i cant get on more then 10 minutes it seems before my comp crashes. the zip folder is all the info i could gather. i cant run any antivirus or anything to try and fix my computer. whatever got into my computer is messing it up bad. so any help would be appreciated. my vista task bar and home page bars are messing up again, and i have the google re direct thing going back on. please help! i need my computer for school, and can not do my work without it. thx

no, no, and yes..

the thing is, i have all my school files and music, and personal pics on here..i have saved the pics to a thumb drive just in case. however the papers and music are way to big to store on that. my computer is rather old (4 years now) and i do not have the disks anymore, due to getting lost in the shuffle having moved across the country 3 times in those years. i really just want to be able to run a scan and get rid of whats happening, that way i can continue to run scans every couple of days or so

ran otl in safe mode, here is the results. thx

OTL Extras logfile created on: 9/30/2011 10:37:29 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 80.56% Memory free
4.21 Gb Paging File | 3.97 Gb Available in Paging File | 94.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.38 Gb Total Space | 90.16 Gb Free Space | 31.26% Space Free | Partition Type: NTFS
Drive D: | 9.71 Gb Total Space | 1.61 Gb Free Space | 16.53% Space Free | Partition Type: NTFS
Drive E: | 2.62 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = comfile] -- Reg Error: Key error. File not found
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-336559941-1480386105-577895080-500]
"EnableNotificationsRef" = 2

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\PROGRA~1\TESTOUT\cmi\Navigator.exe" = C:\PROGRA~1\TESTOUT\cmi\Navigator.exe:*isabled:TestOut Navigator -- (TestOut Corporation)
"C:\Program Files\TESTOUT\cmi\Navigator.exe" = C:\Program Files\TESTOUT\cmi\Navigator.exe:*isabled:TestOut Navigator -- (TestOut Corporation)
"C:\Program Files\TestOut\Orbis\Legacy\LegacyXEng.exe" = C:\Program Files\TestOut\Orbis\Legacy\LegacyXEng.exe:*isabled:TestOut Navigator -- (TestOut Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\PROGRA~1\TESTOUT\cmi\Navigator.exe" = C:\PROGRA~1\TESTOUT\cmi\Navigator.exe:*isabled:TestOut Navigator -- (TestOut Corporation)
"C:\Program Files\TESTOUT\CMI\NAVIGATOR.EXE" = C:\Program Files\TESTOUT\CMI\NAVIGATOR.EXE:*isabled:TestOut Navigator -- (TestOut Corporation)
"C:\Program Files\TestOut\Orbis\Legacy\LegacyXEng.exe" = C:\Program Files\TestOut\Orbis\Legacy\LegacyXEng.exe:*isabled:TestOut Navigator -- (TestOut Corporation)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{095CDCAE-A633-4756-9D0E-4D7EF2234D53}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{30E1A745-1704-4F1E-BD20-B1C4B1A0BC72}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3CB729AF-898E-4993-B4E3-3EAB25C781F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{61DF4212-EE58-4EF4-8306-DEA4605B593E}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{979C580A-ED98-41D6-8DEA-6EBC1A27238D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A23DEEC1-2B37-4AA4-B7E5-FC09AA6CB59A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{BD502291-660D-4BAE-9CAD-76DD53ECD753}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{CBAF4DC9-3304-4FDA-A8F0-3A4734F5B1F9}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0088F84E-64FF-4C28-A0F4-BCF02243B27E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{02CE65FE-FE1B-4481-8D7A-362AE8D584AB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{04275A24-1521-496E-B2AE-0E86D7C519F9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{044B7AA3-4B66-44B8-B514-F36F8D6BEBB8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{04683589-5957-4828-AE44-41DAF4FA23F2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{04E2ACB1-D73C-4C91-804A-25BF1E217B37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{06BAAC91-3B51-49E4-9A69-15EBB4229DE3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0733091E-C133-428A-B876-C4780F5C5D09}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{076AC4A7-C24F-4F1D-A12E-9134CEB83E2A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0A31A317-7FA1-41FE-B3F9-410E124250B7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0B60EB39-913C-430A-B1D3-4777E86B0F11}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{0D130162-EF95-45BF-A995-0F488BC779CC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{108009F4-C087-4E92-BC3D-50CCB30C315E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{109652B6-15BB-4281-9CF5-5D3FA81837EE}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{135BC3E5-3E78-4E6A-A91C-A1297215B86B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{16F90E75-03DF-4D26-8D33-5D05CE19E79D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{19CDCDD9-4A14-4401-B2D5-EFE14597A6A0}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{1A242542-FF61-4989-8EB2-002D651274D7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1A6A0345-DF49-4289-AC5F-8C7063D0E85E}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{1C2B9008-EFC6-4400-9A4A-F19D0F9D79F7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1C54A434-B19D-4F05-854B-8B172755ADAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1E12E57D-43EE-458D-A9E5-735F14C28A51}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1E8EC3D3-B228-454B-BD68-DC3CCC4EEC83}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{1F0FDC83-CBFE-4349-AE1F-679CFE3B1CAE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{20A35F7D-D104-454E-900E-2AFE06D28BC8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{24ED7D33-9B68-46AC-9BD2-39958850284C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{27D1C50E-6FDE-4979-900F-4AD0F88C540B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{2AD08DF4-4343-4F9D-BAE8-15D04FA917BE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2B2153CF-331F-4158-B2D1-5A3DB904A961}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2C330557-9B1C-44A6-99A2-871AF2761656}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2CC9C7FF-FC46-4060-B661-51DE384D1943}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2D244B1F-26C4-4739-A955-7C26B06EFAC0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2E49D249-DB2A-43C5-844C-67E53F21D36C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2F6D2A52-F882-4BD5-8CFE-D0D3AC96437E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{2FA0610D-1FAC-436A-8693-EFACE1F360B3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{327979DE-D0FC-45B8-A80F-F33A400FDF62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{338A63BD-1E7A-4076-BB69-91CDD6B50E01}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33C70799-435D-483D-9C71-942712635963}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33EF69A2-7B24-4AA6-A2D5-8FB0433D68D5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{33F7EF89-3865-4058-98BE-F6EBAEBCBDBE}" = protocol=17 | dir=in | app=c:\program files\ringfactory\ringfactory.exe |
"{363540E8-64BB-4614-8BEB-1C54CA5B268F}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{37D309CE-0C85-4104-B9A1-444310B9E9A1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{382E0F8A-5414-47BF-8E26-5A57CBB17B5D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3A6D2985-43D3-40C1-92BB-4D35897BFD68}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3C37B695-C38D-4718-9A1E-6EDB2AAA4FCE}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3D722A64-E268-4FD1-87A2-0DE7379CEC80}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3DEFAC44-A711-4CF1-A78C-2F0602A7ADE1}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{3E1D6F26-DC8F-4AF1-B0E3-02F94D9D2D63}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3ECA9EDF-CCE6-4D79-ABEB-B36F4DC8865A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3F78D065-54F6-42C0-9393-9E0752E924ED}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{42717840-A1D3-4931-A4E8-B6BFF30D1867}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{42BF7CB7-2CC6-4D2F-978C-952EED06C7FE}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{42FE8306-2779-4359-9F6F-429675576F2C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4470629C-F493-4824-8DB2-4C2F98D294BF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{45155AB3-410E-47AB-B974-DEF342958A55}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{459ED0F7-985C-48D6-BDD2-9C5D3BFD8A74}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47057B84-B5E6-4208-AC09-1069C66C76C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47800E68-F43F-446B-97C7-0E7C16A99DA7}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{47C9CD19-1921-41C4-90E1-88E2B47FF4FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4804A471-DFD4-43A8-BC37-9B8C0A9A14B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{482065C0-BA33-42FB-93AA-DDBEA0B7BCFB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{488C977C-BF0A-4610-BBB8-7EEF7DD01C56}" = protocol=6 | dir=out | app=system |
"{4A9F5B64-719D-4128-9DED-8AAB4AF31A3C}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
"{4B09093D-554E-432E-8948-93A8682C1C38}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4BBAD2B1-9225-4650-9C20-81B0FF35DBB3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4C27C205-AA67-449A-9DC2-6015BAE75844}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{4F3EBD2F-5AB4-4692-80EA-786DC38CF843}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{514364DD-B025-4F5E-B66C-3F246087F2C8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{552A3734-A08E-43AA-B851-38EC20CF6FCF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5531E143-48EE-46A0-BAB2-1ED1206B8DB7}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{5736EE9C-DB91-411B-9B0F-D4A4373A2593}" = protocol=17 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{57520601-D2A6-41B4-A63D-9E9045A98337}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57681DDF-14AA-4A3A-9CBB-8DB2E4A7536C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{57EE76CD-08C8-4DA0-BC25-FCA231B23EB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{58AD396E-53D7-4ED9-BB8D-16F2510FA5D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5B9BC5A0-6DB7-47C3-9AD9-B3FAF359C944}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5BD2884D-9037-4B35-9847-271BE043962F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C2424C6-0FBD-4E56-866A-01E2D1628522}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5DC1213D-7CF6-4502-8191-10F6B156AF8B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5F1589C4-F2B2-4F79-97C7-432BC9651211}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61245D14-DA2B-4B0E-A813-81AD1C819717}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{61EE9FC9-5BCF-4182-90CE-833FB2A483E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{625C7265-58D8-49EC-BC1F-13F7851EBD02}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{634CA296-DCEB-4860-8BB9-3DD8A007C19E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63932DDB-B3A2-438A-870E-96F1F9D0D06B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{63EF8485-8EAD-4DE6-821F-CBA18E28E522}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{6584E29D-1132-49C2-A454-8C4F028764D9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6638BDBF-87ED-469E-8236-5F079CF30D52}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{666BD00E-265F-4BF2-BF5F-42E130687EBA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6875ED0B-843F-45B3-A771-35AF18488F09}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{6A27E7FE-927D-43DC-86C0-CD93B84B99EB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6C796B52-A25D-439D-BC45-25CA73217B5C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{6F0F4118-2232-458B-AFED-1FE78BF43CD9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{71AED2AD-3FB2-4CD7-95E4-4715D750CC38}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{725C93B0-BD06-4D42-933A-9021A845F2FD}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{742A8D4A-F1F9-4B18-851C-372903B387B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{74965D49-EDA8-40AC-8EB8-AF3A97CD2866}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{786E371F-40E4-4145-AA92-5DAE720AA2EA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{78CABE45-5FD3-4A6C-A5F8-B43724FA0DF1}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{78CDEAAA-CB85-4A0C-BD0A-A945A6712AE1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{797BC1FF-D36E-4107-AD1A-7A40C7C972BD}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{798B5709-62C0-4D1F-83B2-E9C1E348D87B}" = protocol=6 | dir=in | app=c:\program files\bearshare applications\bearshare\bearshare.exe |
"{7C9D16C7-5A09-42AA-B438-DBEF01283A4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7E994D1B-90FC-48CD-A42F-8DE440E89AF9}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{7EA4B2E2-2A4E-40D9-B82F-544C66072031}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F04EDCD-BE02-4616-90B1-9A86B31DAF9B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F2C1B37-1663-4543-B7C6-462C8D78709A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7F3A3C9F-94EF-469E-AD73-27430AC36388}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7FD2390F-FFDA-42CE-81B1-CDC260586803}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{7FF1016A-0965-4FAA-8073-AEE3354A9F96}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80692BD3-C2CC-4372-9DD2-C227E52CFA8B}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{82F43315-0004-465F-9CA6-FED1AB2800DB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{844142F0-F983-4D5B-B718-5B87E9013412}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{85532AC3-BB12-4098-ABDE-E31642B35BAA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A12740A-5D27-4845-8AA1-CEBDFB7A78BC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A1B00CD-CD00-44BF-BBA3-507083DA4400}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8A1E6B7A-81AF-4AC4-84EE-BF6328FAE8B6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8BE59832-E3E5-4D7A-B612-954FA7E6DE42}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8C5FD27C-6268-441E-B0A5-30D10584BB84}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8CEF135D-3E76-4FCC-81FB-EC95FB944B92}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8DB2EA9B-6F31-4AFA-8245-8F871FA3EA72}" = protocol=6 | dir=in | app=c:\program files\ringfactory\ringfactory.exe |
"{8E3AA05A-3DE9-4DAB-BEE7-B6DD67E26F26}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9085E8A7-4FEC-4374-8C7B-4DC5B762D12F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{90D8CE7E-2A8C-475C-8257-88F6C056D938}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{921FD859-8F7B-4B0C-A217-44A2C605FAD9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{93126B36-C4A3-4653-85D8-D19B00135809}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{939EA104-3BA8-486E-8871-3B26D59424CE}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.exe |
"{9413F77F-81AF-4475-BB92-5EFB71BCC5B9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{943E6AE4-E232-4797-9DAE-574DAB780A35}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{95D6E80E-D451-4CE0-94C8-08B332E9A60E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96BADFD4-3D14-45B9-83FF-2038A2C16347}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{96DFDDC3-A803-4D54-B2F1-ED07922C4D34}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9798FBAA-3AEF-4853-92B0-543461FAB897}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{9877AEF1-2A9C-457E-913F-E0397796349E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98AC0183-BCC2-4FFE-B9C8-60138EDB6FA9}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{996D9B6C-F4F1-497F-AF04-9EDBDB0A2672}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9C8BB043-6AE5-4728-B5A6-8AD59D926BB5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9CBC428E-A430-49FD-B1AD-43EC321EF7AC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9D3B9F2E-4BEF-4C57-85B6-348F0F914CC0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9DD9C75F-DC8A-4ECD-8A15-85AA1EF89C38}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A104D518-B4D9-4768-921F-E0FE2AD23CBC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A296E2DE-2366-443E-B791-3DA51DD27B85}" = protocol=6 | dir=in | app=c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe |
"{A40BF3D7-E82C-44B5-82D1-10D510F0D13D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A87EBEA6-EA33-4BB1-BF48-3EA807C71128}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AA315D9C-A48B-4464-8C08-7E1D7676208D}" = protocol=17 | dir=in | app=c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe |
"{AACB9192-AEE6-4F05-8193-E59B7D4D342C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE28E57F-C525-4B61-92DE-8B5FE3DE2E77}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AE8A46BF-FB66-4BB0-99AB-14754DB47235}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AF5EBFCE-0CD0-45A9-8A01-6495BCBB79CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B28DC5BD-2417-4E17-A555-2CFF1E70AEB6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B2CF1177-454D-45AF-B927-5A167ECBBA13}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B5183F81-5BAA-4A21-89A8-E99D91168C03}" = dir=in | app=c:\program files\skype\plugin manager\skypepm.exe |
"{B65BB6EF-3902-4FDB-9315-DF8484B279FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B6DC0721-B3B7-4430-97B0-20FF629E40E5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{B8BA93B5-7A35-43BC-9535-F3059191252D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BB1A1670-F171-46B8-88DA-0D74D99ED635}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{BB99EC25-7036-4220-9884-FE7328C3E6A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BBFDCE0E-8F78-4400-9942-ED03E04628B2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BD80468F-9D2A-4115-8F7B-F1E6392FA560}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BDE1D515-AA9D-45D2-8672-76210BE0D217}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BE8B0515-1183-4684-9901-213DB890EBE6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF36150F-2196-4E62-99C0-53430E12A1B5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{BF6A2D53-7FA8-4B9E-AC58-CE612B480BAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C0C9E45D-E434-406C-A005-8EA1C4BEC53A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C1BB7396-40EF-4757-8D8F-986CDC77EF89}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C2AE6F9D-794F-4FAF-8DC2-53DAB1F6DA11}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C311A8DA-AE70-44E7-8786-CACC107EC7CA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C38B3924-8583-41BC-82E4-38211A33D66D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{C495747A-327A-4404-8119-D20A712B58CF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C4C7576D-68AC-465C-ACFC-E1056C7D9B5F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{C8476448-334D-4E8F-B83B-06D3B822B4B4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{C9EC1316-F031-4956-A78D-F3728A608193}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CAD73020-C0F1-46A8-A2C2-80879BFB5F7A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CC5F02E7-AD9F-4198-A7E2-39FECC4F77D3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{CD96E39D-C6AC-4D44-BA1C-34F773CB274D}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
"{CE311470-814A-44D4-8527-566FD325A3E6}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{D1AC9881-CC5A-4023-946D-7B40D23B0E0B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D1CBF6B3-2DF2-4C90-8350-130534EFE1F0}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{D27C1B1E-9872-44F5-B6B4-B2B6DBE19791}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D3A47DCF-3F6F-4843-98F2-CAA72D07C7F1}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{D5E691DA-6C17-4B53-9C59-D7F6913E265A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D746A612-98B3-4477-8B0B-B600A2847A9C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D762C1BC-38C9-4BB1-8B1B-FFE110306A97}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D7B98791-43E8-4DFF-9695-BA06EA2DD71D}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{D8837894-D334-4FC3-802A-D7D524A80BFA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{D88C948B-5D22-4ABA-B104-3A57E33C8437}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{DB02C725-DF65-4C25-AAFE-4E67C09F8995}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DB196295-7419-4EDC-883C-7F22EB9CB4FB}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{DEB42EFA-E7C8-404E-A59D-0768A2C27B37}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF39AD67-3B5C-4EBF-9158-BEA8758DFF00}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF54F25D-F85F-4A41-98F4-F4481F87EA2F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{DF5A6BD7-F54B-41CF-8A63-110F1F782903}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E0BF9292-4D5C-412F-BD08-D9A10F92AEC6}" = protocol=58 | dir=in | app=system |
"{E0E9457D-0A89-4A58-9FC3-5D83A7985769}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{E24C3924-868C-4DF8-9C6A-19E303728BFC}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{E4A171F0-E079-4359-B435-B9467941503B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6E92244-863B-40BC-91A4-DADEBB83DDD0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E6F79EF2-617A-42B3-8BEE-217E6F1C0FE5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7AE321B-74A7-4C00-9B72-9D1779ECE809}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E7AEBE06-451B-42F5-8F00-F116D49A26E8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E85AFC3C-83F0-45EF-9475-2361D5C15492}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{E8837B94-BD7B-4FBF-8E49-45277D965A94}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EAE5DBD0-6E77-48EA-97D2-27C6C2088AD8}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EC02C569-7784-47B9-B841-B749291FDAEB}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{EC45B019-7993-4177-B08B-3243057A6DD1}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EDA000EB-416D-4468-8FA2-C1C1AD54A9FC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EED26F1C-35E3-41DE-896D-E501115BB38B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EEEE567E-2D21-4944-BF3D-E77CA62428BA}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgam.exe |
"{F0E96CD2-3E99-4518-B72A-4CD9A99D3B0C}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F20C3436-6D34-47ED-969C-13E8390017A0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F50B367D-F1C1-4C2A-ACFF-E584F32245BA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F62BCF2C-9436-49ED-AAE0-389892AE873D}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F65E6EDB-BD3E-4149-AA8F-D30D469099A2}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F679A30F-2970-4105-BF23-74F489A0C5F5}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F76213FE-36F2-4701-BF55-A3E1EAF673D0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F87A45D4-84EF-4684-B50B-F91BE288F65F}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F88BE266-B3D5-4694-BB23-CB1E1B046BED}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{F9842B3F-6E78-49CD-A9C5-01C92198C0E6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB2934B7-E919-49A5-A315-3AD16472448A}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FB8B16D4-AE43-4D96-A8A1-0CD6D417BB62}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FD07E190-6727-4602-AE05-C1C5AE98447B}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{FD5DB4C4-56E2-47E9-A16E-F117D1D529C7}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{FDD744B0-C880-41ED-95D3-7D14FA1F1B53}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FE5EB239-CAE4-46B6-BB61-F63964B5A575}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"TCP Query User{0AD58340-01A9-4219-A8B4-76D0E9B8E61A}C:\program files\aim6\aim6.exe" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"TCP Query User{1D712449-1636-45F6-A6B2-F0FC06EF7650}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{2C0CF522-034F-4738-AEC5-8ECF279906C7}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{38E727BD-7B97-417A-B9E2-F2D907649832}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{48106988-E7A2-4901-A090-A91A45361169}C:\windows\system32\drivers\svchost.exe" = protocol=6 | dir=in | app=c:\windows\system32\drivers\svchost.exe |
"TCP Query User{814A745D-8A07-4227-BB49-0F59AD935E81}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"TCP Query User{9051FE46-10D6-4DCA-95D8-83D3DC81B523}C:\windows\system32\drivers\svchost.exe" = protocol=6 | dir=in | app=c:\windows\system32\drivers\svchost.exe |
"TCP Query User{9DBA7C36-40EB-4FCA-8C75-7D3A23663FD7}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{9F85943D-2E78-4C69-BF99-85A291C1EBC6}C:\program files\wildtangent\blasterball 2\bb2.exe" = protocol=6 | dir=in | app=c:\program files\wildtangent\blasterball 2\bb2.exe |
"TCP Query User{C735F273-AD8C-4067-A68C-287B7A23F06A}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"TCP Query User{EC158058-2680-48B9-97ED-E361ED3F8141}C:\program files\vuze\azureus.exe" = protocol=6 | dir=in | app=c:\program files\vuze\azureus.exe |
"TCP Query User{F142EDD1-7D23-4BC2-9E19-3B910106CE2D}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{F9BA9D73-55C6-4D73-882E-FAFF7766976F}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{05AA5856-4479-4386-90A7-0ED52F605EE6}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe |
"UDP Query User{0948D7C2-40C9-4A0C-AD0F-FA9FED36AFEF}C:\windows\system32\drivers\svchost.exe" = protocol=17 | dir=in | app=c:\windows\system32\drivers\svchost.exe |
"UDP Query User{390F65A1-F03B-4EE0-8931-8163C1B2CFF6}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe |
"UDP Query User{392960CC-7FFF-4D75-88C6-23A104FA2421}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{49D380F9-860E-4FBD-8FC7-B34184F68880}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{79F7A770-F79B-489C-AABF-C80E9E2B9D77}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{81BD08B6-6F32-4E99-B361-780C576E2B50}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{916F795A-7975-4A5B-890F-0DB588F85A0F}C:\windows\system32\drivers\svchost.exe" = protocol=17 | dir=in | app=c:\windows\system32\drivers\svchost.exe |
"UDP Query User{A61957F3-43BD-4798-B859-4A3AAD140BEB}C:\program files\vuze\azureus.exe" = protocol=17 | dir=in | app=c:\program files\vuze\azureus.exe |
"UDP Query User{C889377C-B18F-4909-B96D-7AEF74BC9159}C:\program files\wildtangent\blasterball 2\bb2.exe" = protocol=17 | dir=in | app=c:\program files\wildtangent\blasterball 2\bb2.exe |
"UDP Query User{D0083EA8-9D35-48A9-A456-B3C36288A696}C:\program files\aim6\aim6.exe" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"UDP Query User{D158CAD6-253E-4189-93BA-9DD6BA63160B}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{EBE17C8C-E1C5-4F45-9AE9-64A03E55229B}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{10E1E87C-656C-4D08-86D6-5443D28583BE}" = TrayApp
"{13F00518-807A-4B3A-83B0-A7CD90F3A398}" = MarketResearch
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23DA4222-E517-42B3-8F97-9CFD49E2A732}" = AVG 2011
"{26C610BF-761B-4209-BD6A-A0F1B73D6DDE}" = Intel(R) Viiv(TM) Software
"{29FA38B4-0AE4-4D0D-8A51-6165BB990BB0}" = WebReg
"{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}" = Windows Mobile Device Updater Component
"{2F28B3C9-2C89-4206-8B33-8ADC9577C49B}" = Scan
"{3039B4CC-4A06-4FDC-B380-11A358420B25}_is1" = NavNet NG
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{34FF0741-EC67-4C05-AC2A-6D257123DF2E}" = BigFix
"{385DD1DD-65AA-408D-8E70-74601C2DB7E6}" = Ad-Aware
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
"{415CDA53-9100-476F-A7B2-476691E117C7}" = HP Smart Web Printing
"{44C05309-60F4-410B-BC32-31733CFF1A41}" = Microsoft Digital Image Starter Edition 2006 Editor
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}" = HPSSupply
"{4FE542EB-FF0B-4739-94DD-25C8AE0AB251}" = Microsoft Digital Image Starter Edition 2006 Library
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune
"{706BB40A-4102-4c89-8107-DC68C4EBD19B}" = HP Deskjet All-In-One Software 9.0
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{76F8CB2B-6516-4E1E-B6F1-AED4ABDB4B0A}_is1" = Spy Sweeper
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7F3BCF8A-8E02-4659-AF25-F9AB66BD6718}" = Gateway Recovery Center Installer
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{8389382B-53BA-4A87-8854-91E3D80A5AC7}" = HP Photosmart Essential2.01
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6027FD-53DC-446D-BB75-CACD7028A134}" = HP Update
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91B3BEC8-748B-4912-82ED-29D38E140B2A}" = Linkit_eBay
"{91D2C605-AD2B-44C8-A0A1-9B116B3C91CB}" = AVG 2011
"{93F54611-2701-454e-94AB-623F458D9E6B}" = DeviceDiscovery
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{99ECF41F-5CCA-42BD-B8B8-A8333E2E2944}" = iTunes
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A369904B-C3E5-40ED-A72B-718B5D60D725}" = LabSim
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A9C365A3-06C0-43b4-A2DB-EDF0A6079AA9}" = DJ_AIO_Software
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A81300000003}" = Adobe Reader 8.1.3
"{AEA07F97-9088-497c-8821-0F36BD5DC251}" = HPProductAssistant
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4B1F18B-5CED-4f8f-8A8F-1BD0503C222E}" = DJ_AIO_ProductContext
"{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger
"{B6B69D92-6CD8-4086-8D1D-7945BDA4AE5A}" = F4100_Help
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9E848B3-A64D-4005-8DA1-DC3981C902A8}_is1" = NavNet
"{BCD6CD1A-0DBE-412E-9F25-3B500D1E6BA1}" = SolutionCenter
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"{C1771DDC-BEA1-4375-B2A2-B46F43ACB476}" = Wal-Mart Digital Photo Manager
"{C337BDAF-CB4E-47E2-BE1A-CB31BB7DD0E3}" = Apple Mobile Device Support
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C9D88AF8-7B0A-4200-BFBC-7827A7535096}" = F4100_doccd
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0E39A1D-0CEE-4D85-B4A2-E3BE990D075E}" = Destination Component
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D92FF8EB-BD77-40AE-B68B-A6BFC6F8661D}" = Windows Live Family Safety
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F56D6F46-1D62-4734-BF12-6457A1ED17BD}" = DJ_AIO_Software_min
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F8FED11D-3584-4a72-8B26-E0951B655797}" = F4100
"{FD8D8B04-BEAD-4A55-AA1D-62D2373E7DEA}" = Status
"{FF262740-C85A-11D5-BBEC-00D0B740900A}" = PS2 Multimedia Keyboard Driver
"8461-7759-5462-8226" = Vuze
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"ActiveTouchMeetingClient" = WebEx
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AIM Toolbar" = AIM Toolbar 5.0
"AIM_6" = AIM 6
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.12
"Ares" = Ares 2.1.1
"AskSBar Uninstall" = Ask Toolbar
"AVG" = AVG 2011
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_HSF" = Soft Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Fuzz Pack for Pocket Tanks Deluxe_is1" = Fuzz Pack v1.0 for Pocket Tanks Deluxe
"Google Desktop" = Google Desktop
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 9.0
"HP Photosmart Essential" = HP Photosmart Essential 2.01
"HP Solution Center & Imaging Support Tools" = HP Solution Center 9.0
"HPExtendedCapabilities" = HP Customer Participation Program 9.0
"InstallShield_{BE2CC4A5-2128-4EA2-941D-14F7A6A1AB61}" = Digital Media Reader
"Intel(R) Configuration Center" = Intel(R) Viiv(TM) Software
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.9.0
"L.S Games V2.0" = L.S Games V2.0
"MAGIX music maker 11 demo US" = MAGIX music maker 11 demo (US)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Money2006b" = Microsoft Money 2006
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"PictureItSuiteTrial_v12" = Microsoft Digital Image Starter Edition 2006
"PokerStars" = PokerStars
"PROPLUS" = Microsoft Office Professional Plus 2007
"PROSet" = Intel(R) PRO Network Connections Drivers
"RealPlayer 6.0" = RealPlayer
"SopCast" = SopCast 2.0.4
"TestOut Product Navigator (SA)" = TestOut Navigator (Online Version)
"TomTom HOME" = TomTom HOME 2.7.2.1825
"Veetle TV" = Veetle TV 0.9.18
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6d
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"wtwebdriver" = WildTangent Web Driver
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Extras" = Yahoo! Browser Services
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Toolbar" = Yahoo! Toolbar
"YInstHelper" = Yahoo! Install Manager
"Zune" = Zune

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SmartDraw 2009" = SmartDraw 2009

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
OTL logfile created on: 9/30/2011 10:37:29 AM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Owner\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 80.56% Memory free
4.21 Gb Paging File | 3.97 Gb Available in Paging File | 94.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288.38 Gb Total Space | 90.16 Gb Free Space | 31.26% Space Free | Partition Type: NTFS
Drive D: | 9.71 Gb Total Space | 1.61 Gb Free Space | 16.53% Space Free | Partition Type: NTFS
Drive E: | 2.62 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: OWNER-PC | User Name: Owner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Windows\725079080:3609970900.exe File not found
PRC - C:\Users\Owner\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV - (ACDaemon) -- File not found
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe ()
SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe ()
SRV - (OrbisClient.Services) -- C:\Program Files\TestOut\Orbis\OrbisClient.Services.exe ()
SRV - (avgfws) -- C:\Program Files\AVG\AVG10\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WMZuneComm) -- C:\Program Files\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Program Files\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (WebrootSpySweeperService) -- C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe ()
SRV - (PrismXL) -- C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS (New Boundary Technologies, Inc.)
SRV - (GoogleDesktopManager) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe (Google)
SRV - (Viewpoint Manager Service) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (AlertService) Intel(R) -- C:\Program Files\Intel\IntelDH\CCU\AlertService.exe (Intel(R) Corporation)
SRV - (Remote UI Service) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe (Intel(R) Corporation)
SRV - (MCLServiceATL) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe (Intel(R) Corporation)
SRV - (ISSM) Intel(R) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe (Intel(R) Corporation)
SRV - (M1 Server) Intel(R) Viiv(TM) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (DQLWinService) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe ()


========== Driver Services (SafeList) ==========

DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\AVGIDSDriver.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgrkx86) -- C:\Windows\system32\DRIVERS\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AVGIDSEH) -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\AVGIDSShim.sys (AVG Technologies CZ, s.r.o. )
DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\AVGIDSFilter.sys (AVG Technologies CZ, s.r.o. )
DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (Avgfwfd) -- C:\Windows\System32\drivers\avgfwd6x.sys (AVG Technologies CZ, s.r.o.)
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (MxlW2k) -- C:\Windows\System32\drivers\MxlW2k.sys (MusicMatch, Inc.)
DRV - (Cdr4_xp) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (SSIDRV) -- C:\Windows\SYSTEM32\Drivers\SSIDRV.SYS (Webroot Software, Inc. (www.webroot.com))
DRV - (SSHRMD) -- C:\Windows\SYSTEM32\Drivers\SSHRMD.SYS (Webroot Software, Inc. (www.webroot.com))
DRV - (ssfs0bbc) -- C:\Windows\system32\DRIVERS\ssfs0bbc.sys (Webroot Software, Inc. (www.webroot.com))
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (Cdralw2k) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions)
DRV - (SSKBFD) -- C:\Windows\System32\drivers\sskbfd.sys (Webroot Software Inc (www.webroot.com))
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSXHWBS2) -- C:\Windows\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation)
DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys ()
DRV - (NETw2v32) Intel(R) -- C:\Windows\System32\drivers\NETw2v32.sys (Intel® Corporation)
DRV - (bcm4sbxp) -- C:\Windows\System32\drivers\bcm4sbxp.sys (Broadcom Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (SigmaTel, Inc.)
DRV - (nmsunidr) -- C:\Windows\System32\drivers\nmsunidr.sys (Gteko Ltd.)
DRV - (nmsgopro) -- C:\Windows\System32\drivers\nmsgopro.sys (Gteko Ltd.)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC176...t/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.h...s=DTP&M=GT5438
IE - HKLM\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53616

========== FireFox ==========

FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 53616
FF - prefs.js..network.proxy.no_proxies_on: "*.local,localhost,127.0.0.1"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files\DivX\DivX Content Uploader\npUpload.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.3: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2888: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2946: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.2806: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2007/11/12 12:37:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/01 06:57:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EC78F5BD-1930-44A8-AC80-E670CC072887}: C:\Users\Owner\AppData\Local\{EC78F5BD-1930-44A8-AC80-E670CC072887} [2010/02/22 02:35:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/03 09:08:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/02 13:14:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2008/12/24 21:26:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2008/12/24 21:26:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2011/04/26 07:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\qvf5fw3t.default\extensions
[2011/04/25 22:39:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/02 13:14:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2011/06/03 09:08:04 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QVF5FW3T.DEFAULT\EXTENSIONS\{E19DF523-EFFD-48D2-95A2-883CB3BA32A4}.XPI
[2009/09/01 06:57:27 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/05/02 13:14:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/01/01 01:00:00 | 000,001,394 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom.xml
[2010/01/01 01:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010/01/01 01:00:00 | 000,001,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay.xml
[2010/01/01 01:00:00 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2010/01/01 01:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia.xml
[2010/01/01 01:00:00 | 000,001,096 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo.xml

Hosts file not found
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (HP Print Clips) - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Yahoo! IE Services Button) - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AOL Toolbar Launcher) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Ask Toolbar BHO) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL ()
O2 - BHO: (no name) - MRI_DISABLED - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Program Files\Google\GoogleToolbar1.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL ()
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL ()
O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe (Intel(R) Corporation)
O4 - HKLM..\Run: [CHotkey] C:\Windows\zHotkey.exe ()
O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IgfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe ()
O4 - HKLM..\Run: [ModPS2] C:\Windows\ModPS2Key.exe (Chicony)
O4 - HKLM..\Run: [NMSSupport] C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe (Intel Corporation)
O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ShowWnd] C:\Windows\ShowWnd.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Windows\sttray.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe (Webroot Software, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)
O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0
O8 - Extra context menu item: &AOL Toolbar Search - c:\Program Files\AOL\AIM Toolbar 5.0\resources\en-us\local\search.html ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll (AOL LLC)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll (Yahoo! Inc.)
O9 - Extra Button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O15 - HKCU\..Trusted Domains: filelist.org ([]http in Trusted sites)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/...oUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://pcpitstop.com/betapit/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.4.1.cab (DLM Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w2/reso...PUplden-us.cab (MSN Photo Upload Tool)
O16 - DPF: {64D01C7F-810D-446E-A07E-456746835644} Myspace | Social Entertainment (AtlBoxWordCtlAttrib Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} Myspace | Social Entertainment (Oberon Flash Game Host)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Error (PopCapLoader Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} https://accessfleet.webex.com/client...x/ieatgpc1.cab (GpcContainer Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01...PUplden-us.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E5139195-F699-4BDC-9987-58A6DB6E92EA}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\navnet {AD6E5643-7B0C-46AA-95AD-9773FF2A857A} - C:\Program Files\NavNetApp\ComUtilities.dll (MH)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) -c:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) -C:\Windows\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") -C:\Windows\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\Windows\System32\browseui.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O29 - HKLM SecurityProviders - (credssp.dll) -C:\Windows\System32\credssp.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) -C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) -C:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) -C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) -C:\Windows\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) -C:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) -C:\Windows\System32\tspkg.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found

========== Files/Folders - Created Within 30 Days ==========

[2011/09/30 10:28:27 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/09/29 21:32:01 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/09/29 14:41:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\Windows_NT6_BSOD_jcgriff2
[2011/09/29 07:24:08 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/09/15 03:09:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\temp
[2011/09/15 02:58:07 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2011/09/12 17:15:19 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/09/12 17:10:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/11 11:11:06 | 000,000,000 | ---D | C] -- C:\rsit
[2011/09/10 23:41:05 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2011/09/10 23:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2011/09/10 23:40:55 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/30 10:35:55 | 000,000,000 | ---- | M] () -- C:\Windows\725079080
[2011/09/30 10:35:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/30 10:30:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/30 10:30:27 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/30 10:28:29 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/09/30 09:34:51 | 000,000,464 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (SD).job
[2011/09/29 23:34:24 | 002,184,340 | ---- | M] () -- C:\Users\Owner\Documents\Windows_NT6_BSOD_jcgriff2.zip
[2011/09/29 23:14:53 | 149,942,237 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/09/29 23:13:37 | 000,120,024 | ---- | M] () -- C:\Users\Owner\Desktop\1268525691020.jpg
[2011/09/29 23:01:47 | 000,062,937 | ---- | M] () -- C:\Users\Owner\Desktop\1th17.jpg
[2011/09/29 22:49:13 | 000,141,408 | ---- | M] () -- C:\Users\Owner\Desktop\katies friend.jpg
[2011/09/29 22:36:49 | 000,058,711 | ---- | M] () -- C:\Users\Owner\Desktop\jmerrrzzz.jpg
[2011/09/29 14:41:01 | 000,053,760 | ---- | M] () -- C:\Users\Owner\Documents\Windows_NT6_BSOD_v3.03_jcgriff2_.exe
[2011/09/29 14:35:31 | 000,075,338 | ---- | M] () -- C:\Users\Owner\Desktop\kelsey.jpg
[2011/09/29 14:21:53 | 000,067,979 | ---- | M] () -- C:\Users\Owner\Desktop\selina.jpg
[2011/09/29 07:24:08 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011/09/29 06:04:41 | 047,369,160 | ---- | M] () -- C:\Windows\System32\mrt.exe
[2011/09/28 11:41:13 | 000,055,808 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/28 11:30:34 | 178,910,931 | ---- | M] () -- C:\Users\Owner\Desktop\maDd3nWBdHD.wmv
[2011/09/27 23:44:37 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2011/09/27 23:44:37 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2011/09/25 05:27:05 | 000,032,289 | ---- | M] () -- C:\Users\Owner\Desktop\brittt.jpg
[2011/09/22 07:52:19 | 000,319,236 | ---- | M] () -- C:\Users\Owner\Desktop\keana.jpg
[2011/09/21 22:03:51 | 000,110,385 | ---- | M] () -- C:\Users\Owner\Desktop\randalltv-stackedjoelle_(11).jpg
[2011/09/21 00:19:51 | 000,183,401 | ---- | M] () -- C:\Users\Owner\Desktop\826409-f8110383f8110_l.JPEG
[2011/09/19 11:41:47 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/18 01:54:56 | 000,127,716 | ---- | M] () -- C:\Users\Owner\Desktop\tumblr_lqdcwf417T1qj0m1io1_500.jpg
[2011/09/16 14:43:22 | 000,055,167 | ---- | M] () -- C:\Users\Owner\Desktop\tanea.jpg
[2011/09/15 11:58:58 | 000,012,519 | ---- | M] () -- C:\Users\Owner\Desktop\[BackroomCastingCouch.com]_Paulina_.6331435.TPB.torrent
[2011/09/13 15:20:23 | 000,000,654 | ---- | M] () -- C:\Users\Owner\Desktop\wrestlemania 02 pt 2.avi - Shortcut.lnk
[2011/09/13 15:20:23 | 000,000,654 | ---- | M] () -- C:\Users\Owner\Desktop\wrestlemania 02 pt 1.avi - Shortcut.lnk
[2011/09/13 10:16:23 | 000,459,264 | ---- | M] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2011/09/11 11:12:35 | 000,781,383 | ---- | M] () -- C:\Users\Owner\Desktop\RSIT.exe
[2011/09/10 23:41:07 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/09/10 23:00:37 | 000,023,108 | ---- | M] () -- C:\Users\Owner\Desktop\error.jpg
[2011/09/10 10:29:08 | 000,179,870 | ---- | M] () -- C:\Users\Owner\Desktop\Untitled.jpg
[2011/09/10 09:43:12 | 000,012,590 | ---- | M] () -- C:\Windows\System32\Support.xml
[2011/09/10 00:22:23 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2011/09/03 16:42:37 | 006,868,146 | ---- | M] () -- C:\Users\Owner\Desktop\I_Come_From_Money_.mp3
[2011/09/03 16:40:44 | 010,920,261 | ---- | M] () -- C:\Users\Owner\Desktop\CM_Punk_(Cult_Of_Personality_WWE_Edit).mp3
[2011/09/03 16:31:38 | 007,940,005 | ---- | M] () -- C:\Users\Owner\Desktop\Cody_Rhodes_New_Theme_CD_Quality_[MrEdge17HDv3].mp3
[2011/09/03 11:51:19 | 000,138,892 | ---- | M] () -- C:\Users\Owner\Desktop\5.jpg
[2011/09/03 11:51:03 | 000,302,390 | ---- | M] () -- C:\Users\Owner\Desktop\mms_picture.jpg
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/29 23:34:17 | 002,184,340 | ---- | C] () -- C:\Users\Owner\Documents\Windows_NT6_BSOD_jcgriff2.zip
[2011/09/29 23:13:23 | 000,120,024 | ---- | C] () -- C:\Users\Owner\Desktop\1268525691020.jpg
[2011/09/29 23:02:50 | 000,062,937 | ---- | C] () -- C:\Users\Owner\Desktop\1th17.jpg
[2011/09/29 22:50:17 | 000,141,408 | ---- | C] () -- C:\Users\Owner\Desktop\katies friend.jpg
[2011/09/29 22:36:43 | 000,058,711 | ---- | C] () -- C:\Users\Owner\Desktop\jmerrrzzz.jpg
[2011/09/29 14:41:01 | 000,053,760 | ---- | C] () -- C:\Users\Owner\Documents\Windows_NT6_BSOD_v3.03_jcgriff2_.exe
[2011/09/29 14:36:12 | 000,075,338 | ---- | C] () -- C:\Users\Owner\Desktop\kelsey.jpg
[2011/09/29 14:21:38 | 000,067,979 | ---- | C] () -- C:\Users\Owner\Desktop\selina.jpg
[2011/09/28 23:41:56 | 000,000,000 | ---- | C] () -- C:\Windows\725079080
[2011/09/28 11:30:29 | 178,910,931 | ---- | C] () -- C:\Users\Owner\Desktop\maDd3nWBdHD.wmv
[2011/09/25 05:26:55 | 000,032,289 | ---- | C] () -- C:\Users\Owner\Desktop\brittt.jpg
[2011/09/22 07:54:16 | 000,319,236 | ---- | C] () -- C:\Users\Owner\Desktop\keana.jpg
[2011/09/21 22:05:12 | 000,110,385 | ---- | C] () -- C:\Users\Owner\Desktop\randalltv-stackedjoelle_(11).jpg
[2011/09/21 00:19:27 | 000,183,401 | ---- | C] () -- C:\Users\Owner\Desktop\826409-f8110383f8110_l.JPEG
[2011/09/18 01:54:43 | 000,127,716 | ---- | C] () -- C:\Users\Owner\Desktop\tumblr_lqdcwf417T1qj0m1io1_500.jpg
[2011/09/16 14:43:31 | 000,055,167 | ---- | C] () -- C:\Users\Owner\Desktop\tanea.jpg
[2011/09/15 11:58:58 | 000,012,519 | ---- | C] () -- C:\Users\Owner\Desktop\[BackroomCastingCouch.com]_Paulina_.6331435.TPB.torrent
[2011/09/13 15:20:23 | 000,000,654 | ---- | C] () -- C:\Users\Owner\Desktop\wrestlemania 02 pt 2.avi - Shortcut.lnk
[2011/09/13 15:20:23 | 000,000,654 | ---- | C] () -- C:\Users\Owner\Desktop\wrestlemania 02 pt 1.avi - Shortcut.lnk
[2011/09/13 10:16:19 | 000,459,264 | ---- | C] () -- C:\Users\Owner\Desktop\CKScanner.exe
[2011/09/11 11:12:34 | 000,781,383 | ---- | C] () -- C:\Users\Owner\Desktop\RSIT.exe
[2011/09/10 23:41:07 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk
[2011/09/10 23:00:37 | 000,023,108 | ---- | C] () -- C:\Users\Owner\Desktop\error.jpg
[2011/09/10 10:29:08 | 000,179,870 | ---- | C] () -- C:\Users\Owner\Desktop\Untitled.jpg
[2011/09/10 00:22:23 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011/09/03 16:42:30 | 006,868,146 | ---- | C] () -- C:\Users\Owner\Desktop\I_Come_From_Money_.mp3
[2011/09/03 16:39:50 | 010,920,261 | ---- | C] () -- C:\Users\Owner\Desktop\CM_Punk_(Cult_Of_Personality_WWE_Edit).mp3
[2011/09/03 16:31:24 | 007,940,005 | ---- | C] () -- C:\Users\Owner\Desktop\Cody_Rhodes_New_Theme_CD_Quality_[MrEdge17HDv3].mp3
[2011/09/03 11:51:19 | 000,138,892 | ---- | C] () -- C:\Users\Owner\Desktop\5.jpg
[2011/09/03 11:51:02 | 000,302,390 | ---- | C] () -- C:\Users\Owner\Desktop\mms_picture.jpg
[2011/06/04 17:05:42 | 000,000,600 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\A12E.53C
[2011/05/17 21:10:52 | 000,001,354 | -HS- | C] () -- C:\Users\Owner\AppData\Local\8s7h0376ile
[2011/05/17 21:10:52 | 000,001,354 | -HS- | C] () -- C:\ProgramData\8s7h0376ile
[2011/05/17 21:10:35 | 000,000,208 | ---- | C] () -- C:\ProgramData\d1713FeGcMgJ6278
[2011/05/14 16:48:30 | 000,001,554 | -HS- | C] () -- C:\Users\Owner\AppData\Local\5lnfw71gfl5222x1d77ctwk735dv1vk6wbh2s67hy78q7
[2011/05/14 16:48:30 | 000,001,554 | -HS- | C] () -- C:\ProgramData\5lnfw71gfl5222x1d77ctwk735dv1vk6wbh2s67hy78q7
[2011/05/04 00:06:55 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/05/04 00:06:55 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/04/26 06:11:52 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/04/04 23:34:37 | 000,012,844 | -HS- | C] () -- C:\Users\Owner\AppData\Local\c1v7b2004pcko3q46sg5by81ek78o4q
[2011/04/04 23:34:37 | 000,012,844 | -HS- | C] () -- C:\ProgramData\c1v7b2004pcko3q46sg5by81ek78o4q
[2011/02/23 13:52:10 | 000,010,502 | -HS- | C] () -- C:\Users\Owner\AppData\Local\871386874
[2011/02/23 13:52:10 | 000,010,502 | -HS- | C] () -- C:\ProgramData\871386874
[2010/12/02 23:52:47 | 000,000,699 | ---- | C] () -- C:\ProgramData\1975716847.dat
[2010/11/26 04:32:52 | 000,000,006 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\start
[2010/11/26 04:32:13 | 000,000,006 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\completescan
[2010/11/26 04:17:22 | 000,000,010 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\install
[2010/09/08 12:10:24 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.INI
[2010/06/12 13:25:04 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2010/04/02 10:40:57 | 000,010,524 | -HS- | C] () -- C:\Users\Owner\AppData\Local\LK2mfPE2j
[2010/04/02 10:40:57 | 000,010,524 | -HS- | C] () -- C:\ProgramData\LK2mfPE2j
[2010/02/19 11:11:41 | 000,000,024 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\cqfyto.dat
[2010/02/10 10:00:26 | 000,000,120 | ---- | C] () -- C:\Users\Owner\AppData\Local\Jpoho.dat
[2010/02/10 10:00:26 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Local\Hjuheta.bin
[2009/10/19 01:07:34 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009/09/30 00:45:31 | 000,001,356 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2009/08/03 13:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 13:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/26 13:00:02 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009/06/26 12:57:14 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009/01/18 23:53:01 | 000,223,232 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2008/10/03 14:15:58 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/10/03 14:15:58 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/09/23 21:57:25 | 000,217,088 | ---- | C] () -- C:\Windows\System32\WerFault.exe
[2008/05/03 22:34:50 | 000,164,352 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2008/05/03 22:34:47 | 000,755,027 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2008/05/03 22:34:46 | 000,159,839 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008/05/03 22:34:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2008/02/14 11:48:50 | 000,000,000 | ---- | C] () -- C:\Windows\musicmaker.INI
[2008/02/14 11:15:40 | 000,038,912 | ---- | C] () -- C:\Windows\System32\mgxasio.dll
[2008/02/14 00:30:32 | 000,006,308 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008/01/09 04:18:12 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/12/11 12:43:44 | 000,012,288 | ---- | C] () -- C:\Windows\System32\DivXWMPExtType.dll
[2007/11/01 08:57:21 | 000,000,000 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\wklnhst.dat
[2007/11/01 08:21:32 | 000,000,021 | ---- | C] () -- C:\Windows\atid.ini
[2007/10/31 20:11:26 | 000,141,084 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2007/10/31 20:11:26 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2007/10/31 19:55:02 | 000,141,281 | ---- | C] () -- C:\Windows\hpoins14.dat
[2007/10/31 19:55:02 | 000,002,000 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2007/10/31 14:29:10 | 000,055,808 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/15 17:44:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1147.dll
[2007/02/15 17:44:38 | 000,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll
[2007/02/15 17:44:35 | 000,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll
[2007/02/15 17:19:02 | 000,000,004 | ---- | C] () -- C:\Windows\Pix11.dat
[2007/02/15 17:07:35 | 000,547,840 | ---- | C] () -- C:\Windows\zHotkey.exe
[2007/02/15 17:07:35 | 000,532,544 | ---- | C] () -- C:\Windows\PIC.dll
[2007/02/15 17:07:35 | 000,036,864 | ---- | C] () -- C:\Windows\ShowWnd.exe
[2007/02/15 17:07:35 | 000,024,576 | ---- | C] () -- C:\Windows\HKNTDLL.dll
[2006/11/22 15:16:18 | 000,003,612 | ---- | C] () -- C:\Windows\ReaderString.ini
[2006/11/21 11:50:06 | 000,000,037 | ---- | C] () -- C:\Windows\sunkist.ini
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 002,336,784 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,602,492 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,103,932 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006/11/02 03:24:01 | 047,369,160 | ---- | C] () -- C:\Windows\System32\mrt.exe
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/06/23 10:09:34 | 000,019,968 | R--- | C] () -- C:\Windows\System32\cpuinf32.dll
[2006/06/11 17:01:15 | 000,352,256 | ---- | C] () -- C:\Windows\System32\HotlineClient.exe
[2006/05/15 01:33:34 | 000,000,051 | ---- | C] () -- C:\Windows\pr.ini

========== LOP Check ==========

[2011/05/20 09:05:05 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\1891E13AFCD962D63A7F461F7DF02296
[2007/11/01 08:25:30 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\acccore
[2011/08/13 16:26:02 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Amazon
[2010/12/08 07:08:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG10
[2011/09/21 13:34:01 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Azureus
[2009/10/17 10:00:41 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Logs
[2009/06/26 13:01:50 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\MAGIX
[2008/02/13 23:58:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Musicmatch
[2010/11/30 19:28:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\NavNet Solutions
[2010/12/05 15:46:10 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SampleView
[2009/07/23 01:13:06 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Serif
[2011/03/30 10:04:48 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Skinux
[2010/04/28 11:05:20 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SmartDraw
[2010/12/05 15:42:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Spyware Terminator
[2011/08/14 13:39:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Tibo Software
[2008/12/24 21:26:23 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TomTom
[2010/02/17 23:06:11 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\uTorrent
[2007/12/19 19:03:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Wal-Mart
[2007/12/19 19:02:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Wal-Mart Digital Photo Manager
[2007/12/19 19:32:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Wal-Mart Digital Photo Viewer
[2008/10/14 15:55:43 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\webex
[2011/09/30 09:47:31 | 000,032,634 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/09/30 09:34:51 | 000,000,464 | ---- | M] () -- C:\Windows\Tasks\SDMsgUpdate (SD).job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 784 bytes -> C:\Windows\725079080:3609970900.exe
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Wild things.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\videosz-it-could-happen-32.mpeg:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\v1541_scene_5_448k_h264_bp.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\v1541_scene_2_698k_h264_mp.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Three Course Treat.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\shawtyisbangin.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Perved_Sarah_Peachez_-_Happy_Ending__Realpeachez.com.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Our secrets.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Natalie_-_16th_Febuary_10.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\My turn.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Lips experiment.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\keep.flv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\JJ_-_062209_Chat_-_With_Sound_Part_2.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\JJ_-_062209_Chat_-_With_Sound_Part_1.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\HD-tubs.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\HD-MPs.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Desktop\Bridesmaids (2011) TS x264 Feel-Free.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\cat_wh.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\BrookeM_-_24th_June.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Brooke.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\briannalee5.flv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Briana_03.avi:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Backdoor_to_Chyna_v1541_scene_1_698k_h264_mp.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Back_Door_To_Chyna_-_Scene_04.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\Ann_-_Pussy.mkv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\81709.flv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\397682_So_You_Wanna_Be_a_Pornstar.flv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\319970_Hot_Blonde_chick_gets_a_surprise_cumshot.flv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\305758_English_MILF_secretary_****s_her_boss.flv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\20100114.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\134_Happy_birthday.flv:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\100491.mp4:TOC.WMV
@Alternate Data Stream - 64 bytes -> C:\Users\Owner\100_3256.flv:TOC.WMV
@Alternate Data Stream - 166 bytes -> C:\ProgramData\TEMPFC5A2B2
@Alternate Data Stream - 106 bytes -> C:\ProgramData\TEMP:EC2246A6
< End of report >

i was directed to use combo fix through this forum. i havent gotten around to getting rid of it due to a busy schedule. and if this gets fixed those p2p programs are going to be gone!