuit\QuickBooks 2007\Components\Services\services.css

< MD5 for: SERVICES.EXE >
[2008/01/19 00:33:28 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2006/11/02 02:45:40 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=329CF3C97CE4C19375C8ABCABAE258B0 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe

< MD5 for: SERVICES.EXE.MUI >
[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui

< MD5 for: SERVICES.HEARSTMAGS[1].XML >
[2013/01/17 20:38:12 | 000,000,213 | ---- | M] () MD5=FAE29A00F65E87EA1AFF8463165935BD -- C:\Users\Robyn Bri\AppData\LocalLow\Microsoft\Internet Explorer\DOMStore\Y6FB02OJ\services.hearstmags[1].xml

< MD5 for: SERVICES.LNK >
[2008/10/01 07:08:36 | 000,001,688 | ---- | M] () MD5=5D9848115699058AB16A7FAB75C79CF8 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/10/01 07:08:36 | 000,001,688 | ---- | M] () MD5=5D9848115699058AB16A7FAB75C79CF8 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk

< MD5 for: SERVICES.MOF >
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof

< MD5 for: SERVICES.MSC >
[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6000.16386_none_cd2d20a848cfd40f\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc

< MD5 for: SVCHOST.EXE >
[2006/11/02 02:45:47 | 000,022,016 | ---- | M] (Microsoft Corporation) MD5=10DA15933D582D2FEDCF705EFE394B09 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
[2008/01/19 00:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/19 00:33:32 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/19 00:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/19 00:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006/11/02 02:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006/11/02 02:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008/01/19 00:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< dir C:\ /S /A:L /C >
Volume in drive C has no label.
Volume Serial Number is 90F9-3890
Directory of C:\
12/26/2007 08:55 AM <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
12/26/2007 08:55 AM <JUNCTION> Application Data [C:\ProgramData]
12/26/2007 08:55 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
12/26/2007 08:55 AM <JUNCTION> Documents [C:\Users\Public\Documents]
12/26/2007 08:55 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
12/26/2007 08:55 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
12/26/2007 08:55 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
12/26/2007 08:55 AM <SYMLINKD> All Users [C:\ProgramData]
12/26/2007 08:55 AM <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
12/26/2007 08:55 AM <JUNCTION> Application Data [C:\ProgramData]
12/26/2007 08:55 AM <JUNCTION> Desktop [C:\Users\Public\Desktop]
12/26/2007 08:55 AM <JUNCTION> Documents [C:\Users\Public\Documents]
12/26/2007 08:55 AM <JUNCTION> Favorites [C:\Users\Public\Favorites]
12/26/2007 08:55 AM <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
12/26/2007 08:55 AM <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
12/26/2007 08:55 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
12/26/2007 08:55 AM <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
12/26/2007 08:55 AM <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
12/26/2007 08:55 AM <JUNCTION> My Documents [C:\Users\Default\Documents]
12/26/2007 08:55 AM <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/26/2007 08:55 AM <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/26/2007 08:55 AM <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
12/26/2007 08:55 AM <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
12/26/2007 08:55 AM <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
12/26/2007 08:55 AM <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
12/26/2007 08:55 AM <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
12/26/2007 08:55 AM <JUNCTION> My Music [C:\Users\Default\Music]
12/26/2007 08:55 AM <JUNCTION> My Pictures [C:\Users\Default\Pictures]
12/26/2007 08:55 AM <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Guest
03/04/2013 12:00 PM <JUNCTION> Application Data [C:\Users\Guest\AppData\Roaming]
03/04/2013 12:00 PM <JUNCTION> Local Settings [C:\Users\Guest\AppData\Local]
03/04/2013 12:00 PM <JUNCTION> My Documents [C:\Users\Guest\Documents]
03/04/2013 12:00 PM <JUNCTION> NetHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
03/04/2013 12:00 PM <JUNCTION> PrintHood [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
03/04/2013 12:00 PM <JUNCTION> SendTo [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\SendTo]
03/04/2013 12:00 PM <JUNCTION> Start Menu [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu]
03/04/2013 12:00 PM <JUNCTION> Templates [C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Guest\AppData\Local
03/04/2013 12:00 PM <JUNCTION> Application Data [C:\Users\Guest\AppData\Local]
03/04/2013 12:00 PM <JUNCTION> History [C:\Users\Guest\AppData\Local\Microsoft\Windows\History]
03/04/2013 12:00 PM <JUNCTION> Temporary Internet Files [C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Guest\Documents
03/04/2013 12:00 PM <JUNCTION> My Music [C:\Users\Guest\Music]
03/04/2013 12:00 PM <JUNCTION> My Pictures [C:\Users\Guest\Pictures]
03/04/2013 12:00 PM <JUNCTION> My Videos [C:\Users\Guest\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
12/26/2007 08:55 AM <JUNCTION> My Music [C:\Users\Public\Music]
12/26/2007 08:55 AM <JUNCTION> My Pictures [C:\Users\Public\Pictures]
12/26/2007 08:55 AM <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Robyn Bri
01/14/2013 04:15 PM <JUNCTION> Application Data [C:\Users\Robyn Bri\AppData\Roaming]
01/14/2013 04:15 PM <JUNCTION> Local Settings [C:\Users\Robyn Bri\AppData\Local]
01/14/2013 04:15 PM <JUNCTION> My Documents [C:\Users\Robyn Bri\Documents]
01/14/2013 04:15 PM <JUNCTION> NetHood [C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
01/14/2013 04:15 PM <JUNCTION> PrintHood [C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
01/14/2013 04:15 PM <JUNCTION> SendTo [C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\SendTo]
01/14/2013 04:15 PM <JUNCTION> Start Menu [C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Start Menu]
01/14/2013 04:15 PM <JUNCTION> Templates [C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Robyn Bri\AppData\Local
01/14/2013 04:15 PM <JUNCTION> Application Data [C:\Users\Robyn Bri\AppData\Local]
01/14/2013 04:15 PM <JUNCTION> History [C:\Users\Robyn Bri\AppData\Local\Microsoft\Windows\History]
01/14/2013 04:15 PM <JUNCTION> Temporary Internet Files [C:\Users\Robyn Bri\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Robyn Bri\AppData\LocalLow
01/19/2013 11:22 AM <JUNCTION> PlayReady [C:\ProgramData\Microsoft\PlayReady]
0 File(s) 0 bytes
Directory of C:\Users\Robyn Bri\Documents
01/14/2013 04:15 PM <JUNCTION> My Music [C:\Users\Robyn Bri\Music]
01/14/2013 04:15 PM <JUNCTION> My Pictures [C:\Users\Robyn Bri\Pictures]
01/14/2013 04:15 PM <JUNCTION> My Videos [C:\Users\Robyn Bri\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
08/08/2011 08:33 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
08/08/2011 08:33 PM <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
08/08/2011 08:33 PM <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
08/08/2011 08:33 PM <JUNCTION> My Documents [C:\Windows\system32\config\systemprofile\Documents]
08/08/2011 08:33 PM <JUNCTION> NetHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/08/2011 08:33 PM <JUNCTION> PrintHood [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/08/2011 08:33 PM <JUNCTION> Recent [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent]
08/08/2011 08:33 PM <JUNCTION> SendTo [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo]
08/08/2011 08:33 PM <JUNCTION> Start Menu [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu]
08/08/2011 08:33 PM <JUNCTION> Templates [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
08/08/2011 08:33 PM <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
08/08/2011 08:33 PM <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
08/08/2011 08:33 PM <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\Documents
08/08/2011 08:33 PM <JUNCTION> My Music [C:\Windows\system32\config\systemprofile\Music]
08/08/2011 08:33 PM <JUNCTION> My Pictures [C:\Windows\system32\config\systemprofile\Pictures]
08/08/2011 08:33 PM <JUNCTION> My Videos [C:\Windows\system32\config\systemprofile\Videos]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
77 Dir(s) 68,079,951,872 bytes free

< End of report >



Extras.Txt

OTL Extras logfile created on: 7/15/2013 7:40:58 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robyn Bri\Desktop\fix
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 45.00% Memory free
3.94 Gb Paging File | 2.41 Gb Available in Paging File | 61.15% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 63.57 Gb Free Space | 44.93% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 148.49 Gb Free Space | 99.63% Space Free | Partition Type: NTFS

Computer Name: MARGIE | User Name: Robyn Bri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-291611602-1755704891-1640183286-1002]
"EnableNotifications" = 0
"EnableNotificationsRef" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-291611602-1755704891-1640183286-1003]
"EnableNotifications" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C9E7D7-DFAF-4D56-9681-3EE594217AF6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04FC9E22-717F-466C-A0C7-33A996239956}" = rport=3702 | protocol=17 | dir=out | app=c:\windows\system32\netproj.exe |
"{0A2ED3DA-C315-4158-A957-847A0EC3D3A7}" = lport=5358 | protocol=6 | dir=in | app=system |
"{3C0487AA-2CFA-4442-9442-35C7CCF95976}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{45DE8512-A5EB-4FD6-9302-2DC8B8615A3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{559F2100-BB2B-49F3-B142-15E036459272}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5E3EC6BD-AF14-4930-B0B7-657D90DD3CDA}" = rport=5357 | protocol=6 | dir=out | app=system |
"{68B222DF-3E3E-413D-9F9F-1AA558AFA73B}" = lport=3702 | protocol=17 | dir=in | app=c:\windows\system32\netproj.exe |
"{6C803307-E296-471F-84EC-67E5B76B66DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7AF4F026-44DC-4D9E-8D09-F8742907930B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{854CF5D0-C5A2-42D5-995C-AFE9C657A943}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{873D97F5-A2E2-4766-9DA0-B512893248C3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9005202C-B5C0-4194-BB84-40CAEDCA3870}" = rport=5358 | protocol=6 | dir=out | app=system |
"{B8B6742B-A1B7-455A-8C78-F142F14C4B23}" = lport=5357 | protocol=6 | dir=in | app=system |
"{BAD3D1DE-B2E8-43C3-967C-46E86F193980}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CF49ED2C-8758-4CA5-AFA4-C61567557D53}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D0578ECD-DC5A-4E78-8D22-D35325C89A28}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D0E6D7AF-A9B2-4D16-9E00-A92E50831368}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D48C7C79-6B4C-43CF-B402-652F85B4B76F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE90B3EE-2DC9-4164-A479-7DA465018B03}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{EF398C0C-0A76-4BC3-AC1F-6F79621B33F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F6FBCE7C-4F14-4982-AD38-1FEA1BEA8689}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF5E3D06-4FA2-400C-9787-F6F8B81662F6}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{002DA5AA-4414-46E1-A79D-5AF4A5FA6D9F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{00857C61-38B9-4A87-806A-673B4DC1338E}" = protocol=6 | dir=in | app=c:\users\bby\appdata\roaming\dropbox\bin\dropbox.exe |
"{01D4C938-9FA9-408A-9616-7F44D161D8BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0253229D-69F8-4A46-A40B-EAF7644F0265}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02A83549-574C-4184-A238-2FC41533FC9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02B2598A-F531-4E95-B95C-D0CE4A1A2F06}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{040188DF-D24E-474B-8EAE-9A0F1B7EA6A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{044E4176-66BF-47D8-AFF3-E6B79F54003F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{05016AD8-0DD6-49A8-9F3B-CB2F031255A6}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{050463D9-306B-4AFE-8B2A-B9F1ADBA5D76}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\upnpframework.exe |
"{0589E8A4-F5AA-40A2-931A-16DD93BD57C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{076BCFAF-065B-4ABB-98BB-3B4D863B2A98}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0799696B-0A49-42C1-B1DB-186F42C886F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08F20107-A881-4DED-92DB-CDAE4962BB47}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{08FDFBC6-3791-4965-929C-A021F6BBBD15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{096612F5-D8D0-4C13-9F64-670EEDB2A894}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{09C4B4A1-8935-4F93-B310-7DE95B17C1CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A5DC849-9FD1-4D02-95A1-BF6F7C22DFD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0AF10003-47DC-4D13-BBDA-3C9B7F5DB0DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B323195-6EA9-4653-89B5-EE09EF2CF3A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0C575B90-3FEA-4CF7-BDE1-3ED87D9F5755}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D7A99B1-B455-4F41-BB81-A37D0C456A80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E054D81-53D0-4993-89E4-939BA9634451}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0E4569E4-2949-440F-A838-7136B3FA8935}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F425C74-2BBB-4BCF-9D90-550D451AA787}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{135F2789-B02E-417B-9077-00D07D0670F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{137468D9-E374-4078-8ABE-64B09FEC3DF6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{137EEB24-1278-4467-8BD3-B188EC05A205}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{13FFCA74-A8BA-4560-A766-4E23DACB644B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{14AE5D15-6D58-4AAC-9AB8-5CDA56318802}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\vmisrv.exe |
"{14CAE6D6-3F59-4EC6-AB6A-40612616B077}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{168697FD-B93F-46DE-B121-DD71D67107C7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{189D1217-DB26-4BFA-8113-FD303B323614}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1981C37A-12C7-461D-A54A-8BB79EC5F86A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19867DC5-2B4F-44C4-B54C-C8AC2C9BEBAB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1989C500-0EEA-4375-B167-97B170DB075D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{199BFD45-05A3-433A-A091-458DAB29DC01}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D153F21-FF0F-417D-BDB5-8DA7D0468C0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D2882ED-B501-475D-A63D-9B896DAE00B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1D520F30-1AF5-4BE1-B5E5-54E9D0C04BA2}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\vmisrv.exe |
"{1D686CD5-753D-45FC-812E-A1952AA89DBA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1EA8E554-8618-4DA8-B575-36EDD4615BCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F56E411-72B9-4E27-8A19-B6998D1587A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1FBFF506-187E-44F4-9B0D-909D9D52786A}" = protocol=6 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{1FD111E1-E1F3-461A-9BEB-A2FA9AB66100}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20541E04-0185-4725-9763-37A5761F2EA2}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{2080ABD4-6A24-4A28-AE6D-CC40DC38DF70}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20CA0061-F470-4B5A-A314-0809C3830ACF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21069343-9B2F-492E-90FC-79051D69C693}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{21ACC26A-B10D-44C1-BBC5-77E28E26F941}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22553FDF-1B21-4D18-A1E1-BEE7B3AFAA68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{225CB4E8-8137-4EDE-A374-9C50EC90B539}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22765E14-B593-49C9-9FF0-859E707DC6F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2301AAA9-07E0-4BAF-A697-FF8149C47EC5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23351BB1-9B03-401A-99A1-A6CC6673E2B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23533C37-78A3-4C1D-B7E7-FF7CC4CDF6F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{23617030-9A6E-4B51-9389-5C6C7233E8BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24073274-5031-4DF4-816F-BED00A18FB7F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24C3DF40-ED07-4A52-8425-50BD53BC97C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24CFFEB2-0033-4025-B5C9-4F1EAB344F56}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25273EE6-F493-4F6A-9627-085A94F617A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2545788A-6E65-47D5-80EB-1E840F653C89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25873AA9-5254-475F-8CB8-2BE8CE15B8F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25C66D49-EC2C-47B8-ABE1-305A171818D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{25EC9745-65F2-4E23-B501-B01993B70831}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2613B7CA-3618-458A-907B-C1A385868B90}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{270DE519-E2F0-4636-A67E-76355BF24BC8}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\vmserversettings.exe |
"{289E7FFA-93DE-40AD-992E-32203964A9B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{29584AB5-FC96-4E3E-B220-E5B4E0F784D8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A15EC5C-48E8-444E-AB8B-A68227401023}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A678BCE-E7D8-414F-B38E-0056E9DE0ED4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2A83A922-FC3C-41DC-99B4-E2152B1B0FC1}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{2A8C2443-B3DD-451C-8B22-378BC79731F1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B0AAC86-3FC8-4042-823A-D78E6586089F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B0B7AC6-DCEE-4BEA-9EC2-F619FF307591}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B146C91-36CC-420B-B136-279DFC659EA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B73BC27-1D71-4C0C-A727-70213D93309E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C41FE12-6454-44F6-AD40-64E69735FBAD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D13EAE1-6892-41BB-AF2A-A8411C58E531}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D362CFD-B521-4697-BB11-013D58ECCBF9}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2E0F3EEE-DDFD-4A8C-881F-4FB7487A6201}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FBFF472-D896-4D6A-80B1-1F5F52E7F5D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30350731-90F0-41F7-AB6A-19A74BFD6F03}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30B63962-E89B-4A45-A850-491C317D194A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{30D89FCA-8470-4566-899B-640CACC15982}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{316BF870-5C87-486E-B6FD-DCAF9076786D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{344DE48E-C6FC-435F-BAD2-25FB43E3373C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{34879526-6069-49A0-908E-0D475FB6C956}" = protocol=6 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{34FF1961-557F-46D9-B136-7FB24ABA7476}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{354BEC55-0F20-4B4E-A1FB-32F0C9680786}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35588560-BF3F-4992-A333-63929BAC44E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{356984C6-BD47-450F-9334-5A706F22092B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{366C4D28-6338-4E4F-BFCA-39E90859FDCC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36D9885D-C77B-4A49-ABD8-9316A447741E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3743477C-80E8-4688-8E4F-83ED6D50E055}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{376EEF95-A6EC-45C0-AEE9-62084E706BD8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38A24AC8-4FE8-4720-B9B0-0D3155749358}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{38EB1EEA-4BDD-42E4-BD0E-41688F2BD2CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A5C13EB-4956-4B69-AE1C-1A7A2A5DBE0A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B35015B-2B35-4983-A8BC-649A4484101E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3B93749C-B2FA-492F-9EBA-EAF8EAA653A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3BFFE67B-F6B5-44F3-AECA-785C2C775719}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C359487-0215-49AC-8520-80A9D1B31DF1}" = protocol=6 | dir=out | app=c:\windows\system32\netproj.exe |
"{3C5AC019-FABE-4C31-9DDD-81E27A491D5C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C68DA5C-903F-43D1-B36F-AF47CD583AB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D72E3FD-748A-465E-9CE0-91E48A7BDC62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3E3052ED-3EF2-4D65-9D9A-9A04AF90DE85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3EB35496-9EC7-4A80-8CD0-9F2A3BC461DE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{403816AB-EE09-40D9-A31D-4FC141F7BA13}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{425A90AB-ACFF-46F6-8190-30B256488376}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{426DED9C-97E7-4E1E-B689-3507DD77FFC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{448F7E64-B8D4-4AE2-BE9B-ADF446E29E98}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{449A8996-B44A-4A91-9DC4-5BF2C637C641}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{44B263FB-A3EA-4EA8-BA9D-02D3F405778F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45DE6C72-5760-4E65-B40D-586633C9A115}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{466C7EF6-A287-4EC8-9322-525BF87986CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4697C91F-3C73-42F2-A39A-74FE6DC89B92}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\upnpframework.exe |
"{46A52E8E-B43F-4521-A481-ABBE63C8EA7A}" = protocol=17 | dir=in | app=c:\users\bby\appdata\roaming\dropbox\bin\dropbox.exe |
"{477EEB07-1ECB-4C23-A302-3526519EA865}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47BD5B62-B5FF-4EA9-8FC5-823DCADAA537}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47F0B769-A48E-4537-8930-08B834531C22}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{48D393A6-7AB3-41B0-B22B-A7B01D912A5A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{497A1597-29B2-4E39-B7AF-86FBBE7E49BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{499881AD-6245-4D57-865F-BCE69CC13181}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4B1A92A9-DEFB-466B-92F9-81FB5A7F2A5C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4BFE0C11-0A77-4AAC-904D-1B63E05B80AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4CD98FCA-DE22-4AA5-92A4-B13DD5448D85}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4CFB2AAF-59C2-45B4-B2B7-4C5E143D1A90}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4DFC2C86-692F-48C4-A2F7-828448E2133F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E4A2945-BB12-49C7-8E5E-EB9F8274A5CE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E8B7A6C-1F1D-4415-9F47-BC6E2BCAB1CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4E957A44-08CE-429B-A5FF-9ECB8216628F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F081042-8808-42DC-AAC6-863A7DA52044}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F0AE481-B809-4C7E-A242-6BEC9E20C960}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{50524621-358D-434C-B164-15F486219242}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5099AF05-966A-4531-BDA8-E3C132E452D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{52414530-341E-4BBF-8104-55698224AD80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{52979125-2589-4A6B-A420-7A590D58F193}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{532011EC-0363-4ED8-BBC4-D3FFEDC8A22A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{534EFAB8-1D27-4E6E-B39B-AFD82575D1E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{535D0B35-503C-474E-8A12-9E9ACFF34CB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53790C5D-9894-4A68-8960-74E017E698FE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53B4491A-5E35-43C6-A594-D606CCB6B124}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{53E1D729-B414-4CBF-802C-20CA7F3D80A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{549D0803-7FE9-4BE2-A73A-6694FF545B1D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5526266E-D1B7-4F3E-B584-F604772972F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{553385A3-988E-4825-BA32-7DEF7EC3D335}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{554D47F2-98AC-46CB-A166-AD1F535EFB77}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{55512D9D-0049-4580-92A7-70FDE204C137}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{561563C0-D15F-4451-9B23-DF37CFA618C3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{56782806-EDB9-4DF4-97CA-639E716DAC26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5713414B-2A7E-42BC-BE1E-08FA7E5BD351}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5816CC37-3420-47E9-A00D-21691FD7F860}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5892985A-E95B-45C9-8629-3D20DA4EEF3E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{596425E5-A777-4256-86E1-210AE4333451}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{597601A7-4C64-41F3-988B-5A5494B1B0AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A194268-E470-473A-BAD4-927EB0252FB8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A5892B0-59C9-43FD-B742-14E454FECF97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A627656-952E-4700-9E0B-1AA45921EE76}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A6E959A-3AD8-4BAA-AB30-C3BABDA514E9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5AD18142-D3C1-4CB8-B579-D910598DECEC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5AF7B3B6-1AEE-4EA3-BCEC-13F2FD6B3C1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C6FAFD3-435B-41A6-8262-1D20FCF1556D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D4E30F8-B035-406C-B1A1-A55684664292}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5D62B815-E368-472B-8F0C-13DFACBCD93C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5E400E2C-E766-45FE-BCD1-A75FC13567F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5EC22196-4032-4DC6-9BCE-65B41C7313F1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5EF7FD0E-8995-4F87-A37F-2392A74994B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F0468AB-16D0-43AD-B791-42454677B7CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{601598C8-34C7-4A9C-9DF0-70D7FA1162EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60EBD5EE-CC32-4E07-91B1-A67BF792B4FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{60F157EB-479F-4A54-BEAA-EBBE40EAEBE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61146153-DD4D-4E31-9AC2-12E2C1147CBA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61259DF6-842D-4F0B-9B41-532253AA9FB4}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\sv_httpd.exe |
"{613B5EF9-E498-4EAA-8B90-FF726623CA6D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61B9D9C3-8D38-4112-8AA9-D93F85105632}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62B20125-4B9E-44A9-B6D7-EEE6B97A4FD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{62E82591-6AE6-477B-B9CE-9A92919B42F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63CA7EAB-B359-4097-A416-EF093BB1E6CA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63D413AB-73D1-4BE1-8C0C-B1ED5B70574A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{641167F6-AE75-4D38-A673-E5E4D6CC42CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64911C09-9C95-4F50-A7D3-487A4038FA2A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64954490-F479-45BA-9781-F76E6D4714B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{64B62D39-5A69-457C-B2DC-C7175DEA403D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{65711B4D-9D99-4C51-8E21-6B55E594B6D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{65ECEB8E-2D8B-4847-8151-6A23BEA4D9E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{66B292CA-4D87-4085-B0AC-679C39869359}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{67567ED4-DBAB-4315-A87E-A660D18BDD8E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{675E6F2B-A0F5-4643-AA3F-498FDD0B5C0D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{677ACEEC-D187-42AC-BC43-66B678B2B49A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{682A610C-4D8E-402E-997E-2A46A6B5E99A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6946A01D-6DB4-4DE6-BE99-A79B8FB2E5C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6C3515D5-642C-4F94-95EA-F7CED9BFE176}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CA9C3C3-D6FE-400D-A7DE-3CD83F07F737}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6CCC81FB-4693-4212-B592-57352DF449D4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6EBB14FA-D497-486D-9786-4DF6E26AC4A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7016AC2F-57C5-4F14-9C22-8AF7A3ECE322}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{704CED88-5033-4F9D-B0CB-10521CBAE004}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7052EEB8-F7CC-494F-B04F-0DE6C4D18F99}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{70E78E42-6952-4AE8-ABA0-0624EE9C0902}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{723F079B-F809-4A6E-9046-93DAB4C4D1B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{736A95BC-9950-483F-9EB6-D920AD4E68FF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{74015E84-F69F-4611-888B-9DEBACA95F2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{750A6A5D-FDEE-4108-B809-DCD0CD1A0268}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{75AB3156-6483-4B8A-8575-2F0DE5145F89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77160E57-787E-4967-BC35-E10C33DE3321}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78C6E88E-FF43-4B29-B147-DCEA7DC1030B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{791910D9-B3E7-4A26-A1E3-2FCD8237B34D}" = protocol=6 | dir=in | app=c:\program files\common files\apple\windows migration assistant\migrationassistant.exe |
"{797E646D-27A1-44E3-8CED-BF11ED10B776}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{79D2AF59-51BC-4AF7-A1A1-AEF84BF508B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A0F1881-B301-4CD1-8E07-C547DADD207B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7A4BDABD-B1C2-46A4-A668-A99CFF1CAE4A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7D7B750C-784E-4CC2-943A-AB4C5A32101A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F22AA85-E0A3-44BD-8E2E-69065EDCF7C5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7FB7DCCB-FC7C-4AFC-B94E-EDEEB120C650}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80545567-DE66-4EAA-9339-DB7C345D7032}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{834372F8-2AB2-469C-8AB5-C33A906887A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{83564858-DFEA-4DAA-84E1-1082F8EA7855}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8531BD37-AC52-4416-8CB0-221797651712}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85610DEC-744F-4FBA-94A9-8111EF377B1B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85AAB168-D939-4628-8777-43DA4FCF3B43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85AC5D86-38BA-46D7-AD4A-0B2A88992DD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85F5466A-31B6-461D-B9A7-86938CE6F07D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{863ADFCA-5722-4031-B017-C933343C9DCC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{868CCF95-C2F2-4FED-A356-7659483B6B4B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86955877-2515-4788-8743-1910FA8469A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{86B8540D-F889-4AD8-8C1F-8A163A1E1E6E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{874C482F-8126-40BD-9D60-A31282ABEBF8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{87DEFF74-3CED-4E3E-9D60-9C3B6D9D32C9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8807BC82-5B89-42D4-B6D9-63C1D0181ECF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{884BC007-90D2-4D93-937C-51CEB99C604D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89B65D10-20F4-4AEF-9C9E-4289FE7F5596}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8AEE29DB-AAB6-473F-A4CF-45A764E362B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8B50B8D1-E3CE-41B2-8636-E2FF0FB64345}" = protocol=17 | dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{8B6B8E1C-F352-4924-B826-660207709157}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C6C0145-7A0A-4C5B-8452-2443D4EC3866}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8CDA122C-146E-4027-8873-5ED0953C9C9A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8D2537A2-5CFF-4894-908E-536C2B9991E0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{8D633862-A8D9-4CF3-A7C6-F973E32C0EAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DDEFBB9-7C5B-4CC1-B209-2DE81DE4C49F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DEC5335-B07F-4005-AB95-D520DCDEC1FE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8E5DC454-3E52-4036-A38A-A3D8B2CDAE4D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8F97B141-C5FE-4F76-BA97-31A8DB629863}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FD70E70-2C58-4645-ABB7-CB5762C4DA21}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8FFF1735-F3ED-4CEA-A7EC-34C0E76F0374}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90F06714-99F3-495A-9443-3EBE9D4328CD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{915CF28C-896F-44AE-80EE-94E564649E18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9162F8E5-55E8-4D65-986A-20D5F17FD801}" = protocol=17 | dir=in | app=c:\program files\sony\locationfreeplayer\lfpc3\lfpc3.exe |
"{93D9CCE5-76CF-4E56-96A0-2EBBA359E830}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{947B85CC-664F-477E-B2BE-BC6FD72A44AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{95663875-BC79-4651-B41B-C5F325C8B0A9}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\vmserversettings.exe |
"{963B9170-2D38-4B79-9BB3-B54D6BF96F94}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{963C8A2E-72D6-44DD-8CA1-14650A131E2E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96DB8348-1BF8-456B-89DB-2335FCB4D028}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96ECFA3A-3C16-435A-8FBA-4C4979BDDADF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96F93C13-4C9E-40FF-92F5-547B7747525B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{97CF0E01-866C-4D8F-A344-3055D6922787}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98338FC5-AAFB-4CDD-9E08-2C39F20D611A}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{98AD96E6-3134-46E8-AB2B-6AECB3A64A69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98B5E420-55DE-4F64-B6BD-701DE67CB31B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98DE839C-20CA-4374-9CF5-A0CC0918CBB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98EDAE31-B5C3-4DA3-A8B9-B740E90F77F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9956C8DF-9BDC-46A6-88A2-8C59F283466A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{997EAA1C-8E80-475D-8C26-E14F03552A3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99DB1307-1F34-4512-808C-46138162F34C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{99E4AD2B-48DB-4AD1-BE81-8477CC3A1F4A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9C90F89E-4F1D-4F08-BD3A-4EF82C78ADA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CA3E6A8-E70C-4E8D-96C0-6BB627F339AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D2FAAD4-53B0-430E-923A-F4F1221A9D27}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DC553AF-26C9-4314-9AAA-1D9332B5E50E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DF62FA2-DDFB-4BA5-BBA8-96EE287415D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9F217709-6744-4145-A5E6-DFEFE6E66C37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9FB5088B-DDA5-400E-876B-EC27362F68AD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A01EB853-9F2C-4954-A872-AB8B5665512A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1153A64-D540-4AE5-B1CC-589A46EF403C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1AC00E2-F6A2-42BB-85EA-CA416F151A06}" = protocol=6 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"{A1D88D39-AAFE-4493-A4D8-F7C48937549E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A1FB1EBB-B084-4402-8570-8727F3F59B8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2040ECB-7AB9-4BF3-8CD8-0FC663F4DA91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A2C35B83-311F-4427-B564-3C47E297C382}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3326FD9-6669-4F38-8497-FA4158F0D460}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3ACA81F-EEE5-431F-8506-AB6B7E018F00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3C219D9-D80B-4B26-A9ED-22AE4FD83D4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A441694B-38C5-45FF-A68B-785CB1ECDAD4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A4AB51F2-86BA-4E41-B878-C72267F62B62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A65CB35C-A7A2-426C-B7C7-C46B9EB98865}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6A89556-B032-4F4D-9262-E62599B0DFEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A719E400-C3AC-4F6F-8A46-60817168E4C0}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\platform\sv_httpd.exe |
"{A76223DB-4AD0-477C-9CCE-B1DB8C22749C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A767F820-1C19-4C6F-A457-BEE2FCBC6884}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A80C6565-D011-4278-AAFF-1D99326D4D48}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8595428-C586-4903-B3E4-62694BEBAF16}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A8AC0295-6C0A-4543-9ABE-057AF44F8AAE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ABF4E7D1-6873-4EB3-B303-7BF6483F7A15}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AC5633D7-21CB-448A-AA8B-95379192E9C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ADB79513-1F25-45E6-AF7A-F879036B965E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE9B1145-BCD8-4C42-BBC7-8F0B495ACD18}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEEEE84D-A1B2-4EA9-8DE2-822492F03C7D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFAD49D8-88F0-4957-9615-B99AB186CEAC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B00317D4-27AC-4496-8496-847BBF8E5498}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B05E56FA-E821-4ED6-AD42-4324FD4626B7}" = protocol=6 | dir=in | app=c:\windows\system32\netproj.exe |
"{B1306FEC-11AA-4D31-B8F9-04470CDE7105}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B1804808-318E-447A-B654-C0839DFD4A54}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B38037DB-C8D9-4651-80D8-3DEA546C1DCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3A340C6-BF0E-413B-A73B-5CA97A6B8A7E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B426C20C-3A0D-43DA-BC2B-AA1C5E24466E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B4F2B320-5545-4350-A6E7-3771889298A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5CA8994-DD23-4980-B970-F24E8CF552A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5F88205-9A75-4328-9A26-DA980CB19028}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B788062A-5296-4DD9-8F5E-C4A473163700}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7A447E2-BD89-4F40-AD58-AD9C0B3B93DF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B7D825BE-1658-46DA-A6DB-460923933499}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8599257-8D0C-4CBE-96AA-13B4963BC92D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B9435974-9CA6-4BD8-BFE8-DFFCC58FD7B2}" = protocol=6 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{BAD3C94D-5E13-48F6-AB73-73AFA2BD7F1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BAEEF6CD-A359-4331-810A-9BE206EF5808}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB4C3CC1-C0CB-4ACE-A26D-6DDB9D976274}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB8FCA82-DCE7-4129-8F43-C812BA798101}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BC0B2004-623A-4797-9F8F-DDB2F3AA5DB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BCA3AAF7-2BFF-40A4-8A10-927C1371B2D2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD0DBE56-C1DF-452A-81B9-7BECD88C1F1E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD13ACDC-E50A-4C9E-BE42-E7F61CFA900F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD610C9F-8EA6-4FC9-BDF2-EC1F93AFA052}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDD8F81F-B58B-4B47-94F0-360DBF1CA8AA}" = protocol=17 | dir=in | app=c:\program files\windows collaboration\wincollab.exe |
"{BE6834FE-7801-408E-9B94-E55D432C519F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF52A310-23F2-4F97-A51B-932E866F808D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BFD7F24B-8D2E-429A-9357-44C0F9E693D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BFD832B7-CAC4-4DDB-AE7A-DB2A97D4F39E}" = protocol=17 | dir=in | app=c:\program files\sony\vaio media integrated server\ucls.exe |
"{C08F8F75-2C88-47C9-82CE-CD4E746554EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0C95EEE-7F10-4027-83EF-4D42DC32A0A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C177BCE0-4012-43B9-8408-7B434367B765}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1BEE2FE-DAEB-44C3-A572-835FF11008F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C23480D6-AD14-444F-A47D-BEFC6F192DC9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C2ABDCE2-7172-4494-8848-962E28E0F3AD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C35D487B-BBE3-43F4-B08A-F5AEED5C1E3C}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{C370C539-F4A8-43D9-A0C8-7099F7C2408F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C38EB82B-DFEF-4658-A1DF-349127DF6D7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3BA32A0-386D-4B69-8B76-A937E6FB3179}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C3E44B70-9C51-491F-AE38-F073D5C77D69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4395DB1-DF50-4A22-84F2-58DAD2B8681A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4E00BAC-7EBE-4940-AE6A-617E1F3D3813}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C581321A-9369-4D8F-BBCB-7699FC7F509A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C5CAF73E-C61F-480E-B89C-DD8A9E472468}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7DA12DF-92AA-4AB7-ABAD-CFC1A4A04D4B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C7DFB761-48B9-4F17-B177-85D141ACA928}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C8D0CB4A-F992-4EF4-ABC4-412B4C7FFBCB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C95D1894-EA1E-4CC5-8DEF-68A07EDCB6E3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA1FFD5F-40C6-40A4-907D-708EB03D717A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CA5F466F-7AE0-440F-9133-D270DAF4655B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAAB57CE-4397-4A25-A8C9-9B23F6366600}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAF094B9-D95A-4426-ABE5-D7BDC32CEBD3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB5CAFDD-A515-4C4F-8FC9-B8BA73B02EF5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CB79DB47-D5F5-446C-B138-0AA9BFA41BA6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD6E4F91-64FD-4A5C-952D-EA313A17A2D1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD94B1E0-B418-4C07-B60E-C2B4A69738F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDB9AF94-EB54-4782-A698-98F9408EF2AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDDE4600-EEB4-452C-95CF-92D126A9C332}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CDFA4A08-2BED-477A-BA1C-A085E0EEB374}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CE5BC25A-05B8-492B-BFFC-8A3DB7B58795}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CF95C6EC-23B4-4AAA-B0F7-353F36AC6669}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFA0618E-D95A-4254-83F3-1B5E7F5B9EB7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CFF5C040-1D51-418F-97DD-D4FEF35AE18B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D04EA2C4-EE5C-48FE-BE91-EABA8E318556}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D0E0EBCD-D163-4817-8406-9288E45960F8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D128960A-6057-41A7-8E68-BCE28D62D9A5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D15DCB79-D736-4457-BCB0-6C9CA0F88843}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D16E2DC6-5487-4F18-8AB7-DC03CC1DCDBB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D1E6F236-B88A-45A4-B1E8-DB208265FF82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D2CD9897-2B10-41E8-9AC5-A3D88C5066DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D42AB8A2-32AC-4EB2-8D05-CDBC5D4B09CB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D508800F-5CFB-4E8A-9BDB-34FEC8570AD9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D56B5A06-7C3A-4D0B-B190-DE1B1809C834}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D5CB0F80-5CAD-4A42-AB49-343C45DBC356}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D681E0B0-0945-43ED-8D9B-58435266B3E1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D806B0B8-C833-4F99-871E-1CF0810B8462}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8B23CAA-6F0F-42A6-AC13-828A82D60FB4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8CC2FCA-A610-4784-8A5D-2A907AA6D938}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D8CFF4CC-045A-43F4-A4B3-C71D0E872E34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D9527A8E-F199-4C6A-8C3A-97FF514C9593}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA1852A8-E463-4F59-8FD8-8BF2E0A7AEFF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DA74F812-C0C8-4BA4-953A-6CC2821BADE7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DAAB3778-7A60-45E4-8A9E-643C729E10DD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DADBC5DF-D11B-4A46-BB9C-A0ED698D63C1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DDA5EF7C-2F02-48EB-B7D9-BF929CBCF5EE}" = protocol=6 | dir=in | app=c:\program files\sony\vaio media integrated server\ucls.exe |
"{DE700876-3C51-4426-9357-A3E272643F11}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DEFAE66A-3969-4730-967A-B3EA7390FA20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF7E7B21-54E8-4586-9AE5-946BD25FED64}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E124F955-731F-42EE-BB9F-E5F1EDC4DAEB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E1EAC0C8-6106-4CC8-ABDD-F8E7281F39A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E26C40B5-93DA-4125-B5D7-094756E75041}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E2CE1E22-5F1C-4C7C-8580-6A19C371BA6F}" = protocol=6 | dir=out | app=system |
"{E376A77C-ACC1-465E-945C-6421848EC674}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E3E5307F-61AF-4828-B2A3-F5DF35EEDE9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E49FF7CD-9A3D-4B03-91CD-E67E3B472D3D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4A4BC87-D07E-41BB-AF3B-300728C6A176}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E4B4ED7C-990C-4F7C-9D75-57F466D19414}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E59693C1-24AD-472C-A4E0-D64AB2C3CF43}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E5D7D52E-2356-469C-AAB5-027553C2C00C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6797EF4-6732-4F31-8573-74AA48547EDC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E695E8F7-5E25-4D5F-AF9E-53FBC22F04A7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6B841EA-680F-4A62-BD6D-D3C9AFC31CDD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7010406-3752-4511-B1F6-A430A5D8CD49}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E749D57B-C4B9-4202-A857-6B48866DD3EF}" = protocol=17 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"{E74A602C-20BE-4E70-8A63-C148DB4C30B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E766DDF4-1F48-4652-916A-1CAB8A83D0F6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8AE9326-17A4-478D-8FEA-84AFD210B762}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EBDBD535-1664-4A56-ABD7-E6DEDCA1DA82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECD608E9-9649-49B2-8918-D70273067E46}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ED3C8BE8-5D8C-4276-8954-A644A57FF6DA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EE01E1F9-4BB1-424F-9442-0E3243FE0201}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F054BD78-DCC2-49F0-B4B1-394E9F9741A9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F2D04F0F-978B-4C91-B459-3007EB5A0195}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F35AC377-2CFB-4ACA-B324-0611F12C0274}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3D8736C-FFDE-41EF-AA5E-0FD9EF91E65F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F3FC728C-8FE4-4517-BC8C-7885FCD36605}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F448342A-D906-4D25-974C-B5B5E013E956}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F4A67D6F-019D-4608-A61B-0A2C4B86209B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F5F76CA9-2373-4F5B-BBE4-5BA32DA87C23}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F6203682-4599-4EB8-8DEE-8EF4FF9A3CD6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F71F8420-E58B-4E53-BEDF-113A2FC64782}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F737A532-5C7D-40FC-9459-66318EAC0CB9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F8C94589-87AA-4AE6-9E0C-6329FA3C5AF6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9DD9715-6D6D-41BC-A7D8-FCFC66B9339D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA0C506A-807C-4151-84D9-36D8D11C9C60}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FACB2F03-B312-427C-A349-4444BADB8493}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FAEA6FC9-87F9-43A2-BA04-14EAEEB13906}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB73D532-D187-4560-B70E-A9662DBB80BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB8B1310-24BE-48FC-8F56-1444C127DB3B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB97F1F7-09D0-4944-A9F1-0468DB78097F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FBCD2614-A995-43F9-85E3-323972CB058D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC0BA4E4-F068-49B4-809E-01E6C8B196B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FC13183A-A712-4B27-8208-82F9572EFD13}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FDE2B0F8-F449-461F-BC25-3391FDA40AD2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE57256F-2E23-4962-977F-E8C2BD8B8198}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE9F0717-8AB6-4C6A-95E4-2FA169926B45}" = protocol=17 | dir=in | app=c:\program files\common files\apple\windows migration assistant\migrationassistant.exe |
"{FF0D69CF-1978-4746-8D2D-FE73DCF01714}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF59DCE9-F870-40CB-BF9E-8A9B955CF4CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FF6A6E3A-78C6-46FA-AC3D-1A9202628A89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{39484996-6755-4028-8A69-A0F1A892B513}C:\program files\2x\client\appserverclient.exe" = protocol=6 | dir=in | app=c:\program files\2x\client\appserverclient.exe |
"TCP Query User{6E336955-1192-453E-BC17-1620EE2B7FA6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{9E80B56E-206A-4F32-99DA-85BE1F9E2948}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{B0CBCB38-5552-4086-B760-85BA8577F4D7}C:\Program Files\Java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{C1A788DE-3271-46F2-A38A-978F2A607FC7}C:\users\bby\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{F25646DD-AEF1-49DE-899B-218ACEFD4835}G:\bin\ia\core\mdm_util.exe" = protocol=6 | dir=in | app=g:\bin\ia\core\mdm_util.exe |
"UDP Query User{2F7D69B8-F7AE-4C50-BFF6-21989696C4A9}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{46A99CAB-2BB0-49A1-9E6B-4C25542294DD}C:\users\bby\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\bby\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{787A7FFF-F58C-4FAE-B880-5EA6768782BB}G:\bin\ia\core\mdm_util.exe" = protocol=17 | dir=in | app=g:\bin\ia\core\mdm_util.exe |
"UDP Query User{8C6C72CA-42DF-4737-8F5C-4503F17BA54E}C:\Program Files\Java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{8DFCEC92-B670-4D18-8C2E-7C801ED4F3B1}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{F4B18090-958B-4414-B541-A5F2899E73FF}C:\program files\2x\client\appserverclient.exe" = protocol=17 | dir=in | app=c:\program files\2x\client\appserverclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{009E7FB7-1775-4D89-8956-F5C9A1C019FC}" = DSD Playback Plug-in
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{0312BD0D-A1FE-4E1A-9208-D436F566D867}" = VAIO Azure Float Wallpaper
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.1205
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{07D8511D-C9FE-4A93-933F-EAA5C8F20095}" = IDT Audio
"{09A84598-E18A-4E7B-A49A-E19BB8D5C648}" = AppMon Utility
"{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}" = Corel Snapfire
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE
"{1EBB57D4-63FF-87CC-A0F0-D73982CF6008}" = Adobe Media Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"{2063C2E8-3812-4BBD-9998-6610F80C1DD4}" = VAIO Media AC3 Decoder 1.0
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{235915A8-1C0D-4920-95EA-FE8B773E5F57}" = VAIO Teal Whisper Wallpaper
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java™ 6 Update 26
"{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}" = Wireless Switch Setting Utility
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{359DF682-BC8F-429D-AB6D-3C8002099F38}" = VAIO Content Metadata Intelligent Analyzing Manager
"{390DD8BB-BB57-4942-A029-2D913E4E9D74}" = Microsoft Security Client
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox
"{4FC19392-E4A5-4CCB-B45A-AB7E8126D3C9}" = Microsoft Easy Assist
"{500162A0-4DD5-460A-BAFD-895AAE48C532}" = VAIO Media Content Collection 6.0
"{533D0A8A-D7E7-4F15-BC9E-FF2916A6BAA7}" = DSD Direct Player
"{560F6B2E-F0DF-44E5-8190-A4A161F0E205}" = VAIO Media 6.0
"{56AB063D-1450-4BDE-9F0D-E9C693429C51}" = netbrdg
"{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}" = VAIO Media Redistribution 6.0
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5F12E9D1-402C-4672-86D7-52E86A3A1411}" = VAIO Content Importer VAIO Content Exporter
"{5F5DE5D5-D130-4110-A3A4-69FFB0B14BD9}" = VAIO Content Metadata XML Interface Library
"{604CD5A1-4520-4844-B064-A3D884B77E91}" = SpeedyPC Pro
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{65D85050-5610-4A91-A3B1-D5C744291AD4}" = PCDADDIN
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67E03279-F703-408F-B4BF-46B5FC8D70CD}" = Microsoft Works
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = VAIO Content Importer / VAIO Content Exporter
"{69351E9E-23ED-41D5-B146-EDBF83C63B66}" = VAIO Content Metadata Manager Setting
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6D2576EC-A0E9-418A-A09A-409933A3B6F4}" = VAIO Camera Capture Utility
"{6D2A900D-EB39-3386-8D9F-3B8F069C57A5}" = Google Talk Plugin
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{785EB1D4-ECEC-4195-99B4-73C47E187721}" = VAIO Media Integrated Server 6.1
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7D716354-2C08-48DC-9AC5-957348048817}" = VAIO Help And Support
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{82D5BACA-3619-4D34-99DB-3A65CFB4DA33}" = DSD Direct
"{84031A18-BA9A-4156-A74F-E05B52DDFCE2}" = DING!
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8ECB8220-F422-4BEB-9596-97033C533702}" = QuickBooks Pro 2008
"{8FC56444-161D-43B4-A662-F18F2E4A2A32}" = VAIO Content Metadata Manager Setting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90260409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office XP Web Components
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91208A47-5D08-4C79-986F-1931940F51BB}" = QuickBooks Product Listing Service
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{92F8615C-43B7-4925-8457-B6D004E8D478}" = VAIO Content Metadata XML Interface Library
"{93A1B09E-BAFA-4628-A5B6-921CB026955A}" = Corel Paint Shop Pro Photo XI
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9AB83A3C-604D-4B4F-AA25-A23A3FC39844}" = ArcSoft Magic-i Visual Effects Installer
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9E407618-D9CD-4F39-9490-9ED45294073D}" = Click to DVD 2.0.05 Menu Data
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5B48A19-F319-6BFB-82DE-A18ED1087221}" = Acrobat.com
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}" = VAIO Media Registration Tool 6.0
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B59B3DA8-06F8-4B4C-AE94-5180753EF108}" = VAIO Floral Dusk Wallpaper
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Click to Call with Skype
"{B7FB0C86-41A4-4402-9A33-912C462042A0}" = Roxio Easy Media Creator Home
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BABC878D-BB64-4688-9A88-1D9E88F339A9}" = VAIO Productivity Center
"{BC3804E5-77CC-47A0-8BD5-797355A26BA3}" = WD SmartWare
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO PC Wireless LAN Wizard
"{C299F969-AE3D-4679-ADF5-682A186CE62E}" = VAIO Center Access Bar
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C99DCDA4-7407-4F72-A77E-C81C551D0C4E}" = PCDHELP
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}" = VAIO Security Center
"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D36E4755-83B9-4B10-BE51-0AC5B9F43C1F}" = VAIO Media
"{D6651810-8439-4F25-BACC-5FB66D4B1A63}" = VAIO Media Registration Tool
"{D8BC400A-9D14-468B-A674-1D76A987AAFC}" = Windows Migration Assistant
"{D937DD80-3928-4617-876F-538A25AECB17}" = LocationFree Player
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E376547C-7293-4B29-90A2-D6F2E7874E80}" = PDF Wizard MS Office Plugin
"{E58AB36F-9D50-4969-9228-AC24270741BF}" = VAIO Content Metadata Intelligent Analyzing Manager
"{E66BB7B9-EC7B-45A6-B479-AD43A9B32AA0}" = SonicStage Mastering Studio
"{E74F7423-77CB-4F6A-A44D-604E1010FE50}" = VAIO Entertainment Center
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{E809063C-51A3-4269-8984-D1EB742F2151}" = Click to DVD 2.6.00
"{EBE55E74-AF94-47BB-849B-C79F236C65F4}" = VAIO Movie Story
"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset
"{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}" = VAIO Event Service
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FAA6B94E-78A7-489C-B2DB-050D9FEBFADA}" = VAIO Content Metadata Intelligent Analyzing Manager
"{FC03D4C7-701E-4733-A745-5A44F8353CD8}" = PDF Wizard MS Office Plugin 2007
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ATT-PRT22" = ATT-PRT22
"ATT-RC" = ATT-RC Self Support Tool
"Canon MX890 series On-screen Manual" = Canon MX890 series On-screen Manual
"Canon MX890 series User Registration" = Canon MX890 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"CanonSolutionMenuEX" = Canon Solution Menu EX
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EuroTalk Talk Now Plus!" = EuroTalk Talk Now Plus!
"Google Chrome" = Google Chrome
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD BD for VAIO
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox (3.6.20)" = Mozilla Firefox (3.6.20)
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-15-19-01
"PDF Wizard" = PDF Wizard v8.1.3.16
"Picasa 3" = Picasa 3
"RC_Vista.exe" = RC_Vista.exe
"Revo Uninstaller" = Revo Uninstaller 1.91
"ShopAtHome.com Helper" = ShopAtHome.com Helper
"Speed Dial Utility" = Canon Speed Dial Utility
"ST6UNST #1" = Outlook Express Quick Backup
"STANDARDR" = Microsoft Office Standard 2007
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VAIO Service Utility" = VAIO Service Utility

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/15/2013 12:19:38 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:19:39 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:19:39 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:19:39 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:27:27 AM | Computer Name = Margie | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 7/15/2013 12:28:37 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:28:38 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:28:38 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksss.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:28:39 AM | Computer Name = Margie | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".
Dependent
Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/15/2013 12:49:32 AM | Computer Name = Margie | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

[ OSession Events ]
Error - 3/21/2013 10:41:36 PM | Computer Name = Margie | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 1145 seconds with 540 seconds of active time. This session ended with a
crash.

Error - 4/2/2013 6:00:34 PM | Computer Name = Margie | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 67036 seconds with 1020 seconds of active time. This session ended with
a crash.

[ System Events ]
Error - 7/14/2013 9:45:09 PM | Computer Name = Margie | Source = DCOM | ID = 10016
Description =

Error - 7/14/2013 9:45:09 PM | Computer Name = Margie | Source = DCOM | ID = 10016
Description =

Error - 7/15/2013 12:13:08 AM | Computer Name = Margie | Source = Service Control Manager | ID = 7043
Description =

Error - 7/15/2013 12:17:45 AM | Computer Name = Margie | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2013 12:25:25 AM | Computer Name = Margie | Source = Service Control Manager | ID = 7043
Description =

Error - 7/15/2013 12:28:11 AM | Computer Name = Margie | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2013 12:28:57 AM | Computer Name = Margie | Source = Service Control Manager | ID = 7009
Description =

Error - 7/15/2013 12:28:57 AM | Computer Name = Margie | Source = Service Control Manager | ID = 7000
Description =

Error - 7/15/2013 12:31:00 AM | Computer Name = Margie | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.4 for the Network Card with network
address 0013E8D8969B has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 7/15/2013 12:50:33 AM | Computer Name = Margie | Source = Service Control Manager | ID = 7000
Description =


< End of report >
  • 0

#4
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
After these scans, let me know how things are running.

Step 1 - Rogue Killer

  • Download RogueKiller and save it on your desktop.
    If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.com

    NOTE: If using IE8 or better Smartscreen Filter will need to be disabled
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan
Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.
Posted Image
  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 2 - aswMBR Scan

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image

Step 3 - OTL Fix

Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

1. Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.

:Commands
[createrestorepoint]

:OTL
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
[2013/07/14 17:59:59 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Registration3.job
[2013/07/14 04:28:59 | 000,000,392 | ---- | M] () -- C:\Windows\tasks\SpeedyPC Pro.job

:Commands
[emptytemp]

2. Please re-open Posted Image on your desktop.
3. Place the mouse pointer inside the Posted Image textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the Posted Image button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the Posted Image button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the Posted Image button. Post the log it produces in your next reply.

~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. RogueKiller Logs
2. aswMBR Log
3. OTL Fix
4. New OTL Log
5. How is the computer running now?
  • 0

#5
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts

Step 2 - aswMBR Scan

Download aswMBR.exe to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

The aswMBR program is asking to "download the latest Avast definitions". Should I say yes and proceed with the scan?
  • 0

#6
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Yes, that will be fine :)
  • 0

#7
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
Jasmyne - the OTL Run Fix quit responding... what should I do?

~ greg
  • 0

#8
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Not too often, but sometimes they do hang, often at the [emptytemp] process, you may have to force quit or restart the computer.
  • 0

#9
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts
ye-up - that's were it hung up... i'm forcing quit and restarting - will I get the report you need? or should I run it again if I don't?
  • 0

#10
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts
Greg,

It should still create the report. If it doesn't open after the reboot on it's own, you can check C:\_OTL\MovedFiles\07152013-some number.log for the log. If no log is generated either way just go ahead and run the Quick Scan and I'll be able to see if what should have been removed was. :)

Jasmyne
  • 0

Advertisements


#11
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts

1. RogueKiller Logs
2. aswMBR Log
3. OTL Fix
4. New OTL Log
5. How is the computer running now?


RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Robyn Bri [Admin rights]
Mode : Scan -- Date : 07/15/2013 13:29:05
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 6 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1637GSX +++++
--- User ---
[MBR] b739d36b56c616b76179169ecf90415f
[BSP] 72792323cfdb9207152184d81c488be0 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 7737 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 15847424 | Size: 144888 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: TOSHIBA MK1637GSX +++++
--- User ---
[MBR] 3444fdcd2f84c9876d7e68d58414caec
[BSP] 76dceebed92140a353e89bf2f793aabc : Windows XP MBR Code
Partition table:
0 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 16065 | Size: 152617 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_07152013_132905.txt >>



RogueKiller V8.6.2 [Jul 5 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.co...es/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Robyn Bri [Admin rights]
Mode : Shortcuts HJfix -- Date : 07/15/2013 13:31:23
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 8 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 8 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 9 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[E:] \Device\HarddiskVolume4 -- 0x2 --> Restored
[F:] \Device\HarddiskVolume5 -- 0x2 --> Restored
[G:] \Device\CdRom0 -- 0x5 --> Skipped

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[0]_SC_07152013_133123.txt >>
RKreport[0]_D_07152013_133049.txt



aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-07-15 13:49:43
-----------------------------
13:49:43.879 OS Version: Windows 6.0.6002 Service Pack 2
13:49:43.879 Number of processors: 2 586 0xF0D
13:49:43.881 ComputerName: MARGIE UserName:
13:49:44.970 Initialize success
13:50:36.596 AVAST engine defs: 13071501
14:05:35.784 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
14:05:35.787 Disk 0 Vendor: TOSHIBA_ DL03 Size: 152627MB BusType: 3
14:05:35.790 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-1
14:05:35.792 Disk 1 Vendor: TOSHIBA_ DL03 Size: 152627MB BusType: 3
14:05:35.796 Disk 2 \Device\Harddisk2\DR2 -> \Device\0000005d
14:05:35.799 Disk 2 Vendor: ( Size: 152627MB BusType: 0
14:05:35.803 Disk 3 \Device\Harddisk3\DR3 -> \Device\0000005e
14:05:35.807 Disk 3 Vendor: ( Size: 152627MB BusType: 0
14:05:35.940 Disk 0 MBR read successfully
14:05:35.944 Disk 0 MBR scan
14:05:35.975 Disk 0 Windows VISTA default MBR code
14:05:35.994 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 7737 MB offset 2048
14:05:36.057 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 144888 MB offset 15847424
14:05:36.078 Disk 0 scanning sectors +312579760
14:05:36.271 Disk 0 scanning C:\Windows\system32\drivers
14:05:55.906 Service scanning
14:06:15.856 Service MpKsl3d12c5aa C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{89CAE29B-1C7D-476D-8613-30D4BE5DB42B}\MpKsl3d12c5aa.sys **LOCKED** 32
14:06:57.734 Modules scanning
14:07:06.684 Disk 0 trace - called modules:
14:07:06.712 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
14:07:06.718 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86aedac8]
14:07:06.724 3 CLASSPNP.SYS[892a58b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85f02030]
14:07:07.953 AVAST engine scan C:\Windows
14:07:13.786 AVAST engine scan C:\Windows\system32
14:13:22.113 AVAST engine scan C:\Windows\system32\drivers
14:13:45.479 AVAST engine scan C:\Users\Robyn Bri
14:34:19.348 AVAST engine scan C:\ProgramData
14:39:20.417 Scan finished successfully
14:45:16.295 Disk 0 MBR has been saved successfully to "C:\Users\Robyn Bri\Desktop\fix\MBR.dat"
14:45:16.329 The log file has been saved successfully to "C:\Users\Robyn Bri\Desktop\fix\aswMBR.txt"


All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\MRI_DISABLED\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
C:\Windows\Tasks\SpeedyPC Registration3.job moved successfully.
C:\Windows\Tasks\SpeedyPC Pro.job moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

User: Default User

User: Experience

User: Guest
->Temp folder emptied: 651432 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 6843263 bytes

User: Public

User: Robyn Bri
->Temp folder emptied: 494590952 bytes
->Temporary Internet Files folder emptied: 3499135496 bytes
->Java cache emptied: 17865684 bytes
->Google Chrome cache emptied: 13522930 bytes
->Apple Safari cache emptied: 3960832 bytes
->Flash cache emptied: 126806 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 961999314 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 55191288 bytes

Total Files Cleaned = 4,820.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 07152013_144726

Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\etilqs_1j57IQnEoKWXrCFTfWuw not found!
File\Folder C:\Windows\temp\etilqs_3EomXE7iVyPdvdaRXFcw not found!
File\Folder C:\Windows\temp\etilqs_EOAXVoXiaCGmqJexvLN5 not found!
File\Folder C:\Windows\temp\etilqs_TmZ3T0JHWjVUqaRXaQGh not found!
File\Folder C:\Windows\temp\JETD5C5.tmp not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#12
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts

5. How is the computer running now?


Seems to be running okay - there are a lot of programs I want to remove that aren't valid anymore... like all the canon printer stuff, etc.
  • 0

#13
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

5. How is the computer running now?


Seems to be running okay - there are a lot of programs I want to remove that aren't valid anymore... like all the canon printer stuff, etc.


Are you having trouble removing them through the Control Panel? If so, when I post my next fix I'll include a program to help with removal and I can remove any extras with OTL. Could you please open OTL and click Quick Scan button and create a new log and post it for me?

Thanks,

Jasmyne
  • 0

#14
briz_dad

briz_dad

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 251 posts

Are you having trouble removing them through the Control Panel? If so, when I post my next fix I'll include a program to help with removal and I can remove any extras with OTL. Could you please open OTL and click Quick Scan button and create a new log and post it for me?

I'm okay with using the control panel to remove programs. In hindsite, it would have been wise for me to remove those first and then come to this forum... I wanted to make sure any nefarious stuff was removed asap; thus my haste. :-)

Here is the current OTL report:

OTL logfile created on: 7/15/2013 5:15:43 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Robyn Bri\Desktop\fix
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.00 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.57% Memory free
3.94 Gb Paging File | 2.48 Gb Available in Paging File | 63.10% Paging File free
Paging file location(s): c:\pagefile.sys 2048 4095 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 141.49 Gb Total Space | 68.05 Gb Free Space | 48.09% Space Free | Partition Type: NTFS
Drive D: | 149.04 Gb Total Space | 148.49 Gb Free Space | 99.63% Space Free | Partition Type: NTFS

Computer Name: MARGIE | User Name: Robyn Bri | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/07/14 21:37:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Robyn Bri\Desktop\fix\OTL.exe
PRC - [2013/07/12 11:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2013/01/27 11:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2011/08/04 15:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/07/19 06:23:08 | 002,567,272 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
PRC - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/22 05:25:30 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2007/07/31 06:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/07/24 19:26:38 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2007/07/24 19:26:38 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2007/06/28 08:53:04 | 000,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
PRC - [2007/06/28 08:53:02 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2007/06/28 08:53:00 | 000,188,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2007/06/28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2007/06/25 14:41:08 | 004,489,216 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/06/20 15:35:06 | 002,523,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
PRC - [2007/06/20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
PRC - [2007/06/20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
PRC - [2007/06/15 12:45:20 | 000,469,112 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
PRC - [2007/06/14 08:40:46 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2007/06/07 14:30:30 | 005,742,136 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe
PRC - [2007/06/05 07:49:30 | 003,682,576 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Service Utility\VAIO-SUTOOL.exe
PRC - [2007/05/31 09:32:14 | 000,551,032 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2007/02/20 06:10:26 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2007/02/12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/01/10 16:51:06 | 000,745,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\System32\PSIService.exe


========== Modules (No Company Name) ==========

MOD - [2013/07/15 17:06:40 | 000,155,648 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\Temp\e6d5469d99804037ba5aecde6dc33698\filesys.dll
MOD - [2013/07/15 17:06:40 | 000,130,560 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Local\Temp\e6d5469d99804037ba5aecde6dc33698\http.dll
MOD - [2013/07/12 11:49:44 | 000,396,240 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 11:49:42 | 004,052,944 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 11:48:49 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2012/12/21 14:17:47 | 000,139,264 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2012/12/21 14:17:46 | 002,052,096 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmp.dll
MOD - [2012/12/21 14:17:46 | 001,339,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommon.dll
MOD - [2012/12/21 14:17:46 | 000,835,584 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBase.dll
MOD - [2012/12/21 14:17:46 | 000,786,432 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2.dll
MOD - [2012/12/21 14:17:46 | 000,770,048 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxIm.dll
MOD - [2012/12/21 14:17:46 | 000,679,936 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2012/12/21 14:17:46 | 000,495,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProc.dll
MOD - [2012/12/21 14:17:46 | 000,430,080 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFF.dll
MOD - [2012/12/21 14:17:46 | 000,232,448 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2012/12/21 14:17:46 | 000,086,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2012/12/21 14:17:46 | 000,057,344 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2012/12/21 14:17:46 | 000,013,824 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\MEshim.dll
MOD - [2012/12/21 14:17:46 | 000,009,728 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2012/12/21 14:17:45 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2012/12/21 14:17:45 | 000,405,504 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2012/12/21 14:17:45 | 000,338,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2012/12/21 14:17:45 | 000,338,944 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2012/12/21 14:17:45 | 000,120,832 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2012/12/21 14:17:45 | 000,083,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2012/12/21 14:17:45 | 000,061,952 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2012/12/21 14:17:45 | 000,051,712 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2012/12/21 14:17:44 | 001,035,264 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2012/12/21 14:17:44 | 000,667,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2012/12/21 14:17:44 | 000,335,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2012/12/21 14:17:44 | 000,303,104 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2012/12/21 14:17:44 | 000,246,272 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2012/12/21 14:17:44 | 000,223,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2012/12/21 14:17:44 | 000,171,008 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2012/12/21 14:17:44 | 000,115,200 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2012/12/21 14:17:44 | 000,095,744 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2012/12/21 14:17:44 | 000,081,920 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2012/12/21 14:17:44 | 000,077,312 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011/09/27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2007/12/06 08:47:36 | 000,667,648 | ---- | M] () -- C:\Program Files\PDF Wizard\PDFWizardconvert08.dll
MOD - [2007/02/20 06:10:20 | 000,192,512 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VistaPCD.cyx
MOD - [2007/02/20 06:09:22 | 000,094,208 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\VPCD.dll
MOD - [2007/02/20 04:34:48 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\AddIn\LocVistaPCD.dll


========== Services (SafeList) ==========

SRV - [2013/06/21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/06/11 18:31:11 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/10 00:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/01/27 11:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2013/01/27 11:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/03/09 11:18:06 | 001,060,864 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2011/03/09 11:16:56 | 000,484,352 | ---- | M] () [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/09 11:07:54 | 000,238,592 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2008/10/22 05:25:30 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2008/01/19 00:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/07/31 06:04:21 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 19:26:38 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2007/07/13 10:55:56 | 000,292,152 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2007/07/05 17:43:04 | 000,079,736 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2007/06/28 08:53:04 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2007/06/28 08:53:02 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2007/06/28 08:53:00 | 000,188,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2007/06/28 08:52:48 | 000,274,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2007/06/20 15:35:06 | 002,523,136 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe -- (VAIOMediaPlatform-IntegratedServer-AppServer)
SRV - [2007/06/20 15:34:52 | 000,499,712 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe -- (VAIOMediaPlatform-Mobile-Gateway)
SRV - [2007/06/20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-UCLS-UPnP)
SRV - [2007/06/20 15:34:50 | 001,089,536 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe -- (VAIOMediaPlatform-IntegratedServer-UPnP)
SRV - [2007/06/20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-UCLS-HTTP)
SRV - [2007/06/20 15:34:50 | 000,397,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe -- (VAIOMediaPlatform-IntegratedServer-HTTP)
SRV - [2007/05/24 08:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/02/12 13:38:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2007/01/10 16:51:06 | 000,745,472 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe -- (VAIOMediaPlatform-UCLS-AppServer)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2006/11/02 20:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\point32k.sys -- (Point32)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/01/20 15:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2009/08/14 06:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 06:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2008/05/06 16:06:00 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2008/01/04 21:34:36 | 000,023,920 | ---- | M] (Webroot Software Inc (www.webroot.com)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sskbfd.sys -- (SSKBFD)
DRV - [2007/12/04 17:10:30 | 000,016,640 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/09/01 11:06:13 | 007,617,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/08/16 10:01:06 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/07/31 06:04:34 | 000,328,704 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/30 04:04:02 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/06/27 19:29:58 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/06/15 09:28:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2007/06/14 12:02:13 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/06/14 12:02:13 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/06/05 05:17:29 | 000,812,544 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/05/24 17:36:21 | 000,128,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/19 06:07:14 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2007/04/19 06:07:14 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)
DRV - [2006/11/06 00:09:26 | 000,027,520 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SonyNC.sys -- (SNC)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sony.com/vaiopeople
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{5B58F4CF-2D74-4EBB-AD8C-1DDAA576FA7D}: "URL" = http://search.aol.co...onType=sny_ie7;
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=EIE9HP&PC=UP50
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\..\SearchScopes\{B428C76D-8FFC-4BB2-A2B9-D373B17575D3}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Robyn Bri\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Robyn Bri\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/24 09:29:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/24 09:29:58 | 000,000,000 | ---D | M]

[2011/08/10 21:33:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/10 21:33:01 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011/06/22 22:30:30 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/06/22 22:29:55 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/06/30 22:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2009/07/29 21:13:15 | 000,002,236 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\askcom.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://blekkosearch....=homepage&v=1_2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - Extension: Angry Birds = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Click to call with Skype = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.5.0.8013_0\
CHR - Extension: Gmail = C:\Users\Robyn Bri\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Users\Robyn Bri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Audio Filter.lnk = C:\Program Files\Sony\SonicStage Mastering Studio\Audio Filter\SSMSFilter.exe (Sony Corporation)
O7 - HKU\S-1-5-21-291611602-1755704891-1640183286-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {02CF1781-EA91-4FA5-A200-646E8241987C} http://esupport.sony.com/VaioInfo.CAB (Reg Error: Key error.)
O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} http://picasaweb.goo...5/uploader2.cab (Reg Error: Key error.)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www2.snapfish...fishActivia.cab (Reg Error: Key error.)
O16 - DPF: {493ACF15-5CD9-4474-82A6-91670C3DD66E} http://www.linkedin....nderControl.cab (Reg Error: Key error.)
O16 - DPF: {6F750203-1362-4815-A476-88533DE61D0C} http://www.kodakgall..._2/axofupld.cab (Reg Error: Key error.)
O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: PackageCab http://ak.imgag.com/...tall/AxCtp2.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{277E3FE6-F44A-473C-B5F1-0F38683D56A1}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2007\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - File not found
O20 - Winlogon\Notify\DfLogon: DllName - (LogonDll.dll) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Robyn Bri\Pictures\Pantone.jpg
O24 - Desktop BackupWallPaper: C:\Users\Robyn Bri\Pictures\Pantone.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/07/15 14:47:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/07/15 13:26:30 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\Desktop\RK_Quarantine
[2013/07/14 21:38:45 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\Desktop\fix
[2013/07/14 17:58:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/07/11 18:47:57 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\AppData\Roaming\Mozilla
[2013/06/28 16:25:40 | 000,000,000 | ---D | C] -- C:\Users\Robyn Bri\Documents\My Media

========== Files - Modified Within 30 Days ==========

[2013/07/15 17:06:29 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2013/07/15 17:06:16 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/15 16:55:34 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/07/15 16:55:32 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 16:55:32 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/07/15 16:55:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/07/15 16:29:59 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/15 15:51:59 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006UA.job
[2013/07/15 15:41:59 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1002UA.job
[2013/07/15 08:35:39 | 299,838,026 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/07/14 21:10:42 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/07/14 20:53:07 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1006Core.job
[2013/07/14 20:42:00 | 000,000,848 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-291611602-1755704891-1640183286-1002Core.job
[2013/07/13 19:57:15 | 000,420,120 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/07/11 19:20:21 | 000,615,984 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/07/11 19:20:21 | 000,108,954 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/07/09 07:10:41 | 000,027,715 | ---- | M] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2013/06/24 17:06:02 | 000,002,627 | ---- | M] () -- C:\Users\Robyn Bri\Desktop\Microsoft Office Word 2007.lnk

========== Files Created - No Company Name ==========

[2013/07/15 08:35:39 | 299,838,026 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/07/14 21:10:42 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/07/14 17:59:37 | 000,001,826 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/02/08 13:38:33 | 000,007,680 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/18 10:38:50 | 000,005,689 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\My Profile.xml
[2013/01/16 10:51:25 | 000,047,403 | ---- | C] () -- C:\Users\Robyn Bri\domain names.pdf
[2013/01/15 21:35:13 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.001
[2013/01/15 21:35:10 | 000,027,715 | ---- | C] () -- C:\Users\Robyn Bri\AppData\Roaming\nvModes.dat
[2012/12/11 14:17:28 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2011/02/13 22:03:27 | 000,000,258 | R-S- | C] () -- C:\ProgramData\ntuser.pol
[2007/09/12 05:16:22 | 001,132,112 | ---- | C] () -- C:\ProgramData\pswi_preloaded.exe

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/03/04 12:01:05 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Canon
[2013/01/14 16:47:01 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\Blackboard
[2013/07/14 21:31:28 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\Canon
[2013/01/18 09:53:45 | 000,000,000 | ---D | M] -- C:\Users\Robyn Bri\AppData\Roaming\OverDrive

========== Purity Check ==========



< End of report >
  • 0

#15
Jasmyne

Jasmyne

    Trusted Helper

  • Malware Removal
  • 2,010 posts

Are you having trouble removing them through the Control Panel? If so, when I post my next fix I'll include a program to help with removal and I can remove any extras with OTL. Could you please open OTL and click Quick Scan button and create a new log and post it for me?

I'm okay with using the control panel to remove programs. In hindsite, it would have been wise for me to remove those first and then come to this forum... I wanted to make sure any nefarious stuff was removed asap; thus my haste. :-)


Completely understandable. I've also had a computer here give me issues when it was infected trying to uninstall programs. Once we make sure everything is good to go, if you have any issues with any of them just let me know. I'm working on my next post for my instructor from these scans and will post it after he has approved it. :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP