Results 1 to 20 of 20

Thread: Empty Sent Items folder

  1. #1
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default Empty Sent Items folder

    I use Windows Mail in Windows Vista and had a large number of message in its Sent Items folder. But today I lost them all, the folder is now empty, and outgoing messages (which DO reach the recipient) are no longer saved in Sent Items.

    My broadband provider is BT, so messages from Windows Mail go via bt.yahoo.com where outgoing messages were stored in the Sent folder. But that, too, is now empty although I have checked that the option "When sending a message, save a copy in the Sent folder" is still selected.

    Can anyone tell me (a) how I can get outgoing messages to be saved once again in the Sent Items and Sent folders, and (b) if possible, how I can recover my lost messages?

  2. #2
    Administrator RandyL's Avatar
    Join Date
    Jan 2003
    Location
    USA, Nebraska
    Posts
    4,967

    PC Experience:
    Very Experienced


    Operating System:
    Windows 7 Home Premium-Vista Home Premium

    Default

    Hi mtav. I can't help you with your yahoo mail but the Save a copy of the sent messages in the 'Sent Items' folder in Windows Mail can be found in Tools>Options>Send.
    We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

    Get help with computer problems. Join Free PC Help here

    Donations are welcome. Read Here

  3. #3
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    The option in Windows Mail to save sent items in the Sent Items folder is already selected, but it still doesn't happen. What is more I am now starting to lose incomng messages. One that came in this morning and I had read has now disappeared, and all messages received from one of my friends over the last two months have also gone. Sounds like a virus. I use Bullguard Antivirus and it is fully enabled and up-to-date.

    (a) How can I get Mail working again? and (b) Is there any way to recover what seems to have been lost?

  4. #4
    Administrator RandyL's Avatar
    Join Date
    Jan 2003
    Location
    USA, Nebraska
    Posts
    4,967

    PC Experience:
    Very Experienced


    Operating System:
    Windows 7 Home Premium-Vista Home Premium

    Default

    Considering a few things you mentioned I think now is a good time to post in the malware removal section and then check with your ISP for possible issues. What is your ISP?
    We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

    Get help with computer problems. Join Free PC Help here

    Donations are welcome. Read Here

  5. #5
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    ISP is BT Broadband.

    Will post in Malware Infection Removal as you suggest.

    Thanks.

  6. #6
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    I think I was wrong about my outgoing messages going via bt.yahoo.com and also wrong to say they used to be stored in the Sent folder there.

  7. #7
    Administrator RandyL's Avatar
    Join Date
    Jan 2003
    Location
    USA, Nebraska
    Posts
    4,967

    PC Experience:
    Very Experienced


    Operating System:
    Windows 7 Home Premium-Vista Home Premium

    Default

    OK Now I'm confused as to exactly what the issue is.
    We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

    Get help with computer problems. Join Free PC Help here

    Donations are welcome. Read Here

  8. #8
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    I hope you have seen my response to this, RandyL, in Malware Infection Removal / Disappearing messages (18 Nov, 11:21)

  9. #9
    Administrator RandyL's Avatar
    Join Date
    Jan 2003
    Location
    USA, Nebraska
    Posts
    4,967

    PC Experience:
    Very Experienced


    Operating System:
    Windows 7 Home Premium-Vista Home Premium

    Default

    So far your malware thread looks ok. I'm a bit at a loss here.

    You could try removing the account then adding it back. I know that in OE that sometimes solved glitches.

    Or you could try a different account and see what happens.

    Or uncheck to save. Close Windows Mail. Reboot. Recheck to save.

    As a side note some third party applications can delete them when running cleanup.
    We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

    Get help with computer problems. Join Free PC Help here

    Donations are welcome. Read Here

  10. #10
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    Quote Originally Posted by RandyL View Post
    So far your malware thread looks ok. I'm a bit at a loss here.

    You could try removing the account then adding it back. I know that in OE that sometimes solved glitches.

    Or you could try a different account and see what happens.

    Or uncheck to save. Close Windows Mail. Reboot. Recheck to save.

    As a side note some third party applications can delete them when running cleanup.
    I have suffered this problem for more than a year now. No messages I send are copied to the Sent Items folder (the folder is still completely empty). If I reply to a message in Inbox it immedialtekly disappears from Inbox. And if I flag a message in Inbox it disappears.

    I tried removing accounts as RandyL suggests, rebooting the computer and setting them up again. No improvement. Is there any way to remove Windows Mail completely and reinstate it?

    Incidentally, RandyL says that removing an account and adding it back can solve gliitches in OE -- Windows
    Mail is directly in Vista rather than in an OS, isn't it?

  11. #11
    Administrator RandyL's Avatar
    Join Date
    Jan 2003
    Location
    USA, Nebraska
    Posts
    4,967

    PC Experience:
    Very Experienced


    Operating System:
    Windows 7 Home Premium-Vista Home Premium

    Default

    Welcome back mtav.
    No messages I send are copied to the Sent Items folder
    Try this. Open Windows Mail. Click Tools>Options>Send.
    Untic "Save a copy of sent messages in the 'Sent Items' folder.
    Click Apply>OK.
    Close and open Windows Mail.
    No do the same thing but this time tic the box.

    Yes Windows Mail is bundled with Vista and not a seperate add-on program. Deleting an account can sometimes solve issues with that particular account but I think your issue is with the mail client itself and not your account.

    I noticed this thread was never finished. http://www.freepchelp.co.uk/forum/ma...-messages.html
    We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

    Get help with computer problems. Join Free PC Help here

    Donations are welcome. Read Here

  12. #12
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    Quote Originally Posted by RandyL View Post
    Welcome back mtav.

    Try this. Open Windows Mail. Click Tools>Options>Send.
    Untic "Save a copy of sent messages in the 'Sent Items' folder.
    Click Apply>OK.
    Close and open Windows Mail.
    No do the same thing but this time tic the box.

    Yes Windows Mail is bundled with Vista and not a seperate add-on program. Deleting an account can sometimes solve issues with that particular account but I think your issue is with the mail client itself and not your account.

    I noticed this thread was never finished. http://www.freepchelp.co.uk/forum/ma...-messages.html
    Ticked and unticked the box but no improvement, I'm afraid.

    You are right that I didn't follow up chiaz's offer in 'disappearing messages'. Perhaps I should do so, but it all seemed rather daunting. As an alternative I have been considering using Eudora or Thunderbird on the computer with the problem while continuing to use Windows Mail on the laptop. What do you think? Would it work? Which is the better of the two?

  13. #13
    Administrator & Security Team Starbuck's Avatar
    Join Date
    Feb 2010
    Location
    Midlands, UK
    Posts
    3,380

    PC Experience:
    Very Experienced


    Operating System:
    XP Home / Win7 Pro / Win8.1 Pro / Win 10 preview

    Default

    Hi mtav,

    Sorry for butting in here.
    I see from the old thread in the malware removal forum, that no scans were actually run.
    Let's just run one program now, which will give us a lot of info and then we can take it from there.
    If we rule out malware it'll give everyone a clearer run at things.
    I'll make this as easy as i can for you:

    • Download OTL to your desktop.
      right click on the link and select 'Save Link/Target As'.

      if you have problems, try this download link:
      OTL
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Check the boxes beside LOP Check and Purity Check
    .

    .

    • Now copy the lines in bold below.

      netsvcs
      msconfig
      activex
      %SYSTEMDRIVE%\*.exe
      /md5start
      eventlog.dll
      scecli.dll
      netlogon.dll
      cngaudit.dll
      sceclt.dll
      ntelogon.dll
      logevent.dll
      iaStor.sys
      nvstor.sys
      atapi.sys
      IdeChnDr.sys
      viasraid.sys
      AGP440.sys
      vaxscsi.sys
      nvatabus.sys
      viamraid.sys
      nvata.sys
      nvgts.sys
      iastorv.sys
      ViPrt.sys
      eNetHook.dll
      ahcix86.sys
      KR10N.sys
      nvstor32.sys
      ahcix86s.sys
      nvrd32.sys
      symmpi.sys
      adp3132.sys
      /md5stop
      %systemroot%\*. /mp /s
      %systemroot%\system32\*.dll /lockedfiles
      %systemroot%\Tasks\*.job /lockedfiles
      %systemroot%\system32\drivers\*.sys /lockedfiles
      CREATERESTOREPOINT


    • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.


      .
    • Click the Run Scan button.


    • Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them with your next reply.


    Note:
    if you have problems adding the 'Custom scan' list, you can add it another way.
    At the bottom of this post you will see an attachment.
    Click on this and when asked, save it to your desktop. (it'll be easier to find there)
    Now to add the 'Custom scan' list..... double click in the Custom Scans/Fixes window (under the blue bar) and allow it to add the file.
    It will only add a document named scan.txt ..... so don't change the name of the downloaded file.
    You will see the text added to the scan box.
    Once added, click:


    Attached Files Attached Files
    Member of:
    UNITE

  14. #14
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    Many thanks, Starbuck. Total is 91802 characters so must send the two files separately. First:

    OTL Text


    OTL logfile created on: 08/02/2011 15:02:57 - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Mike\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18999)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
    5.00 Gb Paging File | 3.00 Gb Available in Paging File | 61.00% Paging File free
    Paging file location(s): c:\pagefile.sys 3067 6000 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 690.72 Gb Total Space | 580.28 Gb Free Space | 84.01% Space Free | Partition Type: NTFS
    Drive E: | 151.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive K: | 233.76 Gb Total Space | 105.97 Gb Free Space | 45.33% Space Free | Partition Type: NTFS

    Computer Name: MESH | User Name: Mike | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/02/08 14:59:26 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Downloads\OTL.scr
    PRC - [2010/12/19 15:31:38 | 000,142,336 | ---- | M] () -- C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
    PRC - [2010/12/03 19:43:55 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe
    PRC - [2010/12/03 19:43:55 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox 3.1 Beta 2\plugin-container.exe
    PRC - [2010/10/18 19:21:52 | 000,160,328 | ---- | M] (Siber Systems) -- C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
    PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    PRC - [2010/10/03 22:43:16 | 001,266,920 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
    PRC - [2010/10/03 22:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
    PRC - [2010/06/15 11:58:57 | 000,348,480 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
    PRC - [2010/06/07 20:05:44 | 002,071,360 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
    PRC - [2010/05/27 08:55:39 | 000,298,320 | ---- | M] (BullGuard Ltd.) -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
    PRC - [2010/04/05 23:41:46 | 000,116,224 | ---- | M] (Brio) -- C:\Program Files\FolderSize\FolderSizeSvc.exe
    PRC - [2010/01/15 12:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
    PRC - [2009/11/27 21:44:36 | 000,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2009/03/06 23:34:51 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe
    PRC - [2009/03/05 15:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    PRC - [2009/01/02 12:05:42 | 003,098,152 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KService.exe
    PRC - [2009/01/02 12:05:40 | 001,041,960 | ---- | M] (Kontiki Inc.) -- C:\Program Files\Kontiki\KHost.exe
    PRC - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
    PRC - [2008/10/29 09:40:12 | 000,058,720 | ---- | M] (Seiko Instruments USA Inc.) -- C:\Program Files\Seiko Instruments USA Inc\Smart Label Printer 6.9\slpcap.exe
    PRC - [2008/10/27 20:44:03 | 000,030,192 | ---- | M] (Google) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    PRC - [2008/05/27 16:02:44 | 000,425,984 | ---- | M] (BroadbandChoices.co.uk) -- C:\Program Files\Broadband Choices\Broadband Choices Speed Tester\SpeedTester.exe
    PRC - [2008/01/21 02:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
    PRC - [2008/01/15 11:26:18 | 004,874,240 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
    PRC - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    PRC - [2007/01/08 08:27:12 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPage15\OpWare15.exe
    PRC - [2007/01/08 08:26:38 | 000,943,656 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\OmniPage15\OpAgent.exe
    PRC - [2006/10/30 16:59:34 | 000,024,576 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtProc .exe
    PRC - [2006/09/20 08:35:26 | 000,020,480 | ---- | M] () -- C:\Windows\System32\spool\drivers\w32x86\3\WrtMon. exe
    PRC - [2005/09/30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
    PRC - [2005/09/09 02:24:30 | 000,102,400 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    PRC - [2005/09/09 00:18:10 | 000,057,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
    PRC - [2003/03/11 22:26:22 | 000,307,200 | ---- | M] (JITServ) -- C:\Program Files\Down2Home\Down2Home.exe


    ========== Modules (SafeList) ==========

    MOD - [2011/02/08 14:59:26 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Downloads\OTL.scr
    MOD - [2010/10/03 22:43:42 | 000,431,336 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\rooksbas.dll
    MOD - [2010/08/31 15:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb7 2f2a088b0ed3\comctl32.dll
    MOD - [2010/05/27 08:56:12 | 000,098,128 | ---- | M] (BullGuard Ltd.) -- C:\Windows\System32\BgGamingMonitor.dll


    ========== Win32 Services (SafeList) ==========

    SRV - [2010/11/29 10:42:56 | 000,058,944 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper) getPlus(R)
    SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
    SRV - [2010/10/03 22:43:16 | 000,767,208 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
    SRV - [2010/09/28 12:29:36 | 000,013,160 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\599\g2aservice.exe -- (GoToAssist)
    SRV - [2010/06/15 11:58:57 | 000,348,480 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe -- (BsUpdate)
    SRV - [2010/06/07 20:05:54 | 000,377,664 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll -- (BsFire)
    SRV - [2010/06/07 20:05:52 | 000,251,200 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll -- (BsFileScan)
    SRV - [2010/06/07 20:05:43 | 000,166,208 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll -- (BsMain)
    SRV - [2010/05/27 08:56:11 | 000,055,120 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll -- (BsBrowser)
    SRV - [2010/05/27 08:55:39 | 000,298,320 | ---- | M] (BullGuard Ltd.) [On_Demand | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe -- (BsScanner)
    SRV - [2010/05/27 08:55:38 | 000,133,952 | ---- | M] (BullGuard Ltd.) [Auto | Running] -- C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll -- (BsMailProxy)
    SRV - [2010/04/05 23:41:46 | 000,116,224 | ---- | M] (Brio) [Auto | Running] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
    SRV - [2010/03/18 12:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\ WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
    SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2010/03/03 20:07:16 | 000,120,144 | ---- | M] (BullGuard Ltd.) [On_Demand | Stopped] -- C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe -- (BgRaSvc)
    SRV - [2010/01/15 12:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
    SRV - [2009/09/25 01:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
    SRV - [2009/05/09 15:03:11 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
    SRV - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
    SRV - [2009/01/02 12:05:42 | 003,098,152 | ---- | M] (Kontiki Inc.) [Auto | Running] -- C:\Program Files\Kontiki\KService.exe -- (KService)
    SRV - [2008/11/09 20:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
    SRV - [2008/10/27 20:44:03 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-092308-165331)
    SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2007/10/25 14:27:54 | 000,266,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc)
    SRV - [2007/09/10 23:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
    SRV - [2005/09/30 19:22:50 | 000,096,341 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
    SRV - [2005/09/09 02:24:30 | 000,102,400 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor4.0)


    ========== Driver Services (SafeList) ==========

    DRV - [2011/02/06 18:42:02 | 000,013,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Users\Mike\AppData\Local\Temp\vdsdk.sys -- (VDSDK)
    DRV - [2010/10/03 22:54:04 | 000,034,792 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\Rapport Cerberus\19917\RapportCerberus_19917.sys -- (RapportCerberus_19917)
    DRV - [2010/10/03 22:43:44 | 000,169,320 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
    DRV - [2010/10/03 22:43:44 | 000,059,240 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\RapportKELL.sys -- (RapportKELL)
    DRV - [2010/05/27 08:55:35 | 000,055,888 | ---- | M] (BullGuard Ltd.) [File_System | System | Running] -- C:\Windows\System32\drivers\BdSpy.sys -- (BdSpy)
    DRV - [2010/03/01 11:03:41 | 000,390,528 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\RapportBuka.sys -- (RapportBuka)
    DRV - [2010/02/23 09:36:03 | 000,318,488 | R--- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AfwCore.sys -- (AfwCore)
    DRV - [2010/02/23 09:36:03 | 000,029,208 | R--- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\Afw.sys -- (afw)
    DRV - [2009/03/27 23:03:00 | 007,738,816 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
    DRV - [2008/01/21 02:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
    DRV - [2008/01/21 02:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
    DRV - [2008/01/21 02:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
    DRV - [2008/01/21 02:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
    DRV - [2008/01/21 02:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
    DRV - [2008/01/21 02:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
    DRV - [2008/01/21 02:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
    DRV - [2008/01/21 02:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
    DRV - [2008/01/21 02:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
    DRV - [2008/01/21 02:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
    DRV - [2008/01/21 02:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
    DRV - [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
    DRV - [2008/01/21 02:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
    DRV - [2008/01/21 02:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
    DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
    DRV - [2008/01/21 02:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
    DRV - [2008/01/21 02:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
    DRV - [2008/01/21 02:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
    DRV - [2008/01/21 02:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
    DRV - [2008/01/21 02:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
    DRV - [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
    DRV - [2008/01/21 02:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
    DRV - [2008/01/21 02:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
    DRV - [2008/01/21 02:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
    DRV - [2008/01/21 02:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
    DRV - [2008/01/15 19:19:04 | 002,047,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
    DRV - [2007/12/04 19:34:18 | 000,946,816 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\3xHybrid.sys -- (3xHybrid)
    DRV - [2007/11/18 02:39:50 | 001,040,544 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
    DRV - [2007/08/09 11:12:00 | 000,110,624 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor32.sys -- (nvstor32)
    DRV - [2006/11/02 09:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
    DRV - [2006/11/02 09:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
    DRV - [2006/11/02 09:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
    DRV - [2006/11/02 09:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
    DRV - [2006/11/02 09:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
    DRV - [2006/11/02 09:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
    DRV - [2006/11/02 09:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
    DRV - [2006/11/02 09:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
    DRV - [2006/11/02 09:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
    DRV - [2006/11/02 09:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
    DRV - [2006/11/02 09:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
    DRV - [2006/11/02 08:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
    DRV - [2006/11/02 08:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
    DRV - [2006/11/02 08:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
    DRV - [2006/11/02 08:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
    DRV - [2006/11/02 08:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
    DRV - [2006/11/02 08:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
    DRV - [2006/11/02 07:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
    DRV - [2006/10/19 05:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Home - www.meshcomputersownersclub.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search
    IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Home - www.meshcomputersownersclub.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google Toolbar
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = Google Toolbar
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google Toolbar
    IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
    IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "Ask.com"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.search.selectedEngine: "Ask.com"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "www.google.co.uk"
    FF - prefs.js..extensions.enabledItems: {22119944-ED35-4ab1-910B-E619EA06A115}:6.10.1
    FF - prefs.js..extensions.enabledItems: support@ancestry.com:1.0.0.1
    FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
    FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
    FF - prefs.js..extensions.enabledItems: {eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c57}:1.0.2
    FF - prefs.js..extensions.enabledItems: {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.76
    FF - prefs.js..extensions.enabledItems: antiphishing@bullguard:1.0
    FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:3.2.5.2
    FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
    FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
    FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=GOM2&o=16133&locale=e n_UK&apn_uid=FDEBEC85-4975-4EE9-88F1-6ACCE53E27FB&apn_ptnrs=QL&apn_sauid=9D36F32D-75ED-49FD-8873-CA01B6F64A14&apn_dtid=YYYYYYYYGB&q="

    FF - HKLM\software\mozilla\Firefox\Extensions\\antiphis hing@bullguard: C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullgua rd\ [2010/05/27 08:47:31 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Firefox\Extensions\\{2211994 4-ED35-4ab1-910B-E619EA06A115}: C:\Program Files\Siber Systems\AI RoboForm\Firefox [2009/08/12 23:05:16 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox 3.1 Beta 2\components [2011/02/06 18:31:37 | 000,000,000 | ---D | M]
    FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox 3.1 Beta 2\plugins [2011/02/06 18:31:30 | 000,000,000 | ---D | M]

    [2010/02/06 10:07:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
    [2010/02/06 10:07:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions\{ 3550f703-e582-4d05-9a08-453d09bdfdc6}
    [2011/02/07 22:09:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions
    [2010/06/25 20:57:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
    [2011/02/06 18:32:15 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
    [2010/11/07 14:07:17 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\{AE93811A-5C9A-4d34-8462-F7B864FC4696}
    [2011/01/11 10:49:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    [2010/01/19 18:35:27 | 000,000,000 | ---D | M] ("SecretHelper") -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\{eebc5c3f-ec4b-4ad4-b5d1-fa51b3c42c57}
    [2011/02/06 18:32:16 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\engine@conduit.co m
    [2009/08/28 00:20:57 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\support@ancestry. com
    [2011/01/27 13:32:52 | 000,000,000 | ---D | M] (GOM Player + Ask Toolbar) -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\extensions\toolbar@ask.com
    [2011/02/06 18:32:27 | 000,002,571 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Mozilla\Firefox\Prof iles\kjvrca6j.default\searchplugins\askcom.xml
    [2010/05/27 08:47:31 | 000,000,000 | ---D | M] (BullGuard Antiphishing Toolbar) -- C:\PROGRAM FILES\BULLGUARD LTD\BULLGUARD\ANTIPHISHING\FF\ANTIPHISHING@BULLGUA RD
    [2009/11/27 21:45:35 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAM FILES\REAL\REALPLAYER\BROWSERRECORD\FIREFOX\EXT
    [2009/08/12 23:05:16 | 000,000,000 | ---D | M] (AI Roboform Toolbar for Firefox) -- C:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\FIREFOX
    [2010/06/25 20:57:30 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\{20A82645-C095-46ED-80E3-08825760534B}
    [2011/02/06 18:32:15 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
    [2010/11/07 14:07:17 | 000,000,000 | ---D | M] ("StumbleUpon") -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\{AE93811A-5C9A-4D34-8462-F7B864FC4696}
    [2011/01/11 10:49:54 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
    [2010/01/19 18:35:27 | 000,000,000 | ---D | M] ("SecretHelper") -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\{EEBC5C3F-EC4B-4AD4-B5D1-FA51B3C42C57}
    [2011/02/06 18:32:16 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\ENGINE@CONDUIT.COM
    [2009/08/28 00:20:57 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\SUPPORT@ANCESTRY.COM
    [2011/01/27 13:32:52 | 000,000,000 | ---D | M] (GOM Player + Ask Toolbar) -- C:\USERS\MIKE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\KJVRCA6J.DEFAULT\EXT ENSIONS\TOOLBAR@ASK.COM

    O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: ::1 localhost
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    O2 - BHO: (no name) - {23162633-071E-4D3C-B347-B85451A92DBA} - No CLSID value found.
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
    O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\s wg.dll (Google Inc.)
    O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O2 - BHO: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O2 - BHO: (BGAntiphishingBHO Class) - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO. dll (BullGuard Ltd.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInsta nce.dll (Yahoo! Inc)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (&RoboForm) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
    O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O3 - HKLM\..\Toolbar: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
    O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\tbMyA1.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (GOM Player + Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
    O4 - HKLM..\Run: [4oD] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
    O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [BullGuard] C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (BullGuard Ltd.)
    O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
    O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
    O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
    O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
    O4 - HKLM..\Run: [Opware15] C:\Program Files\ScanSoft\OmniPage15\Opware15.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
    O4 - HKLM..\Run: [ScanSoft OmniPage 15-reminder] C:\Program Files\ScanSoft\OmniPage15\Ereg\Ereg.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [Skytel] C:\Windows\SkyTel.exe (Realtek Semiconductor Corp.)
    O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon. exe ()
    O4 - HKCU..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe (Kontiki Inc.)
    O4 - HKCU..\Run: [msnmsgr] File not found
    O4 - HKCU..\Run: [OpAgent] C:\Program Files\ScanSoft\OmniPage15\OpAgent.exe (Nuance Communications, Inc.)
    O4 - HKCU..\Run: [RoboForm] C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
    O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe (Google Inc.)
    O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe ()
    O4 - Startup: C:\Users\Mike\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\SpeedTester.lnk = C:\Users\Mike\Application Data\Microsoft\Installer\{32729FF3-AD6A-45CC-8E55-E1916420F7F1}\_7EA94809FE219030A883C8.exe ()
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoResolveTrack = 1
    O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O8 - Extra context menu item: Customize Menu - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
    O8 - Extra context menu item: Fill Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
    O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6 097707281E79.dll (Google Inc.)
    O8 - Extra context menu item: RoboForm Toolbar - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
    O8 - Extra context menu item: Save Forms - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
    O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
    O9 - Extra Button: BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BgAntiphishingIE.dll (BullGuard Ltd.)
    O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
    O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
    O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
    O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
    O9 - Extra Button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
    O9 - Extra 'Tools' menuitem : RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
    O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\BGLsp.dll (BullGuard Ltd.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_23)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
    O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
    O20 - AppInit_DLLs: (BgGamingMonitor.dll) - C:\Windows\System32\BgGamingMonitor.dll (BullGuard Ltd.)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\GoToAssist: DllName - C:\Program Files\Citrix\GoToAssist\599\G2AWinLogon.dll - C:\Program Files\Citrix\GoToAssist\599\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O32 - AutoRun File - [2009/12/03 15:01:06 | 000,000,163 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
    O32 - AutoRun File - [2007/11/18 17:10:02 | 000,000,090 | ---- | M] () - K:\AUTORUN.INF -- [ NTFS ]
    O33 - MountPoints2\{c78e1726-a2f5-11dd-8a18-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2009/12/09 16:03:38 | 000,034,224 | R--- | M] (British Telecommunications)
    O33 - MountPoints2\{c78e1726-a2f5-11dd-8a18-806e6f6e6963}\Shell\BTHomeHub\command - "" = E:\Setup.exe -- [2009/12/09 16:03:38 | 000,034,224 | R--- | M] (British Telecommunications)
    O33 - MountPoints2\{f19cd37c-0eec-11e0-a530-0022153cada6}\Shell\AutoRun\command - "" = J:\Setup_FlipShare.exe
    O33 - MountPoints2\{f19cd37c-0eec-11e0-a530-0022153cada6}\Shell\Setup FlipShare\command - "" = J:\Setup_FlipShare.exe
    O33 - MountPoints2\{f33db951-a49d-11dd-a70d-0022153cada6}\Shell\AutoRun\command - "" = K:\setupSNK.exe -- [2004/08/04 00:56:58 | 000,028,672 | ---- | M] (Microsoft Corporation)
    O34 - HKLM BootExecute: (autocheck autochk *) - File not found
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    NetSvcs: FastUserSwitchingCompatibility - File not found
    NetSvcs: Ias - File not found
    NetSvcs: Nla - File not found
    NetSvcs: Ntmssvc - File not found
    NetSvcs: NWCWorkstation - File not found
    NetSvcs: Nwsapagent - File not found
    NetSvcs: SRService - File not found
    NetSvcs: WmdmPmSp - File not found
    NetSvcs: LogonHours - File not found
    NetSvcs: PCAudit - File not found
    NetSvcs: helpsvc - File not found
    NetSvcs: uploadmgr - File not found


    ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
    ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
    ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
    ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
    ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
    ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
    ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
    ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
    ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
    ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
    ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
    ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
    ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
    ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
    ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
    ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
    ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
    ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
    ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
    ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
    ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
    ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
    ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
    ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
    ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
    ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
    ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
    ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
    ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
    ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
    ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
    ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
    ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
    ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
    ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
    ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP

    CREATERESTOREPOINT
    Restore point Set: OTL Restore Point

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/02/06 23:25:20 | 000,000,000 | ---D | C] -- C:\Program Files\SyncToy 2.1
    [2011/02/06 18:31:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
    [2011/02/06 18:31:25 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox 3.1 Beta 2
    [2011/01/29 18:57:32 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS
    [2011/01/29 18:57:32 | 000,000,000 | ---D | C] -- C:\Program Files\NOS
    [2011/01/23 14:22:25 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
    [2011/01/21 14:44:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iiyama
    [2011/01/21 14:44:36 | 000,000,000 | ---D | C] -- C:\Program Files\iiyama monitor test
    [2011/01/12 06:07:45 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbc32.dll
    [2011/01/12 06:07:22 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdclt.exe
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2011/02/08 15:00:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/02/08 14:51:13 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/02/08 14:51:13 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/02/08 14:39:40 | 000,617,528 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2011/02/08 14:39:40 | 000,112,294 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2011/02/08 14:33:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4211042484-1496349775-2818423265-1000UA.job
    [2011/02/08 14:12:00 | 000,000,270 | ---- | M] () -- C:\Windows\tasks\Check Updates for Windows Live Toolbar.job
    [2011/02/08 11:00:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/02/07 15:33:00 | 000,000,850 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4211042484-1496349775-2818423265-1000Core.job
    [2011/02/07 12:55:57 | 000,000,926 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\BBC iPlayer Desktop.lnk
    [2011/02/07 12:54:51 | 000,002,777 | ---- | M] () -- C:\Users\Mike\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Startup\SpeedTester.lnk
    [2011/02/07 12:51:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/02/07 12:51:02 | 2145,927,168 | -HS- | M] () -- C:\hiberfil.sys
    [2011/02/06 18:31:38 | 000,001,867 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2011/02/06 18:31:38 | 000,001,849 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2011/02/05 07:34:19 | 000,002,079 | ---- | M] () -- C:\Users\Mike\Desktop\Google Chrome.lnk
    [2011/01/31 11:48:36 | 000,159,232 | ---- | M] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/01/23 14:22:08 | 000,000,934 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk
    [2011/01/23 14:22:08 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2011/02/06 23:25:21 | 000,001,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncToy 2.1.lnk
    [2011/02/06 18:31:38 | 000,001,849 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2010/09/06 16:25:08 | 000,015,107 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2010/08/16 11:15:02 | 000,000,395 | ---- | C] () -- C:\Windows\MAXLINK.INI
    [2010/01/27 09:30:41 | 000,000,244 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\wklnhst.dat
    [2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
    [2009/08/02 10:45:16 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2009/04/04 17:25:55 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2009/02/26 00:06:26 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
    [2008/12/12 00:05:23 | 008,146,944 | ---- | C] () -- C:\Users\Mike\AppData\Local\filesync.metadata
    [2008/12/04 11:06:49 | 000,011,776 | ---- | C] () -- C:\Windows\System32\pmsbfn32.dll
    [2008/11/13 13:34:00 | 000,000,029 | ---- | C] () -- C:\Windows\DEBUGSM.INI
    [2008/11/13 13:33:07 | 000,000,072 | ---- | C] () -- C:\Windows\System32\epDPE.ini
    [2008/11/13 13:33:06 | 000,096,768 | ---- | C] () -- C:\Windows\SlantAdj.dll
    [2008/10/27 20:57:28 | 000,159,232 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2008/05/08 19:08:11 | 000,009,760 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
    [2008/05/08 19:07:30 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys
    [2006/11/18 05:01:18 | 000,462,848 | ---- | C] () -- C:\Windows\System32\softcoin.dll
    [2006/11/18 05:00:36 | 000,344,064 | ---- | C] () -- C:\Windows\System32\gencoin.dll
    [2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
    [2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
    [2006/10/11 03:33:58 | 000,010,288 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS
    [2006/02/18 08:16:04 | 000,036,864 | ---- | C] () -- C:\Windows\System32\SlpApi42.dll

    ========== Custom Scans ==========


    < %SYSTEMDRIVE%\*.exe >


    < MD5 for: AGP440.SYS >
    [2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
    [2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\mac hine.inf_51b95d75\AGP440.sys
    [2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\mac hine.inf_f750e484\AGP440.sys
    [2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35 _6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
    [2008/01/21 02:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35 _6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
    [2006/11/02 09:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\mac hine.inf_920a2c1f\AGP440.sys

    < MD5 for: ATAPI.SYS >
    [2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
    [2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_b12d8e84\atapi.sys
    [2009/04/11 06:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6002.18005_none_df23a1261eab99e8\atapi.sys
    [2008/01/21 02:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_cc18792d\atapi.sys
    [2008/01/21 02:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6 .0.6001.18000_none_dd38281a2189ce9c\atapi.sys
    [2006/11/02 09:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\msh dc.inf_c6c2e699\atapi.sys

    < MD5 for: CNGAUDIT.DLL >
    [2006/11/02 09:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
    [2006/11/02 09:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d29293 2a96ce6\cngaudit.dll

    < MD5 for: IASTORV.SYS >
    [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
    [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\ias torv.inf_c9df7691\iaStorV.sys
    [2008/01/21 02:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35 _6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
    [2006/11/02 09:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\ias torv.inf_37cdafa4\iaStorV.sys

    < MD5 for: NETLOGON.DLL >
    [2009/04/11 06:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
    [2009/04/11 06:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3 304f351bb3a3\netlogon.dll
    [2008/01/21 02:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7 b74337f9e857\netlogon.dll

    < MD5 for: NVRD32.SYS >
    [2007/08/09 11:12:00 | 000,131,616 | ---- | M] (NVIDIA Corporation) MD5=CA4CCEFF1D43F48A289536451FD39D04 -- C:\Driver Servicing\nvidia\chipset\nForce780\9.46\English\ID E\WinVista\sataraid\nvrd32.sys
    [2007/08/09 11:12:00 | 000,131,616 | -H-- | M] (NVIDIA Corporation) MD5=CA4CCEFF1D43F48A289536451FD39D04 -- C:\Windows\ConfigSetRoot\$oem$\$1\Driver Servicing\nvidia\chipset\nForce780\9.46\English\ID E\WinVista\sataraid\nvrd32.sys
    [2007/07/02 17:37:00 | 000,131,616 | ---- | M] (NVIDIA Corporation) MD5=ED399014A8029DE02BA5AE01DA8CC9EE -- C:\Driver Servicing\nvidia\chipset\nForce 750_6ser\nForceWinVista\15.08\IDE\WinVista\satarai d\nvrd32.sys
    [2007/07/02 17:37:00 | 000,131,616 | -H-- | M] (NVIDIA Corporation) MD5=ED399014A8029DE02BA5AE01DA8CC9EE -- C:\Windows\ConfigSetRoot\$oem$\$1\Driver Servicing\nvidia\chipset\nForce 750_6ser\nForceWinVista\15.08\IDE\WinVista\satarai d\nvrd32.sys

    < MD5 for: NVSTOR.SYS >
    [2006/11/02 09:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvr aid.inf_733654ff\nvstor.sys
    [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
    [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvr aid.inf_31c3d71d\nvstor.sys
    [2008/01/21 02:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_ 6.0.6001.18000_none_39dac327befea467\nvstor.sys

    < MD5 for: NVSTOR32.SYS >
    [2007/07/02 17:37:00 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=703E3A7093B0FAC0EEBADBB8E931ECAF -- C:\Driver Servicing\nvidia\chipset\nForce 750_6ser\nForceWinVista\15.08\IDE\WinVista\satarai d\nvstor32.sys
    [2007/07/02 17:37:00 | 000,110,112 | -H-- | M] (NVIDIA Corporation) MD5=703E3A7093B0FAC0EEBADBB8E931ECAF -- C:\Windows\ConfigSetRoot\$oem$\$1\Driver Servicing\nvidia\chipset\nForce 750_6ser\nForceWinVista\15.08\IDE\WinVista\satarai d\nvstor32.sys
    [2007/07/02 17:37:00 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\Driver Servicing\nvidia\chipset\nForce 750_6ser\nForceWinVista\15.08\IDE\WinVista\sata_id e\nvstor32.sys
    [2007/07/02 17:37:00 | 000,110,112 | -H-- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\Windows\ConfigSetRoot\$oem$\$1\Driver Servicing\nvidia\chipset\nForce 750_6ser\nForceWinVista\15.08\IDE\WinVista\sata_id e\nvstor32.sys
    [2007/07/02 17:37:00 | 000,110,112 | ---- | M] (NVIDIA Corporation) MD5=A1CE1A6FD74C046F029448FCFA5E386D -- C:\Windows\System32\DriverStore\FileRepository\nvs tor32.inf_efe24208\nvstor32.sys
    [2007/08/09 11:12:00 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Driver Servicing\nvidia\chipset\nForce780\9.46\English\ID E\WinVista\sata_ide\nvstor32.sys
    [2007/08/09 11:12:00 | 000,110,624 | -H-- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\ConfigSetRoot\$oem$\$1\Driver Servicing\nvidia\chipset\nForce780\9.46\English\ID E\WinVista\sata_ide\nvstor32.sys
    [2007/08/09 11:12:00 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\drivers\nvstor32.sys
    [2007/08/09 11:12:00 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=DC5F166422BEEBF195E3E4BB8AB4EE22 -- C:\Windows\System32\DriverStore\FileRepository\nvs tor32.inf_99d8b088\nvstor32.sys
    [2007/08/09 11:12:00 | 000,110,624 | ---- | M] (NVIDIA Corporation) MD5=F2D7CCD75132F19119108E07A4FD0A12 -- C:\Driver Servicing\nvidia\chipset\nForce780\9.46\English\ID E\WinVista\sataraid\nvstor32.sys
    [2007/08/09 11:12:00 | 000,110,624 | -H-- | M] (NVIDIA Corporation) MD5=F2D7CCD75132F19119108E07A4FD0A12 -- C:\Windows\ConfigSetRoot\$oem$\$1\Driver Servicing\nvidia\chipset\nForce780\9.46\English\ID E\WinVista\sataraid\nvstor32.sys

    < MD5 for: SCECLI.DLL >
    [2008/01/21 02:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.1 8000_none_380de25bd91b6f12\scecli.dll
    [2009/04/11 06:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
    [2009/04/11 06:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.1 8005_none_39f95b67d63d3a5e\scecli.dll

    < %systemroot%\*. /mp /s >

    < %systemroot%\system32\*.dll /lockedfiles >
    [2009/04/11 06:27:47 | 000,241,128 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
    [2009/04/11 06:28:23 | 000,228,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
    [2010/03/05 14:01:02 | 000,420,352 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\vbscript.dll

    < %systemroot%\Tasks\*.job /lockedfiles >

    < %systemroot%\system32\drivers\*.sys /lockedfiles >


    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:0CFE8F97

    < End of report >

  15. #15
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    Now the second file.

    Extras

    OTL Extras logfile created on: 08/02/2011 15:02:57 - Run 1
    OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\Mike\Downloads
    Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.18999)
    Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

    2.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 46.00% Memory free
    5.00 Gb Paging File | 3.00 Gb Available in Paging File | 61.00% Paging File free
    Paging file location(s): c:\pagefile.sys 3067 6000 [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 690.72 Gb Total Space | 580.28 Gb Free Space | 84.01% Space Free | Partition Type: NTFS
    Drive E: | 151.25 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive K: | 233.76 Gb Total Space | 105.97 Gb Free Space | 45.33% Space Free | Partition Type: NTFS

    Computer Name: MESH | User Name: Mike | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox 3.1 Beta 2\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\DomainPr ofile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Standard Profile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\PublicPr ofile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
    "{068BFEF5-4730-4AEB-8E16-F8CB3D9CCBD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{0840F033-333D-4464-AC39-BD7D0C667D95}" = lport=137 | protocol=17 | dir=in | app=system |
    "{09CC05B8-CB95-4055-8F4E-5C08433DF818}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{1082D34B-E644-4471-83EF-755445D90B5F}" = rport=139 | protocol=6 | dir=out | app=system |
    "{15B1D6BB-3378-4421-A29E-CA1C8746C54D}" = lport=138 | protocol=17 | dir=in | app=system |
    "{3777E15D-24A6-4819-90F2-E4AC35653872}" = lport=139 | protocol=6 | dir=in | app=system |
    "{3C6132DA-503C-42A7-BDC7-3A65861A8AB0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{48AAC51F-AC72-466D-9CD4-426649F09C80}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{4DB3BD44-7284-4158-8A4C-258DA7F95FBB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{53A0AB0D-E5C9-46D1-B372-1B0A6C623FB1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{75D68B1B-00BA-4FB4-BE57-A3B20F79EA42}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{7B63B187-5AAC-4862-96DE-614115FBC814}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{86C2D028-14C3-47D5-9516-6915E6C3D8CB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{8719F933-9782-4475-8C29-6AC5A9D45EF7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{8F32DF7F-8B25-49A7-8E12-20603B6E3EBD}" = lport=445 | protocol=6 | dir=in | app=system |
    "{94FDEF06-F8AD-4DE3-81C3-A57D800BBCE2}" = rport=445 | protocol=6 | dir=out | app=system |
    "{993CC7AE-DA28-4371-9A4A-5EA654A2E1C1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{9AEA70C2-C451-43DF-82F4-DD40C851E444}" = rport=137 | protocol=17 | dir=out | app=system |
    "{9F11CD11-2BFC-471E-B7EB-D277F2C4B399}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{9F61905D-C023-49E6-B944-F1DC1F648D93}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{A369F525-600E-47B4-9AA1-87711A960C17}" = rport=10243 | protocol=6 | dir=out | app=system |
    "{B82D50CD-1D6E-468D-989E-24D83CB41A22}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{BE94DAED-3FFF-4086-8B48-38DB8095C1D9}" = rport=138 | protocol=17 | dir=out | app=system |
    "{D09B3E70-7E6C-4986-9E07-88E7E2F401C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{D346B19A-0BDA-4EB8-9998-B98A1B867682}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
    "{D63E3330-1178-4EF4-AFE4-B01D82007FB6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{E4714201-3EBC-4A92-B74F-707B1FBC7168}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{F5BCBF66-1C8C-4621-A3E5-ABB0BB6B468D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
    "{F79CE022-DEF8-4624-A928-DB2358E56923}" = lport=10243 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\SharedAccess\Parameters\FirewallPolicy\Firewall Rules]
    "{0AD083C3-67EF-4C3B-8278-5687967E4571}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{0D80A688-8963-4158-9257-D797106101CA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{14AF5896-F6B9-49D2-86ED-741F7CA80000}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{1D4C8D83-A5EF-42B0-BB14-56654ACC546D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{1F82ABFD-820E-45FD-A829-4565D09DE52C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{20B304E5-AA8B-4762-9C85-61C8D350DA91}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{21B97DDD-3BA3-4603-BC55-D17187E352D4}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |
    "{2C168413-C129-4AA1-9F06-7285B649BA7C}" = dir=in | app=c:\program files\cyberlink\powerdirector express\pdx.exe |
    "{42C0D48C-0238-4086-BB94-C3D5F5A35C9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{4554D569-F972-4EB8-B676-36002D6B60CE}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{4A428F56-6BD3-4F9A-A2FB-23984BE323A6}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{5075A9E0-E38C-43DB-A194-DCD33F9163D6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{6E639149-48CD-485C-A0ED-A700CD331090}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{6E9D3A2A-24DE-4BB2-96CD-E49995A17EC2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
    "{78B1895D-C3FF-4B05-A871-2159B0A2805A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{7B960E0B-0AD6-4BD0-8B4E-2F57759CC4AA}" = dir=in | app=c:\program files\skype\phone\skype.exe |
    "{7E8D153E-5838-458B-A5D1-DF80D0EA492B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{87E5315C-0323-4C25-AD04-15625F25DFD8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
    "{8D41E7FB-1492-41C5-8CF4-2029D8D51EB4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{8F316132-D3E7-48D0-8F4B-7241CC01BAFE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{929C7641-8C60-4828-BE88-3F38F27626B3}" = protocol=17 | dir=in | app=e:\x86\ibiscont.exe |
    "{A0FD533A-1FAC-4FAC-B1FA-31EBAD7F0D75}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
    "{A15E5F76-A576-4E45-8771-C0312655E305}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe |
    "{B3F2A41A-6B45-40BD-8E89-626500929DA6}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{B9D84C95-46A7-48CE-A826-ED19ECA24BB0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
    "{C1C92110-66C6-4C4B-B392-21929B3617EE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{C607EC33-A7E2-45A7-96FE-19DB6B29073A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{CA5CEFF3-F3E1-4A29-BE48-2EBDAD33DCF8}" = protocol=6 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{CB633679-AFBE-4551-A2B9-EDA7DBE79C2C}" = protocol=6 | dir=in | app=e:\x86\ibiscont.exe |
    "{D11D9DB2-E52F-4263-837B-07D355C1D0D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
    "{D1D4FB87-3391-4E41-927B-F50CE6F1AFB4}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{E5982BFA-8AA5-46C9-9E93-EDA58C17E963}" = protocol=17 | dir=in | app=c:\program files\kontiki\kservice.exe |
    "{EAEEA5F7-58A3-4125-BA4A-BCEA1AB8FE6C}" = protocol=6 | dir=out | app=system |
    "TCP Query User{125EEE4C-0F5A-4CB2-A2A9-B600B9BE16B7}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
    "TCP Query User{3F41D838-2EC3-4A5B-A19B-864FBE2060A4}C:\program files\kontiki\khost.exe" = protocol=6 | dir=in | app=c:\program files\kontiki\khost.exe |
    "TCP Query User{7DCC792C-E322-4913-8B67-73268418041C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "TCP Query User{A227A7B8-4C74-4ED6-9A4F-34EA22DFD6C9}C:\program files\rfactor\rfactor.exe" = protocol=6 | dir=in | app=c:\program files\rfactor\rfactor.exe |
    "TCP Query User{B012E59D-609B-441D-B4E7-0B64DC9312E6}C:\program files\mozilla firefox 3.1 beta 2\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox 3.1 beta 2\firefox.exe |
    "TCP Query User{C6ED5F0C-0553-4680-A991-E5DF1F969888}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{226DC9E6-272C-47E1-9161-0C524D92C44C}C:\program files\kontiki\khost.exe" = protocol=17 | dir=in | app=c:\program files\kontiki\khost.exe |
    "UDP Query User{36767663-5A56-40B0-9097-7D76BE2430C1}C:\program files\mozilla firefox 3.1 beta 2\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox 3.1 beta 2\firefox.exe |
    "UDP Query User{3A14949E-7374-433D-B9B1-068EC3763A65}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe |
    "UDP Query User{67C7F74E-7806-4805-A8E9-5507069FAD0D}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{B8876EAE-AD17-4435-8080-BDBBC7FB05DF}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{CAD76BFE-14E1-4B69-8416-09C87E7FA4C2}C:\program files\rfactor\rfactor.exe" = protocol=17 | dir=in | app=c:\program files\rfactor\rfactor.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}" = Microsoft Sync Framework Services v1.0 (x86)
    "{116D1725-3193-49AF-8999-036D385F701E}" = Desktop Restore
    "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412" = CanoScan LiDE 90
    "{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
    "{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
    "{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}" = EPSON TWAIN 5
    "{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 23
    "{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
    "{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
    "{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery
    "{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
    "{32729FF3-AD6A-45CC-8E55-E1916420F7F1}" = Broadband Choices Speed Tester
    "{3BEF9769-BA52-18F7-1D02-2362F6A27E38}" = Adobe Media Player
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go 5.0
    "{41888B21-922B-4241-4594-EF1E6828A72B}" = BBC iPlayer Desktop
    "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
    "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
    "{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}" = Safari
    "{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
    "{6D8D64BE-F500-55B6-705D-DFD08AFE0624}" = Acrobat.com
    "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
    "{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
    "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
    "{8B7443F5-E141-42A0-AB61-ED2331AAD606}" = 4oD
    "{8FFC924C-ED06-44CB-8867-3CA778ECE903}" = Adobe Help Center 2.0
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
    "{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
    "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
    "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
    "{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
    "{A8BD5A60-E843-46DC-8271-ABF20756BE0F}" = Microsoft Sync Framework Runtime v1.0 (x86)
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
    "{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
    "{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
    "{ADD5DB49-72CF-11D8-9D75-000129760D75}" = PowerBackup
    "{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
    "{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
    "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
    "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
    "{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16
    "{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
    "{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
    "{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
    "{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
    "{DEFCEA84-FE98-460D-8B54-7D9653432390}" = ScanSoft OmniPage 15
    "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
    "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
    "{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = PowerDVD Copy
    "{E6CFBFB5-9232-410C-B353-AF6E614B2681}" = LightScribe System Software 1.10.16.1
    "{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
    "{EBB7C1C1-D439-4D9B-9FDC-954C10F266B0}" = Adobe Photoshop Elements 4.0
    "{EDE721EC-870A-11D8-9D75-000129760D75}" = PowerDirector Express
    "{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
    "{EE798051-986A-474A-AD4F-466504373187}" = Smart Label Printer 6.9
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0
    "{F7B0939E-58DF-11DF-B3A6-005056806466}" = Google Earth
    "{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
    "{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}" = Folder Size for Windows
    "{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
    "4oD" = 4oD
    "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
    "Adobe Photoshop Elements 4" = Adobe Photoshop Elements 4.0
    "Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0
    "AI RoboForm" = AI RoboForm (All Users)
    "Ashampoo Snap 3_is1" = Ashampoo Snap 3.40
    "Ashampoo WinOptimizer 6_is1" = Ashampoo WinOptimizer 6.24
    "BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD 723A6DA9D.1" = BBC iPlayer Desktop
    "BullGuard" = BullGuard 9.0
    "CAL" = Canon Camera Access Library
    "CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX
    "CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX
    "CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX
    "Canon G.726 WMP-Decoder" = Canon G.726 WMP-Decoder
    "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task
    "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
    "CanonSolutionMenu" = Canon Utilities Solution Menu
    "CCleaner" = CCleaner
    "com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B15982 78E07.1" = Adobe Media Player
    "CSCLIB" = Canon Camera Support Core Library
    "DBXTriever_is1" = DBXTriever 3.20
    "DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
    "Down2Home" = Down2Home
    "EOS Utility" = Canon Utilities EOS Utility
    "GOM Player" = GOM Player
    "Google Desktop" = Google Desktop
    "GoToAssist" = GoToAssist Corporate
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "hp deskjet 990c series" = hp deskjet 990c series (Remove only)
    "iiyama Monitor Test_is1" = iiyama Monitor Test 2.1
    "McAfee Security Scan" = McAfee Security Scan Plus
    "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
    "Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)
    "MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
    "MyAshampoo Toolbar" = MyAshampoo Toolbar
    "NVIDIA Drivers" = NVIDIA Drivers
    "PhotoStitch" = Canon Utilities PhotoStitch
    "Picasa 3" = Picasa 3
    "Rapport_msi" = Rapport
    "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
    "RealPlayer 12.0" = RealPlayer
    "RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX
    "Replay Media Catcher 3.02" = Replay Media Catcher 3.02
    "rFactor" = rFactor (remove only)
    "SMART PANEL for Scanner" = EPSON SMART PANEL for Scanner
    "TreeSize Professional_is1" = TreeSize Professional 5.1.2
    "Windows Live Toolbar" = Windows Live Toolbar
    "Windows Media Encoder 9" = Windows Media Encoder 9 Series
    "Yahoo! Applications" = BT Yahoo! Applications
    "Yahoo! Software Update" = Yahoo! Software Update
    "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Uninstall]
    "Google Chrome" = Google Chrome

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 06/02/2011 21:17:30 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 18127

    Error - 06/02/2011 21:17:31 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 06/02/2011 21:17:31 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 19126

    Error - 06/02/2011 21:17:31 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 19126

    Error - 06/02/2011 21:17:32 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 06/02/2011 21:17:32 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 20249

    Error - 06/02/2011 21:17:32 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 20249

    Error - 06/02/2011 21:17:34 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 06/02/2011 21:17:34 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 21481

    Error - 06/02/2011 21:17:34 | Computer Name = Mesh | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 21481

    [ Media Center Events ]
    Error - 29/01/2011 18:10:48 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 29/01/2011 18:37:16 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 29/01/2011 19:01:41 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 29/01/2011 19:27:37 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 29/01/2011 20:45:42 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 30/01/2011 11:34:45 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 05/02/2011 12:28:34 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 06/02/2011 14:26:48 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 06/02/2011 14:38:41 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    Error - 07/02/2011 08:53:38 | Computer Name = Mesh | Source = ehRecvr | ID = 4
    Description =

    [ OSession Events ]
    Error - 31/12/2008 10:38:19 | Computer Name = Mesh | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
    12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 748
    seconds with 540 seconds of active time. This session ended with a crash.

    Error - 12/10/2009 19:00:52 | Computer Name = Mesh | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1112
    seconds with 780 seconds of active time. This session ended with a crash.

    Error - 14/10/2009 13:37:02 | Computer Name = Mesh | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23105
    seconds with 1020 seconds of active time. This session ended with a crash.

    Error - 08/12/2009 20:57:52 | Computer Name = Mesh | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
    12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 193513
    seconds with 6900 seconds of active time. This session ended with a crash.

    Error - 10/12/2009 10:03:17 | Computer Name = Mesh | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
    12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 119
    seconds with 0 seconds of active time. This session ended with a crash.

    Error - 12/01/2011 14:28:03 | Computer Name = Mesh | Source = Microsoft Office 12 Sessions | ID = 7001
    Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
    12.0.6504.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 11057
    seconds with 0 seconds of active time. This session ended with a crash.

    [ System Events ]
    Error - 05/02/2011 12:28:09 | Computer Name = Mesh | Source = Service Control Manager | ID = 7026
    Description =

    Error - 05/02/2011 16:28:13 | Computer Name = Mesh | Source = bowser | ID = 8003
    Description =

    Error - 06/02/2011 14:26:28 | Computer Name = Mesh | Source = Service Control Manager | ID = 7026
    Description =

    Error - 06/02/2011 14:32:23 | Computer Name = Mesh | Source = DCOM | ID = 10000
    Description =

    Error - 06/02/2011 14:37:52 | Computer Name = Mesh | Source = volsnap | ID = 393229
    Description = The shadow copy of volume C: could not grow its shadow copy storage
    on volume C:.

    Error - 06/02/2011 14:38:14 | Computer Name = Mesh | Source = Service Control Manager | ID = 7026
    Description =

    Error - 06/02/2011 14:39:12 | Computer Name = Mesh | Source = DCOM | ID = 10000
    Description =

    Error - 07/02/2011 08:51:02 | Computer Name = Mesh | Source = volsnap | ID = 393229
    Description = The shadow copy of volume C: could not grow its shadow copy storage
    on volume C:.

    Error - 07/02/2011 08:51:26 | Computer Name = Mesh | Source = Service Control Manager | ID = 7026
    Description =

    Error - 07/02/2011 09:49:13 | Computer Name = Mesh | Source = DCOM | ID = 10000
    Description =


    < End of report >

  16. #16
    Administrator & Security Team Starbuck's Avatar
    Join Date
    Feb 2010
    Location
    Midlands, UK
    Posts
    3,380

    PC Experience:
    Very Experienced


    Operating System:
    XP Home / Win7 Pro / Win8.1 Pro / Win 10 preview

    Default

    Hi mtav,

    Well, there's no obvious signs of malware.
    But to be honest your system is running too many security programs.
    Running too many is just as bad as not enough.
    They'll just fight and conflict with one another.
    BullGuard 9.0
    Rapport
    Spybot-S&D
    Windows Defender
    These are good programs .... but not when run all together.

    Recommendation
    At a minimum i'd recommend turning off Teatimer and WinDefender.
    This would still give you the option of running them manually if needed.

    WinDefender
    • Click Start >> Programs >> Windows Defender or launch from the system tray icon.
    • Click on Tools & Settings >> Options.
    • Under Real-time protection options, uncheck the "Real-time protection" check box.
    • Click Save.
    • Go to Start >> Control Panel >> Security >> Windows Defender, at the bottom of the Window Defenders page uncheck under Administrator Options "use Windows Defender" and then Save.



    TeaTimer
    • Open Spybot and click on 'Mode' then click 'Advanced Mode'.
    • Click on 'Tools' in bottom left hand corner.
    • Click on the 'System Startup' icon.
      Uncheck 'Teatimer' box and/or uncheck 'Resident'.
    • Then, check next to the computer clock to see if the icon for Spybot is still there.
      If it is, right click it and choose 'exit Spybot-S&D Resident'.


    Reboot the computer.

    There's a few orphan entries on your system, we can clean those now.

    Double click on OTL.exe to run it.
    Copy the lines in the codebox below. (make sure that :Otl is on the first line )
    Code:
    :otl
    O2 - BHO: (no name) - {23162633-071E-4D3C-B347-B85451A92DBA} - No CLSID value found.
    O4 - HKCU..\Run: [msnmsgr] File not found
    O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
    @Alternate Data Stream - 181 bytes -> C:\ProgramData\TEMP:0CFE8F97
    
    :Files
    ipconfig /flushdns /c
    
    :commands
    [emptytemp]
    [purity]
    [RESETHOSTS]
    [EMPTYFLASH]
    • Return to OTL,
    • right click in the Custom Scans/Fixes window (under the blue bar) and choose Paste.


    • Click the red Run Fix button.


    • OTL will reboot your system once the fix has completed.
    • After the reboot, you may need to double click OTL to launch the program and retrieve the log.


    As we're only cleaning up a few items, there's no need to post the fix report.

    To remove OTL after the fix:

    • Please double-click OTL.exe to run it.
    • You should see a CleanUp! button, press that button,


    • This will remove any programs we have asked you to download along with there associated folders.. plus itself.
    Member of:
    UNITE

  17. #17
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    Done all that, Starbucks, except that, when working on TeaTimer, after clicking on System Startup there were no checkboxes (Teatimer, Resident or otherwise) but, on going back and starting again, before clicking System Startup there was a Resident box which I unchecked.

    I suppose it was a useful exercise, so thank you, but I still have the original problems in Windows Mail. For example, when I send a message no copy is left in the Sent Items folder.

    Any suggestions where I should go from here?

    I did ask what the experts thought of the idea of giving up on Windows Mail and using Eudora ot Thunderbird instead.

  18. #18
    Administrator RandyL's Avatar
    Join Date
    Jan 2003
    Location
    USA, Nebraska
    Posts
    4,967

    PC Experience:
    Very Experienced


    Operating System:
    Windows 7 Home Premium-Vista Home Premium

    Default

    I don't have Vista anymore but I was wondering if Windows Mail is in Features.

    Control Panel>Programs and Features>Turn Windows features on or off.

    Personally I like Windows Live Mail.
    We are all members helping other members. Please return here where you may be able to help someone else. After all, no one knows everything and you may have the answer that someone needs.

    Get help with computer problems. Join Free PC Help here

    Donations are welcome. Read Here

  19. #19
    Free PC Help Contributor
    Join Date
    Feb 2009
    Posts
    101

    PC Experience:
    Some Experience


    Operating System:
    Windows Vista - Home Premium

    Default

    Regrettably. no. Windows Mail isn't there.

  20. #20
    Administrator & Security Team Starbuck's Avatar
    Join Date
    Feb 2010
    Location
    Midlands, UK
    Posts
    3,380

    PC Experience:
    Very Experienced


    Operating System:
    XP Home / Win7 Pro / Win8.1 Pro / Win 10 preview

    Default

    I see you have:
    Microsoft Office Home and Student 2007 installed, it's a pity MS don't give you 'Outlook' with that.
    I use Outlook all the time.
    I have used Thunderbird in the past and found it quite easy to use and found it reliable.
    Member of:
    UNITE

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •