Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 7 will not run any programs

Started by Ranman60 , Oct 03 2011 03:13 PM

  • Please log in to reply

#1
Ranman60
Posted 03 October 2011 - 03:13 PM

Ranman60

    New Member

  • Member
  • Pip
  • 1 posts
Windows 7 Home Premium
When I boot in normal windows mode, the system will not let me run any programs. In Safe Mode, I can run MalwareBytes and OTL. Logs posted below. MalwareBytes does not detect any malware when in Safemode.

OTL Log

OTL logfile created on: 10/3/2011 3:04:58 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\rminner\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 80.74% Memory free
7.92 Gb Paging File | 7.30 Gb Available in Paging File | 92.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.55 Gb Total Space | 378.38 Gb Free Space | 83.24% Space Free | Partition Type: NTFS
Drive D: | 11.21 Gb Total Space | 1.51 Gb Free Space | 13.43% Space Free | Partition Type: NTFS

Computer Name: RANDY-PC | User Name: rminner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/03 15:04:43 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\rminner\Downloads\OTL.exe
PRC - [2011/07/19 09:20:04 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe


========== Modules (No Company Name) ==========

MOD - [2011/07/19 09:20:03 | 001,850,328 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/05/13 08:11:33 | 006,271,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/03/17 16:39:40 | 000,501,768 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2011/03/13 11:45:12 | 000,158,832 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2011/03/13 11:37:22 | 000,208,272 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2011/03/13 11:37:06 | 000,197,960 | ---- | M] () [Unknown | Stopped] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2008/01/20 21:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 10:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/22 18:01:18 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2010/04/13 20:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/09/29 10:17:50 | 000,013,088 | ---- | M] (Intuit Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2009/03/29 23:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/11/13 14:02:08 | 000,076,544 | ---- | M] (ArcSoft, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i 3\uMgiSvr.exe -- (MgiSvr)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/08/21 10:00:42 | 000,064,272 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2011/04/11 14:29:20 | 000,071,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)
DRV:64bit: - [2011/03/13 11:20:10 | 000,639,216 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2011/03/13 11:20:10 | 000,481,376 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2011/03/13 11:20:10 | 000,281,928 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2011/03/13 11:20:10 | 000,227,856 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2011/03/13 11:20:10 | 000,156,792 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2011/03/13 11:20:10 | 000,098,728 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2011/03/13 11:20:10 | 000,075,672 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2011/03/13 11:20:10 | 000,065,128 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2010/04/19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/04/13 20:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\DRIVERS\MOBK.sys -- (MOBKFilter)
DRV:64bit: - [2009/09/16 10:22:40 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009/09/16 10:15:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/06/02 16:28:52 | 000,247,808 | ---- | M] (Novatel Wireless Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NWADIenum.sys -- (NWADI)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbser.sys -- (NWUSBPort)
DRV:64bit: - [2008/05/09 11:08:40 | 000,213,120 | ---- | M] (Novatel Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\nwusbmdm.sys -- (NWUSBModem)
DRV:64bit: - [2008/05/08 05:27:00 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAXHWBS2.sys -- (CAXHWBS2)
DRV:64bit: - [2008/05/08 05:25:12 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/05/08 05:24:08 | 001,487,872 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2008/02/26 12:18:00 | 000,615,424 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\netr7364.sys -- (netr7364)
DRV:64bit: - [2007/10/18 10:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2007/07/02 15:08:46 | 000,018,304 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\ArcSoftVirtualCapture.sys -- (ARCSOFTVIRTUALCAPTURE)
DRV:64bit: - [2006/06/19 09:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - [2011/08/03 02:53:17 | 000,386,128 | ---- | M] () [Kernel | System | Stopped] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\29574\RapportCerberus64_29574.sys -- (RapportCerberus_29574)
DRV - [2011/06/22 18:01:32 | 000,061,200 | ---- | M] (Trusteer Ltd.) [Kernel | System | Stopped] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2011/06/22 18:01:32 | 000,052,496 | ---- | M] (Trusteer Ltd.) [Kernel | System | Stopped] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.myheritage.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/ig"
FF - prefs.js..extensions.enabledItems: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB}:1.0.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3
FF - prefs.js..extensions.enabledItems: [email protected]:1.0.0.071303000006
FF - prefs.js..extensions.enabledItems: {B13721C7-F507-4982-B2E5-502A71474FED}:3.3.0.3971

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files (x86)\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/08 09:58:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/19 09:20:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/04/30 09:22:13 | 000,000,000 | ---D | M]

[2009/07/10 09:28:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Randy\AppData\Roaming\Mozilla\Extensions
[2011/03/02 23:36:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\rminner\AppData\Roaming\mozilla\Firefox\Profiles\h5rux85a.default\extensions
[2009/09/02 07:57:10 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\rminner\AppData\Roaming\mozilla\Firefox\Profiles\h5rux85a.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/07/27 17:05:53 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\rminner\AppData\Roaming\mozilla\Firefox\Profiles\h5rux85a.default\extensions\[email protected]
[2011/05/12 08:00:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2009/12/06 15:41:36 | 000,000,000 | ---D | M] (Dealio Toolbar Plugin) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}
[2010/05/01 18:01:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/11/04 12:40:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011/05/12 08:00:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2009/10/01 09:13:33 | 000,000,000 | ---D | M] (Family Toolbar) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}
[2009/12/06 15:41:44 | 000,000,000 | ---D | M] (Search Settings Plugin) -- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]
[2011/07/19 09:20:04 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009/11/19 16:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/19 16:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll
[2008/09/15 12:52:06 | 000,376,832 | ---- | M] ( ) -- C:\Program Files (x86)\mozilla firefox\plugins\npsnapfish.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/11/19 12:49:02 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\13.0.782.112\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\13.0.782.112\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\13.0.782.112\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Snapfish Plugin for Firefox (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npsnapfish.dll
CHR - plugin: AOL Media Playback Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npunagi2.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\randy\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60129.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\DLLx64\SnagItBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20110619095335.dll (McAfee, Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (MHTBPos00 Class) - {0C37B053-FD68-456a-82E1-D788EE342E6F} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110619095335.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\Search Settings\kb128\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 9\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Family Toolbar) - {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - C:\Program Files (x86)\Family Toolbar\tbcore3.dll ()
O4:64bit: - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4:64bit: - HKLM..\Run: [McPvTray_exe] C:\Program Files\McAfee\MAT\McPvTray.exe (McAfee, Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [NvMediaCenter] C:\Windows\SysNative\NvMcTray.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [TuneClone] C:\Program Files (x86)\TuneClone\TuneClone.exe (TuneClone.COM)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10q_Plugin.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.180.42.68 208.180.42.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ADB34016-E1F8-4A96-B92E-96FCBBADD5CA}: DhcpNameServer = 208.180.42.68 208.180.42.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4DC49DC-6782-4534-B2E5-5036F446D676}: DhcpNameServer = 168.94.0.15 168.94.0.14
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{ac2a6747-8e51-11de-a114-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{ac2a6747-8e51-11de-a114-00038a000015}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/03 14:40:42 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/09/12 18:39:16 | 000,000,000 | ---D | C] -- C:\a5c390489dc459cdbd893f174c74
[2011/09/11 19:23:28 | 000,000,000 | ---D | C] -- C:\1e2671c26c6f8b9a0dbf49717f3331

========== Files - Modified Within 30 Days ==========

[2011/10/03 14:53:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/03 14:42:59 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/10/03 14:40:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/10/03 14:40:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{18B0E2D1-0499-4F71-BE42-4E922FCC8493}.job
[2011/10/03 14:38:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/03 14:38:06 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/03 14:38:05 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/03 13:23:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/29 16:39:16 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/09/12 18:35:09 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/11 19:26:50 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/11 19:26:50 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/10 21:00:48 | 000,001,356 | ---- | M] () -- C:\Users\rminner\AppData\Local\d3d9caps.dat

========== Files Created - No Company Name ==========

[2011/03/29 11:44:49 | 000,098,304 | ---- | C] () -- C:\Windows\SysWow64\redmonnt.dll
[2011/02/23 19:23:20 | 000,000,004 | ---- | C] () -- C:\Windows\msoffice.ini
[2010/02/18 10:19:08 | 000,001,356 | ---- | C] () -- C:\Users\rminner\AppData\Local\d3d9caps.dat
[2010/01/08 09:58:34 | 000,023,142 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/16 09:17:38 | 000,077,406 | ---- | C] () -- C:\Windows\hpqins05.dat
[2009/12/06 15:41:25 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2009/09/27 15:13:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/09/17 02:39:35 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/17 02:39:06 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/17 02:38:39 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/16 21:40:38 | 000,000,246 | ---- | C] () -- C:\Users\rminner\AppData\Roaming\wklnhst.dat
[2009/07/17 11:40:30 | 000,000,000 | ---- | C] () -- C:\Windows\PasswordsPlus.INI
[2008/12/23 16:01:36 | 000,000,681 | ---- | C] () -- C:\Windows\MyHeritage.INI
[2008/12/23 16:00:52 | 000,454,656 | ---- | C] () -- C:\Windows\SysWow64\PaintX.dll
[2008/11/05 14:20:16 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/09/23 19:16:57 | 000,165,535 | ---- | C] () -- C:\Windows\hpoins28.dat
[2008/09/19 17:24:22 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/09/19 15:50:48 | 000,000,193 | ---- | C] () -- C:\Windows\QUICKEN.INI
[2008/07/01 12:28:16 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/05/17 15:11:13 | 000,691,481 | ---- | C] () -- C:\Windows\unins000.exe
[2008/05/17 15:11:13 | 000,001,484 | ---- | C] () -- C:\Windows\unins000.dat
[2008/05/17 14:54:21 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2008/05/17 14:54:21 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2008/05/11 22:49:03 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[1999/01/22 13:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL

========== LOP Check ==========

[2009/09/16 21:40:41 | 000,000,000 | ---D | M] -- C:\Users\rminner\AppData\Roaming\Template
[2011/04/21 09:01:48 | 000,000,000 | ---D | M] -- C:\Users\rminner\AppData\Roaming\Trusteer
[2011/10/03 13:48:00 | 000,032,580 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011/10/03 14:40:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{18B0E2D1-0499-4F71-BE42-4E922FCC8493}.job
[2011/08/23 13:34:04 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{559EE902-ED11-4B5F-9C57-F7D42DB3B9F0}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\ProgramData\TEMP:0B174FAE

< End of report >


Extras log

OTL Extras logfile created on: 10/3/2011 3:04:58 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\rminner\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.87 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 80.74% Memory free
7.92 Gb Paging File | 7.30 Gb Available in Paging File | 92.07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 454.55 Gb Total Space | 378.38 Gb Free Space | 83.24% Space Free | Partition Type: NTFS
Drive D: | 11.21 Gb Total Space | 1.51 Gb Free Space | 13.43% Space Free | Partition Type: NTFS

Computer Name: RANDY-PC | User Name: rminner | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 1F E7 58 C5 99 37 CA 01 [binary data]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04DBA485-DA0B-4ECD-BBD0-41DAE8627302}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{09EE681C-4E31-43BA-8337-DD816029C9BB}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2547E602-F94A-46AA-BC36-31C9442DFF04}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{31D1C920-5CE3-4429-AB9D-9864AC87420F}" = lport=138 | protocol=17 | dir=in | app=system |
"{355DAA24-8978-407F-B6CE-E9C18061C0C5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{38955E56-3BDB-407C-ABDF-6244AC2AE069}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4ABFA64A-5CA0-44CC-8308-86C5BC1E2C42}" = lport=137 | protocol=17 | dir=in | app=system |
"{4B873599-10AB-4936-8B32-DABCDF9C1D4A}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe |
"{5E112471-B7DE-4208-978F-63DBE5B72A13}" = lport=139 | protocol=6 | dir=in | app=system |
"{647AFEA5-2F62-49DB-B537-A3FE8EB7E030}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{92F0D628-9E4F-4523-AA39-85DD0C09ED49}" = rport=137 | protocol=17 | dir=out | app=system |
"{9E074797-83FB-4A7C-BABF-E5615988A28C}" = rport=139 | protocol=6 | dir=out | app=system |
"{A7803A03-0290-4216-96B6-C446C566078D}" = rport=138 | protocol=17 | dir=out | app=system |
"{A90E8D04-1068-4B67-9CDB-E96AE2590508}" = rport=445 | protocol=6 | dir=out | app=system |
"{AB19A628-222D-4836-BE5F-A80487AE2781}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B15B8AC8-1E35-493F-86D1-CF9B8470E5A7}" = lport=445 | protocol=6 | dir=in | app=system |
"{B3E1AE68-E7A3-47B4-8992-64917A240DF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B60E7E87-9792-4BBD-ACC7-0CD0DD78ECC2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B8807129-F90E-44DE-96FB-EEEF577820D9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E8DADAD2-C821-439D-982D-AD5229F1B6A9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{EAC09F36-3770-4513-BF07-3E6A7056A802}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdater.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DDAD81-6BE3-4F4B-8AD5-7D6C43B44B67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{062AB520-D7EC-4582-B3E6-D926197072F9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{0806A373-166A-45E9-8E92-C43F8EF96F6E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0ABA626E-8266-4AD4-8843-032CF767764E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1499D017-F78E-4846-A450-062DC733D036}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1608219B-9E10-4454-ABB7-5134890C3655}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{16F30A71-405D-45EF-9EB0-30CB61306CDA}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{22727669-D330-4026-AF24-8DAFCAFA85F3}" = protocol=1 | dir=out | [email protected],-28544 |
"{2DF79EFE-FDBD-477F-9CC0-E7C556BF0C55}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{2EA5D3BD-5BBA-4D45-88E2-BAC7C97CD3EF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{2FC53719-0F37-4D62-ADDD-086EB51CA75F}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{326CB32A-0771-4DBA-9BF7-4E69B71BC511}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\1221863140\ee\aolsoftware.exe |
"{3304D26D-1AAE-4148-BDD1-AFBD25735E2C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{34CC135A-0546-4422-865B-864BB8358040}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{3505CAD0-B423-4F50-839F-00898BF5543C}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{429858F0-4B2A-4814-A709-22E8E0D85323}" = protocol=6 | dir=out | app=system |
"{44E346C9-21E6-43C1-A8F2-03BA43A6DFD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{4605D94A-BE7F-46BF-A473-10D2CD6A2093}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4A71D7B7-C6AB-4F34-AC42-1F1570EC8F6F}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{4DE1309E-2FF0-4477-BBD7-53FC20D03A50}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{4F9DF027-21C8-4816-834B-046E00194C5B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52FF573B-4C3D-42D3-A3C2-BAA7D780A551}" = protocol=58 | dir=out | [email protected],-28546 |
"{53CB69E5-E9F5-4CE4-BCE4-9F4B07E918A5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{6075F31E-02B6-479E-9E3C-C4A5285B1187}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{64AFCC23-D468-44B8-A939-2A4C571B2EA6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6BC3E825-F230-4E64-BC3C-AB9A63A64DEA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C693999-FE1A-4E99-8926-02EC50916AB4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{7662D024-DEC1-434E-9F7F-84D85545ACD9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{776E8735-46F9-49B8-8320-BF22E53301E7}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{7A713E04-8C55-47EF-B200-23E2AF872D24}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{7AC9B1DE-290D-4E8C-9AE7-AC5C8CD3C99E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7B830001-B6FE-46C4-8DDD-38EEDE2E3CA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7C2B7CB6-5BFE-486E-96B5-52A7B133F25A}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{87666BB4-B718-446D-9091-00546C86A882}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{897E0557-E9AE-4A0E-AB92-69A9D79A6FC9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{8EA36815-3F7E-4593-852D-E8C20636CC18}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{9299B4D9-4B35-452B-8ED9-7D1A510596C9}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\acs\aoldial.exe |
"{94991952-0ECB-48DF-8FE4-D98335CF330B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{96366EC0-B966-4028-9D37-37F805F26552}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{99C24B52-7696-463F-9589-0786888D3A41}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9F1B45BF-CF27-4E40-9015-36C89DBF4EBA}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\acs\aolacsd.exe |
"{A22AFEA6-44AA-4B84-A343-FC715BE048E2}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{AABF5EBB-FA2C-4DD2-888C-45601EE03FC7}" = protocol=17 | dir=in | app=c:\users\randy\downloads\pdfconvertersetup.exe |
"{AC4309DF-7FDA-4B32-A6F0-B17F5D659342}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{AC9E1F70-6FD5-4443-9BF3-FB1FA99C8155}" = protocol=17 | dir=in | app=c:\program files (x86)\aol 9.1\waol.exe |
"{AE417161-9137-43EF-A3CA-650D9D962EE6}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B1F8EEAC-C77C-4A9C-ABB3-56699F0F4DD2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{B31BFAF9-41F0-4741-9AFF-4EE2B9CBB2C5}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{B4D85581-CB19-4F50-BCE5-4B11C8026B79}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{B701CFA6-F95D-4047-ADF8-25E0A0851957}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{B9940A4D-BB87-49EC-988D-C15AF4B169AF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BA9DD324-FBB3-4C9B-9D76-20748CA6FDE5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BBD7973E-9351-415F-9559-2E73BF10AE50}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\1221863140\ee\aolsoftware.exe |
"{BED7D6D6-97BE-47DA-B40B-A7964591EFAF}" = protocol=58 | dir=in | [email protected],-28545 |
"{C1525784-D106-4DEC-9350-4611FD11CD49}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\aol\system information\sinf.exe |
"{C524FCEA-1AF6-45C1-8A90-171C7DFDDF12}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{C6742004-EF24-4CE5-886C-CCDC2C8B0EED}" = protocol=1 | dir=in | [email protected],-28543 |
"{C8A484BF-0478-4C6D-9904-805632057BE8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C8DF8C8B-1F97-4867-85E6-6E1A274BEFF7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{D67F0853-4331-4B25-9688-6A9270E2F662}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{DE6FBAA4-8798-4A12-8663-856BE523B50F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{E03C63BC-753A-4AF1-B348-56A474B91D07}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{E076E563-15F7-4E4E-88B9-AEA4599A0F13}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.5\waol.exe |
"{E09A70C7-3702-4B31-BABB-785D486869FC}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{E3D53C43-35E2-48E3-BA85-25BFACFC0060}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\aol\loader\aolload.exe |
"{E4B71221-5964-45A6-8B08-6978C6C26159}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{E83E164F-8FDA-4EBD-A49E-EEC59A74111C}" = protocol=6 | dir=in | app=c:\users\randy\downloads\pdfconvertersetup.exe |
"{E8E15F17-0F50-4F46-AABE-F828A41447DD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{ED06EF2B-637D-492B-8CEC-E8722C977218}" = protocol=6 | dir=in | app=c:\program files (x86)\aol 9.1\waol.exe |
"{EEFA3062-DAAF-4A5F-8379-D5BA0AAB07B2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F24B3BE3-28CF-4021-A4B7-BA4475060C38}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{F432E3B4-55AB-4E2D-8D25-74D047BE19D1}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{FA6061EA-750D-4E36-9E88-0578E926E557}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{FE48DD20-DD14-43F2-9317-593893A909B8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FFB3562D-6817-4C49-B059-5DCC730235EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{23B45E10-0CA5-43E9-BD6D-C2BD6CBE11AC}" = iTunes
"{328CC232-CFDC-468B-A214-2E21300E4CB5}" = Apple Mobile Device Support
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour
"{BCF96C47-BDAF-496C-BFFF-B66386F4DB78}_is1" = HP Demo
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"doPDF 7 printer_is1" = doPDF 7.2 printer
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Professional
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0B1AAC97-8563-41D9-AE47-58E6A222F0E1}" = Search Settings 1.2.2
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check for Health Check
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java™ 6 Update 24
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2BB67266-D1A3-4CCC-8EB2-16770AB1FB76}" = ArcSoft WebCam Companion 2
"{2EEC2A94-7204-45C6-93BB-67EAEB19E4D6}" = Safari
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44CDBD1B-89FB-4E02-8319-2A4C550F664A}" = RTC Client API v1.2
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{567C5FE9-17AC-4D5D-99FD-1AC0FC43977C}" = OverDrive Media Console
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{68CC54AC-EFE5-4CE4-81F8-BE0C834E2D86}" = Mobile Broadband Generic Drivers
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{719842F9-FF69-4BA6-A6FE-52244575E0B3}" = ArcSoft VideoImpression 2
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{8704D51E-25B7-4F23-81E7-AA4F54790210}" = Microsoft Streets and Trips 2004
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{94C3BB3A-56A1-43DE-A242-8B41F46E97EF}" = Dealio Toolbar v4.0.1
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = iSEEK AnswerWorks English Runtime
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2
"{ADDD6985-3A28-44D0-A1BA-FDD19A820491}" = SnagIt 9
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CA634931-0CC3-4067-ABCC-7182E1DC23B7}" = HP Button Manager
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D31612BB-C6D7-4142-96AE-16DB062354CF}" = HP Webcam User's Guide
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{E0810CC2-4B5B-4439-B1D0-452306AF2D64}" = HP Active Support Library
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EB900AF8-CC61-4E15-871B-98D1EA3E8025}" = QuickTime
"{EBCBA952-DA46-4687-9784-D8B4E25A6B14}" = Passwords Plus
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FAB046D7-C187-4648-A1A9-FC875F7E3FCE}" = ArcSoft Magic-i 3
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.5
"CCleaner" = CCleaner (remove only)
"CDex" = CDex extraction audio
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DVD Shrink_is1" = DVD Shrink 3.2
"eCleaner 2.02" = eCleaner 2.02
"Family Tree Builder" = MyHeritage Family Tree Builder
"FoxTab PDF Converter" = FoxTab PDF Converter
"Free Mp3 Wma Converter_is1" = Free Mp3 Wma Converter V 1.81
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Mozilla Firefox 5.0 (x86 en-US)" = Mozilla Firefox 5.0 (x86 en-US)
"MSC" = McAfee Total Protection
"NSS" = Norton Security Scan
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"Picasa 3" = Picasa 3
"Rapport_msi" = Rapport
"TuneClone_is1" = TuneClone 1.36
"TurboTax 2009" = TurboTax 2009
"ViewpointMediaPlayer" = Viewpoint Media Player
"VZAccess Manager" = VZAccess Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/12/2011 7:35:36 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:35:38 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:35:42 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:35:43 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:36:51 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:36:52 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:36:53 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:36:53 PM | Computer Name = randy-PC | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - 9/12/2011 7:49:06 PM | Computer Name = randy-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 5764 (0x1684) Thread address : 0x00000000772D6CBA Thread message : Build VSCORE.14.4.0.333
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files (x86)\Online
Services\NetzeroUS_Acc\NetZeroHSSetup.exe by C:\Windows\Explorer.EXE 4(0)(0) 4(0)(0)

7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 9/12/2011 8:56:27 PM | Computer Name = randy-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 9/20/2009 5:31:37 AM | Computer Name = randy-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 10/3/2011 3:53:14 PM | Computer Name = randy-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 2:44:47 PM on 10/3/2011 was unexpected.

Error - 10/3/2011 3:53:28 PM | Computer Name = randy-PC | Source = netbt | ID = 4321
Description = The name "RANDY-PC :0" could not be registered on the interface
with IP address 192.168.1.101. The computer with the IP address 192.168.1.102 did
not allow the name to be claimed by this computer.

Error - 10/3/2011 3:53:28 PM | Computer Name = randy-PC | Source = netbt | ID = 4321
Description = The name "RANDY-PC :0" could not be registered on the interface
with IP address 192.168.1.101. The computer with the IP address 192.168.1.102 did
not allow the name to be claimed by this computer.

Error - 10/3/2011 3:54:00 PM | Computer Name = randy-PC | Source = Service Control Manager | ID = 7001
Description =

Error - 10/3/2011 3:54:00 PM | Computer Name = randy-PC | Source = Service Control Manager | ID = 7026
Description =

Error - 10/3/2011 3:57:33 PM | Computer Name = randy-PC | Source = DCOM | ID = 10005
Description =

Error - 10/3/2011 4:01:47 PM | Computer Name = randy-PC | Source = DCOM | ID = 10005
Description =

Error - 10/3/2011 4:01:55 PM | Computer Name = randy-PC | Source = DCOM | ID = 10005
Description =

Error - 10/3/2011 4:01:57 PM | Computer Name = randy-PC | Source = DCOM | ID = 10005
Description =

Error - 10/3/2011 4:02:05 PM | Computer Name = randy-PC | Source = DCOM | ID = 10005
Description =


< End of report >
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP