Security Center can't be started

O

optoboy

Member
I've tried countless times to get my security center to start with no success. I've followed every step from a dozen different sources and still nothing. One thing I've noticed is I don't have a 'security center' file under services but I do have a 'security accounts manager' (sam) file. Is that the same or am I missing/deleted file? I've ran malwarebytes, superantispyware, started in safe mode and changed restore points and still cannot activate. I'm ready to scream:mad:.

Any help would be greatly appreciated.
 

My Computer

System One

Re: Virus, now cant open security center

Please post a New Log of Mbam, but update to the latest database
Current database at time of post---v2011.12.31.06

Download DDS and save it to your desktop
Disable any script blocker if your Anti-Virus/Anti-Malware has it.
Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr to run the tool.
When done, the DDS.txt file will open.
Click Yes at the next prompt for Optional Scan.


  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt

  • Save both reports to your desktop
  • Please include the following logs : DDS.txt and Attach.txt
  • YOu may attach these 2 logs




~~~~~~~~~~~~~~~~~~~~~
LOgs to reply with:


  • Mbam Log (Copy & Paste)
  • DDS.txt
  • Attach.txt
 

My Computer

System One

  • Manufacturer/Model
    Dell Studio XPS 435T 12gig's ram, 2000 gig's HD
Is anyone home...? Awaiting replies.

1) Is 'Security Account Manager' same as 'Security Center'?

2) MSE says it is running and system is protected yet 'security center can't be started' message appears...?
 

My Computer

System One

PLease uninstall the following programs:

FixCleaner: It's use is highly questionable

Java(TM) 6 Update 24
Java(TM) 6 Update 3

Present version is update 30. Download HERE

Adobe Reader is also outdated, present version is 10.1.1, update HERE
If you do not want the McAfee scanner, uncheck the box before downloading

Also see you have avast installed. Having more than 1 antivirus can and does cause issues. Choose either avast or MSE, your choice.

Skype should also be uninstalled as it open ports that the malware authors use.

Let us know how your computer is running after completing these steps.

Thank You

dFi3y.jpg

http://[img]http://i.imgur.com/dFi3y.jpg[/img]http://malwarebytes.org
 
Last edited:

My Computer

System One

  • Manufacturer/Model
    Dell Studio XPS 435T 12gig's ram, 2000 gig's HD
Significant progress was made by following your suggestions. Thanks greatly. However, my Windows Firewall is still turned off and I am unable to turn it on. I am wondering if I have another conflicting firewall installed? What are my options?
 

My Computer

System One

If you opted to keep avast, then it has a firewall built into the program and the windows firewall would not be needed, as two firewalls enabled would cause issues. If this is the case, please let me know.


A great tool that can be used to scan your computer for outdated and vulnerable programs is the free Secunia Online Software Inspector program
When you scan your computer with this program it will display a report showing all programs and Windows updates that should be installed in order to fix security holes and vulnerabilities. It is advised that all users scan their computer with this program in order to prevent your computer from being infected again after you clean it.
How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector






dFi3y.jpg

 

My Computer

System One

  • Manufacturer/Model
    Dell Studio XPS 435T 12gig's ram, 2000 gig's HD
Thanks Wide Glide for your assistance. I'm close, I think, to resolving this problem. I removed avast and am only running MSE. Of course I have mwbm and superantispyware too. I followed your advice and ran the Secunia tool. Everything us updated now yet, I still cannot open windows firewall. This is the last piece and your help is greatly appreciated, in advance.
 

My Computer

System One

Lets try this:

Click the Start button and in the search box type services, then Enter
Click Ok at the UAC prompt.
When services open, scroll down to Windows Firewall
Right click on Windows Firewall and then click Properties
Under Start-up Type, click the arrow to display the drop down box and choose
Automatic
Then click Start and then Apply to get Windows Firewall back running

Now see if Windows Firewall will open


dFi3y.jpg
 

My Computer

System One

  • Manufacturer/Model
    Dell Studio XPS 435T 12gig's ram, 2000 gig's HD
Thanks Wide Glide for your help to this point.

I looked everywhere for Windows Firewall file in the Services dir but could not find it. Note: I also do not have a 'Windows Security Center' file in the Services dir but something else titled: Security Account Manager - SAM.
 

My Computer

System One

Download OTL to your desktop HERE
Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Under the Standard Registry box change it to All.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

Our Expert will assist you from this point on
 

My Computer

System One

  • Manufacturer/Model
    Dell Studio XPS 435T 12gig's ram, 2000 gig's HD
OTL logfile created on: 1/4/2012 6:50:58 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Duke\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 43.68% Memory free
4.21 Gb Paging File | 2.68 Gb Available in Paging File | 63.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.87 Gb Total Space | 75.42 Gb Free Space | 53.54% Space Free | Partition Type: NTFS
Drive D: | 8.18 Gb Total Space | 1.83 Gb Free Space | 22.32% Space Free | Partition Type: NTFS

Computer Name: DUKE-PC | User Name: Duke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Duke\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\bProtector\bProtect.exe (bProtector)
PRC - C:\Program Files\InstallBrainService\InstallBrainService.exe ()
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
PRC - c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\WINDOWS\System32\protector.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\bcb66dbad2b45d05235b37a02f737eb5\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
MOD - C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll ()
MOD - C:\WINDOWS\System32\igfxTMM.dll ()
MOD - C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll ()


========== Win32 Services (SafeList) ==========

SRV - (bProtector) -- C:\ProgramData\bProtector\bProtect.exe (bProtector)
SRV - (InstallBrainService) -- C:\Program Files\InstallBrainService\InstallBrainService.exe ()
SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NisSrv) -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (WcesComm) -- C:\WINDOWS\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\WINDOWS\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (Com4Qlb) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe (Hewlett-Packard Development Company, L.P.)


========== Driver Services (SafeList) ==========

DRV - (MpKslea97f41d) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7B9DA81E-2D2D-46D3-9F6E-4E5D22B1A9F1}\MpKslea97f41d.sys (Microsoft Corporation)
DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (NisDrv) -- C:\WINDOWS\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (MpNWMon) -- C:\WINDOWS\System32\drivers\MpNWMon.sys (Microsoft Corporation)
DRV - (BVRPMPR5) -- C:\WINDOWS\System32\drivers\BVRPMPR5.SYS (Avanquest Software)
DRV - (winusb) -- C:\WINDOWS\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (CnxtHdAudService) -- C:\WINDOWS\System32\drivers\CHDRT32.sys (Conexant Systems Inc.)
DRV - (WSDPrintDevice) -- C:\WINDOWS\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (HdAudAddService) -- C:\WINDOWS\System32\drivers\CHDART.sys (Conexant Systems Inc.)
DRV - (ApfiltrService) -- C:\WINDOWS\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC)
DRV - (NETw4v32) Intel(R) -- C:\WINDOWS\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC)
DRV - (eabfiltr) -- C:\WINDOWS\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (XAudio) -- C:\WINDOWS\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HBtnKey) -- C:\WINDOWS\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
DRV - (pfc) -- C:\WINDOWS\System32\drivers\pfc.sys (Padus, Inc.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.goonsearch.com/?source=IBR-IB-PDP-INS-HP
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Internet Explorer 6 Search Companion is no longer supported.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Home Page Reset - Symantec Corp.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook: {c55f5517-246e-4426-b745-ee25b08eb8b4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.goonsearch.com/?source=IBR-IB-PDP-INS-HP
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {c55f5517-246e-4426-b745-ee25b08eb8b4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://en-us.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-us:official"
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.2.1
FF - prefs.js..extensions.enabledItems: {abde892b-13a8-4d1b-88e6-365a6e755758}:1.1.3
FF - prefs.js..extensions.enabledItems: {ab2ce124-6272-4b12-94a9-7303c7397bd1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 5643
FF - prefs.js..network.proxy.no_proxies_on: "localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=3.0: C:\Program Files\Virtual Earth 3D\ [2010/01/26 10:15:13 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2010/01/26 10:15:13 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.660: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.660: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/08/08 07:02:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\Firefox [2011/07/23 08:27:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/07/25 15:53:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/12/22 10:35:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/01/02 19:39:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/14 07:14:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Duke\AppData\Roaming\Mozilla\Firefox\Profiles/7t7csr2e.default\extensions\[email protected]

[2010/08/02 13:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duke\AppData\Roaming\Mozilla\Extensions
[2010/08/02 13:49:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duke\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2012/01/04 18:47:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Duke\AppData\Roaming\Mozilla\Firefox\Profiles\7t7csr2e.default\extensions
[2010/08/04 13:35:49 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Duke\AppData\Roaming\Mozilla\Firefox\Profiles\7t7csr2e.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/01/04 18:40:32 | 000,000,000 | ---D | M] (File2LinkIB) -- C:\Users\Duke\AppData\Roaming\Mozilla\Firefox\Profiles\7t7csr2e.default\extensions\{c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b}
[2011/12/17 17:02:25 | 000,000,000 | ---D | M] (BitDefender QuickScan) -- C:\Users\Duke\AppData\Roaming\Mozilla\Firefox\Profiles\7t7csr2e.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012/01/04 18:41:05 | 000,002,409 | ---- | M] () -- C:\Users\Duke\AppData\Roaming\Mozilla\Firefox\Profiles\7t7csr2e.default\searchplugins\SearchTheWeb.xml
[2012/01/03 19:36:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/17 10:24:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/01/02 19:39:24 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/01/03 19:36:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
[2012/01/02 19:39:24 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/09/05 12:04:56 | 000,183,696 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2011/07/26 10:39:29 | 000,150,712 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2011/02/24 17:31:17 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
[2011/02/24 17:31:17 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
[2011/02/24 17:31:17 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
[2011/02/24 17:31:17 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
[2011/02/24 17:31:17 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
[2011/02/24 17:31:17 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
[2011/02/24 17:31:17 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
[2011/07/26 10:39:49 | 000,011,776 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2011/07/26 10:39:23 | 000,105,472 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2011/10/05 09:04:08 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2010/10/13 09:06:23 | 000,002,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\answers.xml
[2011/10/05 09:04:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/10/13 09:06:23 | 000,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2011/10/05 09:04:08 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2011/10/05 09:04:08 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2011/11/10 17:15:49 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
[2011/10/05 09:04:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2011/10/05 09:04:08 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.240.7 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U24 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.121\pdf.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\Duke\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: avast! WebRep = C:\Users\Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\Duke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll File not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (SpecialSavings) - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (File2LinkIB) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll ()
O2 - BHO: (TranslatorBar 3.2 Toolbar) - {c55f5517-246e-4426-b745-ee25b08eb8b4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (File2LinkIB) - {c23b756a-bd9f-4ca6-aded-17ab8ccf3e8b} - C:\Program Files\file2linkib\file2linkibX.dll ()
O3 - HKLM\..\Toolbar: (TranslatorBar 3.2 Toolbar) - {c55f5517-246e-4426-b745-ee25b08eb8b4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (TranslatorBar 3.2 Toolbar) - {C55F5517-246E-4426-B745-EE25B08EB8B4} - C:\Program Files\TranslatorBar_3.2\prxtbTra0.dll (Conduit Ltd.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Microsoft Default Manager] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe (Microsoft Corporation)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\WINDOWS\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ehTray.exe] C:\WINDOWS\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O4 - Startup: C:\Users\Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: BindDirectlyToPropertySetStorage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Program Files\SpecialSavings\SpecialSavingsSinged.dll (SpecialSavings)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\System32\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BE5CE5A-12B2-4D83-9BA2-FE8BCC90F0A0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{612412EC-350C-4C44-816D-8FE576276A98}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2C4325B-438E-4222-B5F2-6ABFC94A2E7F}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (protector.dll) -C:\Windows\System32\protector.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Dock.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) -C:\Windows\System32\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digeste.dll) - File not found
O30 - LSA: Authentication Packages - (msv1_0) -C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) -C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/08/18 02:34:41 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008/03/13 16:54:03 | 000,000,000 | ---D | M] - C:\AUTOUPGRADETEMP -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 10:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/04 18:41:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2012/01/04 18:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\bProtector
[2012/01/04 18:40:19 | 000,000,000 | ---D | C] -- C:\Program Files\file2linkib
[2012/01/04 18:40:12 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpecialSavings
[2012/01/04 18:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\SpecialSavings
[2012/01/04 18:40:09 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Roaming\PerformerSoft
[2012/01/04 18:40:05 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2012/01/04 18:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2012/01/04 18:39:59 | 000,000,000 | ---D | C] -- C:\Program Files\PC Performer
[2012/01/04 18:39:48 | 000,000,000 | ---D | C] -- C:\Program Files\InstallBrainService
[2012/01/04 08:17:27 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{3986A595-3458-4FE1-8616-41F13A108828}
[2012/01/04 08:17:17 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{77C85B0B-6E62-4072-9164-1ACF5AC30A92}
[2012/01/03 20:13:02 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{670DE5B7-2336-4F5E-88BB-DDCDC114E8D9}
[2012/01/03 20:12:52 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{8518381C-FA9E-4B14-8290-F84ED985C162}
[2012/01/03 19:35:58 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/01/03 19:35:58 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/01/03 19:35:58 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/01/03 08:12:15 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{C5A0338B-C399-4BA5-BA85-E69877344255}
[2012/01/03 08:12:03 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{F5493C63-BE0C-4409-8DD4-80D550A2A01A}
[2012/01/02 18:10:50 | 000,000,000 | ---D | C] -- C:\Users\Duke\Desktop\J Simon & Company _ Outdoor Furniture_files
[2012/01/02 08:38:36 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{CA565071-0B8A-4F8A-BDBE-72BB595AC936}
[2012/01/02 08:38:25 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{59FECC9E-0BC1-417F-B50C-E56AF89485A4}
[2012/01/01 10:04:00 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{84093D6E-696A-42E8-99CB-FBAAFB8F498C}
[2012/01/01 10:03:09 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{F943D98D-334E-4237-8449-29B3BE6CE8CE}
[2011/12/31 08:47:14 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Roaming\FixCleaner
[2011/12/31 08:47:06 | 000,000,000 | ---D | C] -- C:\Program Files\FixCleaner
[2011/12/31 08:29:48 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{A8B628F3-0BDB-47F1-B40A-65A64FE86310}
[2011/12/31 08:29:37 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{457645FF-BA76-43BB-BD8E-5E7CA86A8213}
[2011/12/30 22:14:34 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011/12/30 21:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/30 21:49:51 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/30 21:49:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/30 20:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/30 08:26:40 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{2A3AD570-60D9-41C7-A7E1-62A2279B5EF9}
[2011/12/30 08:26:30 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{5CFE180E-A4A5-4726-852B-672EF43F3ED4}
[2011/12/29 08:10:22 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{808A9ED5-BA38-4B69-B409-4298DD832D56}
[2011/12/29 08:10:11 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{B23CEEC5-C2B4-4C52-8108-92DF26DB05E5}
[2011/12/28 20:30:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works
[2011/12/28 08:11:39 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{60D3EBC5-277F-4989-B1E8-CE9FB6315AFD}
[2011/12/28 08:11:29 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{BD03E8A4-501D-4C0E-8408-4029A4398EE5}
[2011/12/27 14:36:05 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{52180DC5-0954-4979-B4A4-A844DB95483C}
[2011/12/27 14:35:55 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{71B574B5-7E24-4480-AD9C-34A81EA48878}
[2011/12/27 08:22:53 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{3A2F5FA6-6ACA-4ACF-ACD1-C354F20BEE77}
[2011/12/26 08:56:34 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{08FDD128-C7B2-47F8-B445-C0CB84937FEF}
[2011/12/26 08:56:21 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{AF4EB44F-AD57-4D20-A542-2CCF62DE485A}
[2011/12/25 10:07:26 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{5824AC9F-E675-43D3-B5A7-5405262A277C}
[2011/12/25 10:06:54 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{20FF060C-E248-4CAA-9899-1E5739351BFB}
[2011/12/24 08:26:22 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{0910EDF4-DEDF-4154-B684-8A890538C537}
[2011/12/24 08:26:09 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{B0469578-6726-491B-884A-118853AF58A2}
[2011/12/23 08:24:42 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/12/23 08:24:38 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/12/23 08:24:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/12/23 08:24:37 | 001,798,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011/12/23 08:24:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/12/23 08:24:31 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011/12/23 08:16:22 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{9BA74404-D9EB-4F47-A7C9-9C738DD33CD0}
[2011/12/23 08:16:12 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{32BAD1CE-BAC8-46E8-96A3-A3523069FF53}
[2011/12/22 19:23:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2011/12/22 19:22:14 | 000,221,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2011/12/22 18:45:33 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\Ilivid Player
[2011/12/22 18:43:48 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\PackageAware
[2011/12/22 11:00:35 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Roaming\SUPERAntiSpyware.com
[2011/12/22 11:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011/12/22 10:59:57 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/12/22 10:51:38 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011/12/22 10:51:38 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011/12/22 10:51:17 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/12/22 10:51:05 | 002,043,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/12/22 10:50:37 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2011/12/22 10:50:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2011/12/22 10:45:52 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{BF1C2EE1-B9FE-4B0B-A805-FD61B84BA648}
[2011/12/22 10:43:03 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{57546B86-32C6-43AE-B355-AED6DE597B0F}
[2011/12/22 09:39:06 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{406EB505-3EFC-4F65-BB60-3C342B6F7236}
[2011/12/22 09:38:53 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{85E0B5BC-CFF3-405F-AF27-44C5D5107278}
[2011/12/21 20:22:19 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{51AA5926-8104-4E0E-95DA-0610B4493A0E}
[2011/12/21 20:22:09 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{7CD7C208-9CD6-4BE1-BFE2-4097B1996F7C}
[2011/12/21 08:12:19 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{4738D674-CD15-496A-8563-5A0E246B7C9D}
[2011/12/21 08:12:09 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{EEE619D4-5B03-4F1E-B0EB-5C9477258074}
[2011/12/20 09:03:37 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{AEAE5B80-BBB1-4DEF-B6E3-43D2B707208C}
[2011/12/20 09:03:27 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{E38B962D-DF1F-46F9-A051-E57729B5B1B2}
[2011/12/19 21:02:54 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{7A58B0A0-7F95-4EB8-AEDE-67271E9C7696}
[2011/12/19 21:02:41 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{F721C491-AF97-447C-B76A-518FC8D4F3CA}
[2011/12/19 08:31:08 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{A9944E91-E295-4E4C-BC5D-5B12FB432A45}
[2011/12/19 08:30:23 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{FA07B5F1-2903-4553-A27A-77CE858B38BD}
[2011/12/18 15:23:51 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{DF12699A-0F38-4F15-810C-7BB22AAA56DA}
[2011/12/18 15:22:22 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{50929441-60D1-4C70-A976-0AACC899B464}
[2011/12/18 08:29:38 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{1C776862-8E70-4CCC-85EF-45DA6638ECC8}
[2011/12/17 17:03:09 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Roaming\QuickScan
[2011/12/17 08:53:38 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{F6CE78A4-5238-4C45-B77D-7C8A988AFBAC}
[2011/12/17 08:52:32 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{F2A441B2-B40F-4E33-ACD3-0F2D59AEC605}
[2011/12/16 17:34:14 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{A289AC56-EBA6-464E-92DB-A914A2AAD583}
[2011/12/16 17:34:03 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{0CC48696-8F03-48E2-A39B-8E0E17E83FEC}
[2011/12/16 09:04:35 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{EE1BE425-30F8-47EB-B1D9-8E5D46C5BEA9}
[2011/12/15 08:15:32 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{33309CFB-AE62-431D-8C73-ADB7DBCC37C9}
[2011/12/15 08:11:52 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{D1A57274-AD3B-4129-A56E-6F2EAFA93481}
[2011/12/14 08:17:51 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{A1AA21D3-C29C-443D-B40F-C3E51902F3F7}
[2011/12/14 08:17:38 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{202E7832-B460-405D-B09B-7F0577062A21}
[2011/12/13 08:01:27 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{80E0F8F5-267A-436D-8E92-BA4569B56C48}
[2011/12/13 08:01:14 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{99BAFCCA-AC69-475D-A416-AEACEB3B0337}
[2011/12/12 19:59:43 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{82278A68-B294-4AD2-8BCF-1D2F7D867C81}
[2011/12/12 07:38:23 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{1A275339-BA9C-4D1C-BBF3-E2A63266939A}
[2011/12/11 08:50:15 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{9B7CD494-EC8E-4DC9-82A2-AC4423ABEA2D}
[2011/12/11 08:49:58 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{454FA9C7-F68D-4C01-92BD-FD3926F724F1}
[2011/12/10 07:43:46 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{E45EFFE2-50D7-48D1-A758-EE5DD772A499}
[2011/12/10 07:42:28 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{E6FD703A-5E90-4374-92E5-087483153AED}
[2011/12/09 08:07:05 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{539D1B8A-5992-4963-AFF6-D47AE20DE75F}
[2011/12/09 08:06:54 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{168378EB-AD1F-43CC-9660-FC8D6DB77322}
[2011/12/08 15:20:46 | 000,273,256 | ---- | C] (Hewlett-Packard Co.) -- C:\Windows\System32\HPDiscoPM8e11.dll
[2011/12/08 11:04:51 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{C59A196B-4F5A-4658-9978-1FE3A71AAAC0}
[2011/12/08 11:04:22 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{4384098B-D02F-4A7D-99E4-06EC5F3EEA0A}
[2011/12/07 08:52:43 | 000,713,472 | ---- | C] (RealNetworks, Inc.) -- C:\Users\Duke\Desktop\RealPlayer.exe
[2011/12/07 08:50:40 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{59C0C27C-A8CF-4C38-8009-AD2CEE8942F5}
[2011/12/07 08:50:30 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{36C2538C-05A7-471A-9AFA-D6C24D772A56}
[2011/12/06 13:25:06 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\SanctionedMedia
[2011/12/06 08:43:38 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{BF7CEBD5-80A5-4621-892B-BE50788DD36E}
[2011/12/06 08:43:25 | 000,000,000 | ---D | C] -- C:\Users\Duke\AppData\Local\{7DBF61E4-699E-4DDB-8A74-192835BA423D}
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/04 18:41:22 | 000,002,061 | ---- | M] () -- C:\ProgramData\repository.xml
[2012/01/04 18:41:00 | 000,748,544 | ---- | M] () -- C:\Windows\System32\protector.dll
[2012/01/04 18:40:16 | 000,000,262 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012/01/04 18:40:15 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012/01/04 18:40:05 | 000,000,847 | ---- | M] () -- C:\Users\Public\Desktop\PC Performer.lnk
[2012/01/04 18:19:04 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/01/04 17:52:59 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/04 17:52:59 | 000,003,296 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/04 16:31:00 | 000,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2012/01/04 15:52:45 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/04 15:52:45 | 000,000,470 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2012/01/04 15:52:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/03 19:11:46 | 000,017,464 | ---- | M] (PerformerSoft LLC) -- C:\Windows\System32\roboot.exe
[2012/01/03 10:00:07 | 000,345,400 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/03 09:27:42 | 000,002,243 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012/01/02 20:00:00 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Duke.job
[2012/01/02 19:21:26 | 000,614,930 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/02 19:21:26 | 000,108,860 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/02 18:10:51 | 000,032,731 | ---- | M] () -- C:\Users\Duke\Desktop\J Simon & Company _ Outdoor Furniture.htm
[2011/12/31 08:33:33 | 000,000,552 | ---- | M] () -- C:\Users\Duke\AppData\Local\d3d8caps.dat
[2011/12/30 21:49:52 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/30 21:17:50 | 000,010,438 | -HS- | M] () -- C:\Users\Duke\AppData\Local\xa25l3jo05g
[2011/12/30 21:17:50 | 000,010,438 | -HS- | M] () -- C:\ProgramData\xa25l3jo05g
[2011/12/27 11:13:53 | 000,000,610 | ---- | M] () -- C:\Users\Duke\Desktop\2012 To Do List.lnk
[2011/12/22 09:37:30 | 2137,382,912 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/08 15:30:28 | 000,448,206 | ---- | M] () -- C:\Users\Duke\Documents\Scan0002.pdf
[2011/12/08 13:02:47 | 000,001,952 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
[2011/12/08 13:02:47 | 000,001,910 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2011/12/07 08:52:44 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Duke\Desktop\RealPlayer.exe
[2011/12/06 15:50:13 | 000,000,044 | ---- | M] () -- C:\Users\Duke\Desktop\VA.URL
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/04 18:41:22 | 000,002,061 | ---- | C] () -- C:\ProgramData\repository.xml
[2012/01/04 18:41:00 | 000,748,544 | ---- | C] () -- C:\Windows\System32\protector.dll
[2012/01/04 18:40:16 | 000,000,262 | ---- | C] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012/01/04 18:40:15 | 000,000,270 | ---- | C] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012/01/04 18:40:05 | 000,000,847 | ---- | C] () -- C:\Users\Public\Desktop\PC Performer.lnk
[2012/01/02 18:10:50 | 000,032,731 | ---- | C] () -- C:\Users\Duke\Desktop\J Simon & Company _ Outdoor Furniture.htm
[2011/12/31 08:33:33 | 000,000,552 | ---- | C] () -- C:\Users\Duke\AppData\Local\d3d8caps.dat
[2011/12/30 21:49:52 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2011/12/30 08:35:28 | 000,010,438 | -HS- | C] () -- C:\Users\Duke\AppData\Local\xa25l3jo05g
[2011/12/30 08:35:28 | 000,010,438 | -HS- | C] () -- C:\ProgramData\xa25l3jo05g
[2011/12/28 20:00:33 | 000,002,243 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/12/27 10:39:45 | 000,000,610 | ---- | C] () -- C:\Users\Duke\Desktop\2012 To Do List.lnk
[2011/12/22 19:23:46 | 000,001,808 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2011/12/19 20:49:06 | 2137,382,912 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/08 15:30:27 | 000,448,206 | ---- | C] () -- C:\Users\Duke\Documents\Scan0002.pdf
[2011/12/08 13:02:47 | 000,001,952 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
[2011/12/08 13:02:47 | 000,001,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
[2011/12/08 13:02:46 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk
[2011/12/06 15:50:13 | 000,000,044 | ---- | C] () -- C:\Users\Duke\Desktop\VA.URL
[2011/05/31 19:20:54 | 000,000,268 | RH-- | C] () -- C:\ProgramData\System Image Utility
[2011/05/31 19:20:54 | 000,000,268 | RH-- | C] () -- C:\Users\Duke\AppData\Roaming\Synth Basics
[2011/05/31 19:20:54 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2011/05/31 19:20:54 | 000,000,012 | RH-- | C] () -- C:\ProgramData\URLs
[2011/05/31 19:20:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Synth Textures
[2011/05/31 19:20:53 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Synth Pads
[2011/05/31 19:20:53 | 000,000,268 | RH-- | C] () -- C:\Users\Duke\AppData\Roaming\Sync Services
[2011/05/31 19:20:53 | 000,000,268 | RH-- | C] () -- C:\Users\Duke\AppData\Roaming\Sync Schema
[2011/05/31 19:20:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2011/05/31 19:20:53 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2011/05/31 19:20:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Trumpet Section
[2011/05/31 19:20:53 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Tremolo
[2011/05/16 07:50:53 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/10/06 08:41:53 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/08/02 13:49:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/07/15 12:27:48 | 000,192,543 | ---- | C] () -- C:\Windows\hpoins43.dat.temp
[2010/07/15 12:27:48 | 000,000,675 | ---- | C] () -- C:\Windows\hpomdl43.dat.temp
[2010/06/05 07:26:10 | 000,103,437 | ---- | C] () -- C:\Windows\hpqins13.dat.temp
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/08/03 06:19:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/03 06:19:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/25 07:32:08 | 000,000,321 | ---- | C] () -- C:\Windows\System32\XMLConfig_SYSID.ini
[2009/04/05 08:28:40 | 000,060,565 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009/04/05 08:28:40 | 000,021,021 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009/04/05 08:28:40 | 000,015,670 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009/04/05 08:28:40 | 000,013,280 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009/04/05 08:28:40 | 000,010,673 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009/04/05 08:28:40 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009/04/05 08:28:40 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009/04/05 08:28:40 | 000,001,140 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009/04/05 08:28:40 | 000,001,137 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009/04/05 08:28:40 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009/04/05 08:28:40 | 000,001,130 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009/04/05 08:28:40 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009/04/05 08:28:40 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009/04/05 08:28:39 | 000,029,114 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009/04/05 08:22:11 | 000,000,044 | ---- | C] () -- C:\Windows\EPCX4800.ini
[2009/04/02 13:27:05 | 000,006,144 | ---- | C] () -- C:\Users\Duke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/11 21:26:59 | 000,005,648 | ---- | C] () -- C:\Users\Duke\AppData\Local\d3d9caps.dat
[2009/01/10 20:12:58 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/10/18 10:10:44 | 000,180,224 | ---- | C] () -- C:\Windows\System32\DVRConfig.dll
[2007/12/31 09:07:55 | 000,000,092 | ---- | C] () -- C:\Users\Duke\AppData\Local\fusioncache.dat
[2007/08/18 02:25:50 | 000,019,519 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/03/30 07:27:34 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1244.dll
[2007/03/30 06:55:46 | 000,910,304 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll
[2007/03/30 06:04:48 | 000,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2007/02/27 15:43:02 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/14 01:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/14 01:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,345,400 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,614,930 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,108,860 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/05/07 07:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

========== LOP Check ==========

[2011/02/06 08:58:20 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\21511
[2008/03/13 16:25:16 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\AltiGen
[2009/12/03 08:37:52 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\Canon
[2011/10/11 07:13:31 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\Dropbox
[2011/12/31 08:55:30 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\FixCleaner
[2009/04/06 19:52:09 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\Free Spider TreeCardGames
[2009/04/05 08:39:26 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\Leadertech
[2011/06/20 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\Nikon
[2012/01/04 18:40:09 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\PerformerSoft
[2011/12/17 17:03:24 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\QuickScan
[2010/08/30 13:08:35 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\SmartDraw
[2009/04/06 19:45:30 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\SolSuite
[2009/04/02 08:53:11 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\TeamViewer
[2011/02/23 10:02:42 | 000,000,000 | ---D | M] -- C:\Users\Duke\AppData\Roaming\Windows Live Writer
[2012/01/04 16:31:00 | 000,000,472 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2012/01/04 18:40:16 | 000,000,262 | ---- | M] () -- C:\Windows\Tasks\PC Performer_DEFAULT.job
[2012/01/04 18:40:15 | 000,000,270 | ---- | M] () -- C:\Windows\Tasks\PC Performer_UPDATES.job
[2012/01/04 14:40:08 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/04 15:52:45 | 000,000,470 | ---- | M] () -- C:\Windows\Tasks\SDMsgUpdate (TE).job

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/01/03 12:02:04 | 000,000,212 | ---- | C] ()(C:\Users\Duke\Documents\How to build a small wooden gift box - Part 1 of 2? - YouTube.URL) -- C:\Users\Duke\Documents\How to build a small wooden gift box - Part 1 of 2‏ - YouTube.URL
[2011/08/10 18:05:14 | 000,000,212 | ---- | M] ()(C:\Users\Duke\Documents\How to build a small wooden gift box - Part 1 of 2? - YouTube.URL) -- C:\Users\Duke\Documents\How to build a small wooden gift box - Part 1 of 2‏ - YouTube.URL

========== Alternate Data Streams ==========

@Alternate Data Stream - 929 bytes -> C:\Users\Duke\Documents\NETGEAR Product Registration Confirmation.eml:OECustomProperty

< End of report >
 

My Computer

System One

OTL Extras logfile created on: 1/4/2012 6:50:58 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Duke\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.87 Gb Available Physical Memory | 43.68% Memory free
4.21 Gb Paging File | 2.68 Gb Available in Paging File | 63.54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 140.87 Gb Total Space | 75.42 Gb Free Space | 53.54% Space Free | Partition Type: NTFS
Drive D: | 8.18 Gb Total Space | 1.83 Gb Free Space | 22.32% Space Free | Partition Type: NTFS

Computer Name: DUKE-PC | User Name: Duke | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04B84DA9-2E51-433D-AB6C-8EE65FFC2E90}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0D4D15AD-4137-4FD8-A7D9-B1FF6930053F}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1F8DE7BF-77AB-4F21-B954-D353F9DCA17D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2B288E2D-7638-4467-ACB2-383D802273EE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3750A425-1197-4E53-8932-ECD3366225A5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{45EBBB99-5B36-41C3-B8A2-20697D50B898}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{47F9EDAA-83C6-45DC-8136-18FB331B0193}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5793A88F-CE68-4501-A136-CC0142322CB6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{586978E3-A9DC-4B44-B67A-3CD460BB4E7D}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6399DC35-38A5-4320-B868-024D5660C971}" = lport=2869 | protocol=6 | dir=in | app=system |
"{664668DE-F1C2-4FD7-9BE1-39F2FD38DECC}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{803DF071-CFD8-41BB-B4DB-C11F5B32C3F5}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{885B9327-0303-4695-9005-3D6F2D61E78E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{8C5EE00D-202B-4FB5-9142-7FB6CDB3BFB9}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{946CE496-F2C4-4997-815D-DE6AB7D2346A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A0BBC2BF-6831-4D6A-BA04-9360C2E8743C}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{ADB0B634-88FF-4C2C-AFCB-77474F2A9E80}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{B68319F4-1571-46D4-ABFC-DF298FFD4515}" = rport=2869 | protocol=6 | dir=out | app=system |
"{D23EA54F-AE70-41F8-BBAD-7A2D0B4164FB}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D576CFFE-9650-40D1-8142-E3F0C7E8EB11}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DF1EBBD4-61DE-478F-92C5-A66D4C2FA239}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E4E69951-E5D6-438B-97EF-C3B719B1DDDB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F8EA145A-A4B3-4A9E-A45A-38EB0910C759}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01AAE7B6-C947-4F31-B13D-715F84781BE1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{06C5A483-1514-4850-B0FF-FB3407E240E8}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{0897BAE8-8425-4538-9544-83ADDC4EBBE4}" = protocol=6 | dir=in | app=c:\program files\altigen\jlib15\jre\bin\javaw.exe |
"{0A8CD892-B08E-4E84-9BE5-5901C6D99027}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0BBC6667-473B-42E8-8B84-2231EC8EF93D}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{0E793F09-61FA-4361-90E1-C588A7840A76}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0ECBACB3-3978-4C89-98C5-DE41E5516A8A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0F843FAE-395C-4FAD-AC5B-4051BC6C4948}" = protocol=17 | dir=in | app=c:\program files\altigen\jlib15\jre\bin\java.exe |
"{1248567E-456C-4C6A-8AE2-6D8D536D3478}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1886ED1C-1634-4EC0-B751-06F4208B4408}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{18A261B4-B250-4174-86C4-B8540DDA3D7F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{18A4EBF3-71ED-4049-872A-FB9DC153971A}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{19466A34-16AA-46F2-BD18-10CCDCFB42F9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A683397-1909-47B9-B635-638AF4002EE4}" = protocol=17 | dir=in | app=c:\users\duke\appdata\roaming\dropbox\bin\dropbox.exe |
"{21F0143E-C62B-4C60-9751-32B3B3CCCF23}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{22C11CCA-FE73-486B-9019-BA18CD3A2D04}" = protocol=58 | dir=in | [email protected],-148 |
"{25A2618B-FAC9-4910-AB7B-04DF7B6EAF69}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{281F7D3F-E907-4F25-838A-688E5E39B742}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2886A29B-0036-40F8-9C21-1E79F5FBA225}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{29FF341D-7186-4D7E-8F4F-EC6E530AC482}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DAA8385-D7B2-4D4C-9DA7-312B4E911020}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2DE1D92A-2216-4368-955F-D738DDA72D63}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{3025D6D2-C5CE-40B9-9F12-A98F8A0D3537}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{325CB7B7-9C05-47C2-B3CF-E54FA328A62C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3391AA34-8A2C-4357-B017-26268C8E5E23}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{35DE9019-2E5F-4180-BC92-DAE1B265FAA1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{396A7FEA-795A-4402-B077-61C836EDA4F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{39843538-6961-4723-896C-91AA5F8680B2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{3DB5E001-EFC4-4A2F-ADE1-90C0C5B51D71}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{3EE69F46-740E-4D30-9A59-402B8B84B9FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{438B8D50-D384-4D2A-B721-8482C66E690D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{4445A046-CBAE-4114-8EFC-082208676839}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{44B4D962-78FC-4B06-A396-F1F11E5DE133}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4512DDDB-F383-4F96-A217-F92CCAC52E20}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{465025B7-C8B3-4CD2-B668-7034260CD663}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{473E5052-C21C-4CD7-94F5-8BA2CB63A1D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47E9D0ED-E7E3-40CE-8D7D-3DF3ECEBF7EA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{4CC63F5C-ED81-458B-8D1F-723474975264}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{4DAB8C42-7397-4B05-80A6-6CA12409F888}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{56C06108-1960-43C0-91A2-2438B3EDABA5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{59E703A0-60A3-47DD-9CB7-E03C13ECBA68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5A24D4BE-68E5-4DDB-A0A4-AFC53B62C5AE}" = dir=in | app=c:\program files\avg\avg8\avgnsx.exe |
"{5A5C38AD-0A34-4A31-9121-7C12AA7A06F3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B3CEE1C-02D2-47CB-8AE9-FD4084C67574}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{5BD2E458-FE3B-4749-9394-0DA656EDA590}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{5DA62744-6CB8-4C02-A753-67BC9052E481}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{5E44024E-47B7-482D-B44E-20D5A714C5CA}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{5F85D8E0-FC69-4546-9152-C29BE5A51AC2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{612FB9AE-A656-4523-9D9C-A21267B6A8CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{615D4A75-C361-48FD-AC6A-6F4128A6B3EC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6A4A29BA-1769-49F6-B45E-388DF673CE9F}" = protocol=17 | dir=in | app=c:\users\duke\appdata\local\temp\7zseea2.tmp\symnrt.exe |
"{6C2D9B48-08E6-492A-8EA0-4B979C0F60A3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71765088-0ACE-4010-BBD3-EA64C33DFA7E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7493FCB6-0C2E-46BF-8ECB-C07859D0629C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74B90E36-FDA7-40B3-AE9D-692803B162C4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{77005C06-5CF0-4703-B35A-8F3FFC557EDA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{7805C05A-EAF2-4190-9982-EB62143763E7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{809F62D7-ECE2-43AD-94BD-729F8BD30F3D}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{810FCC1C-8005-4941-A387-B4ED199960C0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{81DDF712-8891-4172-976A-B0465D1FFDDF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85E751BB-B3BC-4119-8A13-1DEABD2A438D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{87173604-15D9-46FA-9B91-D58AB40BE734}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{89147E3C-FFD9-4982-A2C9-857F9A56B885}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8D42A524-A8CD-46DD-8D1F-16E1C15BD94E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9265EA8C-8998-45AA-B273-84B2A42322EE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{926B716F-776B-4CCB-9E1D-4BB86348662C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9351A4B4-6DE7-4DB9-A891-560972B9FF2F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98180004-F0F2-4A46-8214-8ED27146130B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9840D521-7935-4F05-84EC-7308F20D0452}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{9BC0024B-CDF2-44FA-A523-7511A823B316}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D499C26-5A82-4393-AC39-41F5D0C7849D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A3D34B11-A162-4D3B-80F3-56493BE21DD2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A4A5009C-C40F-4700-91C4-457799117F80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A54ACE11-1315-4380-AB53-2518A075AFEA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A6398A59-5597-4E3C-834F-62714B39FBC3}" = dir=in | app=e:\setup\hpznui01.exe |
"{A940B72D-925F-4E83-971F-07791FE54E92}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA10BFDD-FB44-4241-80EC-4C8196616A34}" = protocol=17 | dir=in | app=c:\program files\altigen\jlib15\jre\bin\javaw.exe |
"{AA6569AD-9D77-411D-835E-666B888C8C53}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AB69408A-AB93-4068-9307-158054709847}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEEEBAC8-58C0-4F5D-A910-2FC7AFBD984A}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{AF13D8BC-337C-4933-8CF9-85ECB60B7665}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AFADE702-D745-4CD3-A8B5-1BD2102FB455}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3AA091B-2300-4E9F-B5E8-FFF8451CE72B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B3BBECE4-DED4-4CA3-9979-C9AF40847C14}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5F1A80C-59E4-4CFD-82CD-3CB584B35B01}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6B0EEE8-EA1F-49A2-B3CA-AAF44769532B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B76D3BD7-12D6-4D1A-B6F2-8EEB3D15E5AF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{B8DC001C-4F5B-4811-B215-59323609EE60}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B9A834FA-DB8B-4409-AEF7-D4C1F482007A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BA56A58B-922B-4257-9421-DD8407914081}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{BCB41285-6E04-4ECB-82FA-73B61B927A3B}" = protocol=6 | dir=in | app=c:\users\duke\appdata\roaming\dropbox\bin\dropbox.exe |
"{BCFDF898-1045-4DD1-98E1-3C13C9E38E04}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{BF17638A-26FE-4939-9970-E00EF1AE12B8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4F1F7AC-77B4-48EF-BC0A-2A3755B5D703}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C67FCBE1-9386-4D27-9A40-8AF4C95517FF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C6AF7AAD-8F07-48B1-9365-C3B1CFAAA8D9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{CB2688C0-A4F0-4E4A-A87A-594EB025B8A8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC58DE09-3ED2-4B64-BE40-3F45CE837BF3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC6F9846-66CA-49AD-B16A-61E705E43911}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CD362501-2779-4ED7-AF1C-FE805B24E3B9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{CD8F2F48-F1B0-4EDA-9268-2214EC95CB82}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D38361BD-5815-42CC-B734-2FE427ED0B8F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3A30DBF-08B5-4A5A-AE20-11D6A93951CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D4AA74CF-8867-4DCC-97C9-14DA2A783DF6}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{D5776075-53E3-4400-9776-0FB2C3B4E49C}" = protocol=6 | dir=in | app=c:\users\duke\appdata\local\temp\7zseea2.tmp\symnrt.exe |
"{D58CE3B4-BD17-4AA7-8277-E38A379F877D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DE0F573A-D134-4361-A870-C7275EEA821A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0B56563-04AE-45C1-8B1F-791EC57DC02E}" = protocol=6 | dir=in | app=c:\program files\altigen\jlib15\jre\bin\java.exe |
"{E357FC29-F868-46D6-BDC6-98929D2B1D66}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{E65792AD-45A4-4F96-AA70-C170D3B2FEA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7206C3F-B4EB-4205-B36A-E02D711F9978}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E83803BB-B202-43A1-8D91-D2B3EED8CBE9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{E94A4A89-3394-4024-B471-19E6ABC0BF68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{ECB79779-9DE1-4EEB-BAD7-84338DAB87FE}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F170E0B9-C3A5-43A7-8284-7601CD4F2026}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{F8F075FB-5375-444C-8704-B1EF16486ACF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F99F2664-3B1B-4A8C-9F31-5A7F297D8FFD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9B766AA-F8FE-449F-A9E4-41D73564F41D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FA9DA741-C9F7-4D51-9308-C18ACA04232F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FE17B790-7016-4D0F-AC4F-0C1F1B1A9B91}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{2D9AC1F6-DDF2-410E-948A-4010EF63D9FA}C:\program files\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe |
"TCP Query User{7E232FE2-D7FA-48C3-982B-0405BD47CA0E}C:\users\duke\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\duke\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{B96D0F4E-E8AD-4DD5-86DF-08A6436187B3}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"TCP Query User{DE6B9EF2-C3B7-4441-B041-9431C4CC326C}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{5A761637-6219-436F-B64E-55A23263B4FC}C:\users\duke\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\duke\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{9D134328-9688-4316-9965-F7AF66DFA7AB}C:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"UDP Query User{E6CD9FD7-780D-4F59-91CF-315D67C82C89}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
"UDP Query User{FD41D3FD-C201-42F7-A3EC-77F90ADA7DB5}C:\program files\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\scantopcactivationapp.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CFD3BAF-9F4D-4D70-BD0B-638EA2504C25}" = PSSWCORE
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{1517A7CB-5F00-4A88-8F06-E89B6DB63784}" = ESU for Microsoft Vista
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = bProtector for Windows
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1E04F83B-2AB9-4301-9EF7-E86307F79C72}" = Google Earth
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 30
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33C65B6A-5D73-4E3E-A1F9-127C27BD3F72}" = Roxio MyDVD Basic v9
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.20 B1
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40385AA8-F33A-4E8E-BCAB-DF94A6AF7D51}" = HP User Guides 0060
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4F7177E9-2B54-48B4-AAFD-03FA1F87A542}" = Bing Bar Platform
"{54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}" = Microsoft Security Client
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5ECB4CCF-448D-4B52-B933-45961F4291A4}" = HP Photosmart Plus B210 series Product Improvement Study
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Help
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9061CEF2-51F5-42C9-8A70-9ED351C6597A}" = HP Help and Support
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{922E8525-AC7E-4294-ACAA-43712D4423C0}" = Adobe Flash Player 10 ActiveX
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-7AD7-1033-7B44-A80000000002}" = Adobe Reader 8
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE962181-E347-464E-AE70-276DD63A8293}" = HP Photosmart Plus B210 series Basic Device Software
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}" = Nikon File Uploader 2
"{D433ABC3-0CD8-4BB0-B6A9-84501B4B47B7}" = ArcSoft PhotoImpression 5
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DDD62492-32A7-412B-8AF1-2CF032AD42E3}" = ViewNX 2
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista
"{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}" = HP Active Support Library 32 bit components
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7" = HDAUDIO Soft Data Fax Modem with SmartCP
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"EPSON Printer and Utilities" = EPSON Printer Software
"file2linkib" = File2LinkIB
"Free Spider" = Free Spider
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"InstallBrain Updater Service" = InstallBrain Updater Service
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"PC Performer_is1" = PC Performer
"RealPlayer 12.0" = RealPlayer
"SmartDraw VP" = SmartDraw VP
"SolSuite_is1" = SolSuite 2009 v9.3
"SpecialSavings" = SpecialSavings
"TranslatorBar_3.2 Toolbar" = TranslatorBar 3.2 Toolbar
"WildTangent hplaptop Master Uninstall" = My HP Games
"WinLiveSuite" = Windows Live Essentials
"WinZip" = WinZip
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"YTdetect" = Yahoo! Detect

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/4/2012 1:51:18 PM | Computer Name = Duke-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 1/4/2012 4:52:34 PM | Computer Name = Duke-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =

Error - 1/4/2012 7:40:14 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/4/2012 7:40:14 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/4/2012 7:40:17 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/4/2012 7:40:17 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/4/2012 7:40:18 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/4/2012 7:40:18 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/4/2012 7:40:25 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 1/4/2012 7:40:25 PM | Computer Name = Duke-PC | Source = Windows Search Service | ID = 3013
Description =

[ System Events ]
Error - 1/4/2012 9:22:07 AM | Computer Name = Duke-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description =

Error - 1/4/2012 1:51:27 PM | Computer Name = Duke-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 1/4/2012 2:05:02 PM | Computer Name = Duke-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%858

Error - 1/4/2012 4:52:38 PM | Computer Name = Duke-PC | Source = Microsoft Antimalware | ID = 3002
Description = %%860 Real-Time Protection feature has encountered an error and failed.

Feature:
%%835 Error Code: 0x80004005 Error description: Unspecified error Reason: %%842

Error - 1/4/2012 4:52:41 PM | Computer Name = Duke-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 1/4/2012 4:52:41 PM | Computer Name = Duke-PC | Source = Service Control Manager | ID = 7023
Description =

Error - 1/4/2012 4:52:41 PM | Computer Name = Duke-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/4/2012 4:52:41 PM | Computer Name = Duke-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/4/2012 4:52:41 PM | Computer Name = Duke-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 1/4/2012 4:52:41 PM | Computer Name = Duke-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >
 

My Computer

System One

My Computer

System One

  • Manufacturer/Model
    Bruce ... somewhere in his 40's
    CPU
    Intel(R) Core(TM)2 Quad CPU
    Motherboard
    INTEL/D975XBX2
    Memory
    4 GB
    Graphics card(s)
    ATI Radeon HD 2600 Pro
    Monitor(s) Displays
    Samsung SyncMaster 914v
    Screen Resolution
    1280 x 1024
    Hard Drives
    2/500GB each ... ST3500630AS ATA Device. One is not connected
    PSU
    Rocketfish 700 W
    Case
    G.Skill Gigabyte Chassis
    Mouse
    Microsoft PS/2 Mouse
    Keyboard
    Standard PS/2 Keyboard
    Internet Speed
    DSL
    Other Info
    ATI HDMI Audio
You must log in or register to reply here.
Back
Top