OTL logfile created on: 4/15/2012 8:19:01 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Kenyon\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 56.53% Memory free
5.96 Gb Paging File | 4.79 Gb Available in Paging File | 80.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.97 Gb Total Space | 249.93 Gb Free Space | 54.69% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 1.01 Gb Free Space | 11.48% Space Free | Partition Type: NTFS
Computer Name: KENYON-PC | User Name: Kenyon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/04/15 08:18:16 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kenyon\Desktop\OTL.exe
PRC - [2012/03/18 20:45:10 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2012/02/22 20:26:22 | 000,332,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SoftwareDistribution\Download\Install\CheckSURPackage.EXE
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/02/18 11:47:12 | 000,079,192 | ---- | M] (Research In Motion Limited) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011/01/21 08:28:58 | 000,810,456 | ---- | M] (Microsoft Corporation) -- c:\6fbe4d11186e6d83f6eeae555f57a2f6\checksur.exe
PRC - [2011/01/21 08:28:58 | 000,045,112 | ---- | M] () -- c:\6fbe4d11186e6d83f6eeae555f57a2f6\checksurlauncher.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/01/15 12:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/02/15 03:59:00 | 000,118,784 | ---- | M] (OsdMaestro) -- C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
PRC - [2006/09/28 06:42:24 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
========== Modules (No Company Name) ========== MOD - [2012/04/13 20:18:04 | 008,797,344 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_233.dll
MOD - [2012/03/18 20:45:10 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
========== Win32 Services (SafeList) ========== SRV - File not found [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - File not found [On_Demand | Stopped] -- c:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- (stllssvr)
SRV - [2012/04/13 20:18:04 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2009/06/17 09:50:00 | 003,173,804 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2007/03/19 18:19:14 | 000,263,168 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Kenyon\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2009/10/30 20:01:10 | 009,803,464 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/03/19 21:50:50 | 000,391,168 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw18bda.sys -- (hcw18bda)
DRV - [2008/11/26 13:51:02 | 000,333,824 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr61.sys -- (rt61x86)
DRV - [2007/10/26 11:51:24 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2007/08/07 07:26:14 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/08/02 10:51:24 | 000,267,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2007/08/02 10:50:14 | 000,986,112 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2007/05/04 02:29:10 | 001,065,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2005/12/12 10:27:00 | 000,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PS2.sys -- (Ps2)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://g.msn.com/1me10enus/2IE - HKLM\..\SearchScopes,DefaultScope = {E9424BBE-A4BF-4F15-82E1-99846F6BE5B8}
IE - HKLM\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392IE - HKLM\..\SearchScopes\{E9424BBE-A4BF-4F15-82E1-99846F6BE5B8}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&FORM=MSNIE7&src={referrer:source?} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS} IE - HKU\S-1-5-20\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS} IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.ask.com/?l=dis&o=14196IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore =
http://www.startnow.com/?src=startpage&provider=Bing&provider_code=Z065&partner_id=287&product_id=463&affiliate_id=&channel=9007&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=F987290047E94D9EBE6E0AC55735DE9F&machine_id=0f9bcf65e9e902126987d21c5db609a9&browser=IE&os=win&os_version=6.0-x86-SP2IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes,DefaultScope = {401175C3-B056-4C9A-AD86-A3C90A68E412}
IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{000D70B9-8183-4D22-A2DC-82EAA296E257}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&entrypoint={referrer:source?}&FORM=HVDUS7IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{401175C3-B056-4C9A-AD86-A3C90A68E412}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&FORM=MSNIE7&src={referrer:source?}IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{69753E39-CD5C-4399-A1E9-02BD1F00AE65}: "URL" =
http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=hp-pvdtIE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{7ABD5EFD-88A6-E9CE-80AE-DBCA8C52F41C}: "URL" =
http://www.bing.com/search?q={searchTerms}&pc=Z134&form=ZGAIDF&install_date=20111227&iesrc={referrer:source}IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{81D978E5-5180-46E6-9F18-0DFBB356197A}: "URL" =
http://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=en_US&apn_ptnrs=FM&apn_dtid=TES002YYUS&apn_uid=07e40e7c-2436-43ae-b105-9aa8722dfb47&apn_sauid=60E832BA-0319-4D30-92C4-2E17229997D0IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?&o=101881&l=dis&q={SEARCHTERMS}IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" =
http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{E9F0DE28-111D-4F99-AB14-35958DE13DB7}: "URL" =
http://www.ask.com/web?q={searchterms}&l=dis&o=ushpdIE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\SearchScopes\{EA4B13CA-FDBF-E716-8E65-65F1231BD0D7}: "URL" =
http://www.startnow.com/s/?q={searchTerms}&src=defsearch&provider=Bing&provider_code=Z065&partner_id=287&product_id=463&affiliate_id=&channel=9007&toolbar_id=200&toolbar_version=2.0&install_country=US&install_date=20110605&user_guid=F987290047E94D9EBE6E0AC55735DE9F&machine_id=0f9bcf65e9e902126987d21c5db609a9&browser=IE&os=win&os_version=6.0-x86-SP2IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.facebook.com/"FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: unplug@compunach:2.047
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91
FF - prefs.js..keyword.URL: "
http://www.bing.com/search?pc=Z134&form=ZGAADF&install_date=20111227&q=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll File not found
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A5DCA3F5-ED5A-4ed3-9671-DBB0C68FA469}: C:\Program Files\WebEnhancements\WebEnhancements.xpi
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/11/20 19:36:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/03/18 20:45:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/06 22:15:56 | 000,000,000 | ---D | M]
[2008/07/19 00:41:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenyon\AppData\Roaming\Mozilla\Extensions
[2012/02/14 14:21:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenyon\AppData\Roaming\Mozilla\Firefox\Profiles\l2w5owuh.default\extensions
[2010/05/27 20:57:32 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Users\Kenyon\AppData\Roaming\Mozilla\Firefox\Profiles\l2w5owuh.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010/05/27 20:57:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kenyon\AppData\Roaming\Mozilla\Firefox\Profiles\l2w5owuh.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2012/03/18 20:45:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\KENYON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L2W5OWUH.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
() (No name found) -- C:\USERS\KENYON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\L2W5OWUH.DEFAULT\EXTENSIONS\UNPLUG@COMPUNACH.XPI
[2012/03/18 20:45:10 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2009/03/31 22:47:26 | 000,324,976 | ---- | M] (Symantec Corporation) -- C:\Program Files\mozilla firefox\components\coFFPlgn.dll
[2012/02/21 16:04:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/12/16 18:20:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/05/06 17:59:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
[2011/12/16 18:20:10 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kenyon\AppData\Local\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kenyon\AppData\Local\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kenyon\AppData\Local\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kenyon\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Kenyon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: YouTube = C:\Users\Kenyon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\
CHR - Extension: Google Search = C:\Users\Kenyon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Kenyon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Gmail = C:\Users\Kenyon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\
O1 HOSTS File: ([2011/12/14 18:33:14 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000..\Run: [AdobeBridge] File not found
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O7 - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{742D42B3-D25A-4FE3-91A2-E7EB7D1053CA}: DhcpNameServer = 192.168.2.1 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Kenyon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Kenyon\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/05/15 13:45:18 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKU\S-1-5-21-2186024811-1155382660-3182695008-1000..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/04/15 08:18:14 | 000,593,920 | ---- | C] (OldTimer Tools) -- C:\Users\Kenyon\Desktop\OTL.exe
[2012/04/15 08:11:22 | 000,000,000 | ---D | C] -- C:\6fbe4d11186e6d83f6eeae555f57a2f6
[2012/04/15 08:10:56 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2012/04/12 19:26:00 | 000,000,000 | ---D | C] -- C:\Users\Kenyon\Desktop\rundds
[2012/04/11 18:07:28 | 000,000,000 | ---D | C] -- C:\24e62c99bd6f6475e21538ea5e
[2012/04/10 17:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2012/04/10 17:42:08 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab
[2012/04/05 17:39:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIM
[2012/04/05 17:39:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Software Update Utility
[2012/03/31 09:19:24 | 000,000,000 | ---D | C] -- C:\Users\Kenyon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 5
[2012/03/30 21:04:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/03/30 21:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/03/30 21:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ========== [2012/04/15 08:18:16 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Kenyon\Desktop\OTL.exe
[2012/04/15 08:18:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/15 08:13:07 | 000,595,446 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/04/15 08:13:07 | 000,101,144 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/04/15 08:06:58 | 000,003,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 08:06:58 | 000,003,568 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/15 08:06:57 | 000,064,670 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/04/15 08:06:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/15 08:06:46 | 3085,426,688 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/14 18:13:51 | 000,000,049 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2012/04/14 18:13:22 | 000,029,696 | ---- | M] () -- C:\Users\Kenyon\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/04/14 14:41:41 | 000,000,104 | ---- | M] () -- C:\Users\Kenyon\Desktop\Recycle Bin.lnk
[2012/04/14 08:59:54 | 269,526,227 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/04/12 19:31:13 | 000,294,216 | ---- | M] () -- C:\Users\Kenyon\Desktop\gmer.zip
[2012/04/05 17:39:24 | 000,001,125 | ---- | M] () -- C:\IPH.PH
[2012/04/05 17:39:20 | 000,001,733 | ---- | M] () -- C:\Users\Kenyon\Application Data\Microsoft\Internet Explorer\Quick Launch\AIM.lnk
[2012/04/05 17:39:20 | 000,001,709 | ---- | M] () -- C:\Users\Public\Desktop\AIM.lnk
[2012/04/04 10:01:00 | 000,017,408 | ---- | M] () -- C:\Users\Kenyon\AppData\Local\WebpageIcons.db
[2012/03/31 09:19:24 | 000,001,054 | ---- | M] () -- C:\Users\Kenyon\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.4.lnk
[2012/03/31 09:19:24 | 000,001,030 | ---- | M] () -- C:\Users\Kenyon\Desktop\FrostWire 5.3.4.lnk
[2012/03/30 21:04:57 | 000,001,666 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/26 19:33:06 | 000,004,755 | ---- | M] () -- C:\Users\Kenyon\Desktop\taxletters.rtf
[2012/03/26 19:33:06 | 000,001,926 | ---- | M] () -- C:\Users\Kenyon\AppData\Roaming\wklnhst.dat
[2012/03/26 19:32:35 | 000,017,920 | ---- | M] () -- C:\Users\Kenyon\Desktop\taxletters.wps
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ========== [2012/04/14 14:41:41 | 000,000,104 | ---- | C] () -- C:\Users\Kenyon\Desktop\Recycle Bin.lnk
[2012/04/12 19:31:13 | 000,294,216 | ---- | C] () -- C:\Users\Kenyon\Desktop\gmer.zip
[2012/04/05 17:39:20 | 000,001,709 | ---- | C] () -- C:\Users\Public\Desktop\AIM.lnk
[2012/04/04 10:00:55 | 000,017,408 | ---- | C] () -- C:\Users\Kenyon\AppData\Local\WebpageIcons.db
[2012/03/31 09:19:24 | 000,001,054 | ---- | C] () -- C:\Users\Kenyon\Application Data\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.3.4.lnk
[2012/03/31 09:19:24 | 000,001,030 | ---- | C] () -- C:\Users\Kenyon\Desktop\FrostWire 5.3.4.lnk
[2012/03/31 08:41:12 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/03/30 21:04:57 | 000,001,666 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/03/26 19:33:06 | 000,004,755 | ---- | C] () -- C:\Users\Kenyon\Desktop\taxletters.rtf
[2012/03/26 19:32:35 | 000,017,920 | ---- | C] () -- C:\Users\Kenyon\Desktop\taxletters.wps
[2011/12/14 18:18:20 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/14 18:18:20 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/14 18:18:20 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/14 18:18:20 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/14 18:18:20 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/13 16:39:33 | 000,000,304 | ---- | C] () -- C:\ProgramData\~8ZnK6uKFqw6xq4
[2011/12/13 16:39:33 | 000,000,216 | ---- | C] () -- C:\ProgramData\~8ZnK6uKFqw6xq4r
[2011/12/13 16:39:30 | 000,000,448 | ---- | C] () -- C:\ProgramData\8ZnK6uKFqw6xq4
[2011/06/16 08:06:48 | 000,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/05/03 10:46:21 | 000,010,808 | -HS- | C] () -- C:\Users\Kenyon\AppData\Local\dqawcrw81r622p3863b2
[2011/05/03 10:46:21 | 000,010,808 | -HS- | C] () -- C:\ProgramData\dqawcrw81r622p3863b2
[2011/02/15 19:19:38 | 000,064,670 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2011/02/15 19:19:38 | 000,064,670 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/12/23 22:58:22 | 000,000,680 | ---- | C] () -- C:\Users\Kenyon\AppData\Local\d3d9caps.dat
[2010/12/09 18:49:39 | 000,008,067 | ---- | C] () -- C:\Users\Kenyon\AppData\Roaming\UserTile.png
========== LOP Check ========== [2010/05/19 22:32:55 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\acccore
[2011/11/22 15:25:30 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\Aim
[2011/12/13 19:44:21 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\AVG
[2011/12/13 17:07:09 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\AVG2012
[2010/11/23 13:08:50 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\Blackberry Desktop
[2011/12/27 17:07:26 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/10/05 18:01:42 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2007/07/13 17:43:37 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\CopyTrans
[2012/01/14 16:51:58 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\GoPro
[2008/03/12 01:14:50 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\LimeWire
[2012/01/18 23:04:53 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\MAGIX
[2011/12/27 13:45:04 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\MPEG Streamclip
[2007/07/22 22:25:14 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\muvee Technologies
[2010/12/09 18:49:39 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\PeerNetworking
[2010/10/12 10:27:09 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\Research In Motion
[2011/12/27 16:56:13 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2007/07/13 15:37:53 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\Snapfish
[2012/04/14 21:20:15 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\Spotify
[2007/08/31 19:31:17 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\Template
[2011/07/21 19:15:10 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\uTorrent
[2007/07/13 18:55:51 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\WildTangent
[2007/07/14 21:03:49 | 000,000,000 | ---D | M] -- C:\Users\Kenyon\AppData\Roaming\WinBatch
[2012/04/14 22:19:00 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* >[2007/05/15 13:45:18 | 000,000,074 | ---- | M] () -- C:\autoexec.bat
[2009/04/10 23:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2007/05/15 13:56:44 | 000,008,192 | R-S- | M] () -- C:\BOOTSECT.BAK
[2011/12/14 18:40:19 | 000,058,641 | ---- | M] () -- C:\ComboFix.txt
[2006/09/18 14:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1028.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1031.txt
[2007/11/07 08:00:40 | 000,010,134 | ---- | M] () -- C:\eula.1033.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1036.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1040.txt
[2007/11/07 08:00:40 | 000,000,118 | ---- | M] () -- C:\eula.1041.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.1042.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.2052.txt
[2007/11/07 08:00:40 | 000,017,734 | ---- | M] () -- C:\eula.3082.txt
[2009/10/11 11:21:11 | 000,000,064 | ---- | M] () -- C:\FINIS_IT.TXT
[2007/11/07 08:00:40 | 000,001,110 | ---- | M] () -- C:\globdata.ini
[2012/04/15 08:06:46 | 3085,426,688 | -HS- | M] () -- C:\hiberfil.sys
[2007/11/07 08:00:40 | 000,000,843 | ---- | M] () -- C:\install.ini
[2007/11/07 08:03:18 | 000,076,304 | ---- | M] (Microsoft Corporation) -- C:\install.res.1028.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.1031.dll
[2007/11/07 08:03:18 | 000,091,152 | ---- | M] (Microsoft Corporation) -- C:\install.res.1033.dll
[2007/11/07 08:03:18 | 000,097,296 | ---- | M] (Microsoft Corporation) -- C:\install.res.1036.dll
[2007/11/07 08:03:18 | 000,095,248 | ---- | M] (Microsoft Corporation) -- C:\install.res.1040.dll
[2007/11/07 08:03:18 | 000,081,424 | ---- | M] (Microsoft Corporation) -- C:\install.res.1041.dll
[2007/11/07 08:03:18 | 000,079,888 | ---- | M] (Microsoft Corporation) -- C:\install.res.1042.dll
[2007/11/07 08:03:18 | 000,075,792 | ---- | M] (Microsoft Corporation) -- C:\install.res.2052.dll
[2007/11/07 08:03:18 | 000,096,272 | ---- | M] (Microsoft Corporation) -- C:\install.res.3082.dll
[2007/07/14 22:16:05 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012/04/05 17:39:24 | 000,001,125 | ---- | M] () -- C:\IPH.PH
[2007/07/14 22:16:05 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2007/07/14 21:03:37 | 000,000,689 | ---- | M] () -- C:\os110921.bin
[2012/04/15 08:06:45 | 3399,233,536 | -HS- | M] () -- C:\pagefile.sys
[2008/03/07 12:54:11 | 000,000,477 | ---- | M] () -- C:\RHDSetup.log
[2007/11/07 08:00:40 | 000,005,686 | ---- | M] () -- C:\vcredist.bmp
[2007/11/07 08:09:22 | 001,442,522 | ---- | M] () -- C:\VC_RED.cab
[2007/11/07 08:12:28 | 000,232,960 | ---- | M] () -- C:\VC_RED.MSI
< %systemroot%\system32\Spool\prtprocs\w32x86\*.dll >[2008/01/19 00:34:28 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006/11/02 05:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
< %systemroot%\*. /mp /s > < %systemroot%\system32\*.sys /90 >[2012/02/02 08:16:25 | 002,044,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32k.sys
[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\system32\*.dll /lockedfiles >[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\system32\drivers\*.sys /lockedfiles > < %systemroot%\system32\*.exe /lockedfiles >[1 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< %systemroot%\System32\config\*.sav >[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2006/11/02 03:34:05 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2006/11/02 03:34:05 | 000,008,192 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 03:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 03:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %PROGRAMFILES%\* >[2008/07/01 15:47:03 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
< %USERPROFILE%\..|smtmp;true;true;true /FP > < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < hklm\software\clients\startmenuinternet|command /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/03/18 20:45:09 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/03/18 20:45:09 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/03/18 20:45:09 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/03/18 20:45:10 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/03/18 20:45:10 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/03/18 20:45:10 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2012/02/28 01:12:16 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2012/02/28 01:12:16 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2012/02/28 01:12:16 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/02/28 04:33:51 | 000,638,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/02/28 04:33:51 | 000,638,240 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/03/18 20:45:09 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/03/18 20:45:09 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/03/18 20:45:09 | 000,834,712 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2012/03/18 20:45:10 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2012/03/18 20:45:10 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2012/03/18 20:45:10 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2012/02/28 01:12:16 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2012/02/28 01:12:16 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2012/02/28 01:12:16 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/02/28 04:33:51 | 000,638,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/02/28 04:33:51 | 000,638,240 | ---- | M] (Microsoft Corporation)
========== Alternate Data Streams ========== @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:054203E4
@Alternate Data Stream - 111 bytes -> C:\ProgramData\TEMP:1CD23587
< End of report >
===================================================================================================================
OTL Extras logfile created on: 4/15/2012 8:19:01 AM - Run 1
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Kenyon\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19222)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.62 Gb Available Physical Memory | 56.53% Memory free
5.96 Gb Paging File | 4.79 Gb Available in Paging File | 80.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 456.97 Gb Total Space | 249.93 Gb Free Space | 54.69% Space Free | Partition Type: NTFS
Drive D: | 8.79 Gb Total Space | 1.01 Gb Free Space | 11.48% Space Free | Partition Type: NTFS
Computer Name: KENYON-PC | User Name: Kenyon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- Reg Error: Value error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{085020D4-93F2-43F7-BBBE-1B9B03537B83}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0985E15C-3AA1-4C39-A037-9F76C1336191}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1136C0ED-F497-4FB9-AD59-4195FA007F1A}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{1C016A29-CDA5-4D8C-84F8-2A16DF87FC35}" = lport=10244 | protocol=6 | dir=in | app=system |
"{1E4EDB3E-320C-4E5F-993E-EEC6F39EA0CA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1E84B331-EDDC-4B30-B6D4-91781360D0E8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31402B06-9975-467D-AA2A-C2C84F36E6F1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A3CF5F8-D9AA-4FB6-8610-9ECD05B3EFEB}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{41A7C090-D6F9-47A7-8523-D1C1D5479B07}" = lport=10243 | protocol=6 | dir=in | name=xbox2 |
"{48B030C4-1EE9-487A-9999-ACBB6D0422AB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5C0BB422-34C4-4F9A-9F40-A10CF8B0B5FA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5CEB1674-3BEF-48D1-8017-F15C4CB728FC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D8870F0-18C1-435C-892B-3B90B498E374}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{60A462D2-C317-4573-AD8C-FDBF6E83FBEC}" = rport=10244 | protocol=6 | dir=out | app=system |
"{6F2D32FF-BBBE-48B3-B54F-EE1C4BA85602}" = lport=3390 | protocol=6 | dir=in | app=system |
"{74D27D08-99EF-499F-96E2-6791E9A29D68}" = lport=10243 | protocol=6 | dir=in | app=system |
"{75A96D74-6261-4E05-B896-D15CAA244D24}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{76ADEFEE-6C12-4F48-AD0A-AB845238367C}" = lport=1900 | protocol=17 | dir=in | name=xbox3 |
"{7721A8B0-DC4A-458E-AD65-E981D51C6B1B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{78A21D24-B99C-498B-BF15-F46E25D6A0DB}" = lport=10244 | protocol=6 | dir=in | app=system |
"{8418F98F-1AB4-4A88-9C45-277B57B9A878}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{8545CB1C-C3CF-44DE-BCED-EB06916CDC83}" = rport=10244 | protocol=6 | dir=out | app=system |
"{891AEE6B-7212-4F93-BFB7-F03B04910115}" = lport=2869 | protocol=6 | dir=in | app=system |
"{95CC2EDA-E43D-4F0B-A2BF-7B21D080C3D1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9661096F-AFA2-480B-B042-D9266161A5BA}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9FF620BD-A3EB-403B-B777-10B23BBDD8BA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A4F6649E-2BF6-496E-8C8A-E9E202836BA8}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer |
"{A54D1BB5-3522-4387-A662-0560B3B93478}" = lport=10283 | protocol=17 | dir=in | name=xbox5 |
"{A5F3A006-6847-4C85-8320-100863C75731}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A75435F8-108D-4C73-8270-402B1BF95FAA}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{AD37BEED-E68C-4343-AA09-4FB9C70A1E7F}" = lport=2869 | protocol=6 | dir=in | name=xbox |
"{B2B2633E-278E-4EF9-9690-A34F8DDAB12E}" = lport=3390 | protocol=6 | dir=in | app=system |
"{B4E22CD6-F7FE-4BD6-A6ED-CBEAF0CEC370}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BC7E8EB4-C2EF-4282-BF04-E30B3C459D41}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{C3B4C564-4755-4E17-AC4E-2B59838A7FC9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C42BD427-4D50-4BF4-A44D-1C5C3893D809}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{C9AC974D-B436-4B6B-AC1A-0C5273E3195F}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{CE9FB31E-EDDC-4584-A8C2-68D22EA8E61F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{D7BF7F90-0C67-4674-930E-084183A5C31B}" = lport=10284 | protocol=17 | dir=in | name=xbox4 |
"{D83CA59A-18D2-4977-96D6-CAD98C17F96F}" = lport=10282 | protocol=17 | dir=in | name=xbox6 |
"{E01199F5-0DD6-4547-B80B-B36E52C5DC76}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF9EBDCF-E591-4727-B296-1EDC5F6811A7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC63CF7D-85BD-4505-9A2A-1B064768C31F}" = lport=10280 | protocol=17 | dir=in | name=xbox7 |
"{FC79E24E-3C46-4A97-A1A1-3466041F53AB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FFF67992-117F-4AE7-A56F-05C15FEC2CA5}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery |
"{FFF81F6C-9DDF-4DC2-B8D2-561B774E8A7E}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F48960-A866-4C18-A4BF-2E7621F4677F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{00FE61E8-B89A-425E-BCF1-59FDFD225D21}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{06AAAD2B-C361-4469-81DA-9C6D0F4A7F3C}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{136E9C83-D7E3-4520-BD72-5E8CE0464ADC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{19490B04-8EBF-4975-A2CE-9DA95FFAE12A}" = protocol=6 | dir=in | app=c:\program files\aim7\aim.exe |
"{1B38ABD5-B41F-453D-BF6E-7BEE33312091}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1D4E79C9-0CFC-41DF-9770-05DFCFCD73C1}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{1E4BC960-D2A1-4F8C-A490-E6EF70E86E75}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1F6B7A72-7F95-4F35-9F20-A33F30528175}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{2EFC95E4-1A25-4E1A-987C-F355D1FF144C}" = protocol=6 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{316CDF02-37D4-484F-9816-77FC732D7AAE}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{376542E2-3A5F-4634-8112-7F106B78E62E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{45A6BEF3-FAFD-4C34-874F-212EC46127E6}" = protocol=6 | dir=in | app=c:\program files\aim7\aim.exe |
"{503D5961-5933-47E2-A4FD-F1C925BA3302}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{5212B1DA-4029-4717-B774-29022A0A42BD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{60DB4FF3-FD61-4D3A-A091-DCE1F1CF2217}" = protocol=17 | dir=in | app=c:\program files\frostwire 5\frostwire.exe |
"{61BD0CC1-FAE5-4F67-A2B1-E28563BE53CD}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{628E8AC0-D75A-4D7B-B81F-73828A7BB74F}" = protocol=6 | dir=out | app=system |
"{668EBFE3-A32B-4D0B-B3DF-AAF44F4638F6}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{696D4443-F1A9-44AB-AD72-36A355F236E9}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{6BBE8E25-8190-4FE4-9640-E1DFAC29B355}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{6EE50E3A-E86F-4362-9B87-C8ACDEB3EE92}" = protocol=17 | dir=in | app=c:\program files\aim7\aim.exe |
"{701BCC8B-767C-4BDC-AF6B-F96CA96BE027}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{7A533344-EF12-44D4-9E0F-6BD9595C68D5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{86742AB6-2D4A-4BAC-874F-D9BB66AC3F1E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{92310237-F689-4010-BC7F-5F484DE3F8D6}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe |
"{93E874DB-1FB6-4829-A7CE-035B7D8375E6}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{998DE2C9-0BE4-4413-B15B-BCDC08CF542E}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{99D444A1-A079-45F4-84FA-1D6117C2D537}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{9B835647-020D-4A4B-89A4-A194B311D374}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{9D3CB383-F61B-46A9-91F6-B0C52EFA5493}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A2E5E07E-2DB2-436D-85CE-5BBD83287C00}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{A99E2A3A-D5E3-4505-A56D-27A8613F0458}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{ACF8E908-0573-4CE1-A89C-BE13BAAB7B1C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{B8E25B66-D1E1-439F-B09F-A64F47FCF0A7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BB0ECA42-CEEC-4B0A-85A2-E8412E891A03}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{BB861780-B9F8-434F-A20C-0990577EC72A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BBA22202-8B07-4C25-9F97-CF24F0B52CF4}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{BBAA1493-C3BF-4616-8CDD-E1962A8F6145}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BBC4C056-291B-4994-9047-1BD7F6F5FAF6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C23E93FD-22AF-4374-BC3A-EC29B0FACA62}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{C4808C22-BD2B-4153-BD44-48005406C224}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{CDC92AF3-C9CF-48A4-AB7E-59A6FB38CAAF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CF4552E2-35FC-4CCB-9179-73BBB6A0145D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{DEB40CFB-29BA-4F65-81ED-0F2A3B467FCD}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{E57388E0-C359-4C40-B555-E8727BFFF2AD}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{E7EE9AD0-F3B7-4A96-BC74-9C24E1B49EA4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EEC0013E-0CF9-4511-BAAE-58991BD858FF}" = protocol=17 | dir=in | app=c:\program files\aim7\aim.exe |
"{F08F614C-FD3A-4C5F-A18C-16463A7AFD4D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{F890A81A-1AA6-400B-85FF-475916D96AC7}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{FD197517-57AA-4720-9AC2-5BBD5CE5D115}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{FDC2DE47-9032-4FBE-A0C5-4313049E7F22}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"TCP Query User{7E3713FC-F28D-4444-9433-51DE45089537}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{AD9A7BCB-5EB5-4D51-BDDE-24CB1F5AD71E}C:\users\kenyon\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\kenyon\appdata\roaming\spotify\spotify.exe |
"TCP Query User{F6D746A7-281B-4D44-8AF3-4B69BFC0AF97}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{3B91C9EF-2F08-4424-9465-9C3460DD6C40}C:\users\kenyon\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\kenyon\appdata\roaming\spotify\spotify.exe |
"UDP Query User{CA988CA4-0D78-4696-BE01-8C65B2A16551}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{FF75B7B5-AAA6-4D26-82CF-43720410F1ED}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java™ 6 Update 3
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java™ 6 Update 5
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DDC3BED-CC68-44AA-B435-D727B620CA5B}" = Linksys Wireless-G PCI Adapter Driver - WMP54Gv4.1
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{612F4E20-3661-4D44-AD79-823F1B613FB3}" = HP Update
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{75157F34-02C6-4831-BD66-3BC49E7A8394}" = BlackBerry Desktop Software 6.1
"{75E71ADD-042C-4F30-BFAC-A9EC42351313}" = Python 2.4.3
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CEA85DE-955B-4BF4-87F2-0BAA62821633}" = HP Photosmart Essential2.5
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9811A185-3D3D-11D6-9E14-00036D172B00}" = Adobe MPEG Encoder
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop 7.0" = Adobe Photoshop 7.0
"Adobe Photoshop 7.0.1" = Adobe Photoshop 7.0.1
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_7" = AIM 7
"Ares" = Ares 2.0.9
"ASIO4ALL" = ASIO4ALL
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.1
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"CopyTrans Suite" = CopyTrans Suite (remove only)
"DivX Setup" = DivX Setup
"FrostWire 5" = FrostWire 5.3.4
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)
"myxoftdssdj_is1" = DSS DJ 5.5
"Nero - Burning Rom!UninstallKey" = Ahead Nero Burning ROM
"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)
"NVIDIA Drivers" = NVIDIA Drivers
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"Rhapsody" = Rhapsody
"RNCompiler 6.0" = Advanced RealMedia Export Plug-in for Premiere 6.0
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hpdesktop Master Uninstall" = My HP Games
"WinRAR archiver" = WinRAR archiver
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2186024811-1155382660-3182695008-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
========== Last 10 Event Log Errors ========== [ Application Events ]
Error - 4/14/2012 5:02:48 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:02:48 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:02:49 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:03:48 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:03:48 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:03:53 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:03:53 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:04:01 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/14/2012 5:04:01 PM | Computer Name = Kenyon-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 4/15/2012 11:10:35 AM | Computer Name = Kenyon-PC | Source = Microsoft-Windows-CAPI2 | ID = 131585
Description =
[ Media Center Events ]
Error - 8/2/2008 4:59:12 AM | Computer Name = Kenyon-PC | Source = ehReplay | ID = 701
Description =
Error - 8/2/2008 4:59:12 AM | Computer Name = Kenyon-PC | Source = ehReplay | ID = 700
Description =
Error - 8/12/2008 9:50:10 PM | Computer Name = Kenyon-PC | Source = McrMgr | ID = 109
Description =
Error - 8/20/2008 3:15:59 PM | Computer Name = Kenyon-PC | Source = McrMgr | ID = 109
Description =
Error - 11/25/2008 4:55:49 AM | Computer Name = Kenyon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 1/16/2009 4:41:43 AM | Computer Name = Kenyon-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 7/16/2009 12:37:12 AM | Computer Name = Kenyon-PC | Source = McrMgr | ID = 109
Description =
Error - 9/17/2011 10:33:27 PM | Computer Name = Kenyon-PC | Source = Mcx2Svc | ID = 301
Description =
Error - 9/17/2011 10:33:46 PM | Computer Name = Kenyon-PC | Source = Mcx2Svc | ID = 301
Description =
Error - 9/17/2011 11:27:40 PM | Computer Name = Kenyon-PC | Source = Mcx2Svc | ID = 301
Description =
[ System Events ]
Error - 4/11/2012 9:23:08 PM | Computer Name = Kenyon-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:17:55 PM on 4/11/2012 was unexpected.
Error - 4/12/2012 10:30:57 AM | Computer Name = Kenyon-PC | Source = DCOM | ID = 10005
Description =
Error - 4/12/2012 10:30:57 AM | Computer Name = Kenyon-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 4/12/2012 10:30:57 AM | Computer Name = Kenyon-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 4/12/2012 10:30:57 AM | Computer Name = Kenyon-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 4/12/2012 10:30:57 AM | Computer Name = Kenyon-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 4/12/2012 9:15:23 PM | Computer Name = Kenyon-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 7:45:32 AM on 4/12/2012 was unexpected.
Error - 4/12/2012 10:02:21 PM | Computer Name = Kenyon-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 6:22:02 PM on 4/12/2012 was unexpected.
Error - 4/13/2012 8:58:26 PM | Computer Name = Kenyon-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 5:33:35 PM on 4/13/2012 was unexpected.
Error - 4/14/2012 12:00:01 PM | Computer Name = Kenyon-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 8:57:55 AM on 4/14/2012 was unexpected.
< End of report >
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
This topic is locked
Attach.txt 8.58K
2 downloads
Back to top
