Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

CD DRIVE MISSING - HIJACK THIS LOG

Started by MCASH711 , Jun 26 2012 11:08 AM

  • Please log in to reply

#1
MCASH711
Posted 26 June 2012 - 11:08 AM

MCASH711

    New Member

  • Member
  • Pip
  • 2 posts
MY CD DRIVE IS MISSING. HERE IS THE HIJACK THIS LOG:


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:04:57 AM, on 6/26/2012
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\taskeng.exe
C:\Users\cashtopia\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [OnScreenDisplay] C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [isCfgWiz] "c:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe" -G:{77CCBE0B-A541-49a9-883E-14F8337EC861} -T:Config -REBOOT
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\cashtopia\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Vongo Tray.lnk = ?
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: Vongo Service - Starz Entertainment Group LLC - C:\Program Files\Vongo\VongoService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10267 bytes
  • 0

Advertisements

#2
MCASH711
Posted 26 June 2012 - 01:35 PM

MCASH711

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
OTL logfile created on: 6/26/2012 11:05:58 AM - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\cashtopia\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 52.89% Memory free
4.09 Gb Paging File | 2.72 Gb Available in Paging File | 66.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.97 Gb Total Space | 193.89 Gb Free Space | 87.75% Space Free | Partition Type: NTFS
Drive D: | 11.91 Gb Total Space | 1.26 Gb Free Space | 10.61% Space Free | Partition Type: NTFS
Drive F: | 3.70 Gb Total Space | 0.24 Gb Free Space | 6.49% Space Free | Partition Type: FAT32
Drive G: | 3.73 Gb Total Space | 1.85 Gb Free Space | 49.52% Space Free | Partition Type: FAT32
Drive H: | 7.45 Gb Total Space | 3.45 Gb Free Space | 46.32% Space Free | Partition Type: FAT32

Computer Name: CASHTOPIA-PC | User Name: cashtopia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/06/26 11:04:56 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\cashtopia\Downloads\OTL.exe
PRC - [2012/06/11 09:26:06 | 003,905,408 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
PRC - [2011/08/11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2007/10/22 23:16:06 | 001,006,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2007/09/15 01:29:10 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPStart.exe
PRC - [2007/08/24 20:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
PRC - [2006/11/02 02:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/26 10:58:47 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
MOD - [2012/06/26 10:58:47 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
MOD - [2012/06/26 09:57:26 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
MOD - [2012/06/26 09:57:26 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
MOD - [2012/06/26 09:54:53 | 004,050,944 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libGLESv2.dll
MOD - [2012/06/26 09:54:53 | 000,100,864 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.0.2\libEGL.dll
MOD - [2012/06/07 01:14:43 | 000,441,880 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012/06/07 01:14:42 | 003,922,456 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012/06/07 01:13:16 | 000,134,696 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012/06/07 01:13:15 | 000,250,408 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012/06/07 01:13:14 | 002,375,720 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012/06/07 00:23:19 | 009,252,040 | ---- | M] () -- C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2007/09/30 20:34:52 | 000,345,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLTinyDB.dll
MOD - [2007/09/30 20:34:42 | 000,255,384 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
MOD - [2007/09/30 20:34:42 | 000,120,208 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSchMgr.dll
MOD - [2007/09/30 20:34:42 | 000,038,184 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/08/11 16:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2007/10/22 23:16:05 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/10/22 22:57:39 | 001,245,064 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- (Symantec Core LC)
SRV - [2007/08/31 11:15:06 | 000,176,128 | ---- | M] (Starz Entertainment Group LLC) [On_Demand | Stopped] -- C:\Program Files\Vongo\VongoService.exe -- (Vongo Service)
SRV - [2007/08/24 20:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (LiveUpdate Notice)
SRV - [2007/08/24 20:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (CLTNetCnService)
SRV - [2007/08/24 20:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2007/08/24 20:07:00 | 000,149,864 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2007/08/23 11:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/08/23 11:35:00 | 000,243,064 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/21 22:21:00 | 000,055,640 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe -- (comHost)
SRV - [2007/03/05 11:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2007/10/22 22:59:42 | 000,123,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2007/09/19 13:05:00 | 007,626,400 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2007/09/14 02:00:00 | 000,865,904 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070914.008\NAVEX15.SYS -- (NAVEX15)
DRV - [2007/09/14 02:00:00 | 000,081,232 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Symantec\Definitions\VirusDefs\20070914.008\NAVENG.SYS -- (NAVENG)
DRV - [2007/09/09 15:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/08/17 12:23:00 | 000,446,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys -- (SPBBCDrv)
DRV - [2007/08/15 12:27:00 | 000,180,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20070823.002\IDSvix86.sys -- (IDSvix86)
DRV - [2007/08/13 11:50:00 | 000,188,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2007/08/13 11:50:00 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\WINDOWS\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2007/08/09 15:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2007/08/09 15:27:00 | 000,031,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\SymIM.sys -- (SymIM)
DRV - [2007/08/08 14:39:00 | 000,036,056 | ---- | M] (Symantec Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007/07/30 21:43:00 | 000,317,616 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\srtspl.sys -- (SRTSPL)
DRV - [2007/07/30 21:43:00 | 000,278,576 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\System32\drivers\srtsp.sys -- (SRTSP)
DRV - [2007/07/30 21:43:00 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\srtspx.sys -- (SRTSPX)
DRV - [2007/07/11 11:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/07/10 07:27:56 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/06/18 18:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/05/30 16:40:42 | 000,735,232 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\athr.sys -- (athr)
DRV - [2007/03/21 23:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/06 19:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/24 15:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 14:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/23 17:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\rimsptsk.sys -- (rimsptsk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKLM\..\SearchScopes,DefaultScope = {8C367274-CC00-41DA-BEAC-6C2CF70BB39E}
IE - HKLM\..\SearchScopes\{8C367274-CC00-41DA-BEAC-6C2CF70BB39E}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKLM\..\SearchScopes\{FD0A3935-5FCC-4484-9160-3B53CF57C671}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...ilion&pf=laptop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {8C367274-CC00-41DA-BEAC-6C2CF70BB39E}
IE - HKCU\..\SearchScopes\{8C367274-CC00-41DA-BEAC-6C2CF70BB39E}: "URL" = http://search.yahoo....ing}&fr=hp-pvdt
IE - HKCU\..\SearchScopes\{FD0A3935-5FCC-4484-9160-3B53CF57C671}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\cashtopia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\cashtopia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms},
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\cashtopia\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U33 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.330.3 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: Google Update (Enabled) = C:\Users\cashtopia\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: Gojee = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb\2.5_0\
CHR - Extension: Angry Birds = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: ShopGlider = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\amlaangphhocoadfbogkjfomfceioeaj\4.0.0.3_0\
CHR - Extension: Glow = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb\1.0_0\
CHR - Extension: TV = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.11_0\
CHR - Extension: YouTube = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Solitaire = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim\1.4.0.2_0\
CHR - Extension: Adhesive = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\boefikaaodaajeoahenampjaoihjgfea\1.0.8_1\
CHR - Extension: Adblock Plus (Beta) = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Sticky Board = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\clgkphifhohebfokmfiekobchoebldlf\1.0_0\
CHR - Extension: Google Search = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Love O'Clock = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbcnbegbcdfdlndabgemkabfhfllocma\1.0.4_0\
CHR - Extension: Google Calendar = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Box - 5 GB Free Storage = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.6_0\
CHR - Extension: PicMonkey = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.3_0\
CHR - Extension: HD Movies = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fimofkbiogmcbffajeekelabmabgocjp\1.0_0\
CHR - Extension: Coupon Network = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fogelhmboiaabkaaenhjklanggiiclbo\0.1.0_0\
CHR - Extension: Consmr = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\giihfllfnahjbghdfbknbdehclpcfmnh\3_0\
CHR - Extension: PDF Mergy = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha\0.4.0_0\
CHR - Extension: AnyLeaf = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhfjmjaaealnclnbbodpjlbhpmccclpj\1.0_0\
CHR - Extension: Eye Dropper = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\
CHR - Extension: The Weather Channel for Chrome = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop\1.0.0.4_0\
CHR - Extension: Coupon Search = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\iknghcfmmilegngipgnlgjckdooalbhi\0.4_0\
CHR - Extension: Grocery Pal (In-Store Savings) = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jggjncfjkiiabnheefaffpllklhjgpap\2.2.0.2_0\
CHR - Extension: Autodesk Homestyler = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: Form Builder = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\keljbfghmoedglcgojbinfhmdmcbkpdm\1.2_0\
CHR - Extension: Cellfire Grocery Coupons = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjfclmkmnnmoiplocccngilinefpgjck\1_0\
CHR - Extension: Wave Accounting = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\knpkfcpnjfbniadmfchjpcigfhookhaa\1.9.1_0\
CHR - Extension: Bundlr = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\neaecllpgiioinacndhkakancoifnbhm\1.0.7_0\
CHR - Extension: Todo.ly = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap\2_0\
CHR - Extension: AccPal = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfegbccmkhhdpiegmliapflnacjnbndc\4.1.1_0\
CHR - Extension: Psykopaint = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
CHR - Extension: Gmail = C:\Users\cashtopia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006/09/18 14:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Reg Error: Value error.) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Common Files\Symantec Shared\IDS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (HP Print Clips) - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Show Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4 - HKLM..\Run: [isCfgWiz] c:\Program Files\Common Files\Symantec Shared\OPC\{C86EA115-FACD-4aa8-BFA2-398C677D0936}\SYMCUW.exe (Symantec Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O9 - Extra Button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll (Hewlett-Packard Co.)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D803EB6F-C881-48B0-8060-DD5BAB61A3F6}: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\HPSplash.jpg
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\HPSplash.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/23 00:21:14 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 08:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/06/26 13:17:08 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\Hewlett-Packard
[2012/06/26 13:16:50 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Symantec
[2012/06/26 13:16:42 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\QuickPlay
[2012/06/26 13:16:04 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/06/26 13:16:04 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Searches
[2012/06/26 13:16:04 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/06/26 13:15:55 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Identities
[2012/06/26 13:15:52 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Contacts
[2012/06/26 13:15:50 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\VirtualStore
[2012/06/26 13:15:21 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Macromedia
[2012/06/26 13:12:17 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Hewlett-Packard
[2012/06/26 13:11:57 | 000,000,000 | ---D | C] -- C:\Program Files\Yahoo!
[2012/06/26 13:10:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2012/06/26 13:10:08 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\Downloaded Installations
[2012/06/26 13:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
[2012/06/26 13:06:22 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts
[2012/06/26 13:04:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2012/06/26 13:04:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LightScribe
[2012/06/26 13:02:58 | 000,000,000 | --SD | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Videos
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Saved Games
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Pictures
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Music
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Links
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Favorites
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Downloads
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Documents
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\Desktop
[2012/06/26 13:02:58 | 000,000,000 | R--D | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\AppData\Local\Temporary Internet Files
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Templates
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Start Menu
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\SendTo
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Recent
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\PrintHood
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\NetHood
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Documents\My Videos
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Documents\My Pictures
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Documents\My Music
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\My Documents
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Local Settings
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\AppData\Local\History
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Cookies
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\Application Data
[2012/06/26 13:02:58 | 000,000,000 | -HSD | C] -- C:\Users\cashtopia\AppData\Local\Application Data
[2012/06/26 13:02:58 | 000,000,000 | -H-D | C] -- C:\Users\cashtopia\AppData
[2012/06/26 13:02:58 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\Temp
[2012/06/26 13:02:58 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\Microsoft
[2012/06/26 13:02:58 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Media Center Programs
[2012/06/26 13:02:58 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
[2012/06/26 13:02:58 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Videos
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Pictures
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\My Music
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favorites
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\Documents and Settings
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012/06/26 12:58:53 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2012/06/26 12:58:26 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/06/26 10:02:24 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Malwarebytes
[2012/06/26 10:01:03 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012/06/26 10:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/06/26 10:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/06/26 10:00:52 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/06/26 10:00:50 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/06/26 09:56:56 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\SUPERAntiSpyware.com
[2012/06/26 09:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/06/26 09:56:31 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/06/26 09:56:31 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/06/26 09:30:33 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Adobe
[2012/06/26 09:27:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/06/26 09:26:54 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/06/26 09:26:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012/06/26 09:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2012/06/26 09:23:01 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\Google
[2012/06/26 09:21:46 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\Apps
[2012/06/26 09:21:45 | 000,000,000 | ---D | C] -- C:\Users\cashtopia\AppData\Local\Deployment

========== Files - Modified Within 30 Days ==========

[2012/06/26 13:15:44 | 000,000,081 | ---- | M] () -- C:\Windows\System32\LOG
[2012/06/26 13:15:42 | 000,000,044 | ---- | M] () -- C:\Windows\System\hpsysdrv.dat
[2012/06/26 13:12:07 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk
[2012/06/26 13:03:21 | 000,000,000 | RHS- | M] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv9700 Notebook PC_Y5335KV_0U_QCNF80507NN_E459053-001_4A_I30D1_SQuanta_V85.26_F.31_T081124_WV3-0_L409_M1983_J250_7AMD_8F82_92.00_#071023_N10DE054C;168C001C_(KC331UA#ABA)_XMOBILE_CN10_Z.MRK
[2012/06/26 12:58:42 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf
[2012/06/26 12:54:22 | 000,311,488 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/06/26 11:02:17 | 000,618,648 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/06/26 11:02:17 | 000,104,024 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/06/26 10:59:19 | 000,000,938 | ---- | M] () -- C:\Users\cashtopia\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/06/26 10:58:00 | 000,000,162 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/06/26 10:56:35 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/06/26 10:56:35 | 000,003,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/06/26 10:56:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/06/26 10:56:15 | 2079,248,384 | -HS- | M] () -- C:\hiberfil.sys
[2012/06/26 10:01:03 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/06/26 09:56:48 | 000,001,800 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/26 09:28:01 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3379419822-3416472315-3203846837-1000UA.job
[2012/06/26 09:28:00 | 000,000,872 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3379419822-3416472315-3203846837-1000Core.job
[2012/06/26 09:20:43 | 000,000,943 | ---- | M] () -- C:\Users\cashtopia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2012/06/26 13:16:05 | 000,000,949 | ---- | C] () -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/06/26 13:16:03 | 000,000,944 | ---- | C] () -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2012/06/26 13:15:52 | 000,000,915 | ---- | C] () -- C:\Users\cashtopia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/06/26 13:15:44 | 000,000,081 | ---- | C] () -- C:\Windows\System32\LOG
[2012/06/26 13:15:42 | 000,000,044 | ---- | C] () -- C:\Windows\System\hpsysdrv.dat
[2012/06/26 13:12:09 | 000,002,061 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
[2012/06/26 13:12:09 | 000,002,055 | ---- | C] () -- C:\Users\Public\Desktop\eBay.lnk
[2012/06/26 13:12:09 | 000,002,045 | ---- | C] () -- C:\Users\Public\Desktop\MSN.lnk
[2012/06/26 13:12:09 | 000,001,865 | ---- | C] () -- C:\Users\Public\Desktop\HP Total Care Advisor.lnk
[2012/06/26 13:12:09 | 000,001,865 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Total Care Advisor.lnk
[2012/06/26 13:12:07 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Internet & Digital Services.lnk
[2012/06/26 13:03:21 | 000,000,000 | RHS- | C] () -- C:\Windows\System32\drivers\103C_HP_cNB_Pavilion dv9700 Notebook PC_Y5335KV_0U_QCNF80507NN_E459053-001_4A_I30D1_SQuanta_V85.26_F.31_T081124_WV3-0_L409_M1983_J250_7AMD_8F82_92.00_#071023_N10DE054C;168C001C_(KC331UA#ABA)_XMOBILE_CN10_Z.MRK
[2012/06/26 13:02:58 | 000,000,258 | ---- | C] () -- C:\Users\cashtopia\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/06/26 13:02:58 | 000,000,240 | ---- | C] () -- C:\Users\cashtopia\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/06/26 12:53:37 | 2079,248,384 | -HS- | C] () -- C:\hiberfil.sys
[2012/06/26 10:59:19 | 000,000,938 | ---- | C] () -- C:\Users\cashtopia\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/06/26 10:01:03 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/06/26 09:56:48 | 000,001,800 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/26 09:23:07 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3379419822-3416472315-3203846837-1000UA.job
[2012/06/26 09:23:05 | 000,000,872 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3379419822-3416472315-3203846837-1000Core.job
[2012/06/26 09:20:43 | 000,000,943 | ---- | C] () -- C:\Users\cashtopia\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== LOP Check ==========

[2012/06/26 10:17:16 | 000,005,584 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >



OTL Extras logfile created on: 6/26/2012 11:05:58 AM - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\cashtopia\Downloads
Windows Vista Home Premium Edition (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.94 Gb Total Physical Memory | 1.02 Gb Available Physical Memory | 52.89% Memory free
4.09 Gb Paging File | 2.72 Gb Available in Paging File | 66.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.97 Gb Total Space | 193.89 Gb Free Space | 87.75% Space Free | Partition Type: NTFS
Drive D: | 11.91 Gb Total Space | 1.26 Gb Free Space | 10.61% Space Free | Partition Type: NTFS
Drive F: | 3.70 Gb Total Space | 0.24 Gb Free Space | 6.49% Space Free | Partition Type: FAT32
Drive G: | 3.73 Gb Total Space | 1.85 Gb Free Space | 49.52% Space Free | Partition Type: FAT32
Drive H: | 7.45 Gb Total Space | 3.45 Gb Free Space | 46.32% Space Free | Partition Type: FAT32

Computer Name: CASHTOPIA-PC | User Name: cashtopia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"" =

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"" =
"C:\Program Files\Vongo\VongoService.exe" = C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService -- (Starz Entertainment Group LLC)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{170CDA6A-111A-4A9A-98ED-2A85D43D77DB}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{29DA7670-1067-4EF0-89EE-9BD6B12C9B54}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{2F635961-175D-4664-B4FD-26A3D12F4096}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{39B3D989-6E77-4032-8CD7-F8CA94EF8C0D}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{3EC86714-8387-408B-96E6-981610836165}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{45353C69-11B0-49DF-A153-FAEF489D2F33}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{6F50D2C4-8E6C-46EE-88E2-254E72827181}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8B853FAA-7637-4450-8DC6-166235CD20FD}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{B81F62E7-E9A4-4330-BE2B-FBF881E4FAB3}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{B9D5E06F-0DF6-4F61-A359-53B94B0B938C}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{BC0447E3-4D21-4AC7-9485-32A2F18CF2BE}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{CABE275A-2E71-4CD7-BEFE-592949AFE45F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{F6A10BF2-F0DE-4AAE-BFE2-504D153C766F}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{082F8ABA-84D5-4837-9DFC-F365D91A07D4}" = HP Smart Web Printing
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 33
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{2DA85B02-13C0-4E6D-9A76-22E6B3DD0CB2}" = SymNet
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java™ 6 Update 2
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{3672B097-EA69-4BFE-B92F-29AE6D9D2B34}" = Norton Internet Security
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{55A6283C-638A-4EE0-B491-51118554BDA2}" = Norton Confidential Core
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{62120008-8E1E-4807-860D-A8B48F8552DB}" = Norton Protection Center
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{68471BF2-F1F7-4C89-BBBA-400B94996596}" = ESU for Microsoft Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{77772678-817F-4401-9301-ED1D01A8DA56}" = SPBBC 32bit
"{77FFBA7E-0973-4F39-BBDB-AC2F537578D2}" = Norton AntiVirus
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{8347A7A5-4AB8-433F-82AA-496B0D189A9B}" = HP User Guides 0088
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}" = Vongo
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}" = HP Update
"{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D6E6FA4A-5445-4850-8365-CF216C1CBB7A}" = Symantec Real Time Storage Protection Component
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}" = Norton AntiVirus Help
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F7F3B252-E772-48AA-93EB-7964BC326067}" = MSCU for Microsoft Vista
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"AIM_6" = AIM 6
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"NVIDIA Drivers" = NVIDIA Drivers
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.4
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent hp Master Uninstall" = My HP Games
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 6/26/2012 12:41:42 PM | Computer Name = cashtopia-PC | Source = WerSvc | ID = 5007
Description =

Error - 6/26/2012 2:02:16 PM | Computer Name = cashtopia-PC | Source = WerSvc | ID = 5007
Description =

[ System Events ]
Error - 6/26/2012 1:56:52 PM | Computer Name = cashtopia-PC | Source = Microsoft-Windows-Kernel-General | ID = 5
Description =

Error - 6/26/2012 1:57:32 PM | Computer Name = cashtopia-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = PlugPlayManager | ID = 12
Description = The device 'TSSTcorp CDDVDW TS-L632N ATA Device' (IDE\CdRomTSSTcorp_CDDVDW_TS-L632N________________0503____\5&15fb8ba2&0&0.0.0)
disappeared from the system without first being prepared for removal.

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = atapi | ID = 262155
Description = The driver detected a controller error on \Device\Ide\IdePort0.

Error - 6/26/2012 1:59:46 PM | Computer Name = cashtopia-PC | Source = cdrom | ID = 262159
Description = The device, \Device\CdRom0, is not ready for access yet.


< End of report >
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP