[code] OTS logfile created on: 3/25/2010 7:13:14 PM - Run 1 OTS by OldTimer - Version 3.1.27.1 Folder = C:\Users\Michaelene\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18882) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 895.00 Mb Total Physical Memory | 211.00 Mb Available Physical Memory | 24.00% Memory free 2.00 Gb Paging File | 1.00 Gb Available in Paging File | 40.00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 222.22 Gb Total Space | 38.24 Gb Free Space | 17.21% Space Free | Partition Type: NTFS Drive D: | 10.66 Gb Total Space | 3.18 Gb Free Space | 29.83% Space Free | Partition Type: NTFS Drive E: | 3.21 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: QUINN-PC Current User Name: Michaelene Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days [Processes - Safe List] ots.exe -> C:\Users\Michaelene\Downloads\OTS.exe -> [2010/03/25 18:41:48 | 000,637,440 | ---- | M] (OldTimer Tools) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe -> [2010/03/23 20:17:16 | 000,910,296 | ---- | M] (Mozilla Corporation) ccsvchst.exe -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe -> [2009/12/28 12:01:24 | 000,117,640 | R--- | M] (Symantec Corporation) aawwsc.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWWSC.exe -> [2009/12/28 05:09:52 | 000,640,760 | ---- | M] () wercon.exe -> C:\Windows\System32\wercon.exe -> [2009/04/11 02:28:11 | 001,143,296 | ---- | M] (Microsoft Corporation) explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) nmctxth.exe -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe -> [2009/04/07 16:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) atashost.exe -> C:\Windows\System32\atashost.exe -> [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) acservice.exe -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2009/02/06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) yahooauservice.exe -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) agrsmsvc.exe -> C:\Windows\System32\agrsmsvc.exe -> [2008/03/18 16:27:12 | 000,013,312 | ---- | M] (Agere Systems) rthdvcpl.exe -> C:\Windows\RtHDVCpl.exe -> [2007/09/19 17:50:44 | 004,702,208 | ---- | M] (Realtek Semiconductor) res.exe -> C:\Windows\UMStor\Res.exe -> [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali) [Modules - Safe List] ots.exe -> C:\Users\Michaelene\Downloads\OTS.exe -> [2010/03/25 18:41:48 | 000,637,440 | ---- | M] (OldTimer Tools) comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll -> [2009/04/11 02:21:38 | 001,686,016 | ---- | M] (Microsoft Corporation) [Win32 Services - Safe List] (Nero BackItUp Scheduler 4.0) Nero BackItUp Scheduler 4.0 [Auto | Stopped] -> -> File not found (ASKService) ASKService [Auto | Stopped] -> -> File not found (Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Stopped] -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/03/08 05:33:39 | 001,029,456 | ---- | M] (Lavasoft) (N360) Norton 360 [Auto | Running] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\ccSvcHst.exe -> [2009/12/28 12:01:24 | 000,117,640 | R--- | M] (Symantec Corporation) (FontCache) Windows Font Cache Service [On_Demand | Stopped] -> C:\Windows\System32\FntCache.dll -> [2009/09/24 21:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) (atashost) WebEx Service Host for Support Center [Auto | Running] -> C:\Windows\System32\atashost.exe -> [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) (ACDaemon) ArcSoft Connect Daemon [Auto | Running] -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2009/02/06 17:02:14 | 000,109,056 | ---- | M] (ArcSoft Inc.) (YahooAUService) Yahoo! Updater [Auto | Running] -> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -> [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) (AgereModemAudio) Agere Modem Call Progress Audio [Auto | Running] -> C:\Windows\System32\agrsmsvc.exe -> [2008/03/18 16:27:12 | 000,013,312 | ---- | M] (Agere Systems) (WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) (GameConsoleService) GameConsoleService [On_Demand | Stopped] -> C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -> [2007/08/29 17:58:47 | 000,181,800 | ---- | M] (WildTangent, Inc.) [Driver Services - Safe List] (NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100324.037\NAVEX15.SYS -> [2010/03/04 04:41:20 | 001,324,720 | ---- | M] (Symantec Corporation) (eeCtrl) Symantec Eraser Control driver [Kernel | System | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -> [2010/03/04 04:41:20 | 000,371,248 | ---- | M] (Symantec Corporation) (NAVENG) NAVENG [Kernel | On_Demand | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20100324.037\NAVENG.SYS -> [2010/03/04 04:41:20 | 000,084,912 | ---- | M] (Symantec Corporation) (EraserUtilRebootDrv) EraserUtilRebootDrv [Kernel | On_Demand | Running] -> C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -> [2010/02/10 04:47:26 | 000,102,448 | ---- | M] (Symantec Corporation) (SymEvent) SymEvent [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SYMEVENT.SYS -> [2009/12/28 12:01:41 | 000,124,976 | ---- | M] (Symantec Corporation) (ccHP) Symantec Hash Provider [Kernel | System | Running] -> C:\Windows\System32\Drivers\N360\0308000.029\ccHPx86.sys -> [2009/12/28 12:01:26 | 000,482,432 | ---- | M] (Symantec Corporation) (SymEFA) Symantec Extended File Attributes [File_System | Boot | Running] -> C:\Windows\system32\drivers\N360\0308000.029\SYMEFA.SYS -> [2009/12/28 12:01:26 | 000,310,320 | ---- | M] (Symantec Corporation) (SRTSP) Symantec Real Time Storage Protection [File_System | On_Demand | Running] -> C:\Windows\System32\Drivers\N360\0308000.029\SRTSP.SYS -> [2009/12/28 12:01:26 | 000,308,272 | ---- | M] (Symantec Corporation) (SYMTDI) Symantec Network Dispatch Driver [Kernel | System | Running] -> C:\Windows\System32\Drivers\N360\0308000.029\SYMTDI.SYS -> [2009/12/28 12:01:26 | 000,217,136 | ---- | M] (Symantec Corporation) (SYMFW) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\N360\0308000.029\SYMFW.SYS -> [2009/12/28 12:01:26 | 000,089,904 | ---- | M] (Symantec Corporation) (SYMNDISV) Symantec Network Filter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\Drivers\N360\0308000.029\SYMNDISV.SYS -> [2009/12/28 12:01:26 | 000,048,688 | ---- | M] (Symantec Corporation) (SRTSPX) Symantec Real Time Storage Protection (PEL) [Kernel | System | Running] -> C:\Windows\system32\drivers\N360\0308000.029\SRTSPX.SYS -> [2009/12/28 12:01:26 | 000,043,696 | ---- | M] (Symantec Corporation) (SymIM) Symantec Network Security Intermediate Filter Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\SymIMV.sys -> [2009/12/28 12:01:26 | 000,025,648 | R--- | M] (Symantec Corporation) (BHDrvx86) Symantec Heuristics Driver [Kernel | System | Running] -> C:\Windows\System32\Drivers\N360\0308000.029\BHDrvx86.sys -> [2009/12/28 12:01:25 | 000,259,632 | ---- | M] (Symantec Corporation) (Lbd) Lbd [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\Lbd.sys -> [2009/12/28 05:10:00 | 000,064,160 | ---- | M] (Lavasoft AB) (IDSVix86) IDSVix86 [Kernel | System | Running] -> C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20100317.002\IDSvix86.sys -> [2009/10/28 18:37:22 | 000,343,088 | ---- | M] (Symantec Corporation) (nvlddmkm) nvlddmkm [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvlddmkm.sys -> [2009/09/28 00:12:22 | 009,509,832 | ---- | M] (NVIDIA Corporation) (usbaudio) USB Audio Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\USBAUDIO.sys -> [2009/04/11 00:42:54 | 000,073,216 | ---- | M] (Microsoft Corporation) (purendis) Pure Networks Wireless Driver [Kernel | Auto | Running] -> C:\Windows\System32\drivers\purendis.sys -> [2009/04/07 16:33:08 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) (SCDEmu) SCDEmu [Kernel | System | Running] -> C:\Windows\System32\drivers\scdemu.sys -> [2009/03/15 06:25:46 | 000,056,268 | ---- | M] (PowerISO Computing, Inc.) (ElbyCDIO) ElbyCDIO Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\ElbyCDIO.sys -> [2009/02/17 13:11:30 | 000,024,232 | ---- | M] (Elaborate Bytes AG) (NVENETFD) NVIDIA nForce 10/100 Mbps Ethernet [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\nvmfdx32.sys -> [2008/08/01 19:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) (AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AGRSM.sys -> [2008/03/21 16:13:00 | 001,203,776 | ---- | M] (Agere Systems) (a016obex) Sony Ericsson Device A016 USB WMC OBEX Interface [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\a016obex.sys -> [2008/01/18 14:16:28 | 000,100,648 | ---- | M] (MCCI Corporation) (a016mdm) Sony Ericsson Device A016 USB WMC Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\a016mdm.sys -> [2008/01/18 14:16:26 | 000,110,504 | ---- | M] (MCCI Corporation) (a016mgmt) Sony Ericsson Device A016 USB WMC Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\a016mgmt.sys -> [2008/01/18 14:16:26 | 000,104,488 | ---- | M] (MCCI Corporation) (a016mdfl) Sony Ericsson Device A016 USB WMC Modeme Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\a016mdfl.sys -> [2008/01/18 14:16:24 | 000,015,016 | ---- | M] (MCCI Corporation) (a016bus) Sony Ericsson Device A016 driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\a016bus.sys -> [2008/01/18 14:16:22 | 000,083,880 | ---- | M] (MCCI Corporation) (IntcAzAudAddService) Service for Realtek HD Audio (WDM) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTKVHDA.sys -> [2007/09/19 20:11:48 | 001,959,832 | ---- | M] (Realtek Semiconductor Corp.) (btwaudio) Bluetooth Audio Device Service [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwaudio.sys -> [2007/09/04 23:54:00 | 000,080,424 | ---- | M] (Broadcom Corporation.) (nvstor32) nvstor32 [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\nvstor32.sys -> [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) (btwavdt) Bluetooth AVDT [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwavdt.sys -> [2007/07/15 20:20:00 | 000,080,936 | ---- | M] (Broadcom Corporation.) (btwrchid) btwrchid [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\btwrchid.sys -> [2007/07/15 20:20:00 | 000,016,168 | ---- | M] (Broadcom Corporation.) (ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql2300.sys -> [2006/11/02 05:51:45 | 000,900,712 | ---- | M] (QLogic Corporation) (adp94xx) adp94xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adp94xx.sys -> [2006/11/02 05:51:38 | 000,420,968 | ---- | M] (Adaptec, Inc.) (elxstor) elxstor [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\elxstor.sys -> [2006/11/02 05:51:34 | 000,316,520 | ---- | M] (Emulex) (adpahci) adpahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpahci.sys -> [2006/11/02 05:51:32 | 000,297,576 | ---- | M] (Adaptec, Inc.) (uliahci) uliahci [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\uliahci.sys -> [2006/11/02 05:51:25 | 000,235,112 | ---- | M] (ULi Electronics Inc.) (iaStorV) Intel RAID Controller Vista [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iastorv.sys -> [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) (adpu320) adpu320 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu320.sys -> [2006/11/02 05:51:00 | 000,147,048 | ---- | M] (Adaptec, Inc.) (ulsata2) ulsata2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata2.sys -> [2006/11/02 05:50:45 | 000,115,816 | ---- | M] (Promise Technology, Inc.) (vsmraid) vsmraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\vsmraid.sys -> [2006/11/02 05:50:41 | 000,112,232 | ---- | M] (VIA Technologies Inc.,Ltd) (ql40xx) QLogic iSCSI Miniport Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 05:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) (UlSata) UlSata [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) (adpu160m) adpu160m [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\adpu160m.sys -> [2006/11/02 05:50:35 | 000,098,408 | ---- | M] (Adaptec, Inc.) (nvraid) nvraid [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nvraid.sys -> [2006/11/02 05:50:24 | 000,088,680 | ---- | M] (NVIDIA Corporation) (nfrd960) nfrd960 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 05:50:19 | 000,045,160 | ---- | M] (IBM Corporation) (iirsp) iirsp [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 05:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) (SiSRaid4) SiSRaid4 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid4.sys -> [2006/11/02 05:50:16 | 000,071,784 | ---- | M] (Silicon Integrated Systems) (nvstor) nvstor [Kernel | Boot | Running] -> C:\Windows\system32\drivers\nvstor.sys -> [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) (aic78xx) aic78xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 05:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) (arcsas) arcsas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arcsas.sys -> [2006/11/02 05:50:10 | 000,067,688 | ---- | M] (Adaptec, Inc.) (LSI_SCSI) LSI_SCSI [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2006/11/02 05:50:10 | 000,065,640 | ---- | M] (LSI Logic) (SiSRaid2) SiSRaid2 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sisraid2.sys -> [2006/11/02 05:50:10 | 000,038,504 | ---- | M] (Silicon Integrated Systems Corp.) (HpCISSs) HpCISSs [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\hpcisss.sys -> [2006/11/02 05:50:10 | 000,037,480 | ---- | M] (Hewlett-Packard Company) (arc) arc [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\arc.sys -> [2006/11/02 05:50:09 | 000,067,688 | ---- | M] (Adaptec, Inc.) (iteraid) ITERAID_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 05:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) (iteatapi) ITEATAPI_Service_Install [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 05:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) (LSI_SAS) LSI_SAS [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2006/11/02 05:50:05 | 000,065,640 | ---- | M] (LSI Logic) (Symc8xx) Symc8xx [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 05:50:05 | 000,035,944 | ---- | M] (LSI Logic) (LSI_FC) LSI_FC [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2006/11/02 05:50:04 | 000,065,640 | ---- | M] (LSI Logic) (Sym_u3) Sym_u3 [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 05:50:03 | 000,034,920 | ---- | M] (LSI Logic) (Mraid35x) Mraid35x [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 05:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) (Sym_hi) Sym_hi [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 05:49:56 | 000,031,848 | ---- | M] (LSI Logic) (megasas) megasas [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\megasas.sys -> [2006/11/02 05:49:53 | 000,028,776 | ---- | M] (LSI Logic Corporation) (viaide) viaide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\viaide.sys -> [2006/11/02 05:49:30 | 000,017,512 | ---- | M] (VIA Technologies, Inc.) (cmdide) cmdide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\cmdide.sys -> [2006/11/02 05:49:28 | 000,016,488 | ---- | M] (CMD Technology, Inc.) (aliide) aliide [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\aliide.sys -> [2006/11/02 05:49:20 | 000,014,952 | ---- | M] (Acer Laboratories Inc.) (Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 04:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) (BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 04:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) (BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 04:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) (BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 04:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) (BrSerWdm) Brother WDM Serial driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 04:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) (BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 04:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) (ntrigdigi) N-trig HID Tablet Driver [Kernel | Disabled | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 03:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) (ac97intc) Intel(r) 82801 Audio Driver Install Service (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\ac97intc.sys -> [2006/11/02 03:36:49 | 000,108,032 | ---- | M] (Intel Corporation) (NETw2v32) Intel(R) PRO/Wireless 2200BG Network Connection Driver for Windows Vista [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\NETw2v32.sys -> [2006/11/02 03:30:56 | 002,589,184 | ---- | M] (Intel® Corporation) (E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2006/11/02 03:30:54 | 000,117,760 | ---- | M] (Intel Corporation) (bcm4sbxp) Broadcom 440x 10/100 Integrated Controller XP Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\bcm4sbxp.sys -> [2006/11/02 03:30:53 | 000,045,056 | ---- | M] (Broadcom Corporation) (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sscdserd.sys -> [2005/08/17 07:47:48 | 000,073,696 | ---- | M] (MCCI) (sscdmdm) SAMSUNG CDMA Modem Drivers [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sscdmdm.sys -> [2005/08/17 07:46:26 | 000,093,872 | ---- | M] (MCCI) (sscdmdfl) SAMSUNG CDMA Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sscdmdfl.sys -> [2005/08/17 07:46:20 | 000,008,272 | ---- | M] (MCCI) (sscdbus) SAMSUNG USB Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sscdbus.sys -> [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Registry - Safe List] < Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=T3642 -> < Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> HKEY_CURRENT_USER\: Main\\"SearchDefaultBranded" -> 1 -> HKEY_CURRENT_USER\: Main\\"Start Page" -> http://www.gateway.com/g/startpage.html?Ch=Retail&SubCH=nofound&Br=EM&Loc=ENG_US&Sys=DTP&M=T3642 -> HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> HKEY_CURRENT_USER\: "ProxyOverride" -> *.local -> < FireFox Settings [Prefs.js] > -> C:\Users\Michaelene\AppData\Roaming\Mozilla\FireFox\Profiles\sv361q0q.default\prefs.js -> browser.search.useDBForOrder -> true -> extensions.enabledItems -> {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313 -> extensions.enabledItems -> {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.7.3 -> extensions.enabledItems -> {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100211.5 -> < FireFox Settings [User.js] > -> C:\Users\Michaelene\AppData\Roaming\Mozilla\FireFox\Profiles\sv361q0q.default\user.js -> < FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla HKLM\software\mozilla\Firefox\Extensions -> -> HKLM\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} -> C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN\ [C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NORTON\COFFPLGN\] -> [2010/03/25 13:04:23 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions -> -> HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2010/03/23 20:17:23 | 000,000,000 | ---D | M] HKLM\software\mozilla\Mozilla Firefox 3.6.2\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2010/03/23 20:17:25 | 000,000,000 | ---D | M] < FireFox Extensions [User Folders] > -> -> C:\Users\Michaelene\AppData\Roaming\mozilla\Extensions -> [2008/09/11 18:06:29 | 000,000,000 | ---D | M] -> C:\Users\Michaelene\AppData\Roaming\mozilla\Firefox\Profiles\sv361q0q.default\extensions -> [2010/03/25 13:18:16 | 000,000,000 | ---D | M] Microsoft .NET Framework Assistant -> C:\Users\Michaelene\AppData\Roaming\mozilla\Firefox\Profiles\sv361q0q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} -> [2009/09/03 06:08:45 | 000,000,000 | ---D | M] Yahoo! Toolbar -> C:\Users\Michaelene\AppData\Roaming\mozilla\Firefox\Profiles\sv361q0q.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} -> [2010/03/21 18:24:23 | 000,000,000 | ---D | M] Zynga Toolbar -> C:\Users\Michaelene\AppData\Roaming\mozilla\Firefox\Profiles\sv361q0q.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} -> [2010/03/07 04:26:22 | 000,000,000 | ---D | M] No name found -> C:\Users\Michaelene\AppData\Roaming\mozilla\Firefox\Profiles\sv361q0q.default\extensions\{C2DCA7EB-22D2-4FD2-86A9-F99FCC8122BB} -> [2009/10/03 12:57:13 | 000,000,000 | ---D | M] Greasemonkey -> C:\Users\Michaelene\AppData\Roaming\mozilla\Firefox\Profiles\sv361q0q.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} -> [2010/02/18 13:17:46 | 000,000,000 | ---D | M] -> C:\Users\Michaelene\AppData\Roaming\mozilla\Firefox\Profiles\sv361q0q.default\extensions\FFToolbar@upromise -> [2009/09/27 19:45:35 | 000,000,000 | ---D | M] < FireFox SearchPlugins [User Folders] > -> web-search.xml -> C:\Users\Michaelene\AppData\Roaming\Mozilla\FireFox\Profiles\sv361q0q.default\searchplugins\web-search.xml -> [2009/12/21 18:38:06 | 000,001,610 | ---- | M] () < FireFox Extensions [Program Folders] > -> -> C:\Program Files\Mozilla Firefox\extensions -> [2010/03/25 13:02:15 | 000,000,000 | ---D | M] -> C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org -> [2008/09/11 01:35:47 | 000,000,000 | ---D | M] < HOSTS File > ([2010/03/12 19:26:44 | 000,000,027 | ---- | M] - 1 lines) -> C:\Windows\System32\drivers\etc\hosts -> Reset Hosts 127.0.0.1 localhost < BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated) {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll [Symantec NCO BHO] -> [2009/12/28 12:01:18 | 000,378,736 | R--- | M] (Symantec Corporation) {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/12/28 12:01:20 | 000,107,896 | R--- | M] (Symantec Corporation) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Windows\System32\BAE.dll [CBrowserHelperObject Object] -> [2006/02/01 06:54:30 | 000,094,208 | ---- | M] (Gateway Inc.) {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [SingleInstance Class] -> [2009/07/30 22:44:02 | 000,159,472 | ---- | M] (Yahoo! Inc) < Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll [Norton Toolbar] -> [2009/12/28 12:01:18 | 000,378,736 | R--- | M] (Symantec Corporation) "{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) < Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll [Norton Toolbar] -> [2009/12/28 12:01:18 | 000,378,736 | R--- | M] (Symantec Corporation) < Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> "Adobe Reader Speed Launcher" -> C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/10/15 01:04:34 | 000,039,792 | ---- | M] (Adobe Systems Incorporated) "Ad-Watch" -> C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe] -> [2010/03/08 05:33:50 | 000,524,632 | ---- | M] (Lavasoft) "NBKeyScan" -> C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe ["C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"] -> [2007/09/20 08:51:46 | 001,836,328 | ---- | M] (Nero AG) "NeroFilterCheck" -> C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe] -> [2007/03/01 14:57:24 | 000,153,136 | ---- | M] (Nero AG) "nmctxth" -> C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe ["C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"] -> [2009/04/07 16:34:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) "RtHDVCpl" -> C:\Windows\RtHDVCpl.exe [RtHDVCpl.exe] -> [2007/09/19 17:50:44 | 004,702,208 | ---- | M] (Realtek Semiconductor) "Skytel" -> C:\Windows\SkyTel.exe [Skytel.exe] -> [2007/08/03 16:22:02 | 001,826,816 | ---- | M] (Realtek Semiconductor Corp.) "USB Storage Toolbox" -> C:\Windows\UMStor\Res.exe [C:\Windows\UMStor\Res.EXE] -> [2005/09/14 20:44:14 | 000,065,536 | ---- | M] (ali) "Windows Defender" -> C:\Program Files\Windows Defender\MSASCui.exe [%ProgramFiles%\Windows Defender\MSASCui.exe -hide] -> [2008/01/19 03:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) < Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> < CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System \\"ConsentPromptBehaviorAdmin" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats < CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer \\"NoDrives" -> [0] -> File not found < CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System < Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608501}:{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [Menu: Sun Java Console] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Button: Send to OneNote] -> [2008/10/25 07:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation) {2670000A-7350-4f3c-8081-5663EE0C6C49}:{48E73304-E1D6-4330-914C-F5F514E3486C} [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll [Menu: S&end to OneNote] -> [2008/10/25 07:52:00 | 000,604,056 | ---- | M] (Microsoft Corporation) {92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL [Button: Research] -> [2009/03/06 04:04:56 | 000,039,464 | ---- | M] (Microsoft Corporation) {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Button: @btrez.dll,-4015] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] () {CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2007/01/23 12:57:52 | 000,002,758 | ---- | M] () < Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] -> [@btrez.dll,-4015] -> File not found < Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix "" -> http:// < Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6606 domain(s) found. -> < Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6607 domain(s) found. -> support_select2perform.com [http] -> Trusted sites -> < Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> < Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> {588031A3-94BF-4CDD-86D0-939F6F93910F} [HKLM] -> https://fixit.support.microsoft.com/ActiveX/FixItClient.CAB [FixItClient Class] -> {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> http://download.eset.com/special/eos/OnlineScanner.cab [Reg Error: Key error.] -> {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Java Plug-in 1.6.0_01] -> {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Java Plug-in 1.6.0_01] -> {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab [Java Plug-in 1.6.0_01] -> {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} [HKLM] -> [Reg Error: Value error.] -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.] -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> DhcpNameServer -> 192.168.1.1 68.87.66.209 68.87.64.227 -> < Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> {B0C41AEC-509C-4935-A789-C7CD162F219E}\\DhcpNameServer -> 192.168.1.1 68.87.66.209 68.87.64.227 (NVIDIA nForce 10/100 Mbps Ethernet ) -> {B0C41AEC-509C-4935-A789-C7CD162F219E}\\NameServer -> 4.2.2.2,4.2.2.1 (NVIDIA nForce 10/100 Mbps Ethernet ) -> IE Styles -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Styles "MaxScriptStatements" -> Reg Error: Invalid data type. "Use My Stylesheet" -> Reg Error: Invalid data type. < Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> *Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> Explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) *MultiFile Done* -> -> < ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> "{AEB6717E-7E19-11d0-97EE-00C04FD91972}" [HKLM] -> Reg Error: Key error. [] -> File not found "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) < Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> < Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> < SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> < CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom -> "AutoRun" -> 1 -> "DisplayName" -> CD-ROM Driver -> "ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found < Drives with AutoRun files > -> -> C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () < MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> < AppCertDlls [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls -> < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> < File Associations - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Classes\\ -> .exe [@ = exefile] -> Reg Error: Key error. -> File not found [Registry - Additional Scans - Safe List] < ActiveX StubPath [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {08B0E5C0-4FCB-11CF-AAA5-00401C608500} [KeyFileName] -> C:\Program Files\Java\jre1.6.0_01\bin\regutils.dll [(default): Java (Sun); IsInstalled: 1] -> [2007/03/14 07:57:26 | 000,233,472 | ---- | M] (Sun Microsystems, Inc.) {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [StubPath] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [(default): Themes Setup; IsInstalled: 1] -> {3af36230-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Offline Browsing Pack; IsInstalled: 1] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [StubPath] -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [(default): Microsoft Windows Mail 7; IsInstalled: 1] -> {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA855-CC51-11CF-AAFA-00AA00B6015F} [HKLM] -> Reg Error: Key error. [(default): DirectDrawEx; IsInstalled: 1] -> File not found {45ea75a0-a269-11d1-b5bf-0000f8051515} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Help; IsInstalled: 1] -> File not found {4f645220-306d-11d2-995d-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Microsoft Windows Script 5.8; IsInstalled: 1] -> File not found {5fd399c0-a70a-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Setup Tools; IsInstalled: 1] -> File not found {6BF52A52-394A-11d3-B153-00C04F79FAA6} [StubPath] -> %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI [(default): Microsoft Windows Media Player; IsInstalled: 1] -> {6fab99d0-bab8-11d1-994a-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): MSN Site Access; IsInstalled: 1] -> File not found {7790769C-0471-11d2-AF11-00C04FA35D02} [HKLM] -> Reg Error: Key error. [(default): Address Book 7; IsInstalled: 1] -> File not found {7C028AF8-F614-47B3-82DA-BA94E41B1089} [HKLM] -> Reg Error: Key error. [(default): .NET Framework] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [StubPath] -> regsvr32.exe /s /n /i:U shell32.dll [(default): Windows Desktop Update; IsInstalled: 1] -> {89820200-ECBD-11cf-8B85-00AA005B4383} [StubPath] -> C:\Windows\system32\ie4uinit.exe -BaseSettings [(default): Internet Explorer; IsInstalled: 1] -> {89B4C1CD-B018-4511-B0A1-5476DBF70820} [StubPath] -> C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install [ComponentID: DOTNETFRAMEWORKS; IsInstalled: 1] -> {9381D8F2-0288-11D0-9501-00AA00B911A5} [HKLM] -> Reg Error: Key error. [(default): Dynamic HTML Data Binding; IsInstalled: 1] -> File not found {C9E9A340-D1F1-11D0-821E-444553540600} [HKLM] -> Reg Error: Key error. [(default): Internet Explorer Core Fonts; IsInstalled: 1] -> File not found {CDD7975E-60F8-41d5-8149-19E51D6F71D0} [HKLM] -> Reg Error: Key error. [ComponentID: Windows Movie Maker v2.1; IsInstalled: 1] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10c.ocx [(default): Adobe Flash Player; IsInstalled: 01 00 00 00 [binary data]] -> [2009/07/17 23:12:12 | 003,979,680 | R--- | M] (Adobe Systems, Inc.) {de5aed00-a4bf-11d1-9948-00c04f98bbc9} [HKLM] -> Reg Error: Key error. [(default): HTML Help; IsInstalled: 1] -> File not found {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} [HKLM] -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [ComponentID: Yahoo! Messenger; IsInstalled: 1] -> [2009/05/26 21:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.) {E92B03AB-B707-11d2-9CBD-0000F87A369E} [HKLM] -> Reg Error: Key error. [(default): Active Directory Service Interface; IsInstalled: 1] -> File not found >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} [StubPath] -> C:\Windows\system32\unregmp2.exe /ShowWMP [(default): Microsoft Windows Media Player; IsInstalled: 0] -> >{26923b43-4d38-484f-9b9e-de460746276c} [StubPath] -> C:\Windows\system32\ie4uinit.exe -UserIconConfig [(default): Internet Explorer; IsInstalled: 1] -> >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [StubPath] -> "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP [(default): Browser Customizations; IsInstalled: 1] -> < ActiveX StubPath [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\ -> {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {2C7339CF-2B09-4501-B3F3-F3508C9228ED} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA840-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {44BBA848-CC51-11CF-AAFA-00AA00B6015C} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4340} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89820200-ECBD-11cf-8B85-00AA005B4383} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found {89B4C1CD-B018-4511-B0A1-5476DBF70820} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{26923b43-4d38-484f-9b9e-de460746276c} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found >{60B49E34-C7CC-11D0-8953-00A0C90347FF} [HKLM] -> Reg Error: Key error. [(no name)] -> File not found < App Paths [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ -> AcroRd32.exe -> C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe [C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe] -> [2007/05/11 03:06:38 | 000,341,616 | ---- | M] (Adobe Systems Incorporated) BackItUp.exe -> C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe [C:\Program Files\Nero\Nero8\Nero BackItUp\BackItUp.exe] -> [2007/09/20 08:50:42 | 023,532,840 | ---- | M] (Nero AG) BigFix.exe -> C:\Program Files\BigFix\bigfix.exe [C:\Program Files\BigFix\BigFix.exe] -> [2007/08/16 21:17:56 | 002,342,912 | ---- | M] (BigFix Inc.) CloneDVD2.exe -> C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2.exe [C:\Program Files\Elaborate Bytes\CloneDVD2\CloneDVD2.exe] -> [2009/03/13 18:50:15 | 004,967,592 | ---- | M] (Elaborate Bytes AG) cmmgr32.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found dvdmaker.exe -> C:\Program Files\Movie Maker\DVDMaker.exe [%ProgramFiles%\Movie Maker\dvdmaker.exe] -> [2009/04/11 02:27:33 | 001,963,008 | ---- | M] (Microsoft Corporation) excel.exe -> C:\Program Files\Microsoft Office\Office12\EXCEL.EXE [C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE] -> [2009/08/17 23:48:08 | 018,341,216 | ---- | M] (Microsoft Corporation) firefox.exe -> C:\Program Files\Mozilla Firefox\firefox.exe [C:\Program Files\Mozilla Firefox\firefox.exe] -> [2010/03/23 20:17:16 | 000,910,296 | ---- | M] (Mozilla Corporation) FreeArc.exe -> C:\Program Files\FreeArc\FreeArc.exe [C:\Program Files\FreeArc\FreeArc.exe] -> File not found fsquirt.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found GROOVE.EXE -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE [C:\PROGRA~1\MICROS~3\Office12\GROOVE.EXE] -> [2009/02/14 06:03:18 | 000,337,264 | ---- | M] (Microsoft Corporation) infopath.exe -> C:\Program Files\Microsoft Office\Office12\INFOPATH.EXE [C:\PROGRA~1\MICROS~3\Office12\INFOPATH.EXE] -> [2008/11/04 00:40:40 | 001,442,160 | ---- | M] (Microsoft Corporation) inkball.exe -> C:\Program Files\Microsoft Games\inkball\inkball.exe [%ProgramFiles%\Microsoft Games\inkball\inkball.exe] -> [2008/01/19 03:33:12 | 001,254,400 | ---- | M] (Microsoft Corporation) install.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found iTunes.exe -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe] -> [2010/01/22 20:16:38 | 010,358,056 | ---- | M] (Apple Inc.) javaws.exe -> C:\Program Files\Java\jre1.6.0_01\bin\javaws.exe [C:\Program Files\Java\jre1.6.0_01\bin\javaws.exe] -> [2007/03/14 06:04:46 | 000,139,264 | ---- | M] (Sun Microsystems, Inc.) Journal.exe -> C:\Program Files\Windows Journal\Journal.exe [%ProgramFiles%\Windows Journal\Journal.exe] -> [2009/04/11 02:27:41 | 001,850,880 | ---- | M] (Microsoft Corporation) mbam.exe -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe] -> [2010/01/07 17:07:10 | 001,394,000 | ---- | M] (Malwarebytes Corporation) MCUI32.exe -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\MCUI32.exe [C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\MCUI32.exe] -> [2010/01/20 23:03:43 | 000,443,248 | R--- | M] (Symantec Corporation) MediaManager.exe -> C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe [C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager\MediaManager.exe] -> [2008/04/16 15:40:02 | 001,361,152 | ---- | M] (Sony Creative Software Inc.) migwiz.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found moviemk.exe -> C:\Program Files\Movie Maker\MOVIEMK.exe [%ProgramFiles%\Movie Maker\moviemk.exe] -> [2009/04/11 02:27:45 | 000,150,016 | ---- | M] (Microsoft Corporation) mplayer2.exe -> C:\Program Files\Windows Media Player\wmplayer.exe [%ProgramFiles%\Windows Media Player\wmplayer.exe] -> [2009/09/10 10:58:25 | 000,168,960 | ---- | M] (Microsoft Corporation) MSACCESS.EXE -> C:\Program Files\Microsoft Office\Office12\MSACCESS.EXE [C:\PROGRA~1\MICROS~3\Office12\MSACCESS.EXE] -> [2009/03/06 02:37:52 | 010,222,432 | ---- | M] (Microsoft Corporation) msimn.exe -> C:\Program Files\Windows Mail\WinMail.exe [%ProgramFiles%\Windows Mail\WinMail.exe] -> [2008/01/19 03:33:37 | 000,397,312 | ---- | M] (Microsoft Corporation) MsoHtmEd.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found msoxmled.exe -> C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLED.EXE [C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLED.EXE] -> [2006/10/26 22:41:50 | 000,059,152 | ---- | M] (Microsoft Corporation) MSPUB.EXE -> C:\Program Files\Microsoft Office\Office12\MSPUB.EXE [C:\PROGRA~1\MICROS~3\Office12\MSPUB.EXE] -> [2009/03/13 01:10:32 | 009,589,104 | ---- | M] (Microsoft Corporation) msworks.exe -> C:\Program Files\Microsoft Works\MSWorks.exe [C:\Program Files\Microsoft Works\msworks.exe] -> [2007/06/20 17:04:26 | 000,628,064 | ---- | M] (Microsoft® Corporation) NAVW32.EXE -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\Navw32.exe [C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\Navw32.exe] -> [2010/01/20 23:03:43 | 000,136,048 | R--- | M] (Symantec Corporation) NAVWNT.EXE -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\navwnt.exe [C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\Navwnt.exe] -> [2010/01/20 23:03:43 | 000,060,784 | R--- | M] (Symantec Corporation) NCoverEd.exe -> C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverDes.exe [C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverDes.exe] -> [2007/11/05 10:22:26 | 006,382,888 | ---- | M] (Nero AG) Nero.exe -> C:\Program Files\Nero\Nero8\Nero Burning Rom\nero.exe [C:\Program Files\Nero\Nero8\Nero Burning Rom\Nero.exe] -> [2007/11/15 14:10:14 | 040,592,680 | ---- | M] (Nero AG) NeroBurnRights.exe -> C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.exe [C:\Program Files\Nero\Nero8\Nero Toolkit\NeroBurnRights.exe] -> [2007/09/20 08:55:18 | 001,008,936 | ---- | M] (Nero AG) NeroHome.exe -> C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe [C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe] -> [2007/10/23 14:17:38 | 000,759,080 | ---- | M] (Nero AG) NeroMediaHome.exe -> C:\Program Files\Nero\Nero8\Nero MediaHome\NeroMediaHome.exe [C:\Program Files\Nero\Nero8\Nero MediaHome\NeroMediaHome.exe] -> [2007/10/23 14:20:08 | 004,900,136 | ---- | M] (Nero AG) NeroVision.exe -> C:\Program Files\Nero\Nero8\Nero Vision\NeroVision.exe [C:\Program Files\Nero\Nero8\Nero Vision\NeroVision.exe] -> [2007/10/25 14:12:20 | 001,032,488 | ---- | M] (Nero AG) ois.exe -> C:\Program Files\Microsoft Office\Office12\OIS.EXE [C:\PROGRA~1\MICROS~3\Office12\OIS.EXE] -> [2008/11/04 01:24:48 | 000,274,808 | ---- | M] (Microsoft Corporation) OneNote.exe -> C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE [C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE] -> [2008/11/24 22:16:44 | 001,020,776 | ---- | M] (Microsoft Corporation) OUTLOOK.EXE -> C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE [C:\PROGRA~1\MICROS~3\Office12\OUTLOOK.EXE] -> [2009/08/17 23:54:54 | 012,957,536 | ---- | M] (Microsoft Corporation) pbrush.exe -> C:\Windows\System32\mspaint.exe [%SystemRoot%\System32\mspaint.exe] -> [2008/01/19 03:33:17 | 000,485,376 | ---- | M] (Microsoft Corporation) PhotoSnapViewer.exe -> C:\Program Files\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe [C:\Program Files\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe] -> [2007/09/20 08:58:04 | 003,450,152 | ---- | M] (Nero AG) PictureViewer.exe -> C:\Program Files\QuickTime\PictureViewer.exe [C:\Program Files\QuickTime\PictureViewer.exe] -> [2009/11/11 00:08:12 | 000,561,152 | ---- | M] (Apple Inc.) Power2GO.exe -> C:\Program Files\CyberLink\Power2Go\Power2Go.exe [C:\Program Files\CyberLink\Power2Go\Power2Go.exe] -> [2006/11/23 01:45:42 | 002,121,728 | ---- | M] (Cyberlink) Power2GoExpress.exe -> C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe [C:\Program Files\CyberLink\Power2Go\Power2GoExpress.exe] -> [2006/11/23 01:42:58 | 002,469,888 | ---- | M] (Cyberlink) powerpnt.exe -> C:\Program Files\Microsoft Office\Office12\POWERPNT.EXE [C:\PROGRA~1\MICROS~3\Office12\POWERPNT.EXE] -> [2009/02/26 14:06:28 | 000,521,080 | ---- | M] (Microsoft Corporation) QuickTimePlayer.exe -> C:\Program Files\QuickTime\QuickTimePlayer.exe [C:\Program Files\QuickTime\QuickTimePlayer.exe] -> [2009/11/11 00:35:52 | 001,230,112 | ---- | M] (Apple Inc.) Recode.exe -> C:\Program Files\Nero\Nero8\Nero Recode\Recode.exe [C:\Program Files\Nero\Nero8\Nero Recode\Recode.exe] -> [2007/10/22 08:51:22 | 013,542,696 | ---- | M] (Nero AG) RegAnyDVD -> C:\Program Files\SlySoft\AnyDVD\RegAnyDVD.exe [C:\Program Files\SlySoft\AnyDVD\RegAnyDVD.exe] -> File not found RegCloneDVD.exe -> C:\Program Files\Elaborate Bytes\CloneDVD2\RegCloneDVD.exe [C:\Program Files\Elaborate Bytes\CloneDVD2\RegCloneDVD.exe] -> [2009/03/13 18:50:16 | 000,101,584 | ---- | M] (Elaborate Bytes AG) RegCloneDVD2.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found SEPCSuite.exe -> C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe] -> [2008/02/20 17:19:44 | 000,356,352 | ---- | M] (Sony Ericsson Mobile Communications AB) setup.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found ShowTime.exe -> C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe [C:\Program Files\Nero\Nero8\Nero ShowTime\ShowTime.exe] -> [2007/10/30 14:24:16 | 006,120,744 | ---- | M] (Nero AG) SIFXINST.EXE -> C:\Program Files\SIFXINST\SIFXINST.EXE [C:\Program Files\SIFXINST\SIFXINST.EXE] -> [2006/06/11 20:01:18 | 000,729,088 | ---- | M] (New Boundary Technologies, Inc.) SnippingTool.exe -> C:\Windows\System32\SnippingTool.exe [C:\Windows\System32\SnippingTool.exe] -> [2009/04/11 02:28:04 | 000,275,968 | ---- | M] (Microsoft Corporation) SoundTrax.exe -> C:\Program Files\Nero\Nero8\Nero SoundTrax\SoundTrax.exe [C:\Program Files\Nero\Nero8\Nero SoundTrax\SoundTrax.exe] -> [2007/10/30 14:24:54 | 003,814,696 | ---- | M] (Nero AG) stikynot.exe -> C:\Windows\System32\StikyNot.exe [C:\Windows\System32\stikynot.exe] -> [2006/11/02 08:35:47 | 000,289,280 | ---- | M] (Microsoft Corporation) table30.exe -> Reg Error: Value error. [Reg Error: Value error.] -> File not found TabTip.exe -> C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [%CommonProgramFiles%\microsoft shared\ink\TabTip.exe] -> [2009/04/11 02:28:06 | 000,304,128 | ---- | M] (Microsoft Corporation) visio.exe -> C:\Program Files\Microsoft Office\Office12\VISIO.EXE [C:\PROGRA~1\MICROS~3\Office12\VISIO.EXE] -> [2006/10/27 16:09:42 | 000,183,592 | ---- | M] (Microsoft Corporation) wab.exe -> C:\Program Files\Windows Mail\wab.exe [%ProgramFiles%\Windows Mail\wab.exe] -> [2006/11/02 05:45:51 | 000,516,096 | ---- | M] (Microsoft Corporation) wabmig.exe -> C:\Program Files\Windows Mail\wabmig.exe [%ProgramFiles%\Windows Mail\wabmig.exe] -> [2006/11/02 05:45:51 | 000,066,048 | ---- | M] (Microsoft Corporation) waveedit.exe -> C:\Program Files\Nero\Nero8\Nero WaveEditor\waveedit.exe [C:\Program Files\Nero\Nero8\Nero WaveEditor\waveedit.exe] -> [2007/10/30 14:25:36 | 000,083,240 | ---- | M] (Nero AG) WinCal.exe -> C:\Program Files\Windows Calendar\wincal.exe ["%ProgramFiles%\Windows Calendar\wincal.exe"] -> [2009/04/11 02:28:12 | 000,967,680 | ---- | M] (Microsoft Corporation) WinMail.exe -> C:\Program Files\Windows Mail\WinMail.exe [%ProgramFiles%\Windows Mail\WinMail.exe] -> [2008/01/19 03:33:37 | 000,397,312 | ---- | M] (Microsoft Corporation) WinRAR.exe -> C:\Program Files\WinRAR\WinRAR.exe [C:\Program Files\WinRAR\WinRAR.exe] -> [2007/09/20 18:34:22 | 000,936,960 | ---- | M] () Winword.exe -> C:\Program Files\Microsoft Office\Office12\WINWORD.EXE [C:\PROGRA~1\MICROS~3\Office12\WINWORD.EXE] -> [2009/08/17 23:59:28 | 000,408,424 | ---- | M] (Microsoft Corporation) WKSAB.EXE -> C:\Program Files\Microsoft Works\wksab.exe [C:\Program Files\Microsoft Works\WKSAB.exe] -> [2007/06/20 17:04:52 | 000,020,832 | ---- | M] (Microsoft® Corporation) wkscal.exe -> C:\Program Files\Microsoft Works\WksCal.exe [C:\PROGRA~1\MICROS~2\WksCal.exe] -> [2007/06/20 17:04:54 | 000,709,984 | ---- | M] (Microsoft® Corporation) wksdb.exe -> C:\Program Files\Microsoft Works\wksdb.exe [C:\Program Files\Microsoft Works\wksdb.exe] -> [2007/06/20 17:04:54 | 001,242,464 | ---- | M] (Microsoft® Corporation) WKSSB.EXE -> C:\Program Files\Microsoft Works\WksSb.exe [C:\Program Files\Microsoft Works\WKSSB.exe] -> [2007/06/20 17:04:54 | 001,099,104 | ---- | M] (Microsoft® Corporation) wksss.exe -> C:\Program Files\Microsoft Works\wksss.exe [C:\Program Files\Microsoft Works\wksss.exe] -> [2007/06/20 17:04:54 | 000,947,552 | ---- | M] (Microsoft® Corporation) wkswp.exe -> C:\Program Files\Microsoft Works\WksWP.exe [C:\Program Files\Microsoft Works\wkswp.exe] -> [2007/06/20 17:04:54 | 000,693,600 | ---- | M] (Microsoft® Corporation) wmplayer.exe -> C:\Program Files\Windows Media Player\wmplayer.exe [%ProgramFiles%\Windows Media Player\wmplayer.exe] -> [2009/09/10 10:58:25 | 000,168,960 | ---- | M] (Microsoft Corporation) WORDPAD.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2008/01/19 03:33:40 | 000,337,408 | ---- | M] (Microsoft Corporation) WRITE.EXE -> C:\Program Files\Windows NT\Accessories\WORDPAD.EXE ["%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE"] -> [2008/01/19 03:33:40 | 000,337,408 | ---- | M] (Microsoft Corporation) XPSViewer.exe -> C:\Windows\System32\XPSViewer\XPSViewer.exe ["C:\Windows\System32\XPSViewer\XPSViewer.exe"] -> [2009/02/18 14:39:21 | 000,299,368 | ---- | M] (Microsoft Corporation) < Approved Shell Extensions [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved -> "{00020d75-0000-0000-c000-000000000046}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\MLSHEXT.DLL [Microsoft Office Outlook Desktop Icon Handler] -> [2009/02/26 13:09:28 | 000,020,352 | ---- | M] (Microsoft Corporation) "{0006F045-0000-0000-C000-000000000046}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\OLKFSTUB.DLL [Microsoft Office Outlook Custom Icon Handler] -> [2009/03/11 19:01:24 | 000,253,808 | ---- | M] (Microsoft Corporation) "{00f20eb5-8fd6-4d9d-b75e-36801766c8f1}" [HKLM] -> C:\Program Files\Windows Photo Gallery\PhotoAcq.dll [PhotoAcqDropTarget] -> [2009/04/11 02:28:23 | 001,030,144 | ---- | M] (Microsoft Corporation) "{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3}" [HKLM] -> C:\Program Files\Windows Photo Gallery\ImagingDevices.exe [Microsoft.ScannersAndCameras] -> [2006/11/02 08:36:17 | 000,202,752 | ---- | M] (Microsoft Corporation) "{031EE060-67BC-460d-8847-E4A7C5E45A27}" [HKLM] -> C:\Program Files\Windows Media Player\wmprph.exe [Windows Media Player Rich Preview Handler] -> [2008/01/19 03:33:40 | 000,059,392 | ---- | M] (Microsoft Corporation) "{0a4286ea-e355-44fb-8086-af3df7645bd9}" [HKLM] -> C:\Program Files\Windows Media Player\wmpband.dll [Windows Media Player] -> [2009/04/11 02:28:25 | 000,099,328 | ---- | M] (Microsoft Corporation) "{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48}" [HKLM] -> Reg Error: Key error. [Contacts folder] -> File not found "{11dbb47c-a525-400b-9e80-a54615a090c0}" [HKLM] -> C:\Windows\System32\ExplorerFrame.dll [Execute Folder] -> [2009/04/11 02:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) "{13D3C4B8-B179-4ebb-BF62-F704173E7448}" [HKLM] -> C:\Program Files\Common Files\System\wab32.dll [Windows Contact Preview Handler] -> [2009/04/11 02:28:25 | 000,707,584 | ---- | M] (Microsoft Corporation) "{15D633E2-AD00-465b-9EC7-F56B7CDF8E27}" [HKLM] -> C:\Program Files\Common Files\microsoft shared\ink\TipBand.dll [Tablet PC Input Panel] -> [2006/11/02 08:35:47 | 000,114,688 | ---- | M] (Microsoft Corporation) "{16C2C29D-0E5F-45f3-A445-03E03F587B7D}" [HKLM] -> C:\Program Files\Common Files\System\wab32.dll [group_wab_auto_file] -> [2009/04/11 02:28:25 | 000,707,584 | ---- | M] (Microsoft Corporation) "{16F3DD56-1AF5-4347-846D-7C10C4192619}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 3 (GFS Folder)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{176d6597-26d3-11d1-b350-080036a75b03}" [HKLM] -> C:\Windows\System32\colorui.dll [ICM Scanner Management] -> [2008/01/19 03:33:58 | 000,686,592 | ---- | M] (Microsoft Corporation) "{1b24a030-9b20-49bc-97ac-1be4426f9e59}" [HKLM] -> Reg Error: Key error. [ActiveDirectory Folder] -> File not found "{1CA6BBC9-E9FA-4021-822B-075DF1837B63}" [HKLM] -> C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll [NeroDigitalIconHandler] -> File not found "{1FA9085F-25A2-489B-85D4-86326EEDCD87}" [HKLM] -> C:\Windows\System32\wlanpref.dll [Manage Wireless Networks] -> [2009/04/11 02:28:25 | 001,671,680 | ---- | M] (Microsoft Corporation) "{2206CDB2-19C1-11D1-89E0-00C04FD7A829}" [HKLM] -> C:\Program Files\Common Files\System\Ole DB\oledb32.dll [Microsoft Data Link] -> [2008/01/19 03:36:01 | 000,688,128 | ---- | M] (Microsoft Corporation) "{2781761E-28E0-4109-99FE-B9D127C57AFE}" [HKLM] -> C:\Program Files\Windows Defender\MpOAV.dll [Windows Defender IOfficeAntiVirus implementation] -> [2008/01/19 03:38:14 | 000,090,680 | ---- | M] (Microsoft Corporation) "{28803F59-3A75-4058-995F-4EE5503B023C}" [HKLM] -> C:\Windows\System32\FunctionDiscoveryFolder.dll [Wireless Devices] -> [2009/04/11 02:28:19 | 002,134,528 | ---- | M] (Microsoft Corporation) "{289978AC-A101-4341-A817-21EBA7FD046D}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Conflict Folder] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Explorer Bar] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{2C2577C2-63A7-40e3-9B7F-586602617ECB}" [HKLM] -> Reg Error: Key error. [Explorer Query Band] -> File not found "{2E9E59C0-B437-4981-A647-9C34B9B90891}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Setup Folder] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{32714800-2E5F-11d0-8B85-00AA0044F941}" [HKLM] -> C:\Program Files\Windows Mail\wabfind.dll [For &People...] -> [2006/11/02 05:46:13 | 000,033,280 | ---- | M] (Microsoft Corporation) "{34449847-FD14-4fc8-A75A-7432F5181EFB}" [HKLM] -> Reg Error: Key error. [ActiveDirectory Folder] -> File not found "{387E725D-DC16-4D76-B310-2C93ED4752A0}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove XML Icon Handler] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b}" [HKLM] -> C:\Windows\System32\van.DLL [View Available Networks] -> [2008/01/19 03:36:47 | 000,257,024 | ---- | M] (Microsoft Corporation) "{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}" [HKLM] -> C:\Windows\System32\nvshext.dll [NVIDIA Play On My TV Context Menu Extension] -> [2009/09/27 18:47:00 | 000,150,120 | ---- | M] (NVIDIA Corporation) "{3e7efb4c-faf1-453d-89eb-56026875ef90}" [HKLM] -> [Get Programs Online] -> File not found "{4026492f-2f69-46b8-b9bf-5654fc07e423}" [HKLM] -> C:\Windows\System32\FirewallControlPanel.exe [Windows Firewall] -> [2008/01/19 03:33:10 | 002,585,088 | ---- | M] (Microsoft Corporation) "{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}" [HKLM] -> C:\Windows\System32\MediaMetadataHandler.dll [Video Media Properties Handler] -> [2009/04/11 02:28:20 | 000,356,864 | ---- | M] (Microsoft Corporation) "{42042206-2D85-11D3-8CFF-005004838597}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL [Microsoft Office HTML Icon Handler] -> [2008/10/25 06:18:56 | 000,061,816 | ---- | M] (Microsoft Corporation) "{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486}" [HKLM] -> C:\Windows\System32\icsigd.dll [IGD Property Sheet Handler] -> [2006/11/02 05:46:05 | 000,195,584 | ---- | M] (Microsoft Corporation) "{4B534112-3AF6-4697-A77C-D62CE9B9E7CF}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Event Properties Extension] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A}" [HKLM] -> C:\Windows\System32\gameux.dll [GameUX.RichGameMediaThumbnail] -> [2010/01/06 11:39:38 | 001,696,256 | ---- | M] (Microsoft Corporation) "{4F58F63F-244B-4c07-B29F-210BE59BE9B4}" [HKLM] -> C:\Program Files\Common Files\System\wab32.dll [.group shell extension handler] -> [2009/04/11 02:28:25 | 000,707,584 | ---- | M] (Microsoft Corporation) "{4FBFFA8D-F390-471a-AE46-FEB93623AD63}" [HKLM] -> C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll [NeroDigitalInfoHandler] -> File not found "{506F4668-F13E-4AA1-BB04-B43203AB3CC0}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\VISSHE.DLL [{506F4668-F13E-4AA1-BB04-B43203AB3CC0}] -> [2006/10/26 23:59:12 | 000,282,928 | ---- | M] (Microsoft Corporation) "{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" [HKLM] -> C:\Windows\System32\acppage.dll [Compatibility Property Page] -> [2006/11/02 05:46:02 | 000,038,912 | ---- | M] (Microsoft Corporation) "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}" [HKLM] -> C:\Windows\System32\control.exe [Control Panel command object for Start menu] -> [2006/11/02 05:44:59 | 000,211,968 | ---- | M] (Microsoft Corporation) "{53BEDF0B-4E5B-4183-8DC9-B844344FA104}" [HKLM] -> C:\Windows\System32\mssvp.dll [Microsoft Windows MAPI Preview Handler] -> [2009/04/11 02:28:22 | 000,670,720 | ---- | M] (Microsoft Corporation) "{576C9E85-1300-4EF5-BF6B-D00509F4EDCD}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Handler Properties Extension] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\ONFILTER.DLL [Microsoft Office OneNote Namespace Extension for Windows Desktop Search] -> [2008/10/25 08:18:50 | 000,072,568 | ---- | M] (Microsoft Corporation) "{5DB2625A-54DF-11D0-B6C4-0800091AA605}" [HKLM] -> C:\Windows\System32\colorui.dll [ICM Monitor Management] -> [2008/01/19 03:33:58 | 000,686,592 | ---- | M] (Microsoft Corporation) "{5ea4f148-308c-46d7-98a9-49041b1dd468}" [HKLM] -> C:\Windows\System32\mblctr.exe [Mobility Center Control Panel] -> [2009/04/11 02:27:43 | 000,950,272 | ---- | M] (Microsoft Corporation) "{675F097E-4C4D-11D0-B6C1-0800091AA605}" [HKLM] -> C:\Windows\System32\colorui.dll [ICM Printer Management] -> [2008/01/19 03:33:58 | 000,686,592 | ---- | M] (Microsoft Corporation) "{67718415-c450-4f3c-bf8a-b487642dc39b}" [HKLM] -> C:\Windows\System32\OptionalFeatures.exe [Windows Features] -> [2008/01/19 03:33:19 | 000,097,280 | ---- | M] (Microsoft Corporation) "{6b33163c-76a5-4b6c-bf21-45de9cd503a1}" [HKLM] -> C:\Windows\System32\shwebsvc.dll [Shell Publishing Wizard Object] -> [2009/04/11 02:28:24 | 000,425,472 | ---- | M] (Microsoft Corporation) "{6b9228da-9c15-419e-856c-19e768a13bdc}" [HKLM] -> C:\Program Files\Windows Sidebar\sbdrop.dll [Windows gadget DropTarget] -> [2006/11/02 08:35:15 | 000,066,048 | ---- | M] (Microsoft Corporation) "{6C467336-8281-4E60-8204-430CED96822D}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Context Menu Handler] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{71D99464-3B6B-475C-B241-E15883207529}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Results Folder] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{74246bfc-4c96-11d0-abef-0020af6b0b7a}" [HKLM] -> C:\Windows\System32\devmgr.dll [Device Manager] -> [2009/04/11 02:28:18 | 000,378,368 | ---- | M] (Microsoft Corporation) "{7842554E-6BED-11D2-8CDB-B05550C10000}" [HKLM] -> C:\Windows\System32\BTNCopy.dll [Monitor] -> [2007/09/05 12:31:34 | 000,184,320 | ---- | M] (Broadcom Corporation.) "{7A0F6AB7-ED84-46B6-B47E-02AA159A152B}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Simple Conflict Presenter] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{7A979262-40CE-46ff-AEEE-7884AC3B6136}" [HKLM] -> C:\Windows\System32\hdwwiz.exe [Add New Hardware] -> [2009/04/11 02:27:39 | 000,080,384 | ---- | M] (Microsoft Corporation) "{7A9D77BD-5403-11d2-8785-2E0420524153}" [HKLM] -> C:\Windows\System32\Netplwiz.exe [User Accounts] -> [2008/01/19 03:33:18 | 000,025,600 | ---- | M] (Microsoft Corporation) "{7F1CF152-04F8-453A-B34C-E609530A9DC8}" [HKLM] -> C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll [NeroDigitalPropSheetHandler] -> [2007/11/15 14:09:54 | 001,803,560 | ---- | M] (Nero AG) "{7F67036B-66F1-411A-AD85-759FB9C5B0DB}" [HKLM] -> C:\Windows\System32\ShellvRTF.dll [SampleView] -> [2002/09/21 01:42:28 | 000,122,880 | ---- | M] (XSS) "{8082C5E6-4C27-48ec-A809-B8E1122E8F97}" [HKLM] -> C:\Program Files\Common Files\System\wab32.dll [.contact shell extension handler] -> [2009/04/11 02:28:25 | 000,707,584 | ---- | M] (Microsoft Corporation) "{846083A4-BFC6-4447-985C-6578B466A7D7}" [HKLM] -> C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll [NeroDigitalPropSheetHandler] -> File not found "{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}" [HKLM] -> C:\Windows\System32\MediaMetadataHandler.dll [Audio Media Properties Handler] -> [2009/04/11 02:28:20 | 000,356,864 | ---- | M] (Microsoft Corporation) "{877ca5ac-cb41-4842-9c69-9136e42d47e2}" [HKLM] -> C:\Windows\System32\sdshext.dll [File Backup Index] -> [2008/01/19 03:36:20 | 000,098,816 | ---- | M] (Microsoft Corporation) "{89D83576-6BD1-4c86-9454-BEB04E94C819}" [HKLM] -> C:\Windows\System32\mssvp.dll [MAPI Search Namespace Extension] -> [2009/04/11 02:28:22 | 000,670,720 | ---- | M] (Microsoft Corporation) "{8E25992B-373E-486E-80E5-BD23AE417E66}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Device Notification Sink] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{90b9bce2-b6db-4fd3-8451-35917ea1081b}" [HKLM] -> C:\Windows\System32\ExplorerFrame.dll [Search Execute Command] -> [2009/04/11 02:28:19 | 000,020,992 | ---- | M] (Microsoft Corporation) "{911051fa-c21c-4246-b470-070cd8df6dc4}" [HKLM] -> Reg Error: Key error. [.cab or .zip files] -> File not found "{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}" [HKLM] -> C:\Windows\System32\EhStorShell.dll [Enhanced Storage Data Source] -> [2009/04/11 02:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) "{91ADC906-6722-4B05-A12B-471ADDCCE132}" [HKLM] -> C:\Windows\System32\TouchX.dll [Touch Band] -> [2006/11/02 08:35:24 | 002,073,600 | ---- | M] (Microsoft Corporation) "{920E6DB1-9907-4370-B3A0-BAFC03D81399}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{92337A8C-E11D-11D0-BE48-00C04FC30DF6}" [HKLM] -> C:\Windows\System32\oleprn.dll [OlePrn.PrinterURL] -> [2009/04/11 02:28:23 | 000,097,792 | ---- | M] (Microsoft Corporation) "{967B2D40-8B7D-4127-9049-61EA0C2C6DCE}" [HKLM] -> C:\Program Files\PowerISO\PWRISOSH.DLL [PowerISO] -> [2009/03/15 06:15:52 | 000,159,744 | ---- | M] (PowerISO Computing, Inc.) "{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2}" [HKLM] -> C:\Program Files\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [NeroCoverEd Live Icons] -> [2007/11/05 10:23:36 | 002,106,664 | ---- | M] (Nero AG) "{993BE281-6695-4BA5-8A2A-7AACBFAAB69E}" [HKLM] -> C:\Program Files\Common Files\microsoft shared\OFFICE12\msoshext.dll [Microsoft Office Metadata Handler] -> [2008/11/21 00:02:30 | 000,988,040 | ---- | M] (Microsoft Corporation) "{99FD978C-D287-4F50-827F-B2C658EDA8E7}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Folder] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{9D687A4C-1404-41ef-A089-883B6FBECDE6}" [HKLM] -> [Windows Photo Gallery Viewer Autoplay Handler] -> File not found "{a304259d-52b8-4526-8b1a-a1d6cecc8243}" [HKLM] -> C:\Windows\System32\iscsicpl.exe [iSCSI Initiator] -> [2006/11/02 05:45:17 | 000,120,320 | ---- | M] (Microsoft Corporation) "{A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D}" [HKLM] -> C:\Program Files\Sophos\Sophos Anti-Virus\SavShellExt.dll [Sophos Anti-Virus Shell Extension] -> File not found "{A449600E-1DC6-4232-B948-9BD794D62056}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Icon Handler] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{A70C977A-BF00-412C-90B7-034C51DA2439}" [HKLM] -> C:\Windows\System32\nvcpl.dll [NvCpl DesktopContext Class] -> [2009/09/27 18:46:00 | 013,949,544 | ---- | M] (NVIDIA Corporation) "{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove Explorer Icon Overlay 2 (GFS Stub)] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{add36aa8-751a-4579-a266-d66f5202ccbb}" [HKLM] -> C:\Windows\System32\shwebsvc.dll [Print Ordering via the Web] -> [2009/04/11 02:28:24 | 000,425,472 | ---- | M] (Microsoft Corporation) "{b2c761c6-29bc-4f19-9251-e6195265baf1}" [HKLM] -> C:\Windows\System32\colorcpl.exe [Color Control Panel Applet] -> [2006/11/02 05:44:59 | 000,084,992 | ---- | M] (Microsoft Corporation) "{B327765E-D724-4347-8B16-78AE18552FC3}" [HKLM] -> C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll [NeroDigitalIconHandler] -> [2007/11/15 14:09:54 | 001,803,560 | ---- | M] (Nero AG) "{B32D3949-ED98-4DBB-B347-17A144969BBA}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Item Properties Extension] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{B41DB860-8EE4-11D2-9906-E49FADC173CA}" [HKLM] -> C:\Program Files\WinRAR\RarExt.dll [WinRAR shell extension] -> [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Stub Execution Hook] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) "{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" [HKLM] -> C:\Program Files\iTunes\iTunesMiniPlayer.dll [iTunes] -> [2010/01/22 20:16:42 | 000,124,200 | ---- | M] (Apple Inc.) "{BC48B32F-5910-47F5-8570-5074A8A5636A}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Results Delegate Folder] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{BC65FB43-1958-4349-971A-210290480130}" [HKLM] -> C:\Windows\System32\NcdProp.dll [Network Explorer Property Sheet Handler] -> [2009/04/11 02:28:22 | 000,019,968 | ---- | M] (Microsoft Corporation) "{BD7A2E7B-21CB-41b2-A086-B309680C6B7E}" [HKLM] -> C:\Windows\System32\mssvp.dll [Client Side Cache Namespace Extension] -> [2009/04/11 02:28:22 | 000,670,720 | ---- | M] (Microsoft Corporation) "{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97}" [HKLM] -> C:\Program Files\Common Files\microsoft shared\OFFICE12\msoshext.dll [Microsoft Office Thumbnail Handler] -> [2008/11/21 00:02:30 | 000,988,040 | ---- | M] (Microsoft Corporation) "{c5a40261-cd64-4ccf-84cb-c394da41d590}" [HKLM] -> C:\Windows\System32\MediaMetadataHandler.dll [Video Thumbnail Extractor] -> [2009/04/11 02:28:20 | 000,356,864 | ---- | M] (Microsoft Corporation) "{C8494E42-ACDD-4739-B0FB-217361E4894F}" [HKLM] -> Reg Error: Key error. [Sam Account Folder] -> File not found "{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B}" [HKLM] -> C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll [NeroDigitalColumnHandler] -> File not found "{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1}" [HKLM] -> C:\Windows\System32\oobefldr.dll [Welcome Center] -> [2009/04/11 02:28:23 | 002,153,472 | ---- | M] (Microsoft Corporation) "{CC6EEFFB-43F6-46c5-9619-51D571967F7D}" [HKLM] -> C:\Windows\System32\shwebsvc.dll [Web Publishing Wizard] -> [2009/04/11 02:28:24 | 000,425,472 | ---- | M] (Microsoft Corporation) "{CF67796C-F57F-45F8-92FB-AD698826C602}" [HKLM] -> C:\Program Files\Common Files\System\wab32.dll [contact_wab_auto_file] -> [2009/04/11 02:28:25 | 000,707,584 | ---- | M] (Microsoft Corporation) "{d3e34b21-9d75-101a-8c3d-00aa001a1652}" [HKLM] -> C:\Windows\System32\mspaint.exe [Bitmap Image] -> [2008/01/19 03:33:17 | 000,485,376 | ---- | M] (Microsoft Corporation) "{D66DC78C-4F61-447F-942B-3FB6980118CF}" [HKLM] -> C:\Program Files\Microsoft Office\Office12\VISSHE.DLL [{D66DC78C-4F61-447F-942B-3FB6980118CF}] -> [2006/10/26 23:59:12 | 000,282,928 | ---- | M] (Microsoft Corporation) "{d8559eb9-20c0-410e-beda-7ed416aecc2a}" [HKLM] -> C:\Program Files\Windows Defender\MSASCui.exe [Windows Defender] -> [2008/01/19 03:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) "{da67b8ad-e81b-4c70-9b91b417b5e33527}" [HKLM] -> Reg Error: Key error. [Windows Search Shell Service] -> File not found "{DBCE2480-C732-101B-BE72-BA78E9AD5B27}" [HKLM] -> C:\Windows\System32\colorui.dll [ICC Profile] -> [2008/01/19 03:33:58 | 000,686,592 | ---- | M] (Microsoft Corporation) "{E29F9716-5C08-4FCD-955A-119FDB5A522D}" [HKLM] -> Reg Error: Key error. [Sam Account Folder] -> File not found "{E413D040-6788-4C22-957E-175D1C513A34}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Conflict Delegate Folder] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{E44E5D18-0652-4508-A4E2-8A090067BCB0}" [HKLM] -> C:\Windows\System32\control.exe [Default Programs command object for Start menu] -> [2006/11/02 05:44:59 | 000,211,968 | ---- | M] (Microsoft Corporation) "{E46D104B-FE72-4396-A6F4-E984F3FCC057}" [HKLM] -> C:\Program Files\Spare Backup\SpareShellExtension.dll [Spare Backup Shell] -> [2007/09/13 20:22:06 | 000,304,968 | ---- | M] (Spare Backup, Inc.) "{E598560B-28D5-46aa-A14A-8A3BEA34B576}" [HKLM] -> C:\Program Files\Windows Photo Gallery\PhotoViewer.dll [Windows Photo Gallery Viewer Video Verbs] -> [2009/04/11 02:28:23 | 002,323,968 | ---- | M] (Microsoft Corporation) "{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60}" [HKLM] -> C:\Windows\System32\gameux.dll [RichGameMediaPropertyStore Class] -> [2010/01/06 11:39:38 | 001,696,256 | ---- | M] (Microsoft Corporation) "{ED228FDF-9EA8-4870-83B1-96B02CFE0D52}" [HKLM] -> C:\Windows\System32\gameux.dll [Games Folder] -> [2010/01/06 11:39:38 | 001,696,256 | ---- | M] (Microsoft Corporation) "{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87}" [HKLM] -> C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll [NeroDigitalThumbnailHandler] -> File not found "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" [HKLM] -> C:\Windows\System32\networkexplorer.dll [Computers and Devices] -> [2009/04/11 02:28:23 | 002,226,688 | ---- | M] (Microsoft Corporation) "{F04CC277-03A2-4277-96A9-77967471BDFF}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Center Conflict Properties Extension] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C}" [HKLM] -> C:\Windows\System32\SyncCenter.dll [Sync Setup Delegate Folder] -> [2009/04/11 02:28:24 | 002,205,184 | ---- | M] (Microsoft Corporation) "{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}" [HKLM] -> Reg Error: Key error. [IE User Assist] -> File not found "{fcfeecae-ee1b-4849-ae50-685dcf7717ec}" [HKLM] -> C:\Windows\System32\wercon.exe [Problem Reports and Solutions] -> [2009/04/11 02:28:11 | 001,143,296 | ---- | M] (Microsoft Corporation) "{FFB699E0-306A-11d3-8BD1-00104B6F7516}" [HKLM] -> C:\Windows\System32\nvcpl.dll [Play on my TV helper] -> [2009/09/27 18:46:00 | 013,949,544 | ---- | M] (NVIDIA Corporation) "{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A}" [HKLM] -> C:\Program Files\Windows Photo Gallery\PhotoViewer.dll [Windows Photo Gallery Viewer Image Verbs] -> [2009/04/11 02:28:23 | 002,323,968 | ---- | M] (Microsoft Corporation) < Desktop WallPaper > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General -> WallPaper -> C:\Windows\Web\Wallpaper\img4.jpg -> BackupWallPaper -> C:\Windows\Web\Wallpaper\img4.jpg -> < Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> ArcSoft Connection Service hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe -> [2009/07/10 13:59:22 | 000,195,072 | ---- | M] (ArcSoft Inc.) BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe -> [2007/10/23 14:18:46 | 000,202,024 | ---- | M] (Nero AG) iTunesHelper hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\iTunes\iTunesHelper.exe -> [2010/01/22 20:16:42 | 000,141,608 | ---- | M] (Apple Inc.) Messenger (Yahoo!) hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe -> [2009/05/26 21:06:32 | 004,351,216 | ---- | M] (Yahoo! Inc.) Spare Backup hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Spare Backup\SpareBackup.exe -> [2007/09/13 20:22:04 | 005,252,936 | ---- | M] (SpareBackup, Inc.) < Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> "bootini" -> 2 -> "startup" -> 2 -> < Drivers32 [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32 -> "msacm.clmp3enc" -> C:\Program Files\CyberLink\Power2Go\CLMP3Enc.ACM [C:\PROGRA~1\CYBERL~1\Power2Go\CLMP3Enc.ACM] -> [2005/05/14 00:00:52 | 000,217,088 | ---- | M] (CyberLink Corp.) "msacm.l3acm" -> C:\Windows\System32\l3codeca.acm [C:\Windows\System32\l3codeca.acm] -> [2008/01/19 03:33:00 | 000,062,464 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) "vidc.cvid" -> C:\Windows\System32\iccvid.dll [iccvid.dll] -> [2006/11/02 08:34:41 | 000,081,920 | ---- | M] (Radius Inc.) "vidc.XVID" -> C:\Windows\System32\xvidvfw.dll [xvidvfw.dll] -> [2008/04/27 10:35:28 | 000,180,224 | ---- | M] () < Ext (PreApproved) - [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) {02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> C:\Program Files\Microsoft Office\Office12\IEAWSDC.DLL [Microsoft Office Template and Media Control] -> [2008/10/25 06:18:50 | 000,172,880 | ---- | M] () {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {07B06095-5687-4D13-9E32-12B4259C9813} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL [STSUpld UploadCtl Class] -> [2006/10/26 19:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {0D012ABD-CEED-11D2-9C76-00105AA73033} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveDocumentShareTool.dll [Groove DocumentShareView] -> [2009/02/14 06:03:38 | 003,070,832 | ---- | M] (Microsoft Corporation) {166B1BCA-3F9C-11CF-8075-444553540000} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010/01/12 02:40:40 | 000,213,272 | ---- | M] (Adobe Systems, Inc.) {233C1507-6A77-46A4-9443-F871F945D258} [HKLM] -> C:\Windows\System32\Adobe\Director\SwDir.dll [Shockwave ActiveX Control] -> [2010/01/12 02:40:40 | 000,213,272 | ---- | M] (Adobe Systems, Inc.) {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Spreadsheet Launcher] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {44990b00-3c9d-426d-81df-aab636fa4345} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\Support Controls\tgctlcm.dll [Symantec Configuration Class] -> [2007/07/30 19:54:40 | 000,279,952 | ---- | M] (Symantec Corporation) {44990b0a-3c9d-426d-81df-aab636fa4345} [HKLM] -> Reg Error: Key error. [Handler for ElevationHelper Class] -> File not found {44990b0c-3c9d-426d-81df-aab636fa4345} [HKLM] -> C:\Program Files\Common Files\Symantec Shared\Support Controls\tgctlcm.dll [Symantec Elevation Helper Class] -> [2007/07/30 19:54:40 | 000,279,952 | ---- | M] (Symantec Corporation) {5189CEDF-00E7-4BF8-86F3-B8EF935A45E9} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\OCSCtl.exe [OCSEngine Class] -> [2009/12/28 12:01:25 | 000,222,568 | R--- | M] (Symantec Corporation) {56A58823-AE99-11D5-B90B-0050DACD1F75} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveCommonComponents.dll [Groove Data List Display] -> [2009/02/14 06:03:28 | 002,687,336 | ---- | M] (Microsoft Corporation) {5852F5ED-8BF4-11D4-A245-0080C6F74284} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\wsdetect.dll [isInstalled Class] -> [2007/03/14 07:43:53 | 000,110,592 | ---- | M] (Sun Microsystems, Inc.) {62B4D041-4667-40B6-BB50-4BC0A5043A73} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Export Database Launcher] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSLIST.DLL [Microsoft Office List 12.0] -> [2009/03/06 03:01:06 | 002,335,648 | ---- | M] (Microsoft Corporation) {760C4B83-E211-11D2-BF3E-00805FBE84A6} [HKLM] -> C:\Windows\System32\msnetobj.dll [Windows Media Services DRM Storage object] -> [2009/04/11 02:28:21 | 000,179,712 | ---- | M] (Microsoft Corporation) {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {8075631E-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files\Microsoft Office\Office12\INLAUNCH.DLL [SharepointOpenXMLDocuments] -> [2009/03/06 04:26:06 | 000,065,400 | ---- | M] (Microsoft Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll [Java Plug-in 1.6.0_01] -> [2007/03/14 07:43:41 | 000,132,760 | ---- | M] (Sun Microsystems, Inc.) {8E4062D9-FE1B-4b9e-AA16-5E8EEF68F48E} [HKLM] -> C:\Windows\System32\RegCtrl.dll [Registration Control] -> [2008/01/19 03:36:16 | 000,040,960 | ---- | M] (Microsoft Corporation) {90D9E343-D350-44ba-9329-1AA35B038657} [HKLM] -> C:\Program Files\Seekmo\bin\10.3.79.0\SeekmoSAAX.dll [Seekmo UserProfiles Class] -> File not found {9203C2CB-1DC1-482D-967E-597AFF270F0D} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint OpenDocuments Class] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {95F35795-64B1-495D-9DE7-390EECC31EC8} [HKLM] -> C:\Program Files\Microsoft Office\Office12\DGRMLNCH.DLL [Microsoft Office Visio 12.0 Diagram Launch Control] -> [2006/10/26 23:59:32 | 000,083,744 | ---- | M] (Microsoft Corporation) {9F9C4924-C3F3-4459-A396-9E9E0D8B83D1} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [HKLM] -> C:\Windows\System32\msnetobj.dll [RMGetLicense Class] -> [2009/04/11 02:28:21 | 000,179,712 | ---- | M] (Microsoft Corporation) {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientEventSubscription Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientMiscApis Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE40-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCommentThread Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE42-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientComment Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE43-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSBrowserUI Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWS Post Data] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [SharePoint Spreadsheet Launcher] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [Web Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionServers Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSClientCollaboration Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussion] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.Discussions] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServer] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE.DiscussionServers] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OSE Global Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL [OWSDiscussionBar Class] -> [2008/11/21 02:34:20 | 000,798,584 | ---- | M] (Microsoft Corporation) {BDEADEF2-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint OpenDocuments Class] -> File not found {BDEADEF4-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> Reg Error: Key error. [SharePoint Stssync Handler] -> File not found {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [HKLM] -> C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL [SharePoint Stssync Handler] -> [2009/03/06 04:23:08 | 000,140,168 | ---- | M] (Microsoft Corporation) {c9022ee3-48e6-48c9-be81-9932576c1e8c} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C9712B19-838B-45A5-ABF2-9A315DDDED50} [HKLM] -> C:\Program Files\Microsoft Office\Office12\AUTHZAX.DLL [Microsoft Office 12 Authorization Control] -> [2008/10/25 06:18:46 | 000,054,152 | ---- | M] (Microsoft Corporation) {CA8A9780-280D-11CF-A24D-444553540000} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [Adobe PDF Reader] -> [2008/10/14 21:29:50 | 000,632,168 | ---- | M] (Adobe Systems, Inc.) {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [Java Plug-in 1.6.0_01] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [Java Plug-in 1.6.0_01] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [Java Plug-in 1.6.0_01] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CB927D12-4FF7-4A9E-A169-56E4B8A75598} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [Behavior Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [HKLM] -> C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL [STSUpld CopyCtl Class] -> [2006/10/26 19:59:30 | 000,227,128 | ---- | M] (Microsoft Corporation) {CFCDAA03-8BE4-11cf-B84B-0020AFBBCCFA} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11cf-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10c.ocx [Shockwave Flash Object] -> [2009/07/17 23:12:12 | 003,979,680 | R--- | M] (Adobe Systems, Inc.) {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [HKLM] -> C:\Program Files\iTunes\ITDetector.ocx [iTunesDetector Class] -> [2010/01/22 20:16:30 | 000,111,912 | ---- | M] (Apple Inc.) {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll [MessengerChecker Class] -> [2009/05/26 21:06:34 | 000,103,664 | ---- | M] (Yahoo! Inc.) {E01D1C6A-4F40-11D3-8958-00105A272DCF} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveTextTools.dll [Groove Text View] -> [2009/02/14 06:03:54 | 001,161,568 | ---- | M] (Microsoft Corporation) {E543A17A-F212-49C0-B63D-BF09B460250E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\oisctrl.dll [OISClientLauncher Class] -> [2009/03/06 04:23:50 | 000,022,432 | ---- | M] (Microsoft Corporation) {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [HKLM] -> C:\Program Files\Common Files\microsoft shared\Portal\PortalConnectCore.dll [PersonalSite Class] -> [2008/10/26 05:42:16 | 000,482,656 | ---- | M] () {E8BDFF85-F8C2-4281-8669-31253E646518} [HKLM] -> C:\Program Files\Seekmo\bin\10.3.79.0\SeekmoSAAX.dll [Seekmo ClientDetector Class] -> File not found {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) 3E4D4F1C-2AEE-11D1-9D3D-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 435899C9-44AB-11D1-AF00-080036234103 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 4F664F91-FF01-11D0-8AED-00C04FD7B597 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 65303443-AD66-11D1-9D65-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found 92337A8C-E11D-11D0-BE48-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found C3701884-B39B-11D1-9D68-00C04FC30DF6 [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found < Ext (Settings) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\ -> {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated) {201F27D4-3704-41D6-89C1-AA35E39143ED} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3041D03E-FD4B-44E0-B742-2D9B88305F98} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {64697678-0000-0010-8000-00AA00389B71} [HKLM] -> C:\Windows\System32\xvid.ax [Xvid MPEG-4 Video Decoder] -> [2007/06/28 18:55:18 | 000,077,824 | ---- | M] () {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/12/28 12:01:20 | 000,107,896 | R--- | M] (Symantec Corporation) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BA14329E-9550-4989-B3F2-9732E92D17CC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Windows\System32\BAE.dll [CBrowserHelperObject Object] -> [2006/02/01 06:54:30 | 000,094,208 | ---- | M] (Gateway Inc.) {CCA281CA-C863-46EF-9331-5C8D4460577F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10c.ocx [Shockwave Flash Object] -> [2009/07/17 23:12:12 | 003,979,680 | R--- | M] (Adobe Systems, Inc.) {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [SingleInstance Class] -> [2009/07/30 22:44:02 | 000,159,472 | ---- | M] (Yahoo! Inc) < Ext (Stats) - [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\ -> {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {02478D38-C3F9-4EFB-9B51-7695ECA05670} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [&Yahoo! Toolbar Helper] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 000,062,080 | ---- | M] (Adobe Systems Incorporated) {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> Reg Error: Key error. [Reg Error: Value error.] -> File not found {201F27D4-3704-41D6-89C1-AA35E39143ED} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {2670000A-7350-4F3C-8081-5663EE0C6C49} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {3041D03E-FD4B-44E0-B742-2D9B88305F98} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {4063BE15-3B08-470D-A0D5-B37161CFFD69} [HKLM] -> C:\Program Files\QuickTime\QTPlugin.ocx [QuickTime Object] -> [2009/11/11 00:35:52 | 000,795,952 | ---- | M] (Apple Inc.) {53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll [Symantec NCO BHO] -> [2009/12/28 12:01:18 | 000,378,736 | R--- | M] (Symantec Corporation) {6D53EC84-6AAE-4787-AEEE-F4628F01010C} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\IPSBHO.dll [Symantec Intrusion Prevention] -> [2009/12/28 12:01:20 | 000,107,896 | R--- | M] (Symantec Corporation) {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [Groove GFS Browser Helper] -> [2009/02/12 15:19:32 | 002,217,848 | ---- | M] (Microsoft Corporation) {7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [SSVHelper Class] -> [2007/03/14 07:43:40 | 000,501,400 | ---- | M] (Sun Microsystems, Inc.) {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll [Norton Toolbar] -> [2009/12/28 12:01:18 | 000,378,736 | R--- | M] (Symantec Corporation) {8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll [Java Plug-in 1.6.0_01] -> [2007/03/14 07:43:41 | 000,132,760 | ---- | M] (Sun Microsystems, Inc.) {92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AA58ED58-01DD-4D91-8333-CF10577473F7} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {BA14329E-9550-4989-B3F2-9732E92D17CC} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {CA6319C0-31B7-401E-A518-A07C3DB8F777} [HKLM] -> C:\Windows\System32\BAE.dll [CBrowserHelperObject Object] -> [2006/02/01 06:54:30 | 000,094,208 | ---- | M] (Gateway Inc.) {CCA281CA-C863-46EF-9331-5C8D4460577F} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> C:\Windows\System32\Macromed\Flash\Flash10c.ocx [Shockwave Flash Object] -> [2009/07/17 23:12:12 | 003,979,680 | R--- | M] (Adobe Systems, Inc.) {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} [HKLM] -> C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll [MessengerChecker Class] -> [2009/05/26 21:06:34 | 000,103,664 | ---- | M] (Yahoo! Inc.) {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.] -> File not found {EF99BD32-C1FB-11D2-892F-0090271D4F88} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [Yahoo! Toolbar] -> [2009/07/30 22:44:14 | 000,909,040 | ---- | M] (Yahoo! Inc.) {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [SingleInstance Class] -> [2009/07/30 22:44:02 | 000,159,472 | ---- | M] (Yahoo! Inc) < File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\ -> .bat [@ = batfile] -> "%1" %* -> .cmd [@ = cmdfile] -> "%1" %* -> .com [@ = comfile] -> "%1" %* -> .exe [@ = exefile] -> "%1" %* -> .hlp [@ = hlpfile] -> C:\Windows\winhlp32.exe -> [2006/11/02 05:45:57 | 000,009,216 | ---- | M] (Microsoft Corporation) .pif [@ = piffile] -> "%1" %* -> .scr [@ = scrfile] -> "%1" /S -> < File Associations - Select to Repair > -> HKEY_CURRENT_USER\SOFTWARE\Classes\\ -> .exe [@ = exefile] -> Reg Error: Key error. -> File not found .html [@ = htmlfile] -> Reg Error: Key error. -> File not found < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> -> *netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs -> FastUserSwitchingCompatibility -> -> File not found Ias -> C:\Windows\System32\ias -> [2008/09/05 03:28:59 | 000,000,000 | ---D | M] Nla -> -> File not found Ntmssvc -> -> File not found NWCWorkstation -> -> File not found Nwsapagent -> -> File not found SRService -> -> File not found Wmi -> C:\Windows\System32\wmi.dll -> [2006/11/02 05:44:15 | 000,005,120 | ---- | M] (Microsoft Corporation) WmdmPmSp -> -> File not found LogonHours -> -> File not found PCAudit -> -> File not found helpsvc -> -> File not found uploadmgr -> -> File not found *MultiFile Done* -> -> < Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ -> text/xml:{807563E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL[Microsoft Office InfoPath XML Mime Filter] -> [2008/10/25 09:27:54 | 000,044,408 | ---- | M] (Microsoft Corporation) < Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ -> grooveLocalGWS:{88FED34C-F0CA-4636-A375-3CB6248B04CD} [HKLM] -> C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll[Local Groove Web Services Protocol] -> [2009/02/12 15:19:38 | 000,178,040 | ---- | M] (Microsoft Corporation) ms-help:{314111c7-a502-11d2-bbca-00c04f8ec294} [HKLM] -> C:\Program Files\Common Files\microsoft shared\Help\hxds.dll[HxProtocol Class] -> [2006/10/26 14:45:02 | 000,873,216 | ---- | M] (Microsoft Corporation) pure-go:{4746C79A-2042-4332-8650-48966E44ABA8} [HKLM] -> C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll[CPureGoProtoInfo Object] -> [2009/04/27 15:19:54 | 000,133,168 | ---- | M] (Cisco Systems, Inc.) symres:{AA1061FE-6C41-421f-9344-69640C9732AB} [HKLM] -> C:\Program Files\Norton 360 Premier Edition\Engine\3.8.0.41\CoIEPlg.dll[Reg Error: Value error.] -> [2009/12/28 12:01:18 | 000,378,736 | R--- | M] (Symantec Corporation) < SafeBoot-Minimal Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/03/08 05:33:39 | 001,029,456 | ---- | M] (Lavasoft) NTDS -> -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group Primary disk -> Driver Group sacsvr -> Service SCSI Class -> Driver Group SymEFA.sys -> C:\Windows\system32\drivers\N360\0308000.029\SYMEFA.SYS -> [2009/12/28 12:01:26 | 000,310,320 | ---- | M] (Symantec Corporation) System Bus Extender -> Driver Group WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) < SafeBoot-Network Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ -> {36FC9E60-C465-11CF-8056-444553540000} -> Universal Serial Bus controllers {4D36E965-E325-11CE-BFC1-08002BE10318} -> CD-ROM Drive {4D36E967-E325-11CE-BFC1-08002BE10318} -> DiskDrive {4D36E969-E325-11CE-BFC1-08002BE10318} -> Standard floppy disk controller {4D36E96A-E325-11CE-BFC1-08002BE10318} -> Hdc {4D36E96B-E325-11CE-BFC1-08002BE10318} -> Keyboard {4D36E96F-E325-11CE-BFC1-08002BE10318} -> Mouse {4D36E972-E325-11CE-BFC1-08002BE10318} -> Net {4D36E973-E325-11CE-BFC1-08002BE10318} -> NetClient {4D36E974-E325-11CE-BFC1-08002BE10318} -> NetService {4D36E975-E325-11CE-BFC1-08002BE10318} -> NetTrans {4D36E977-E325-11CE-BFC1-08002BE10318} -> PCMCIA Adapters {4D36E97B-E325-11CE-BFC1-08002BE10318} -> SCSIAdapter {4D36E97D-E325-11CE-BFC1-08002BE10318} -> System {4D36E980-E325-11CE-BFC1-08002BE10318} -> Floppy disk drive {50DD5230-BA8A-11D1-BF5D-0000F805F530} -> Smart card readers {533C5B84-EC70-11D2-9505-00C04F79DEAF} -> Volume shadow copy {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} -> IEEE 1394 Bus host controllers {71A27CDD-812A-11D0-BEC7-08002BE2092F} -> Volume {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} -> Human Interface Devices {D48179BE-EC20-11D1-B6B8-00C04FA372A7} -> SBP2 IEEE 1394 Devices {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} -> SecurityDevices atashost -> C:\Windows\System32\atashost.exe -> [2009/03/06 13:59:12 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) Base -> Driver Group Boot Bus Extender -> Driver Group Boot file system -> Driver Group File system -> Driver Group Filter -> Driver Group HelpSvc -> Service Lavasoft Ad-Aware Service -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/03/08 05:33:39 | 001,029,456 | ---- | M] (Lavasoft) Messenger -> Service NDIS Wrapper -> Driver Group NetBIOSGroup -> Driver Group NetDDEGroup -> Driver Group Network -> Driver Group NetworkProvider -> Driver Group NTDS -> -> File not found PCI Configuration -> Driver Group PNP Filter -> Driver Group PNP_TDI -> Driver Group Primary disk -> Driver Group rdsessmgr -> Service sacsvr -> Service SCSI Class -> Driver Group Streams Drivers -> Driver Group SymEFA.sys -> C:\Windows\system32\drivers\N360\0308000.029\SYMEFA.SYS -> [2009/12/28 12:01:26 | 000,310,320 | ---- | M] (Symantec Corporation) System Bus Extender -> Driver Group TDI -> Driver Group WinDefend -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/19 03:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) WudfPf -> Driver WudfUsbccidDriver -> Driver < Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center \\"cval" -> [0] -> File not found \\"AntiVirusDisableNotify" -> [0] -> File not found \\"FirewallDisableNotify" -> [0] -> File not found \\"AntiVirusOverride" -> [0] -> File not found \\"UpdatesDisableNotify" -> [0] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring \Monitoring\\"DisableMonitoring" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus \Monitoring\SymantecAntiVirus\\"DisableMonitoring" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall \Monitoring\SymantecFirewall\\"DisableMonitoring" -> [1] -> File not found HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc \Svc\\"AntiVirusOverride" -> [0] -> File not found \Svc\\"AntiSpywareOverride" -> [0] -> File not found \Svc\\"FirewallOverride" -> [0] -> File not found \Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found \Svc\\"VistaSp2" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile \\"DisableNotifications" -> [0] -> File not found \\"EnableFirewall" -> [0] -> File not found HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\ -> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> -> < Session Manager Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager -> *BootExecute* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\BootExecute -> autocheck autochk * -> -> File not found lsdelete -> C:\Windows\System32\lsdelete.exe -> [2009/12/28 05:10:08 | 000,015,688 | ---- | M] () *MultiFile Done* -> -> "ExcludeFromKnownDlls" -> [binary data] -> *ObjectDirectories* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\\ObjectDirectories -> \Windows -> \Windows -> [2010/03/22 19:56:15 | 000,000,000 | ---D | M] \RPC Control -> -> File not found *MultiFile Done* -> -> < Session Manager AppCertDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\AppCertDlls -> < Session Manager Environment Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment -> "ComSpec" -> C:\Windows\System32\cmd.exe -> [2008/01/19 03:33:04 | 000,318,976 | ---- | M] (Microsoft Corporation) "TEMP" -> C:\Windows\temp -> [2010/03/25 18:44:51 | 000,000,000 | ---D | M] "TMP" -> C:\Windows\temp -> [2010/03/25 18:44:51 | 000,000,000 | ---D | M] "windir" -> C:\Windows -> [2010/03/22 19:56:15 | 000,000,000 | ---D | M] *Path* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32 -> C:\Windows\System32 -> [2010/03/21 23:38:22 | 000,000,000 | ---D | M] %SystemRoot% -> C:\Windows -> [2010/03/22 19:56:15 | 000,000,000 | ---D | M] %SystemRoot%\system32\wbem -> C:\Windows\System32\wbem -> [2010/03/04 17:40:36 | 000,000,000 | ---D | M] C:\Program Files\QuickTime\QTSystem -> C:\Program Files\QuickTime\QTSystem -> [2009/11/25 00:43:39 | 000,000,000 | ---D | M] *MultiFile Done* -> -> *PATHEXT* -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment\\PATHEXT -> .COM -> -> File not found .EXE -> -> File not found .BAT -> -> File not found .CMD -> -> File not found .VBS -> -> File not found .VBE -> -> File not found .JS -> -> File not found .JSE -> -> File not found .WSF -> -> File not found .WSH -> -> File not found .MSC -> -> File not found *MultiFile Done* -> -> < Session Manager FileRenameOperations Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\FileRenameOperations -> < Session Manager KnownDlls Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDlls -> "advapi32" -> C:\Windows\System32\advapi32.dll -> [2009/04/11 02:28:17 | 000,800,768 | ---- | M] (Microsoft Corporation) "clbcatq" -> C:\Windows\System32\clbcatq.dll -> [2008/01/19 03:33:52 | 000,523,776 | ---- | M] (Microsoft Corporation) "COMDLG32" -> C:\Windows\System32\comdlg32.dll -> [2009/04/11 02:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) "DllDirectory" -> C:\Windows\System32 -> [2010/03/21 23:38:22 | 000,000,000 | ---D | M] "gdi32" -> C:\Windows\System32\gdi32.dll -> [2009/04/11 02:28:19 | 000,297,472 | ---- | M] (Microsoft Corporation) "IERTUTIL" -> C:\Windows\System32\iertutil.dll -> [2010/01/02 02:32:33 | 001,985,536 | ---- | M] (Microsoft Corporation) "IMAGEHLP" -> C:\Windows\System32\imagehlp.dll -> [2008/01/19 03:34:32 | 000,153,088 | ---- | M] (Microsoft Corporation) "IMM32" -> C:\Windows\System32\imm32.dll -> [2009/04/11 02:28:20 | 000,114,688 | ---- | M] (Microsoft Corporation) "kernel32" -> C:\Windows\System32\kernel32.dll -> [2009/04/11 02:28:20 | 000,891,392 | ---- | M] (Microsoft Corporation) "LPK" -> C:\Windows\System32\lpk.dll -> [2009/06/15 10:52:42 | 000,023,552 | ---- | M] (Microsoft Corporation) "MSCTF" -> C:\Windows\System32\msctf.dll -> [2009/04/11 02:28:20 | 000,807,424 | ---- | M] (Microsoft Corporation) "MSVCRT" -> C:\Windows\System32\msvcrt.dll -> [2009/04/11 02:28:22 | 000,679,936 | ---- | M] (Microsoft Corporation) "NORMALIZ" -> C:\Windows\System32\normaliz.dll -> [2006/11/02 04:33:06 | 000,002,560 | ---- | M] (Microsoft Corporation) "NSI" -> C:\Windows\System32\nsi.dll -> [2008/01/19 03:35:57 | 000,008,192 | ---- | M] (Microsoft Corporation) "ole32" -> C:\Windows\System32\ole32.dll -> [2009/04/11 02:28:23 | 001,316,864 | ---- | M] (Microsoft Corporation) "OLEAUT32" -> C:\Windows\System32\oleaut32.dll -> [2009/04/11 02:28:23 | 000,563,712 | ---- | M] (Microsoft Corporation) "rpcrt4" -> C:\Windows\System32\rpcrt4.dll -> [2009/04/23 08:15:07 | 000,784,896 | ---- | M] (Microsoft Corporation) "Setupapi" -> C:\Windows\System32\setupapi.dll -> [2009/04/11 02:28:24 | 001,591,296 | ---- | M] (Microsoft Corporation) "SHELL32" -> C:\Windows\System32\shell32.dll -> [2009/04/11 02:28:24 | 011,584,000 | ---- | M] (Microsoft Corporation) "SHLWAPI" -> C:\Windows\System32\shlwapi.dll -> [2009/04/11 02:28:24 | 000,353,280 | ---- | M] (Microsoft Corporation) "URLMON" -> C:\Windows\System32\urlmon.dll -> [2010/01/02 02:38:04 | 001,208,832 | ---- | M] (Microsoft Corporation) "user32" -> C:\Windows\System32\user32.dll -> [2009/04/11 02:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) "USP10" -> C:\Windows\System32\usp10.dll -> [2009/04/11 02:28:25 | 000,502,272 | ---- | M] (Microsoft Corporation) "WININET" -> C:\Windows\System32\wininet.dll -> [2010/01/02 02:38:20 | 000,916,480 | ---- | M] (Microsoft Corporation) "WLDAP32" -> C:\Windows\System32\Wldap32.dll -> [2009/04/11 02:28:25 | 000,287,744 | ---- | M] (Microsoft Corporation) "WS2_32" -> C:\Windows\System32\ws2_32.dll -> [2008/01/19 03:37:09 | 000,179,200 | ---- | M] (Microsoft Corporation) < Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command -> batfile [open] -> "%1" %* -> cmdfile [open] -> "%1" %* -> comfile [open] -> "%1" %* -> exefile [open] -> "%1" %* -> hlpfile [open] -> %SystemRoot%\winhlp32.exe %1 -> [2006/11/02 05:45:57 | 000,009,216 | ---- | M] (Microsoft Corporation) htmlfile [edit] -> "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 -> [2008/11/10 10:50:30 | 000,068,472 | ---- | M] (Microsoft Corporation) piffile [open] -> "%1" %* -> scrfile [config] -> "%1" -> scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> [2008/01/19 03:32:56 | 000,368,640 | ---- | M] (Microsoft Corporation) scrfile [open] -> "%1" /S -> Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Directory [cmd] -> cmd.exe /s /k pushd "%V" -> [2008/01/19 03:33:04 | 000,318,976 | ---- | M] (Microsoft Corporation) Directory [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) Directory [OneNote.Open] -> C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" -> [2008/11/24 22:16:44 | 001,020,776 | ---- | M] (Microsoft Corporation) Folder [open] -> %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) Folder [explore] -> %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) Drive [find] -> %SystemRoot%\Explorer.exe -> [2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) < Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ -> NameSpace_Catalog5\Catalog_Entries\000000000005 [mdnsNSP] -> C:\Program Files\Bonjour\mdnsNSP.dll -> [2008/12/12 11:11:44 | 000,147,456 | ---- | M] (Apple Inc.) < Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults -> ldap -> 4 = Restricted sites (Not a Default Protocol) -> news -> 4 = Restricted sites (Not a Default Protocol) -> nntp -> 4 = Restricted sites (Not a Default Protocol) -> oecmd -> 4 = Restricted sites (Not a Default Protocol) -> snews -> 4 = Restricted sites (Not a Default Protocol) -> < Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> {007B37D9-0C45-4202-834B-DD5FAAE99D63} -> ArcSoft Print Creations - Slimline Card {03D1988F-469F-4843-8E6E-E5FE9D17889D} -> WIDCOMM Bluetooth Software 6.0.1.5500 {07287123-B8AC-41CE-8346-3D777245C35B} -> Bonjour {1451DE6B-ABE1-4F62-BE9A-B363A17588A2} -> QuickTime {14D4ED84-6A9A-45A0-96F6-1753768C3CB5} -> ESSPCD {15BC8CD0-A65B-47D0-A2DD-90A824590FA8} -> Microsoft Works {2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F} -> essvatgt {2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77} -> GEAR driver installer for x86 and x64 {2FFE93F0-BB72-4E52-8761-354D1AAA9387} -> Sony Ericsson PC Suite 3.209.00 {3248F0A8-6813-11D6-A77B-00B0D0160010} -> Java(TM) SE Runtime Environment 6 Update 1 {34FF0741-EC67-4C05-AC2A-6D257123DF2E} -> BigFix {3921A67A-5AB1-4E48-9444-C71814CF3027} -> VCRedistSetup {3D3E663D-4E7E-4577-A560-7ECDDD45548A} -> PVSonyDll {3EE33958-7381-4E7B-A4F3-6E43098E9E9C} -> Browser Address Error Redirector {3FA365DF-2D68-45ED-8F83-8C8A33E65143} -> Apple Application Support {40BF1E83-20EB-11D8-97C5-0009C5020658} -> Power2Go 5.0 {42938595-0D83-404D-9F73-F8177FDD531A} -> ESScore {4537EA4B-F603-4181-89FB-2953FC695AB1} -> netbrdg {5316DFC9-CE99-4458-9AB3-E8726EDE0210} -> skin0001 {56589DFE-0C29-4DFE-8E42-887B771ECD23} -> ArcSoft Print Creations - Photo Book {56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml {5BA1D11C-B981-4CAA-B2B5-B8ADF413EBA5} -> Pure Networks Platform {605A4E39-613C-4A12-B56F-DEFBE6757237} -> SHASTA {608D2A3C-6889-4C11-9B54-A42F45ACBFDB} -> fflink {643EAE81-920C-4931-9F0B-4B343B225CA6} -> ESSBrwr {65DA2EC9-0642-47E9-AAE2-B5267AA14D75} -> Activation Assistant for the 2007 Microsoft Office suites {6956856F-B6B3-4BE0-BA0B-8F495BE32033} -> Apple Software Update {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} -> Windows Media Player Firefox Plugin {7299052b-02a4-4627-81f2-1818da5d550d} -> Microsoft Visual C++ 2005 Redistributable {76C24F39-B161-498F-BD8B-C64789812D13}_is1 -> ConvertXtoDVD 3.3.4.106e {770657D0-A123-3C07-8E44-1C83EC895118} -> Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 {789289CA-F73A-4A16-A331-54D498CE069F} -> Ventrilo Client {7F3BCF8A-8E02-4659-AF25-F9AB66BD6718} -> eMachines Recovery Center Installer {7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90} -> WebEx Support Manager for Internet Explorer {8943CE61-53BD-475E-90E1-A580869E98A2} -> staticcr {8A502E38-29C9-49FA-BCFA-D727CA062589} -> ESSTOOLS {8E92D746-CD9F-4B90-9668-42B74C14F765} -> ESSini {90120000-0015-0409-0000-0000000FF1CE} -> Microsoft Office Access MUI (English) 2007 {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0016-0409-0000-0000000FF1CE} -> Microsoft Office Excel MUI (English) 2007 {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0018-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint MUI (English) 2007 {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0019-0409-0000-0000000FF1CE} -> Microsoft Office Publisher MUI (English) 2007 {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001A-0409-0000-0000000FF1CE} -> Microsoft Office Outlook MUI (English) 2007 {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001B-0409-0000-0000000FF1CE} -> Microsoft Office Word MUI (English) 2007 {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-001F-0409-0000-0000000FF1CE} -> Microsoft Office Proof (English) 2007 {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-040C-0000-0000000FF1CE} -> Microsoft Office Proof (French) 2007 {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-001F-0C0A-0000-0000000FF1CE} -> Microsoft Office Proof (Spanish) 2007 {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9} -> Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) {90120000-0020-0409-0000-0000000FF1CE} -> Compatibility Pack for the 2007 Office system {90120000-002C-0409-0000-0000000FF1CE} -> Microsoft Office Proofing (English) 2007 {90120000-0030-0000-0000-0000000FF1CE} -> Microsoft Office Enterprise 2007 {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF} -> Security Update for Microsoft Office system 2007 (972581) {90120000-0044-0409-0000-0000000FF1CE} -> Microsoft Office InfoPath MUI (English) 2007 {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0054-0409-0000-0000000FF1CE} -> Microsoft Office Visio MUI (English) 2007 {90120000-0054-0409-0000-0000000FF1CE}_VISPROR_{519D9F45-CBF4-4E57-B419-11F196CCA8AE} -> Microsoft Office Visio 2007 Service Pack 2 (SP2) {90120000-006E-0409-0000-0000000FF1CE} -> Microsoft Office Shared MUI (English) 2007 {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00A1-0409-0000-0000000FF1CE} -> Microsoft Office OneNote MUI (English) 2007 {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-00BA-0409-0000-0000000FF1CE} -> Microsoft Office Groove MUI (English) 2007 {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0114-0409-0000-0000000FF1CE} -> Microsoft Office Groove Setup Metadata MUI (English) 2007 {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0115-0409-0000-0000000FF1CE} -> Microsoft Office Shared Setup Metadata MUI (English) 2007 {90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} -> Microsoft Office 2007 Service Pack 2 (SP2) {90120000-0117-0409-0000-0000000FF1CE} -> Microsoft Office Access Setup Metadata MUI (English) 2007 {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} -> Microsoft Office 2007 Service Pack 2 (SP2) {91120000-0051-0000-0000-0000000FF1CE} -> Microsoft Office Visio Professional 2007 {91517631-A9F3-4B7C-B482-43E0068FD55A} -> ESSgui {95120000-00AF-0409-0000-0000000FF1CE} -> Microsoft Office PowerPoint Viewer 2007 (English) {9591C049-5CAE-4E89-A8D9-191F1899628B} -> ArcSoft Print Creations - Funhouse {999D43F4-9709-4887-9B1A-83EBB15A8370} -> VPRINTOL {9EB1504E-FD95-4BCD-8E93-B4039F59C469} -> Sony Ericsson Media Manager 1.2 {9EDBB857-8028-49CD-B9C9-0B4D10CD1033} -> Nero 8 {A57C6094-FC5A-4DEC-B1E0-1B2F48EEE8F4} -> Spare Backup {A642BB6B-CA1D-4142-8DD4-318C3F3DC834} -> Rome - Total War {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} -> ImagXpress {AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} -> Apple Mobile Device Support {AC76BA86-7AD7-1033-7B44-A81300000003} -> Adobe Reader 8.1.6 {AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD} -> ESSCDBK {B0D83FCD-9D42-43ED-8315-250326AADA02} -> ArcSoft Print Creations - Scrapbook {B162D0A6-9A1D-4B7C-91A5-88FB48113C45} -> OfotoXMI {B2544A03-10D0-4E5E-BA69-0362FFC20D18} -> OGA Notifier 2.0.0048.0 {B4B44FE7-41FF-4DAD-8C0A-E406DDA72992} -> CCScore {BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61} -> Digital Media Reader {BF5EE349-90CD-4422-A43B-661778180173} -> USB Disk Win98 Driver {CA9ED5E4-1548-485B-A293-417840060158} -> ArcSoft Print Creations - Photo Calendar {CAE8A0F1-B498-4C23-95FA-55047E730C8F} -> ArcSoft Print Creations {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} -> Microsoft .NET Framework 3.5 SP1 {D32470A1-B10C-4059-BA53-CF0486F68EBC} -> Kodak EasyShare software {D642E38E-0D24-486C-9A2D-E316DD696F4B} -> Microsoft XML Parser {DB02F716-6275-42E9-B8D2-83BA2BF5100B} -> SFR {DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF} -> Ad-Aware {DF86A72C-4585-4D75-B592-968C8C6604A1} -> eMachines Connect {E01AE623-07FB-4E38-8CCA-8E10B86BE851} -> Rome - Total War {E6B4117F-AC59-4B13-9274-EB136E8897EE} -> ArcSoft Print Creations - Album Page {E79987F0-0E34-42CC-B8FF-6C860AEEB26A} -> tooltips {e8a80433-302b-4ff1-815d-fcc8eac482ff} -> Nero Installer {F04F9557-81A9-4293-BC49-2C216FA325A7} -> ArcSoft Print Creations - Greeting Card {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} -> Realtek High Definition Audio Driver {f1861f30-3419-44db-b2a1-c274825698b3} -> Nero Disc Copy Gadget {F333A33D-125C-32A2-8DCE-5C5D14231E27} -> Visual C++ 2008 x86 Runtime - (v9.0.30729) {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 -> Visual C++ 2008 x86 Runtime - v9.0.30729.01 {F3CA9611-CD42-4562-ADAB-A554CF8E17F1} -> Microsoft WSE 2.0 SP3 Runtime {F439D7AF-03F3-4F8E-AEC4-571BFE977C61} -> iTunes {F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F} -> SKINXSDK {F9593CFB-D836-49BC-BFF1-0E669A411D9F} -> WIRELESS {FCDB1C92-03C6-4C76-8625-371224256091} -> ESSPDock Academy of Magic -> GameHouse Games Collection: Academy of Magic Activation Assistant for the 2007 Microsoft Office suites -> Activation Assistant for the 2007 Microsoft Office suites Ad-Aware -> Ad-Aware Adobe Flash Player ActiveX -> Adobe Flash Player 10 ActiveX Adobe Flash Player Plugin -> Adobe Flash Player 10 Plugin Adobe Shockwave Player -> Adobe Shockwave Player 11.5 Adventure Inlay -> GameHouse Games Collection: Adventure Inlay Adventure Inlay - Safari Edition -> GameHouse Games Collection: Adventure Inlay - Safari Edition Agere Systems Soft Modem -> Agere Systems PCI-SV92PP Soft Modem Air Strike 3D -> GameHouse Games Collection: Air Strike 3D Alien Sky -> GameHouse Games Collection: Alien Sky Aloha Solitaire -> GameHouse Games Collection: Aloha Solitaire Aloha TriPeaks -> GameHouse Games Collection: Aloha TriPeaks Ancient Tri-Jong -> GameHouse Games Collection: Ancient Tri-Jong Ancient Tripeaks -> GameHouse Games Collection: Ancient Tripeaks Astrobatics -> GameHouse Games Collection: Astrobatics Atlantis -> GameHouse Games Collection: Atlantis Atomaders -> GameHouse Games Collection: Atomaders Bejeweled 2 -> GameHouse Games Collection: Bejeweled 2 Bewitched -> GameHouse Games Collection: Bewitched Big Kahuna Reef -> GameHouse Games Collection: Big Kahuna Reef Boggle Supreme -> GameHouse Games Collection: Boggle Supreme Bounce Out Blitz -> GameHouse Games Collection: Bounce Out Blitz Casino Island To Go -> GameHouse Games Collection: Casino Island To Go Catz -> Catz (remove only) Chainz -> GameHouse Games Collection: Chainz Chainz 2: Relinked -> GameHouse Games Collection: Chainz 2 - Relinked Charm Solitaire -> GameHouse Games Collection: Charm Solitaire Charm Tale -> GameHouse Games Collection: Charm Tale Chicktionary -> GameHouse Games Collection: Chicktionary Chuzzle Deluxe -> GameHouse Games Collection: Chuzzle Deluxe CloneDVD2 -> CloneDVD2 Collapse! Crunch -> GameHouse Games Collection: Collapse! Crunch Combo Chaos! -> GameHouse Games Collection: Combo Chaos! Crystal Path -> GameHouse Games Collection: Crystal Path Cubis Gold 2 -> GameHouse Games Collection: Cubis Gold 2 Digby's Donuts -> GameHouse Games Collection: Digby's Donuts Diner Dash -> GameHouse Games Collection: Diner Dash Diner Dash - Flo on the Go -> Diner Dash - Flo on the Go DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1 -> DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.0.6.0 ENTERPRISE -> Microsoft Office Enterprise 2007 Feeding Frenzy -> GameHouse Games Collection: Feeding Frenzy Fiber Twig -> GameHouse Games Collection: Fiber Twig Five Card Deluxe -> GameHouse Games Collection: Five Card Deluxe Flip Words -> GameHouse Games Collection: Flip Words Flying Leo -> GameHouse Games Collection: Flying Leo Fortune Tiles Gold -> GameHouse Games Collection: Fortune Tiles Gold Fresco Wizard -> GameHouse Games Collection: Fresco Wizard GameHouse Sudoku -> GameHouse Games Collection: GameHouse Sudoku Gearz -> GameHouse Games Collection: Gearz Gutterball -> GameHouse Games Collection: Gutterball Gutterball 2 -> GameHouse Games Collection: Gutterball 2 Hamsterball -> GameHouse Games Collection: Hamsterball Hello! -> GameHouse Games Collection: Hello! Holiday Express -> GameHouse Games Collection: Holiday Express Iggle Pop! -> GameHouse Games Collection: Iggle Pop! Incadia -> GameHouse Games Collection: Incadia Incredible Ink -> GameHouse Games Collection: Incredible Ink Insaniquarium Deluxe -> GameHouse Games Collection: Insaniquarium Deluxe Inspector Parker -> GameHouse Games Collection: Inspector Parker InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61} -> Digital Media Reader Invadazoid -> GameHouse Games Collection: Invadazoid Jewel Quest -> GameHouse Games Collection: Jewel Quest Lemonade Tycoon -> GameHouse Games Collection: Lemonade Tycoon Luxor -> GameHouse Games Collection: Luxor Mad Caps -> GameHouse Games Collection: Mad Caps Magic Ball 2 -> GameHouse Games Collection: Magic Ball 2 Magic Ball 2 - New Worlds -> GameHouse Games Collection: Magic Ball 2 - New Worlds Magic Ball Deluxe -> GameHouse Games Collection: Magic Ball Magic Inlay -> GameHouse Games Collection: Magic Inlay Magic Vines -> GameHouse Games Collection: Magic Vines Mah Jong Adventures -> GameHouse Games Collection: Mah Jong Adventures Mah Jong Medley -> GameHouse Games Collection: Mah Jong Medley Mah Jong Quest -> GameHouse Games Collection: Mah Jong Quest Mahjong Garden To Go -> GameHouse Games Collection: Mahjong Garden To Go Mahjong Towers Eternity -> GameHouse Games Collection: Mahjong Towers Eternity Malwarebytes' Anti-Malware_is1 -> Malwarebytes' Anti-Malware Maui Wowee -> GameHouse Games Collection: Maui Wowee Microsoft .NET Framework 3.5 SP1 -> Microsoft .NET Framework 3.5 SP1 Mozilla Firefox (3.6.2) -> Mozilla Firefox (3.6.2) N360 -> Norton 360 Premier Edition Network MagicUninstall -> Network Magic NVIDIA Drivers -> NVIDIA Drivers Phlinx To Go -> GameHouse Games Collection: Phlinx To Go Pin High Country Club Golf -> GameHouse Games Collection: Pin High Country Club Golf Pizza Frenzy -> GameHouse Games Collection: Pizza Frenzy Platypus -> GameHouse Games Collection: Platypus Poker Superstars -> GameHouse Games Collection: Poker Superstars PowerISO -> PowerISO Puzzle Express -> GameHouse Games Collection: Puzzle Express Puzzle Inlay -> GameHouse Games Collection: Puzzle Inlay Puzzle Solitaire -> GameHouse Games Collection: Puzzle Solitaire QBz -> GameHouse Games Collection: QBz Reader's Digest Super Word Power -> GameHouse Games Collection: Reader's Digest Super Word Power Ricochet -> GameHouse Games Collection: Ricochet Ricochet Lost Worlds -> GameHouse Games Collection: Ricochet Lost Worlds Ricochet Lost Worlds: Recharged -> GameHouse Games Collection: Ricochet Lost Worlds - Recharged Roller Rush -> GameHouse Games Collection: Roller Rush Saints & Sinners Bingo -> GameHouse Games Collection: Saints & Sinners Bingo SCRABBLE -> GameHouse Games Collection: SCRABBLE Shape Shifter -> GameHouse Games Collection: Shape Shifter Slingo Deluxe -> GameHouse Games Collection: Slingo Deluxe Sophos-AntiRootkit -> Sophos Anti-Rootkit 1.5.0 Spelvin -> GameHouse Games Collection: Spelvin Splash -> GameHouse Games Collection: Splash Spring Sprang Sprung -> GameHouse Games Collection: Spring Sprang Sprung Super 5-Line Slots -> GameHouse Games Collection: Super 5-Line Slots Super Blackjack! -> GameHouse Games Collection: Super Blackjack! Super Bounce Out! -> GameHouse Games Collection: Super Bounce Out! Super Candy Cruncher -> GameHouse Games Collection: Super Candy Cruncher Super Collapse! -> GameHouse Games Collection: Super Collapse! Super Collapse! II -> GameHouse Games Collection: Super Collapse! II Super Collapse! II Platinum -> GameHouse Games Collection: Super Collapse! II Platinum Super Fruit Frolic -> GameHouse Games Collection: Super Fruit Frolic Super GameHouse Solitaire Vol. 1 -> GameHouse Games Collection: Super GameHouse Solitaire Vol. 1 Super GameHouse Solitaire Vol. 2 -> GameHouse Games Collection: Super GameHouse Solitaire Vol. 2 Super GameHouse Solitaire Vol. 3 -> GameHouse Games Collection: Super GameHouse Solitaire Vol. 3 Super Gem Drop -> GameHouse Games Collection: Super Gem Drop Super Glinx! -> GameHouse Games Collection: Super Glinx! Super Letter Linker -> GameHouse Games Collection: Super Letter Linker Super Mah Jong Solitaire -> GameHouse Games Collection: Super Mah Jong Solitaire Super Nisqually -> GameHouse Games Collection: Super Nisqually Super PileUp! -> GameHouse Games Collection: Super PileUp! Super Pool -> GameHouse Games Collection: Super Pool Super Pop & Drop! -> GameHouse Games Collection: Super Pop & Drop! Super Rumble Cube -> GameHouse Games Collection: Super Rumble Cube Super SpongeBob Collapse! -> GameHouse Games Collection: Super SpongeBob Collapse! Super TextTwist -> GameHouse Games Collection: Super TextTwist Super WHATword -> GameHouse Games Collection: Super WHATword Super Wild Wild Words -> GameHouse Games Collection: Super Wild Wild Words Tap a Jam -> GameHouse Games Collection: Tap a Jam Ten Pin Championship Bowling Pro -> GameHouse Games Collection: Ten Pin Championship Bowling Pro Tennis Titans -> GameHouse Games Collection: Tennis Titans The Weather Channel Desktop 6 -> The Weather Channel Desktop 6 Tradewinds 2 -> GameHouse Games Collection: Tradewinds 2 Trivia Machine -> GameHouse Games Collection: Trivia Machine Tropical Swaps -> GameHouse Games Collection: Tropical Swaps Tumblebugs -> GameHouse Games Collection: Tumblebugs TuneUpMedia -> TuneUp Companion 1.5.5 Turtle Bay -> GameHouse Games Collection: Turtle Bay Twistingo -> GameHouse Games Collection: Twistingo Ultimate Dominoes -> GameHouse Games Collection: Ultimate Dominoes Varmintz Deluxe -> GameHouse Games Collection: Varmintz Deluxe VISPROR -> Microsoft Office Visio Professional 2007 Trial Walls of Jericho, The -> GameHouse Games Collection: Walls of Jericho, The Wheel of Fortune -> GameHouse Games Collection: Wheel of Fortune WildTangent emachines Master Uninstall -> eMachines Games WinRAR archiver -> WinRAR archiver Word Jolt -> GameHouse Games Collection: Word Jolt Word Slinger -> GameHouse Games Collection: Word Slinger WordJong To Go -> GameHouse Games Collection: WordJong To Go Xvid_is1 -> Xvid 1.1.3 final uninstall Yahoo! Companion -> Yahoo! Toolbar Yahoo! Messenger -> Yahoo! Messenger Yahoo! Software Update -> Yahoo! Software Update Zuma Deluxe -> GameHouse Games Collection: Zuma Deluxe < Uninstall List [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ -> < EventViewer Logs - Last 10 Errors > -> Event Information -> Description Application [ Error ] 3/25/2010 1:25:02 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 1024 -> Description = Application [ Error ] 3/25/2010 1:25:31 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 11606 -> Description = Application [ Error ] 3/25/2010 1:25:31 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 11606 -> Description = Application [ Error ] 3/25/2010 1:25:31 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 1024 -> Description = Application [ Error ] 3/25/2010 1:26:05 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 11606 -> Description = Application [ Error ] 3/25/2010 1:26:05 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 11606 -> Description = Application [ Error ] 3/25/2010 1:26:05 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 1024 -> Description = Application [ Error ] 3/25/2010 1:27:18 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 11606 -> Description = Application [ Error ] 3/25/2010 1:27:18 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 11606 -> Description = Application [ Error ] 3/25/2010 1:27:18 PM Computer Name = Quinn-PC | Source = MsiInstaller | ID = 1024 -> Description = Media Center [ Error ] 6/22/2009 7:36:53 PM Computer Name = Quinn-PC | Source = MCUpdate | ID = 0 -> Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Media Center [ Error ] 11/5/2009 6:53:25 AM Computer Name = Quinn-PC | Source = MCUpdate | ID = 0 -> Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. OSession [ Error ] 8/30/2009 1:53:35 AM Computer Name = Quinn-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 84 seconds with 60 seconds of active time. This session ended with a crash. OSession [ Error ] 8/30/2009 2:02:01 AM Computer Name = Quinn-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 483 seconds with 120 seconds of active time. This session ended with a crash. OSession [ Error ] 1/25/2010 7:29:02 PM Computer Name = Quinn-PC | Source = Microsoft Office 12 Sessions | ID = 7001 -> Description = ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7492 seconds with 1860 seconds of active time. This session ended with a crash. System [ Error ] 3/25/2010 1:02:58 PM Computer Name = Quinn-PC | Source = Service Control Manager | ID = 7000 -> Description = System [ Error ] 3/25/2010 1:08:11 PM Computer Name = Quinn-PC | Source = Service Control Manager | ID = 7022 -> Description = System [ Error ] 3/25/2010 1:09:21 PM Computer Name = Quinn-PC | Source = Service Control Manager | ID = 7023 -> Description = System [ Error ] 3/25/2010 1:21:45 PM Computer Name = Quinn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 3/25/2010 1:22:42 PM Computer Name = Quinn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 3/25/2010 1:24:14 PM Computer Name = Quinn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 3/25/2010 1:25:07 PM Computer Name = Quinn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 3/25/2010 1:25:37 PM Computer Name = Quinn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 3/25/2010 1:26:15 PM Computer Name = Quinn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = System [ Error ] 3/25/2010 1:29:23 PM Computer Name = Quinn-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 -> Description = [Files/Folders - Created Within 30 Days] Adobe Reader 9 Installer -> C:\Users\Public\Desktop\Adobe Reader 9 Installer -> [2010/03/22 20:52:25 | 000,000,000 | ---D | C] NOS -> C:\ProgramData\NOS -> [2010/03/22 20:10:07 | 000,000,000 | ---D | C] 32788R22FWJFW -> C:\32788R22FWJFW -> [2010/03/22 19:54:22 | 000,000,000 | ---D | C] 32788R22FWJFW -> \32788R22FWJFW -> [2010/03/22 19:54:22 | 000,000,000 | ---D | C] Sun -> C:\Windows\Sun -> [2010/03/16 16:10:06 | 000,000,000 | ---D | C] Conduit -> C:\Program Files\Conduit -> [2010/03/14 05:32:12 | 000,000,000 | ---D | C] mbamswissarmy.sys -> C:\Windows\System32\drivers\mbamswissarmy.sys -> [2010/03/13 15:03:49 | 000,038,224 | ---- | C] (Malwarebytes Corporation) mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2010/03/13 15:03:45 | 000,019,160 | ---- | C] (Malwarebytes Corporation) mbam-setup.exe -> C:\Users\Michaelene\Desktop\mbam-setup.exe -> [2010/03/13 15:02:53 | 005,115,824 | ---- | C] (Malwarebytes Corporation ) temp -> C:\Users\Michaelene\AppData\Local\temp -> [2010/03/12 19:48:15 | 000,000,000 | ---D | C] $RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2010/03/12 19:26:58 | 000,000,000 | ---D | C] $RECYCLE.BIN -> \$RECYCLE.BIN -> [2010/03/12 19:26:58 | 000,000,000 | ---D | C] nshhttp.dll -> C:\Windows\System32\nshhttp.dll -> [2010/03/11 14:37:07 | 000,024,064 | ---- | C] (Microsoft Corporation) httpapi.dll -> C:\Windows\System32\httpapi.dll -> [2010/03/11 14:37:02 | 000,030,720 | ---- | C] (Microsoft Corporation) gmer -> C:\Users\Michaelene\Desktop\gmer -> [2010/03/09 14:30:15 | 000,000,000 | ---D | C] Win 32.Trojan.Keylogger Removal Tool[1] -> C:\Program Files\Win 32.Trojan.Keylogger Removal Tool[1] -> [2010/03/07 13:46:40 | 000,000,000 | ---D | C] ntkrnlpa.exe -> C:\Windows\System32\ntkrnlpa.exe -> [2010/03/04 18:33:24 | 003,600,456 | ---- | C] (Microsoft Corporation) ntoskrnl.exe -> C:\Windows\System32\ntoskrnl.exe -> [2010/03/04 18:33:19 | 003,548,216 | ---- | C] (Microsoft Corporation) Norton Support -> C:\Program Files\Norton Support -> [2010/03/03 09:48:42 | 000,000,000 | R--D | C] lowsec -> C:\Users\Michaelene\AppData\Roaming\lowsec -> [2010/02/27 05:13:36 | 000,000,000 | -HSD | C] jscript.dll -> C:\Windows\System32\jscript.dll -> [2010/02/24 16:06:04 | 000,726,528 | ---- | C] (Microsoft Corporation) tzres.dll -> C:\Windows\System32\tzres.dll -> [2010/02/24 16:05:37 | 000,002,048 | ---- | C] (Microsoft Corporation) secproc_isv.dll -> C:\Windows\System32\secproc_isv.dll -> [2010/02/24 16:03:24 | 000,471,552 | ---- | C] (Microsoft Corporation) secproc.dll -> C:\Windows\System32\secproc.dll -> [2010/02/24 16:03:24 | 000,471,552 | ---- | C] (Microsoft Corporation) RMActivate_isv.exe -> C:\Windows\System32\RMActivate_isv.exe -> [2010/02/24 16:03:22 | 000,526,336 | ---- | C] (Microsoft Corporation) RMActivate.exe -> C:\Windows\System32\RMActivate.exe -> [2010/02/24 16:03:21 | 000,518,144 | ---- | C] (Microsoft Corporation) RMActivate_ssp.exe -> C:\Windows\System32\RMActivate_ssp.exe -> [2010/02/24 16:03:21 | 000,347,136 | ---- | C] (Microsoft Corporation) RMActivate_ssp_isv.exe -> C:\Windows\System32\RMActivate_ssp_isv.exe -> [2010/02/24 16:03:21 | 000,346,624 | ---- | C] (Microsoft Corporation) secproc_ssp_isv.dll -> C:\Windows\System32\secproc_ssp_isv.dll -> [2010/02/24 16:03:21 | 000,152,576 | ---- | C] (Microsoft Corporation) secproc_ssp.dll -> C:\Windows\System32\secproc_ssp.dll -> [2010/02/24 16:03:21 | 000,152,064 | ---- | C] (Microsoft Corporation) msdrm.dll -> C:\Windows\System32\msdrm.dll -> [2010/02/24 16:03:20 | 000,332,288 | ---- | C] (Microsoft Corporation) gameux.dll -> C:\Windows\System32\gameux.dll -> [2010/02/24 16:03:12 | 001,696,256 | ---- | C] (Microsoft Corporation) Apphlpdm.dll -> C:\Windows\System32\Apphlpdm.dll -> [2010/02/24 16:03:10 | 000,028,672 | ---- | C] (Microsoft Corporation) GameUXLegacyGDFs.dll -> C:\Windows\System32\GameUXLegacyGDFs.dll -> [2010/02/24 16:03:09 | 004,240,384 | ---- | C] (Microsoft) found.000 -> C:\found.000 -> [2010/02/24 15:41:53 | 000,000,000 | ---D | C] found.000 -> \found.000 -> [2010/02/24 15:41:53 | 000,000,000 | ---D | C] [Files/Folders - Modified Within 30 Days] 7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2010/03/25 19:01:56 | 000,003,168 | -H-- | M] () 7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2010/03/25 19:01:56 | 000,003,168 | -H-- | M] () ntuser.dat -> C:\Users\Michaelene\ntuser.dat -> [2010/03/25 18:55:07 | 006,815,744 | -HS- | M] () nvModes.dat -> C:\ProgramData\nvModes.dat -> [2010/03/25 13:03:42 | 000,035,370 | ---- | M] () nvModes.001 -> C:\ProgramData\nvModes.001 -> [2010/03/25 13:03:41 | 000,035,370 | ---- | M] () SA.DAT -> C:\Windows\tasks\SA.DAT -> [2010/03/25 13:01:58 | 000,000,006 | -H-- | M] () bootstat.dat -> C:\Windows\bootstat.dat -> [2010/03/25 13:01:37 | 000,067,584 | --S- | M] () hiberfil.sys -> C:\hiberfil.sys -> [2010/03/25 13:00:43 | 939,057,152 | -HS- | M] () bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2010/03/25 01:48:42 | 000,000,012 | ---- | M] () NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Michaelene\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms -> [2010/03/25 01:48:03 | 000,524,288 | -HS- | M] () NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> C:\Users\Michaelene\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf -> [2010/03/25 01:48:03 | 000,065,536 | -HS- | M] () IconCache.db -> C:\Users\Michaelene\AppData\Local\IconCache.db -> [2010/03/25 01:46:23 | 004,189,414 | -H-- | M] () FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2010/03/22 20:04:20 | 000,385,200 | ---- | M] () .zreglib -> C:\ProgramData\.zreglib -> [2010/03/22 13:17:04 | 000,000,083 | -HS- | M] () Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2010/03/22 04:19:13 | 000,000,472 | ---- | M] () PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2010/03/21 23:38:22 | 000,694,964 | ---- | M] () perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2010/03/21 23:38:22 | 000,598,350 | ---- | M] () perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2010/03/21 23:38:22 | 000,101,988 | ---- | M] () Welcome Center.lnk -> C:\Users\Michaelene\Desktop\Welcome Center.lnk -> [2010/03/14 15:43:51 | 000,001,737 | ---- | M] () DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Michaelene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2010/03/14 15:06:04 | 000,220,160 | ---- | M] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/03/13 15:03:53 | 000,000,818 | ---- | M] () mbam-setup.exe -> C:\Users\Michaelene\Desktop\mbam-setup.exe -> [2010/03/13 15:03:05 | 005,115,824 | ---- | M] (Malwarebytes Corporation ) system.ini -> C:\Windows\system.ini -> [2010/03/12 19:27:20 | 000,000,215 | ---- | M] () hosts -> C:\Windows\System32\drivers\etc\hosts -> [2010/03/12 19:26:44 | 000,000,027 | ---- | M] () MEMORY.DMP -> C:\Windows\MEMORY.DMP -> [2010/03/09 19:07:36 | 211,332,315 | ---- | M] () gmer.zip -> C:\Users\Michaelene\Desktop\gmer.zip -> [2010/03/09 14:29:55 | 000,284,915 | ---- | M] () Nd4uB3I0oF -> C:\Users\Michaelene\AppData\Local\Nd4uB3I0oF -> [2010/03/08 14:50:47 | 000,009,720 | -HS- | M] () vso_ts_preview.xml -> C:\Users\Michaelene\AppData\Roaming\vso_ts_preview.xml -> [2010/03/08 04:55:52 | 000,000,671 | ---- | M] () 04lB -> C:\Users\Michaelene\AppData\Local\04lB -> [2010/03/04 14:56:58 | 000,000,982 | -HS- | M] () d3KSy4nSLAL -> C:\Users\Michaelene\AppData\Local\d3KSy4nSLAL -> [2010/03/03 20:41:54 | 000,010,046 | -HS- | M] () OFxpHxrn768uh -> C:\Users\Michaelene\AppData\Local\OFxpHxrn768uh -> [2010/03/03 09:25:56 | 000,010,632 | -HS- | M] () GDIPFONTCACHEV1.DAT -> C:\Users\Michaelene\AppData\Local\GDIPFONTCACHEV1.DAT -> [2010/02/25 09:58:59 | 000,102,424 | ---- | M] () MpSigStub.exe -> C:\Windows\System32\MpSigStub.exe -> [2010/02/24 10:16:06 | 000,181,632 | ---- | M] (Microsoft Corporation) [Files - No Company Name] IconCache.db -> C:\Users\Michaelene\AppData\Local\IconCache.db -> [2010/03/25 01:46:15 | 004,189,414 | -H-- | C] () hiberfil.sys -> C:\hiberfil.sys -> [2010/03/23 08:54:02 | 939,057,152 | -HS- | C] () hiberfil.sys -> -> [2010/03/23 08:54:02 | 939,057,152 | -HS- | C] () Welcome Center.lnk -> C:\Users\Michaelene\Desktop\Welcome Center.lnk -> [2010/03/14 15:43:51 | 000,001,737 | ---- | C] () Malwarebytes' Anti-Malware.lnk -> C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk -> [2010/03/13 15:03:53 | 000,000,818 | ---- | C] () gmer.zip -> C:\Users\Michaelene\Desktop\gmer.zip -> [2010/03/09 14:29:50 | 000,284,915 | ---- | C] () rkill.log -> \rkill.log -> [2010/03/09 13:57:01 | 000,000,435 | ---- | C] () Nd4uB3I0oF -> C:\Users\Michaelene\AppData\Local\Nd4uB3I0oF -> [2010/03/07 07:16:27 | 000,009,720 | -HS- | C] () 04lB -> C:\Users\Michaelene\AppData\Local\04lB -> [2010/03/04 14:56:58 | 000,000,982 | -HS- | C] () d3KSy4nSLAL -> C:\Users\Michaelene\AppData\Local\d3KSy4nSLAL -> [2010/03/03 19:28:28 | 000,010,046 | -HS- | C] () OFxpHxrn768uh -> C:\Users\Michaelene\AppData\Local\OFxpHxrn768uh -> [2010/03/02 21:24:03 | 000,010,632 | -HS- | C] () ODBC.INI -> C:\Windows\ODBC.INI -> [2010/02/11 18:33:30 | 000,000,162 | ---- | C] () NeroDigital.ini -> C:\Windows\NeroDigital.ini -> [2009/12/28 12:13:50 | 000,000,069 | ---- | C] () wininit.ini -> C:\Windows\wininit.ini -> [2009/12/28 04:16:49 | 000,000,251 | ---- | C] () MRT.INI -> C:\Windows\System32\MRT.INI -> [2009/11/12 04:15:42 | 000,000,118 | ---- | C] () EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/09/11 02:10:41 | 000,117,248 | ---- | C] () hpzids01.dll -> C:\Windows\System32\hpzids01.dll -> [2009/08/29 20:49:33 | 000,077,824 | ---- | C] () OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () Irremote.ini -> C:\Windows\Irremote.ini -> [2009/07/27 01:58:20 | 000,000,039 | ---- | C] () xvidcore.dll -> C:\Windows\System32\xvidcore.dll -> [2009/04/07 18:40:43 | 000,765,952 | ---- | C] () xvidvfw.dll -> C:\Windows\System32\xvidvfw.dll -> [2009/04/07 18:40:35 | 000,180,224 | ---- | C] () btwhidcs.dll -> C:\Windows\System32\btwhidcs.dll -> [2007/09/05 12:52:04 | 000,389,120 | ---- | C] () ReaderString.ini -> C:\Windows\ReaderString.ini -> [2006/11/22 18:16:18 | 000,003,612 | ---- | C] () sunkist.ini -> C:\Windows\sunkist.ini -> [2006/11/21 14:50:06 | 000,000,037 | ---- | C] () GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 08:37:35 | 000,037,665 | ---- | C] () GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 08:37:35 | 000,029,779 | ---- | C] () GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 08:37:35 | 000,026,489 | ---- | C] () GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 08:37:35 | 000,026,040 | ---- | C] () sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 08:35:32 | 000,005,632 | ---- | C] () pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 03:40:29 | 000,013,750 | ---- | C] () lcppn21.dll -> C:\Windows\System32\lcppn21.dll -> [2001/11/14 13:56:00 | 001,802,240 | ---- | C] () [File - Lop Check] LimeWire -> C:\Users\Michaelene\AppData\Roaming\LimeWire -> [2009/03/26 15:33:53 | 000,000,000 | ---D | M] lowsec -> C:\Users\Michaelene\AppData\Roaming\lowsec -> [2010/03/08 11:36:05 | 000,000,000 | -HSD | M] PlayFirst -> C:\Users\Michaelene\AppData\Roaming\PlayFirst -> [2008/11/12 18:13:21 | 000,000,000 | ---D | M] SampleView -> C:\Users\Michaelene\AppData\Roaming\SampleView -> [2008/04/06 10:49:52 | 000,000,000 | ---D | M] Skinux -> C:\Users\Michaelene\AppData\Roaming\Skinux -> [2009/09/12 01:15:30 | 000,000,000 | ---D | M] Spare Backup -> C:\Users\Michaelene\AppData\Roaming\Spare Backup -> [2009/10/17 02:03:30 | 000,000,000 | ---D | M] The Creative Assembly -> C:\Users\Michaelene\AppData\Roaming\The Creative Assembly -> [2009/09/22 19:23:21 | 000,000,000 | ---D | M] Tific -> C:\Users\Michaelene\AppData\Roaming\Tific -> [2009/12/23 20:42:11 | 000,000,000 | ---D | M] TuneUpMedia -> C:\Users\Michaelene\AppData\Roaming\TuneUpMedia -> [2010/03/25 17:42:03 | 000,000,000 | ---D | M] Vso -> C:\Users\Michaelene\AppData\Roaming\Vso -> [2010/03/08 04:55:49 | 000,000,000 | ---D | M] WildTangent -> C:\Users\Michaelene\AppData\Roaming\WildTangent -> [2009/04/05 19:50:28 | 000,000,000 | ---D | M] Ad-Aware Update (Weekly).job -> C:\Windows\Tasks\Ad-Aware Update (Weekly).job -> [2010/03/22 04:19:13 | 000,000,472 | ---- | M] () SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2010/03/25 01:48:50 | 000,032,596 | ---- | M] () [File - Purity Scan] [Custom Scans] < %SYSTEMDRIVE%\*.exe > < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > Adobe -> C:\Users\Michaelene\AppData\Roaming\Adobe -> [2010/03/22 20:33:09 | 000,000,000 | ---D | M] Apple Computer -> C:\Users\Michaelene\AppData\Roaming\Apple Computer -> [2009/09/10 00:46:37 | 000,000,000 | ---D | M] Arcsoft -> C:\Users\Michaelene\AppData\Roaming\Arcsoft -> [2009/09/13 01:04:27 | 000,000,000 | ---D | M] Google -> C:\Users\Michaelene\AppData\Roaming\Google -> [2009/04/03 01:33:03 | 000,000,000 | ---D | M] Identities -> C:\Users\Michaelene\AppData\Roaming\Identities -> [2008/04/06 08:40:07 | 000,000,000 | ---D | M] KodakCredentialStore -> C:\Users\Michaelene\AppData\Roaming\KodakCredentialStore -> [2009/09/12 01:18:54 | 000,000,000 | ---D | M] LimeWire -> C:\Users\Michaelene\AppData\Roaming\LimeWire -> [2009/03/26 15:33:53 | 000,000,000 | ---D | M] lowsec -> C:\Users\Michaelene\AppData\Roaming\lowsec -> [2010/03/08 11:36:05 | 000,000,000 | -HSD | M] Macromedia -> C:\Users\Michaelene\AppData\Roaming\Macromedia -> [2009/04/07 21:12:26 | 000,000,000 | ---D | M] Malwarebytes -> C:\Users\Michaelene\AppData\Roaming\Malwarebytes -> [2009/12/28 02:11:56 | 000,000,000 | ---D | M] Media Center Programs -> C:\Users\Michaelene\AppData\Roaming\Media Center Programs -> [2006/11/02 08:37:34 | 000,000,000 | ---D | M] Microsoft -> C:\Users\Michaelene\AppData\Roaming\Microsoft -> [2010/02/11 21:39:29 | 000,000,000 | --SD | M] Mozilla -> C:\Users\Michaelene\AppData\Roaming\Mozilla -> [2009/09/08 12:37:20 | 000,000,000 | ---D | M] MySpace -> C:\Users\Michaelene\AppData\Roaming\MySpace -> [2008/06/20 07:08:15 | 000,000,000 | ---D | M] Nero -> C:\Users\Michaelene\AppData\Roaming\Nero -> [2009/07/30 04:12:35 | 000,000,000 | ---D | M] PlayFirst -> C:\Users\Michaelene\AppData\Roaming\PlayFirst -> [2008/11/12 18:13:21 | 000,000,000 | ---D | M] SampleView -> C:\Users\Michaelene\AppData\Roaming\SampleView -> [2008/04/06 10:49:52 | 000,000,000 | ---D | M] Skinux -> C:\Users\Michaelene\AppData\Roaming\Skinux -> [2009/09/12 01:15:30 | 000,000,000 | ---D | M] Spare Backup -> C:\Users\Michaelene\AppData\Roaming\Spare Backup -> [2009/10/17 02:03:30 | 000,000,000 | ---D | M] Symantec -> C:\Users\Michaelene\AppData\Roaming\Symantec -> [2008/04/06 08:40:46 | 000,000,000 | ---D | M] Talkback -> C:\Users\Michaelene\AppData\Roaming\Talkback -> [2008/04/06 08:42:32 | 000,000,000 | ---D | M] The Creative Assembly -> C:\Users\Michaelene\AppData\Roaming\The Creative Assembly -> [2009/09/22 19:23:21 | 000,000,000 | ---D | M] Tific -> C:\Users\Michaelene\AppData\Roaming\Tific -> [2009/12/23 20:42:11 | 000,000,000 | ---D | M] TuneUpMedia -> C:\Users\Michaelene\AppData\Roaming\TuneUpMedia -> [2010/03/25 17:42:03 | 000,000,000 | ---D | M] Vso -> C:\Users\Michaelene\AppData\Roaming\Vso -> [2010/03/08 04:55:49 | 000,000,000 | ---D | M] WildTangent -> C:\Users\Michaelene\AppData\Roaming\WildTangent -> [2009/04/05 19:50:28 | 000,000,000 | ---D | M] WinRAR -> C:\Users\Michaelene\AppData\Roaming\WinRAR -> [2009/04/03 01:50:32 | 000,000,000 | ---D | M] Yahoo! -> C:\Users\Michaelene\AppData\Roaming\Yahoo! -> [2009/08/18 13:56:04 | 000,000,000 | ---D | M] < %APPDATA%\*.exe /s > < %systemroot%\*. /mp /s > < MD5 Scans Start> < %systemdrive%\AGP440.SYS /md5 /s > AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys -> [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys -> [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys -> [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=13F9E33747E6B41A3FF305C37DB0D360 -> C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys -> [2008/01/19 03:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\ERDNT\cache\AGP440.sys -> [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\System32\drivers\AGP440.sys -> [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) AGP440.sys : MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -> C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys -> [2006/11/02 05:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) < %systemdrive%\ATAPI.SYS /md5 /s > atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\ERDNT\cache\atapi.sys -> [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\drivers\atapi.sys -> [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys -> [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=1F05B78AB91C9075565A9D8A4B880BC4 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys -> [2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys -> [2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=2D9C903DC76A66813D350A562DE40ED9 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys -> [2008/01/19 03:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys -> [2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=B35CFCEF838382AB6490B321C87EDF17 -> C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys -> [2008/04/05 22:16:56 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=B35CFCEF838382AB6490B321C87EDF17 -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys -> [2008/04/05 22:16:56 | 000,021,560 | ---- | M] (Microsoft Corporation) atapi.sys : MD5=E03E8C99D15D0381E02743C36AFC7C6F -> C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys -> [2008/04/05 22:16:54 | 000,021,560 | ---- | M] (Microsoft Corporation) < %systemdrive%\CNGAUDIT.DLL /md5 /s > cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\ERDNT\cache\cngaudit.dll -> [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\System32\cngaudit.dll -> [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) cngaudit.dll : MD5=7F15B4953378C8B5161D65C26D5FED4D -> C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll -> [2006/11/02 05:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) < %systemdrive%\IASTORV.SYS /md5 /s > iaStorV.sys : MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -> C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys -> [2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -> C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys -> [2008/01/19 03:42:51 | 000,235,064 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=C957BF4B5D80B46C5017BF0101E6C906 -> C:\Windows\System32\drivers\iaStorV.sys -> [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) iaStorV.sys : MD5=C957BF4B5D80B46C5017BF0101E6C906 -> C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys -> [2006/11/02 05:51:25 | 000,232,040 | ---- | M] (Intel Corporation) < %systemdrive%\NETLOGON.DLL /md5 /s > netlogon.dll : MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll -> [2006/11/02 05:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\ERDNT\cache\netlogon.dll -> [2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\System32\netlogon.dll -> [2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=95DAECF0FB120A7B5DA679CC54E37DDE -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll -> [2009/04/11 02:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) netlogon.dll : MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -> C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll -> [2008/01/19 03:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) < %systemdrive%\NVSTOR.SYS /md5 /s > nvstor.sys : MD5=9E0BA19A28C498A6D323D065DB76DFFC -> C:\Windows\System32\drivers\nvstor.sys -> [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=9E0BA19A28C498A6D323D065DB76DFFC -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys -> [2006/11/02 05:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys -> [2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) nvstor.sys : MD5=ABED0C09758D1D97DB0042DBB2688177 -> C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys -> [2008/01/19 03:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) < %systemdrive%\NVSTOR32.SYS /md5 /s > nvstor32.sys : MD5=A1CE1A6FD74C046F029448FCFA5E386D -> C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_efe24208\nvstor32.sys -> [2007/07/02 20:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) nvstor32.sys : MD5=A1CE1A6FD74C046F029448FCFA5E386D -> C:\Windows\System32\DRVSTORE\nvstor32_9DEEA08DA0CC2F5DE659D6A5B88D40D5EF3A3CF9\nvstor32.sys -> [2007/07/02 20:37:08 | 000,110,112 | ---- | M] (NVIDIA Corporation) nvstor32.sys : MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -> C:\Windows\System32\drivers\nvstor32.sys -> [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) nvstor32.sys : MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -> C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_99d8b088\nvstor32.sys -> [2007/08/09 18:12:30 | 000,110,624 | ---- | M] (NVIDIA Corporation) < %systemdrive%\SCECLI.DLL /md5 /s > scecli.dll : MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll -> [2008/01/19 03:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=80E2839D05CA5970A86D7BE2A08BFF61 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll -> [2006/11/02 05:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\ERDNT\cache\scecli.dll -> [2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\System32\scecli.dll -> [2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) scecli.dll : MD5=8FC182167381E9915651267044105EE1 -> C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll -> [2009/04/11 02:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) < MD5 Scans End> OTS cannot create restorepoints on Vista OSs! < %systemroot%\system32\*.dll /lockedfiles > rsaenh.dll : Unable to obtain MD5 -> C:\Windows\System32\rsaenh.dll -> [2009/04/11 02:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) SLC.dll : Unable to obtain MD5 -> C:\Windows\System32\SLC.dll -> [2009/04/11 02:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\System32\config\*.sav > COMPONENTS.SAV -> C:\Windows\System32\config\COMPONENTS.SAV -> [2006/11/02 06:34:05 | 000,008,192 | ---- | M] () DEFAULT.SAV -> C:\Windows\System32\config\DEFAULT.SAV -> [2006/11/02 06:34:05 | 000,020,480 | ---- | M] () SECURITY.SAV -> C:\Windows\System32\config\SECURITY.SAV -> [2006/11/02 06:34:05 | 000,008,192 | ---- | M] () SOFTWARE.SAV -> C:\Windows\System32\config\SOFTWARE.SAV -> [2006/11/02 06:34:08 | 010,133,504 | ---- | M] () SYSTEM.SAV -> C:\Windows\System32\config\SYSTEM.SAV -> [2006/11/02 06:34:08 | 001,826,816 | ---- | M] () [Alternate Data Streams] @Alternate Data Stream - 24 bytes -> \Windows:EE7ED0A9B1D0B41C @Alternate Data Stream - 24 bytes -> C:\Windows:EE7ED0A9B1D0B41C < End of report > [/code]