Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I cannot open an MS Office 2007 programs


  • This topic is locked This topic is locked
13 replies to this topic

#1 frogger09

frogger09

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 15 February 2010 - 05:09 PM

I cannot open any MS Office 2007 programs. When the icon is clicked, the program opens as if its the first time, showing the load bar for the program, and once it opens it gives me the error message: Microsoft Office "" has not been installed for the current user. Please run setup to install this application.
When I run the setup again, the same error returns.
I cannot uninstall the program using the uninstall program with Windows Vista.
I have attempted to manually uninstall Office a couple of times, saving backup files of the registry. When I reinstall, it still gives the same error.
I am the administrator and the only user on the computer.
Any suggestions or ideas to what's going wrong or where I am going wrong?
I am including my logfile from HiJackThis. I was suggested this website as a last resort. Hope someone can find something.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:41:32 PM, on 2/15/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\AVG\AVG8\avgtray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Users\Mitch\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Users\Mitch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mitch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Mitch\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: StumbleUpon Launcher - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: StumbleUpon Toolbar - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~2\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Mitch\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Filip] C:\Program Files (x86)\Pc Optimizer 360\Pc Optimizer 360 setup\Pc Optimizer 360.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: StumbleUpon PhotoBlog It! - res://StumbleUponIEBar.dll/blogimage
O9 - Extra button: (no name) - {2670000A-7350-4f3c-8081-5663EE0C6C49} - (no file)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://textron.webex.com/client/T26L10NSP4...ex/ieatgpc1.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~2\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files (x86)\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Microsoft Office Groove Audit Service - Unknown owner - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
O23 - Service: StumbleUponUpdateService - stumbleupon.com - C:\Program Files (x86)\StumbleUpon\StumbleUponUpdateService.exe
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14406 bytes


Thank you in advance.

BC AdBot (Login to Remove)

 


#2 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 PM

Posted 19 February 2010 - 11:43 AM

Hello ,
And welcome.gif to the Bleeping Computer Malware Removal Forum
. My name is Elise and I'll be glad to help you with your computer problems.


I will be working on your malware issues, this may or may not solve other issues you may have with your machine.

Please note that whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the button at the top bar of this topic and Track this Topic, where you can choose email notifications. The topics you are tracking are shown here.
-----------------------------------------------------------
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

If you have already posted a log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the button.
  • Two reports will open, copy and paste them in a reply here:
    • OTListIt.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.


  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

-------------------------------------------------------------
Please be patient and I'd be grateful if you would note the following
  • The cleaning process is not instant. Logs can take some time to research, so please be patient with me. I know that you need your computer working as quickly as possible, and I will work hard to help see that happen.
  • Please reply using the Add/Reply button in the lower right hand corner of your screen. Do not start a new topic.
  • The logs that you post should be pasted directly into the reply. Only attach them if requested or if they do not fit into the post.
  • Unfortunately, if I do not hear back from you within 5 days, I will be forced to close your topic. If you still need help after I have closed your topic, send me or a moderator a personal message with the address of the thread or feel free to create a new one.

In the meantime please, do NOT install any new programs or update anything unless told to do so while we are fixing your problem

If you still need help, please include the following in your next reply
  • A detailed description of your problems
  • A new OTL log (don't forget extra.txt)
  • GMER log

Thanks and again sorry for the delay.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#3 frogger09

frogger09
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 20 February 2010 - 05:26 PM

OTL logfile created on: 2/20/2010 4:15:02 PM - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Users\Mitch\Documents\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 40.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.42 Gb Total Space | 150.31 Gb Free Space | 52.85% Space Free | Partition Type: NTFS
Drive D: | 13.67 Gb Total Space | 2.10 Gb Free Space | 15.34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MITCH-PC
Current User Name: Mitch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/02/20 16:14:27 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Mitch\Documents\Downloads\OTL.exe
PRC - [2010/02/05 12:36:00 | 000,527,344 | ---- | M] (Google Inc.) -- C:\Users\Mitch\AppData\Local\Google\Chrome\Application\chrome.exe
PRC - [2010/02/05 10:26:58 | 000,083,440 | ---- | M] (Google) -- C:\Users\Mitch\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
PRC - [2010/01/11 15:21:52 | 000,246,504 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
PRC - [2009/12/10 14:30:41 | 002,043,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgtray.exe
PRC - [2009/12/01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
PRC - [2009/12/01 13:37:46 | 000,842,816 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
PRC - [2009/11/12 16:33:10 | 000,141,600 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
PRC - [2009/11/02 13:19:04 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Users\Mitch\AppData\Local\Google\Update\1.2.183.13\GoogleCrashHandler.exe
PRC - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/09/25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/07/30 02:03:12 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgcsrvx.exe
PRC - [2009/07/30 02:02:12 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe
PRC - [2009/07/30 02:01:41 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe
PRC - [2009/07/30 02:01:32 | 000,832,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG8\avgam.exe
PRC - [2009/06/05 10:48:14 | 000,144,712 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/05/21 22:13:36 | 000,275,768 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
PRC - [2009/05/21 21:46:36 | 000,559,104 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqbam08.exe
PRC - [2009/05/21 21:46:36 | 000,168,960 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqste08.exe
PRC - [2009/05/21 19:58:14 | 000,413,496 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files (x86)\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe
PRC - [2009/05/21 18:57:00 | 000,362,496 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqgpc01.exe
PRC - [2009/01/08 06:36:42 | 002,521,464 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\Updater6\Adobe_Updater.exe
PRC - [2008/12/25 14:41:20 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2008/12/25 14:41:16 | 001,316,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
PRC - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe
PRC - [2008/12/08 17:34:24 | 000,054,576 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2008/12/02 20:28:22 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe
PRC - [2008/11/28 19:04:26 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2008/11/26 18:13:08 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
PRC - [2008/11/26 18:13:08 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
PRC - [2008/11/19 11:14:06 | 000,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
PRC - [2008/10/23 14:46:02 | 000,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
PRC - [2008/10/22 12:32:20 | 000,628,016 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
PRC - [2008/10/10 14:24:44 | 000,206,128 | ---- | M] ( Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
PRC - [2008/09/15 08:13:38 | 000,241,734 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
PRC - [2008/06/19 15:04:50 | 000,014,376 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe


========== Modules (SafeList) ==========

MOD - [2010/02/20 16:14:27 | 000,549,376 | ---- | M] (OldTimer Tools) -- C:\Users\Mitch\Documents\Downloads\OTL.exe
MOD - [2009/04/11 00:28:18 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2009/04/11 01:11:13 | 000,053,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bthserv.dll -- (BthServ)
SRV:64bit: - [2009/01/05 04:08:12 | 000,935,424 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\Windows\SysNative\Ati2evxx.exe -- (Ati External Event Utility)
SRV:64bit: - [2008/09/11 05:53:00 | 000,279,040 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe -- (STacSV)
SRV:64bit: - [2008/06/27 09:53:06 | 000,089,088 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/03/18 17:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv)
SRV:64bit: - [2008/01/20 20:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/12/08 16:41:42 | 000,120,232 | ---- | M] (stumbleupon.com) [On_Demand | Stopped] -- C:\Program Files (x86)\StumbleUpon\StumbleUponUpdateService.exe -- (StumbleUponUpdateService)
SRV - [2009/12/01 13:37:48 | 000,322,624 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe -- (DpHost)
SRV - [2009/11/12 16:33:14 | 000,660,256 | ---- | M] (Apple Inc.) [On_Demand | Running] -- C:\Program Files (x86)\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/09/25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2009/07/30 02:02:12 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/07/30 02:01:41 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/06/05 10:48:14 | 000,144,712 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/05/21 22:13:36 | 000,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/05/21 22:03:06 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2009/05/21 21:35:32 | 000,923,136 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/03/29 22:39:54 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/12/12 10:17:38 | 000,238,888 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/12/02 20:28:22 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/11/26 18:13:08 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS)
SRV - [2008/11/26 18:13:08 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS)
SRV - [2008/11/19 11:14:06 | 000,222,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe -- (Com4QLBEx)
SRV - [2008/10/23 14:46:02 | 000,223,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe -- (hpqwmiex)
SRV - [2008/10/09 09:56:48 | 000,094,208 | ---- | M] (Hewlett-Packard) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe -- (HP Health Check Service)
SRV - [2008/09/15 08:13:38 | 000,241,734 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe -- (RichVideo) Cyberlink RichVideo Service(CRVS)
SRV - [2008/05/05 16:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2006/11/02 07:34:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC)
SRV - [2006/11/02 00:35:15 | 000,060,994 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2006/11/02 00:35:15 | 000,055,846 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vss.mof -- (VSS)
SRV - [2004/10/22 05:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2009/08/28 18:42:52 | 000,049,152 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009/07/30 02:03:42 | 000,033,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\avgmfx64.sys -- (AvgMfx64)
DRV:64bit: - [2009/07/30 02:03:12 | 000,427,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgldx64.sys -- (AvgLdx64)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/09 00:14:20 | 000,015,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NuidFltr.sys -- (NuidFltr)
DRV:64bit: - [2009/04/24 09:32:50 | 000,014,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avgrkx64.sys -- (AvgRkx64)
DRV:64bit: - [2009/04/24 09:32:49 | 000,133,640 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\avgtdia.sys -- (AvgTdiA)
DRV:64bit: - [2009/04/17 18:59:18 | 001,526,776 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX)
DRV:64bit: - [2009/04/10 23:40:06 | 000,694,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BTHport.sys -- (BTHPORT)
DRV:64bit: - [2009/04/10 23:39:57 | 000,178,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\rfcomm.sys -- (RFCOMM) Bluetooth Device (RFCOMM Protocol TDI)
DRV:64bit: - [2009/04/10 23:39:55 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\BthEnum.sys -- (BthEnum)
DRV:64bit: - [2009/04/10 23:39:53 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\BTHUSB.sys -- (BTHUSB)
DRV:64bit: - [2009/04/10 23:39:51 | 000,275,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/01/05 04:08:50 | 000,016,400 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV:64bit: - [2009/01/05 04:08:42 | 004,993,024 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2008/11/19 11:33:36 | 000,068,608 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir)
DRV:64bit: - [2008/11/06 12:51:54 | 000,261,680 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP)
DRV:64bit: - [2008/09/19 18:43:58 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2008/09/11 05:54:44 | 000,465,408 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2008/06/23 05:54:02 | 000,099,368 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2008/06/23 05:54:02 | 000,091,176 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2008/06/23 05:54:02 | 000,019,752 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2008/05/30 14:44:42 | 000,217,216 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\ATSwpDrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV:64bit: - [2008/05/28 16:54:18 | 000,026,168 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2008/05/02 07:59:48 | 000,166,912 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/03/27 13:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2008/03/27 13:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2008/01/20 20:47:28 | 000,046,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2008/01/20 20:47:27 | 000,168,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbvideo.sys -- (usbvideo) USB Video Device (WDM)
DRV:64bit: - [2008/01/20 20:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam)
DRV:64bit: - [2008/01/20 20:47:02 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bthpan.sys -- (BthPan) Bluetooth Device (Personal Area Network)
DRV:64bit: - [2008/01/20 20:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel®
DRV:64bit: - [2008/01/20 20:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus)
DRV:64bit: - [2008/01/20 20:46:51 | 000,017,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2007/06/18 18:13:12 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2006/10/03 19:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV - [2008/11/28 19:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/04/17 18:44:36] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})
DRV - [2006/09/18 15:36:40 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2006/09/18 15:35:23 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...ion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010/01/27 22:04:25 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/18 02:41:17 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2006/09/18 15:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (StumbleUpon Launcher) - {145B29F4-A56B-4b90-BBAC-45784EBEBBB7} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DigitalPersona Personal Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (StumbleUpon Toolbar) - {5093EB4C-3E93-40AB-9266-B607BA87BDC8} - C:\Program Files (x86)\StumbleUpon\StumbleUponIEBar.dll (stumbleupon.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll ()
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files (x86)\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe ( Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard)
O4 - HKCU..\Run: [Filip] C:\Program Files (x86)\Pc Optimizer 360\Pc Optimizer 360 setup\Pc Optimizer 360.exe (BuyPcTools)
O4 - HKCU..\Run: [Google Update] C:\Users\Mitch\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKLM..\RunOnce: [] C:\Program Files (x86)\HP\Print Projects\Common01\Bin\HpqWLPG03.exe (Hewlett-Packard Co.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: tray = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: pop = 1
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://textron.webex.com/client/T26L10NSP4...ex/ieatgpc1.cab (GpcContainer Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - AppInit_DLLs: (avgrssta.dll) - C:\Windows\SysNative\avgrssta.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mitch\Pictures\Cool Pics\Mammatus clouds.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mitch\Pictures\Cool Pics\Mammatus clouds.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{8b1126f5-38b9-11de-ba33-00247e43c256}\Shell\AutoRun\command - "" = F:\setupSNK.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - comfile [open] -- "%1" %* File not found
64bit: O35 - exefile [open] -- "%1" %* File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/02/18 02:40:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010/02/18 02:39:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010/02/18 02:39:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010/02/18 02:39:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010/02/18 02:39:09 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010/02/18 02:39:09 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010/02/18 02:38:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/02/18 02:33:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010/02/18 02:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2010/02/18 02:28:47 | 000,000,000 | ---D | C] -- C:\Users\Mitch\AppData\Roaming\HP
[2010/02/18 02:28:34 | 000,000,000 | ---D | C] -- C:\Users\Mitch\AppData\Local\HP
[2010/02/18 02:22:00 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2010/02/18 02:19:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2010/02/18 02:19:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2010/02/18 02:16:16 | 001,403,904 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hpost_p03b.dll
[2010/02/18 02:16:16 | 000,880,640 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hposwia_p03b.dll
[2010/02/18 02:16:16 | 000,551,424 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2010/02/18 02:16:16 | 000,515,072 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\SysNative\hposc_p03a.dll
[2010/02/18 02:16:16 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\difxapi.dll
[2010/02/18 02:15:57 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2010/02/18 02:15:47 | 000,642,360 | ---- | C] (Hewlett-Packard) -- C:\Windows\SysNative\hpzids40.dll
[2010/02/18 02:15:36 | 000,136,704 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\SysNative\hpf3l70w.dll
[2010/02/18 02:11:52 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2010/02/18 02:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010/02/18 02:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2010/02/17 18:24:26 | 000,000,000 | ---D | C] -- C:\Users\Mitch\AppData\Roaming\Mozilla
[2010/02/15 15:41:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/02/15 14:47:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010/02/15 14:46:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2010/02/15 14:07:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/02/10 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\Mitch\AppData\Local\Downloaded Installations
[2010/02/10 20:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Seagate
[2010/02/10 20:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Seagate
[2010/02/10 20:53:18 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[2010/02/10 13:35:22 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010/02/10 13:35:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010/02/10 13:35:21 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010/02/10 13:35:21 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010/02/10 13:35:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010/02/10 13:35:21 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010/02/10 13:35:21 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010/02/10 13:35:20 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvfw32.dll
[2010/02/10 13:35:20 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010/02/10 13:35:20 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010/02/10 13:35:00 | 004,698,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/02/08 23:51:46 | 000,000,000 | ---D | C] -- C:\PFiles
[2010/02/06 03:08:18 | 000,000,000 | ---D | C] -- C:\Windows\SQL9_KB970892_ENU
[2010/02/02 22:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Small Business
[2010/02/02 22:39:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2010/02/02 14:08:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2010/02/02 14:08:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2010/02/02 13:50:52 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2010/02/02 13:43:33 | 000,000,000 | ---D | C] -- C:\Users\Mitch\Desktop\Downloads
[2010/02/02 13:43:21 | 000,000,000 | ---D | C] -- C:\Users\Mitch\AppData\Roaming\GetRightToGo
[2010/01/28 18:46:49 | 000,000,000 | ---D | C] -- C:\Users\Mitch\AppData\Roaming\Quantitative Micro Software
[2010/01/28 18:44:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EViews6SV
[2010/01/27 22:25:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/01/27 22:24:34 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/01/27 22:24:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/01/27 22:24:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/01/27 22:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\tr
[2010/01/27 22:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sv
[2010/01/27 22:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ru
[2010/01/27 22:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\no
[2010/01/27 22:04:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\da
[2010/01/27 22:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ko
[2010/01/27 22:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ja
[2010/01/27 22:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\it
[2010/01/27 22:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\fr
[2010/01/27 22:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\es
[2010/01/27 22:04:29 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2010/01/27 22:04:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\tr
[2010/01/27 22:04:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sv
[2010/01/27 22:04:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ru
[2010/01/27 22:04:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\no
[2010/01/27 22:04:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\da
[2010/01/27 22:04:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ko
[2010/01/27 22:04:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ja
[2010/01/27 22:04:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\it
[2010/01/27 22:04:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\fr
[2010/01/27 22:04:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\es
[2010/01/27 22:04:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2010/01/27 22:04:24 | 000,000,000 | ---D | C] -- C:\Windows\DPDrv
[2010/01/27 22:04:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DigitalPersona
[2010/01/27 20:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2010/01/22 12:07:25 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2010/01/22 12:07:24 | 001,147,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010/01/22 12:07:24 | 000,916,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010/01/22 12:07:23 | 000,700,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/01/22 12:07:23 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/01/22 12:07:23 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010/01/22 12:07:23 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010/01/22 12:07:23 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010/01/22 12:07:23 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/01/22 12:07:22 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010/01/22 12:07:22 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010/01/22 12:07:22 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/01/22 12:07:21 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/01/22 12:07:21 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/01/22 12:07:21 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/01/22 12:07:21 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010/01/22 12:07:21 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010/01/22 12:07:21 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/01/22 12:07:21 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010/01/22 12:07:21 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010/01/22 12:07:21 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010/01/22 12:07:21 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010/01/22 12:07:21 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010/01/22 12:07:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010/01/22 12:07:21 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2010/01/22 12:07:21 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsproxy.dll
[2010/01/22 12:07:21 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/01/22 12:07:21 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/01/22 12:07:20 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010/01/22 12:07:20 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010/01/22 12:07:20 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010/01/22 11:55:51 | 000,000,000 | ---D | C] -- C:\Windows\Sun

========== Files - Modified Within 30 Days ==========

[2010/02/20 16:21:00 | 000,000,392 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{1F527E94-7166-4D01-B630-4FF3A10F44A5}.job
[2010/02/20 16:15:03 | 003,145,728 | -HS- | M] () -- C:\Users\Mitch\NTUSER.DAT
[2010/02/20 15:24:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2750444019-170965808-2948386981-1000UA.job
[2010/02/20 15:08:57 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/02/20 15:08:57 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/02/20 14:33:39 | 055,963,047 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm
[2010/02/20 13:24:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2750444019-170965808-2948386981-1000Core.job
[2010/02/20 13:08:59 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/02/19 00:55:51 | 000,756,644 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/02/19 00:55:51 | 000,642,392 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/02/19 00:55:51 | 000,118,872 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/02/18 02:41:36 | 000,023,142 | ---- | M] () -- C:\Windows\hpqins15.dat
[2010/02/18 02:32:04 | 000,196,483 | ---- | M] () -- C:\Windows\hpoins41.dat
[2010/02/18 02:28:53 | 000,107,344 | ---- | M] () -- C:\Users\Mitch\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/02/18 02:28:38 | 000,000,254 | ---- | M] () -- C:\Windows\win.ini
[2010/02/18 02:22:52 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/02/18 02:21:51 | 000,001,218 | ---- | M] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/02/18 02:20:42 | 000,002,002 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/02/18 02:19:32 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/02/17 06:26:51 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/02/17 06:26:35 | 4024,254,464 | -HS- | M] () -- C:\hiberfil.sys
[2010/02/16 18:27:47 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010/02/16 17:29:08 | 000,524,288 | -HS- | M] () -- C:\Users\Mitch\NTUSER.DAT{fbf00978-b4f6-11de-aac1-00247e43c256}.TMContainer00000000000000000001.regtrans-ms
[2010/02/16 17:29:08 | 000,065,536 | -HS- | M] () -- C:\Users\Mitch\NTUSER.DAT{fbf00978-b4f6-11de-aac1-00247e43c256}.TM.blf
[2010/02/16 17:29:00 | 001,827,684 | -H-- | M] () -- C:\Users\Mitch\AppData\Local\IconCache.db
[2010/02/15 15:41:14 | 000,001,928 | ---- | M] () -- C:\Users\Mitch\Desktop\HijackThis.lnk
[2010/02/15 14:54:52 | 000,398,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/02/15 14:07:52 | 000,001,724 | ---- | M] () -- C:\Users\Mitch\Desktop\CCleaner.lnk
[2010/02/15 13:51:26 | 000,002,711 | ---- | M] () -- C:\Users\Mitch\Desktop\Pc Optimizer 360.lnk
[2010/02/15 10:02:17 | 000,000,680 | ---- | M] () -- C:\Users\Mitch\AppData\Local\d3d9caps.dat
[2010/02/11 21:45:06 | 000,002,042 | ---- | M] () -- C:\Users\Mitch\Desktop\Google Chrome.lnk
[2010/02/11 21:43:54 | 000,000,240 | ---- | M] () -- C:\Users\Mitch\AppData\Roaming\wklnhst.dat
[2010/02/10 21:08:56 | 000,002,051 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Manager.lnk
[2010/02/06 03:11:34 | 000,000,422 | ---- | M] () -- C:\Windows\SysWow64\mapisvc.inf
[2010/02/06 03:10:16 | 000,709,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/02/05 13:25:54 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMitch.job
[2010/01/28 18:46:29 | 000,001,674 | ---- | M] () -- C:\Users\Public\Desktop\EViews 6 SV.lnk
[2010/01/28 18:46:25 | 000,001,670 | ---- | M] () -- C:\Users\Mitch\Documents\EViews Example Files.lnk
[2010/01/28 18:46:10 | 000,000,045 | RH-- | M] () -- C:\Windows\gsc_user.dat
[2010/01/27 22:33:19 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2010/01/26 18:46:49 | 000,433,728 | ---- | M] () -- C:\Users\Mitch\Desktop\uninstallkey01.reg
[2010/01/26 18:43:50 | 000,063,254 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey09.reg
[2010/01/26 18:43:04 | 000,024,558 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey08.reg
[2010/01/26 18:42:31 | 000,378,382 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey07.reg
[2010/01/26 18:41:15 | 000,045,536 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey06.reg
[2010/01/26 18:39:31 | 000,003,036 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey05.reg
[2010/01/26 15:14:33 | 000,461,762 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey04.reg
[2010/01/26 15:11:28 | 000,144,530 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey03.reg
[2010/01/26 15:10:57 | 001,081,640 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey02.reg
[2010/01/26 15:08:21 | 000,694,942 | ---- | M] () -- C:\Users\Mitch\Desktop\DeletedKey01.reg
[2010/01/24 18:30:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\windows7keys.reg
[2010/01/24 18:30:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\vistaregistry.reg
[2010/01/24 18:30:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\Registry.reg
[2010/01/24 18:14:11 | 000,000,674 | ---- | M] () -- C:\Users\Mitch\Desktop\Installer Reg_1.reg

========== Files Created - No Company Name ==========

[2010/02/18 02:40:36 | 000,023,142 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/02/18 02:22:52 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Shop for HP Supplies.lnk
[2010/02/18 02:21:51 | 000,001,218 | ---- | C] () -- C:\Users\Public\Desktop\HP Solution Center.lnk
[2010/02/18 02:20:42 | 000,002,002 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2010/02/18 02:19:32 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk
[2010/02/18 02:03:26 | 000,001,581 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2010/02/18 02:03:25 | 000,196,483 | ---- | C] () -- C:\Windows\hpoins41.dat
[2010/02/15 15:41:14 | 000,001,928 | ---- | C] () -- C:\Users\Mitch\Desktop\HijackThis.lnk
[2010/02/15 14:07:52 | 000,001,724 | ---- | C] () -- C:\Users\Mitch\Desktop\CCleaner.lnk
[2010/02/10 21:08:56 | 000,002,051 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Manager.lnk
[2010/02/02 22:57:49 | 000,000,422 | ---- | C] () -- C:\Windows\SysWow64\mapisvc.inf
[2010/02/02 14:18:57 | 000,709,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/01/28 18:46:29 | 000,001,674 | ---- | C] () -- C:\Users\Public\Desktop\EViews 6 SV.lnk
[2010/01/28 18:46:25 | 000,001,670 | ---- | C] () -- C:\Users\Mitch\Documents\EViews Example Files.lnk
[2010/01/28 18:46:10 | 000,000,045 | RH-- | C] () -- C:\Windows\gsc_user.dat
[2010/01/26 18:46:49 | 000,433,728 | ---- | C] () -- C:\Users\Mitch\Desktop\uninstallkey01.reg
[2010/01/26 18:43:50 | 000,063,254 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey09.reg
[2010/01/26 18:43:04 | 000,024,558 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey08.reg
[2010/01/26 18:42:31 | 000,378,382 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey07.reg
[2010/01/26 18:41:15 | 000,045,536 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey06.reg
[2010/01/26 18:39:31 | 000,003,036 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey05.reg
[2010/01/26 15:14:33 | 000,461,762 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey04.reg
[2010/01/26 15:11:28 | 000,144,530 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey03.reg
[2010/01/26 15:10:57 | 001,081,640 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey02.reg
[2010/01/26 15:08:21 | 000,694,942 | ---- | C] () -- C:\Users\Mitch\Desktop\DeletedKey01.reg
[2010/01/24 18:32:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/01/24 18:14:10 | 000,000,674 | ---- | C] () -- C:\Users\Mitch\Desktop\Installer Reg_1.reg
[2009/11/04 19:26:18 | 000,000,240 | ---- | C] () -- C:\Users\Mitch\AppData\Roaming\wklnhst.dat
[2009/10/09 15:22:22 | 000,000,000 | ---- | C] () -- C:\Users\Mitch\AppData\Local\FnF4.txt
[2009/10/08 22:43:22 | 000,000,079 | ---- | C] () -- C:\Users\Mitch\AppData\Local\DVDPATH.TXT
[2009/09/26 18:07:22 | 000,000,732 | ---- | C] () -- C:\Users\Mitch\AppData\Local\d3d9caps64.dat
[2009/09/10 15:38:55 | 000,000,680 | ---- | C] () -- C:\Users\Mitch\AppData\Local\d3d9caps.dat
[2009/08/18 17:17:18 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/18 17:15:30 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/05/17 11:02:55 | 000,005,120 | ---- | C] () -- C:\Users\Mitch\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/23 19:02:51 | 000,010,418 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2009/04/23 19:02:48 | 000,000,000 | ---- | C] () -- C:\Users\Mitch\AppData\Local\QSwitch.txt
[2009/04/23 19:02:48 | 000,000,000 | ---- | C] () -- C:\Users\Mitch\AppData\Local\DSwitch.txt
[2009/04/23 19:02:48 | 000,000,000 | ---- | C] () -- C:\Users\Mitch\AppData\Local\AtStart.txt
[2009/04/17 20:17:22 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2009/04/17 20:17:12 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2009/04/17 20:16:23 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2009/04/17 20:15:45 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2009/04/17 20:13:13 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/03/23 12:44:22 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\MPMapTrace.dll
[2009/03/23 12:09:28 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\mpPathan.dll
[2009/01/19 07:55:40 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/01/19 07:47:56 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/01/19 07:45:28 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/01/19 07:43:45 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/01/20 20:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/12/13 15:03:14 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\zlibwapi.dll
< End of report >


----------------------------------------------------------------------------------------------------------------------------------------------------------

OTL Extras logfile created on: 2/20/2010 4:15:02 PM - Run 1
OTL by OldTimer - Version 3.1.30.1 Folder = C:\Users\Mitch\Documents\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18882)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 40.00% Memory free
8.00 Gb Paging File | 5.00 Gb Available in Paging File | 68.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.42 Gb Total Space | 150.31 Gb Free Space | 52.85% Space Free | Partition Type: NTFS
Drive D: | 13.67 Gb Total Space | 2.10 Gb Free Space | 15.34% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MITCH-PC
Current User Name: Mitch
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Mitch\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = E2 E4 30 BA A8 2C CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{063881A4-2B3A-4A58-ACAE-5C501DBE7108}" = rport=138 | protocol=17 | dir=out | app=system |
"{0A3943E3-3467-4E12-8D21-F704F688F03D}" = lport=137 | protocol=17 | dir=in | app=system |
"{1756F630-374E-4BA0-BBEE-4E3651DFA510}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1DC3EAD2-4153-4E39-A604-CC9470284551}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{22DEB409-4459-4C37-A6EA-C0A9C867A36D}" = lport=138 | protocol=17 | dir=in | app=system |
"{2D0B375E-4DDB-4322-A30E-741A852E9E7E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{44799C94-8A01-4F8A-A2AA-1EFE2D3C1BF1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4EDB4FD2-7A20-456B-B8E8-D1CEDD749007}" = rport=139 | protocol=6 | dir=out | app=system |
"{65F22832-5639-43F5-A76D-839D48F82B30}" = rport=137 | protocol=17 | dir=out | app=system |
"{6B7FAF79-711D-44F2-B357-1B1A51685400}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77C3F77A-64C4-4D90-9EB6-0AEFEFC8A93C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8253EEB7-DB24-44F5-A27D-743890F8CF78}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{95081553-3D2B-49AB-86B2-F3BF1B59EBCE}" = lport=139 | protocol=6 | dir=in | app=system |
"{A3587050-8EC6-4E90-AFD0-DEC84C32D0BF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B408EF42-2E61-4C85-8ECE-3B5E9DF647CE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BDE9A903-C5F2-471D-B32E-F89BB39B50A7}" = lport=445 | protocol=6 | dir=in | app=system |
"{D1374346-14E7-4A61-84E7-5213D7EB03E5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E3A1BB01-A7AC-4CF1-9AEA-B66DF278BA58}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{E8D5CCDC-3688-4070-B876-DCA181F51BE3}" = rport=10243 | protocol=6 | dir=out | app=system |
"{EFA61E11-DB53-4104-94FA-437401D67BD1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F6E42689-27FD-421D-9AE8-0B4A612D547C}" = rport=445 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0042A3E9-823A-4494-A624-6B5B1171B155}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{021C4A70-C83C-4114-A034-AD20513DE17F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{0568F0E9-044D-4BB5-9336-B5BFA755B879}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{06E45063-3618-40CE-AD28-E31465967CD7}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{0B6C6CE0-E06A-4767-9616-2FD4BADA5FD0}" = protocol=6 | dir=in | app=c:\users\mitch\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{115A4637-3F0C-4E02-AEBC-A0B3AD374425}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{1346A8A3-CEA6-4A8F-BD5C-223BB9CE3682}" = dir=in | app=e:\setup\hpznui40.exe |
"{19D23505-843E-4BFE-B0D4-E46C68E933C2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{1AA73C35-2325-470D-9D47-4FC3AB0F6548}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{1D4B7D93-F025-485F-8791-638A43621688}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1E4CEA3D-D7B6-4FE5-9FC6-F05F177DAF53}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{22A15542-56D3-4685-9B61-29E8956D95C9}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{2482EEEF-BCFE-4301-B60E-BEF6451E9825}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{29965B62-5A81-4F08-B8AE-78407E8E8326}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2B30E7CC-F593-4657-B720-72DC9B782CC4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{2B98A698-0069-4C10-B64A-67B2BCBAF209}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2BAD04D0-E86D-437B-8ED0-958767C94599}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{31FB140E-454E-4AFC-8FA6-45B7C10EA1A4}" = dir=in | app=c:\program files (x86)\avg\avg8\avgdiagex.exe |
"{3289B1F4-953B-400A-91FF-636C0CADC8A3}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3B125B2A-875F-4EA7-85E1-C91629BE85D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{424ADFE6-679E-4299-B9BF-9608496806C0}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{497DB53A-2626-4F9B-ACC1-CBE0A610BC20}" = dir=in | app=c:\program files (x86)\avg\avg8\avgupd.exe |
"{4B7FD079-7D54-4B77-88D3-56D74796BD96}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{4C9D935A-F54E-4C24-9492-14E0DE8C5A6A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{4F382A64-A624-4B92-B5A3-D876CEE0D5D8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{500B3B91-5105-4512-9631-434534CB72C6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{5081512E-16EA-4F47-A0A5-750299783919}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{52FAF5E3-13C6-49FA-9728-3B04DDC6CDF6}" = dir=in | app=c:\program files (x86)\avg\avg8\avgam.exe |
"{5BF8648A-B3B4-4EBC-85E2-14056C0E15A7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{5DB90A08-DE08-4CC5-96F7-0E6773D31FC4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{5DC859D5-517A-49E8-A0A3-87F5BB8EBE84}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{60110329-928C-4853-B603-ADE432EACFE3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{64BAF225-5952-4852-B608-CF87658AA20F}" = protocol=17 | dir=in | app=c:\users\mitch\appdata\local\google\google talk plugin\googletalkplugin.dll |
"{6A69E749-92B0-410E-A465-03F121BFBA68}" = protocol=6 | dir=in | app=c:\users\mitch\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{743D5360-A92F-4861-AFA4-C1956E145823}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{794F8768-C1F2-458E-B970-7E84BFD213C5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{7B6790B3-FAD2-4415-A21B-D6880E007743}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{7E3BAA56-1162-47B4-8B71-6733DF2575D4}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{7E9C023C-211E-41FD-BFC8-44A19ABEB41D}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7EC21FCB-A78D-4E2F-9CE7-EEA1EF9FEBDF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{85436E8C-B8FB-44AF-88CF-4589D1330914}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{86B6DE1B-1F3C-44E4-B377-B5B5238E568E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{8EABB2F6-1A7F-4016-988A-62EC24D8EA16}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{8FF52C14-AE45-4CD0-815B-0A03FEF060A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{916C7CC4-94F8-468F-B064-401FC01F89F4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{9309BB02-A6D1-49CD-AF23-672BBD188E31}" = dir=in | app=c:\program files (x86)\avg\avg8\avgdiag.exe |
"{A079191A-432B-4BF0-A5D7-2C034666E37E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A2FA9625-9EE7-45AD-873E-E1E8986AE0FC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A3209D62-4396-4CC0-A014-198F9868D50E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{A3A88F99-BBCC-4860-88E7-4AFA9D19F771}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A7900BB5-C288-455C-B6B2-FB599C756C42}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA3A39D2-7913-47A9-ACA2-7964E6566121}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{AC0ECB89-07A1-4968-B951-90F177CFB178}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{ADE835F5-9611-487E-9569-D99FD80990BA}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{AF20EC95-6313-4CA1-9887-B1472A26D7F2}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B8C28FD0-FFB0-4CCD-8EBB-4CC4D767F479}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C376D28B-0F23-421F-BA4B-64AB357CC158}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6E08FA6-049E-4353-8287-CE8BE5581E37}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{CE7432A6-A1E9-4DAB-9E07-C0BCA560A7F6}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{DDAD82EB-C9EA-4659-92B9-49712641C15C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DF9A13C5-9FA8-4EF1-A729-2A9B34A708FE}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{E19FC96F-AB4D-4246-8BFA-33E9D9C28B5E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4703547-9EB0-4EDE-AEAF-0E3A8421B0E6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{EA7DCAA8-39EE-49AF-AA6D-68D28754922D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EBECD654-52B5-4CEF-BA80-2A0F5FB0D57C}" = protocol=17 | dir=in | app=c:\users\mitch\appdata\local\google\google talk plugin\googletalkplugin.exe |
"{ECFBDDDB-7FE0-4F06-86D7-5BE42888E15F}" = dir=in | app=c:\program files (x86)\avg\avg8\avgnsa.exe |
"{F2F3DB0A-044A-491B-94BB-F406C05A5326}" = protocol=6 | dir=out | app=system |
"{F374237C-B0E4-4EC3-B0AA-673660466855}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{FAB493E8-265D-4CB7-8710-E3A18EAC3603}" = dir=in | app=c:\program files (x86)\avg\avg8\avgemc.exe |
"{FBCCCBC5-E4D6-4D1D-BF88-9CB0690065B1}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"TCP Query User{30C5A633-FB13-44D7-8BE7-8DB82916BC10}C:\users\mitch\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\mitch\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{855265AE-13E7-4060-8B0B-661F277ECB7F}C:\users\mitch\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\mitch\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{3BDE8676-5353-4764-AC34-E3D243BAE213}C:\users\mitch\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\mitch\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{AD9AF1EC-A0E7-434F-9C97-E66DD57F722D}C:\users\mitch\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\mitch\appdata\local\google\chrome\application\chrome.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{181AC4C7-B83C-4B5F-B566-E19BF2472429}" = HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{6CF99EA5-01DF-3178-41BA-E0352BC23816}" = ccc-utility64
"{79BF7CB8-1E09-489F-9547-DB3EE8EA3F16}" = Microsoft SQL Server Native Client
"{86177DAE-38B1-49DD-912E-35CB703AB779}" = Microsoft SQL Server VSS Writer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9EFC40E3-5F31-4F75-8445-286273F74D8E}" = Apple Mobile Device Support
"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64
"{B4C4F333-FC15-CCC6-FD6B-6AD576C74FA2}" = ATI Catalyst Install Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C9C243B9-03BD-44BA-A592-AB09630AE2D2}" = iTunes
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu
"{F74D69E5-ECFD-45D1-A87A-341208ADD7CC}" = DigitalPersona Personal 4.11
"87B8039CA0CD7A68D9536013C2495013C4B4B168" = Windows Driver Package - ENE (enecir) HIDClass (11/19/2008 2.7.0.2)
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{080D2E3B-D99B-57F5-1DBC-720866EDAD2B}" = Catalyst Control Center Localization Polish
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0D864C51-1134-0E0F-4A55-21D4EBE2F5B3}" = Catalyst Control Center Localization Russian
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}" = QuickTime
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{163C5D82-431F-0AD1-C84B-B7D030C9A517}" = CCC Help Italian
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{187817E2-6407-461C-B59B-56CE73363D34}" = Catalyst Control Center - Branding
"{1A183513-DDDE-7F51-ED9E-503283FE9F6D}" = CCC Help Norwegian
"{1B72B33E-5C38-DE77-680F-566E8E5D3435}" = Catalyst Control Center Localization Thai
"{1BA5301C-839E-A5B9-A20C-392527A9E12B}" = Catalyst Control Center Localization Chinese Standard
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}" = Mathcad 14 Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{227082A3-20DE-3130-3DE1-6068BBF7CFBE}" = CCC Help Hungarian
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java™ 6 Update 17
"{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2ED38491-B20B-0FFC-005A-FE0E33C2A8F3}" = CCC Help Spanish
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{31A5ED9F-E07B-4F6E-8179-27325BAAC502}" = AuthenTec Fingerprint Sensor Minimum Install
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 L1
"{36D6E791-C5E6-0DD9-3A21-66B981F11A7C}" = CCC Help Thai
"{37B11A1F-4DD8-2753-6656-48CF1494B991}" = CCC Help Finnish
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{39F4CBAA-791E-7230-F47C-866F2EE17CD1}" = CCC Help Turkish
"{3FA365DF-2D68-45ED-8F83-8C8A33E65143}" = Apple Application Support
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40DAA15A-14D6-11BA-A11F-8FCD30E6B738}" = CCC Help Japanese
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44564479-0533-4542-8D5A-4937EA4BFBAC}" = MPLAB Tools v8.30
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{47F36D92-E58E-456D-B73C-3382737E4C42}" = HP Update
"{4840D6CD-ED6F-06E2-2AC0-D534B3D295B8}" = Catalyst Control Center Localization Spanish
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{5624D872-FD04-4227-879A-AF87FC847037}" = Pc Optimizer 360 setup
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{585A77FE-38D5-90CF-44F8-130D41B96906}" = Catalyst Control Center Localization Korean
"{591F7236-CAB8-B2D1-398D-59CFD40D1DE6}" = Catalyst Control Center Localization Japanese
"{5A7ABA17-007D-B521-E853-72E339D2A6DA}" = Catalyst Control Center Graphics Previews Common
"{6105327F-DA1C-B413-B11F-C7CD1CA034E9}" = CCC Help German
"{626AAD1B-7EDB-E366-6BA1-E8A5DE7ECC66}" = Catalyst Control Center Graphics Light
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{6562A44B-769B-DD32-8B65-13342BFFD765}" = Catalyst Control Center Localization Portuguese
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6A8F91EB-2F75-09E2-BFB4-784E93014B40}" = Catalyst Control Center Localization Dutch
"{6A905A05-964C-4F03-9A96-D34167807EC0}" = PS_AIO_06_C309g-m_SW_Min
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77468628-CB8F-8A3E-1198-C2E2E06C4063}" = Skins
"{79F617F3-8E21-F5FD-029D-4C8668B542D8}" = Catalyst Control Center Localization Danish
"{7A27AAF5-1FD6-48B4-95C4-7354A1C35455}" = C309g-m
"{7A8DF44F-1582-1CB2-302A-80DB2C528DE5}" = Catalyst Control Center Graphics Full Existing
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{80CD5082-B5A0-CED9-5FE8-2BA854123666}" = CCC Help French
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86648192-C03A-6E54-0165-8BED37AA5405}" = Catalyst Control Center Localization Italian
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89EBF4DD-6077-1A0C-A660-114053A943D1}" = CCC Help Greek
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B4D7A33-23A6-49C8-A7B4-C8F399E6F251}" = HP User Guides 0124
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9038374D-2F61-CDD1-8CE7-F38BDCAC6235}" = CCC Help Dutch
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{9474D865-0C32-4642-4B22-3576411DDDE1}" = Catalyst Control Center Localization Turkish
"{959D4F68-C7BB-0E9C-9525-233436BE2541}" = Catalyst Control Center Graphics Full New
"{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup
"{967D87A9-56AB-A8D1-A9B7-A3D54AC19B06}" = CCC Help English
"{9796B253-14D2-13B9-34F4-B739EFEFBDCB}" = Catalyst Control Center InstallProxy
"{9949B06D-8901-E312-375D-D012E8823332}" = Catalyst Control Center Localization German
"{9B028252-3229-8866-EBDA-DB002BD1A6F2}" = Catalyst Control Center Localization Greek
"{9B432FFC-6498-AAC3-88A8-07059E2BC369}" = Catalyst Control Center Localization Swedish
"{9B444BC3-B920-ACBD-5855-43B2B6E9A9F1}" = Catalyst Control Center Core Implementation
"{9E3DBD0C-1643-0B54-D063-0346DD7A9473}" = Catalyst Control Center Localization Finnish
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A60BBC44-56C9-A91B-A01F-CDB82ED4A20C}" = Catalyst Control Center Localization Czech
"{A6DDE98D-2E07-6430-FFF4-14DDB20480A2}" = CCC Help Polish
"{A8521F04-642B-BC8C-879A-B6FD8228E062}" = CCC Help Portuguese
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{ACD76938-9B46-6BC0-4E11-A0538E6FC3E2}" = CCC Help Russian
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B37DAC35-C44B-B8C9-2E7F-E254132839DD}" = Catalyst Control Center Graphics Previews Vista
"{B473AEA3-4612-7B2B-2263-87438531EE5B}" = Catalyst Control Center Localization Hungarian
"{BBF6D0CD-A081-369F-B0B8-F168594CBB6B}" = Google Talk Plugin
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C0323C1D-213B-1E2F-6A78-6009B16784D2}" = CCC Help Chinese Traditional
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C4BCD5CF-E19C-C2C4-4E1C-D5146D175D25}" = CCC Help Danish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8E17D71-9C11-C6E5-CEB4-41D4FFDE5A9D}" = CCC Help Swedish
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CED8F259-6248-3B39-036B-57CA53A98A79}" = CCC Help Korean
"{D30DADCE-B456-DF3E-A5C2-CD8781FF8BE7}" = Catalyst Control Center Localization French
"{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery
"{D8E2C139-595B-9656-E82F-9D9AFCEAB222}" = CCC Help Czech
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDB543D7-37D4-7548-D500-6370766A4D11}" = ccc-core-static
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E5E29403-3D25-40C6-892B-F9FEE2A95585}" = HP Wireless Assistant
"{E666A69B-A76D-43D5-AF28-4B2150A6EDE2}" = Mathcad 14
"{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal
"{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}" = Mathcad 14 Resource Center
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{FA2B893D-F2E1-FA19-53BB-C9DC5B74DDAE}" = CCC Help Chinese Standard
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FCAD32F7-95E4-59C7-F266-FA60D219C5FB}" = Catalyst Control Center Localization Chinese Traditional
"{FCDCF062-5C15-5026-560F-46294A42EF02}" = Catalyst Control Center Localization Norwegian
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AVG8Uninstall" = AVG 8.5
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CCleaner" = CCleaner
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"HijackThis" = HijackThis 2.0.2
"HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{2A30052B-831C-41D3-8044-3C0388066350}" = Seagate Manager Installer
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{44564479-0533-4542-8D5A-4937EA4BFBAC}" = MPLAB Tools v8.30
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B1D89E54-08B1-4542-A69B-E634AEF10A40}" = Seagate Manager Installer
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"PROR" = Microsoft Office Professional 2007 Trial
"StumbleUponIEToolbar" = StumbleUpon IE Toolbar
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 2/15/2010 4:55:57 PM | Computer Name = Mitch-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/15/2010 4:56:49 PM | Computer Name = Mitch-PC | Source = Application Error | ID = 1000
Description = Faulting application TVAgent.exe, version 2.1.1.1321, time stamp 0x49772d0a,
faulting module MFC71.DLL, version 7.10.6030.0, time stamp 0x44b453c2, exception
code 0xc0000005, fault offset 0x0001ead8, process id 0x4bc, application start time
0x01caae814b5d688f.

Error - 2/16/2010 5:29:21 PM | Computer Name = Mitch-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/16/2010 6:24:41 PM | Computer Name = Mitch-PC | Source = Google Update | ID = 20
Description =

Error - 2/16/2010 7:24:05 PM | Computer Name = Mitch-PC | Source = Google Update | ID = 20
Description =

Error - 2/16/2010 7:29:06 PM | Computer Name = Mitch-PC | Source = EventSystem | ID = 4621
Description =

Error - 2/16/2010 8:26:42 PM | Computer Name = Mitch-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/17/2010 8:28:17 AM | Computer Name = Mitch-PC | Source = WinMgmt | ID = 10
Description =

Error - 2/17/2010 8:29:10 AM | Computer Name = Mitch-PC | Source = Application Error | ID = 1000
Description = Faulting application TVAgent.exe, version 2.1.1.1321, time stamp 0x49772d0a,
faulting module MFC71.DLL, version 7.10.6030.0, time stamp 0x44b453c2, exception
code 0xc0000005, fault offset 0x0001ead8, process id 0xb94, application start time
0x01caafccb9a01de0.

Error - 2/18/2010 4:15:21 AM | Computer Name = Mitch-PC | Source = VSS | ID = 8194
Description =

[ System Events ]
Error - 12/10/2009 12:14:23 AM | Computer Name = Mitch-PC | Source = cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 12/10/2009 12:14:38 AM | Computer Name = Mitch-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 12/10/2009 12:14:53 AM | Computer Name = Mitch-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 12/10/2009 12:15:12 AM | Computer Name = Mitch-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 12/10/2009 5:01:35 AM | Computer Name = Mitch-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 12/10/2009 5:02:14 AM | Computer Name = Mitch-PC | Source = DCOM | ID = 10005
Description =

Error - 12/10/2009 5:02:14 AM | Computer Name = Mitch-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 12/10/2009 5:02:14 AM | Computer Name = Mitch-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 12/10/2009 5:02:14 AM | Computer Name = Mitch-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 12/10/2009 5:02:14 AM | Computer Name = Mitch-PC | Source = Service Control Manager | ID = 7000
Description =


< End of report >


#4 frogger09

frogger09
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 20 February 2010 - 07:22 PM

I use AVG for my protection.I closed out of it and did everything I thought needed to be done to turn it off but windows still told me it was on. I'm not sure how crucial that is for this but here is the log anyways.


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-02-20 18:17:17
Windows 6.0.6002 Service Pack 2
Running: sbt6zcs0.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186d66195
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00247e43c256
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\002186d66195 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\00247e43c256 (not active ControlSet)

---- EOF - GMER 1.0.15 ----


#5 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 PM

Posted 21 February 2010 - 05:10 AM

Hello frogger09,

Let me first say that I don't think this problem is caused by malware (however, we will doublecheck of course smile.gif). It sounds to me like you installed MS Office using another user account on your computer. You should uninstall it using that particular account, then re-install and specify the program is for all users who use this computer.

Uninstalling and saving the reg key's makes no sense, this will prevent exactly what you want to accomplish.

UPDATE JAVA
------------------
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
  • Look for "Java Runtime Environment (JRE)" JRE 6 Update 18.
  • Click the Download button to the right.
  • Select your Platform: "Windows".
  • Select your Language: "Multi-language".
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • Click Continue and the page will refresh.
  • Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u18-windows-i586.exe to install the newest version.
-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.


Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.


MALWAREBYTES ANTIMALWARE
-------------------------------------------
Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Full Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.


In your next reply, please include the following:
  • MBAM log

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#6 frogger09

frogger09
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 22 February 2010 - 01:01 AM

I was switched here by the website. (Told I posted in the wrong category.)
I am the administrator on the computer and it only has one user. That shouldn't be the case.
I have uninstalled multiple times now and that hasn't worked.
Where exactly do I specify the program is for all users?

Thank you for your speedy replies.

#7 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 PM

Posted 22 February 2010 - 09:15 AM

Hi again smile.gif

Your topic was moved because you posted a log. That is standard procedure, it does not mean you are actually infected.

Did you try to reinstall WITHOUT saving reg keys also?

Also, it might be worth to visit the MS Office 2007 support site.

Can you please post me the MBAM results?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#8 frogger09

frogger09
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 22 February 2010 - 11:38 AM

Here are the MBAM results:

Malwarebytes' Anti-Malware 1.44
Database version: 3773
Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18882

2/22/2010 10:33:41 AM
mbam-log-2010-02-22 (10-33-41).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 378655
Time elapsed: 2 hour(s), 56 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Users\Mitch\Desktop\Programs to be Installed\Real Player Premium v11\Real Player 11.0.9.372 PRO\Activator.exe (Trojan.Agent) -> Quarantined and deleted successfully.





I will try and install one more time without the reg keys saved to the desktop.
But I have been in minor contact with MS Office support, and talked with a number of friends that work for Geeksquad. (Don't know how much credibility that gives them though.)

Thanks again for all your help.

#9 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 PM

Posted 22 February 2010 - 12:28 PM

Hello frogger09,

I am not a big geeksquad fan, but if MS Office support couldn't help you, I am really afraid I won't be able either ohmy.gif

ESET ONLINE SCANNER
----------------------------
I'd like us to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    Note - when ESET doesn't find any threats, no report will be created.
  12. Push the button.
  13. Push

In your next reply, please include the following:
  • ESET online scan results

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#10 frogger09

frogger09
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 23 February 2010 - 12:25 AM

no threats were found.

#11 frogger09

frogger09
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:02:21 PM

Posted 23 February 2010 - 12:46 AM

I tried installing it again. Didn't work. This time it said that "Setup could not open the registry key...."

I haven't been in contact with MS Office support much because I got the program illegally. Now I have a legal one to install, but it won't. Will this be a problem you think?

#12 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 PM

Posted 23 February 2010 - 04:03 AM

First of all, BC does not support in any way the use of illegal software.

According to the BC board rules...
QUOTE
No subject matter will be allowed whose purpose is to defeat existing copyright or security measures. If a user persists and/or the activity is obviously illegal the staff reserves the right to remove such content and/or ban the user. This would also mean encouraging the use or continued use of pirated software is not permitted, and subject to the same consequences.


If you have problems also with the legal version, I would advice you to contact MS Office support. They should be able to help you with a legal version. Its possible you need to run an uninstall tool to get completely rid of all leftovers. Also make sure you install all Office updates available on the MS Update site.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#13 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 PM

Posted 26 February 2010 - 09:07 AM

Hello, are you still there?

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif


#14 Elise

Elise

    Bleepin' Blonde


  • Malware Study Hall Admin
  • 61,591 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Romania
  • Local time:10:21 PM

Posted 05 March 2010 - 07:18 AM

Due to lack of feedback, this topic is now closed.

If you are the original topic starter and you need this topic reopened, please send me a PM.

Everyone else, please start a new topic.

regards, Elise


"Now faith is the substance of things hoped for, the evidence of things not seen."

 

Follow BleepingComputer on: Facebook | Twitter | Google+ | lockerdome

 

Malware analyst @ Emsisoft

 

animinionsmalltext.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users