Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Windows 7 slow over a couple week period

Started by horizonatdawn , Aug 11 2012 03:51 PM

Please log in to reply

#1
horizonatdawn

Posted 11 August 2012 - 03:51 PM

Member

Member
83 posts

Hello and thanks in advance,

I have an HP Elite I-7 processor with 9 GB ram. The disk is 1TB. When I look at "computer", the usable is 880GB with 142GB free and 737GB used. Most of that is pictures. The PC stays on 24/7.

Over the last few weeks the PC has gotten very slow. I've run Spinrite - Steve Gibson with no disk errors. I've run the standard memory tests and system tests - 10 passes with no errors. PC is clean and cool enough. Good ventilation.

I've got these backups running - Carbonite to the cloud, Memeo instant backup to 4TB USB 3.0 drive but compatible with 2.0 which HP is, Acronis to the network Synology drive. As far as CPU use and memory use in task manager, every thing seems normal with normal low usage of CPU and about 3-5 GB of 9 GB of the ram being used. I've restarted numerous times and the processes that are running decrease directly after restart which is also normal.

I ran Ccleaner on the advice of a more knowledgeable friend and that did seem to speed up the system a teeny. Probably placebo effect. I hope I've been accurate and concise enough! Thanks in advance for your help.

I'm attaching the OTL.txt file from OTL.exe which I ran just now:

OTL logfile created on: 8/11/2012 1:35:16 PM - Run 5
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\anything\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.99 Gb Total Physical Memory | 5.02 Gb Available Physical Memory | 55.87% Memory free
17.98 Gb Paging File | 13.77 Gb Available in Paging File | 76.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 880.08 Gb Total Space | 142.26 Gb Free Space | 16.16% Space Free | Partition Type: NTFS
Drive D: | 12.27 Gb Total Space | 2.17 Gb Free Space | 17.71% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 103.99 Gb Free Space | 22.33% Space Free | Partition Type: NTFS
Drive K: | 3726.01 Gb Total Space | 2127.96 Gb Free Space | 57.11% Space Free | Partition Type: NTFS
Drive M: | 38.09 Gb Total Space | 15.79 Gb Free Space | 41.45% Space Free | Partition Type: NTFS

Computer Name: ELITE | User Name: anything | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/11 13:33:03 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\anything\Desktop\OTL.exe
PRC - [2012/08/06 23:43:41 | 001,229,848 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2012/07/23 11:26:21 | 003,459,024 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012/07/13 14:02:23 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
PRC - [2012/06/28 17:35:40 | 001,171,336 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
PRC - [2012/06/28 17:32:18 | 005,915,352 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
PRC - [2012/06/28 17:29:22 | 000,403,144 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2012/06/28 17:28:34 | 005,955,088 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2012/06/06 22:15:36 | 003,491,264 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe
PRC - [2012/05/28 18:00:55 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012/05/24 11:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\anything\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012/04/13 20:11:46 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/21 23:11:26 | 003,961,464 | ---- | M] (Eye-Fi, Inc.) -- C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe
PRC - [2011/07/29 13:45:56 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2011/06/01 09:42:28 | 000,071,432 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
PRC - [2011/06/01 09:42:28 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
PRC - [2011/06/01 09:16:54 | 002,260,992 | ---- | M] (Axentra Corporation) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
PRC - [2011/04/08 05:50:02 | 000,542,264 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/24 01:11:25 | 000,167,936 | ---- | M] (Applian Technologies, Inc.) -- C:\Program Files (x86)\Freecorder\FLVSrvc.exe
PRC - [2011/03/09 00:00:00 | 000,856,064 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
PRC - [2011/03/09 00:00:00 | 000,495,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
PRC - [2011/03/03 20:52:00 | 000,948,880 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2010/12/15 14:31:20 | 000,460,144 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
PRC - [2010/12/15 14:22:42 | 001,085,440 | ---- | M] () -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe
PRC - [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/08/31 18:00:00 | 000,024,576 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\V0610Mon.exe
PRC - [2010/07/27 02:47:12 | 000,207,872 | ---- | M] (Alcatel-Lucent) -- C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe
PRC - [2010/07/23 13:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
PRC - [2010/05/25 05:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/03/03 20:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/02/05 16:19:26 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) -- C:\Windows\SysWOW64\atashost.exe
PRC - [2009/12/01 20:49:52 | 000,210,216 | ---- | M] (CyberLink) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
PRC - [2009/10/20 14:50:34 | 000,128,296 | ---- | M] (CyberLink Corp.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
PRC - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2008/09/30 18:59:26 | 000,192,512 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/08/06 23:43:40 | 000,442,392 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\ppgooglenaclpluginchrome.dll
MOD - [2012/08/06 23:43:39 | 012,235,800 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\PepperFlash\pepflashplayer.dll
MOD - [2012/08/06 23:43:37 | 003,997,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\pdf.dll
MOD - [2012/08/06 23:42:21 | 000,526,872 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\libglesv2.dll
MOD - [2012/08/06 23:42:20 | 000,104,984 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\libegl.dll
MOD - [2012/08/06 23:42:09 | 000,144,424 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\avutil-51.dll
MOD - [2012/08/06 23:42:08 | 000,266,792 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\avformat-54.dll
MOD - [2012/08/06 23:42:07 | 002,480,680 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\avcodec-54.dll
MOD - [2012/06/14 03:38:29 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll
MOD - [2012/06/14 03:35:33 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll
MOD - [2012/06/14 03:35:26 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012/06/14 03:35:01 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012/06/14 03:34:55 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012/05/11 08:03:24 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll
MOD - [2012/05/11 07:27:46 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/11 07:27:43 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/11 07:27:11 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
MOD - [2012/05/11 07:26:58 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/11 07:26:53 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/11 07:26:50 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/11 07:26:49 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/11 07:26:41 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/04/13 20:11:46 | 000,319,488 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
MOD - [2012/04/13 20:09:32 | 002,890,752 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
MOD - [2012/04/13 20:09:14 | 000,022,016 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
MOD - [2011/12/21 22:59:12 | 000,133,120 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libexif.dll
MOD - [2011/12/21 22:56:16 | 000,209,408 | ---- | M] () -- C:\Program Files (x86)\Eye-Fi\Helper\libopenraw.dll
MOD - [2011/08/31 11:17:28 | 000,034,816 | ---- | M] () -- C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/01 09:46:02 | 000,030,984 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
MOD - [2011/06/01 09:42:24 | 000,108,296 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
MOD - [2011/06/01 09:16:54 | 000,971,776 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
MOD - [2011/06/01 09:16:54 | 000,241,664 | ---- | M] () -- C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/12/21 01:15:30 | 001,041,248 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
MOD - [2010/11/04 18:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/03/22 15:59:46 | 000,504,293 | ---- | M] () -- C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.dll
MOD - [2009/12/01 20:49:50 | 000,931,112 | ---- | M] () -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/26 18:49:56 | 000,291,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2012/03/26 18:49:56 | 000,012,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/06/09 13:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV:64bit: - [2011/03/03 20:36:16 | 006,315,664 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/02 17:01:15 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/23 11:26:21 | 003,459,024 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/07/17 09:55:27 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/28 17:32:18 | 005,915,352 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2012/06/28 17:31:36 | 001,132,856 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012/06/11 17:59:44 | 000,335,888 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/06/01 09:42:28 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/12/15 14:31:20 | 000,460,144 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)
SRV - [2010/12/15 14:22:42 | 001,085,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)
SRV - [2010/09/30 03:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/07/26 14:42:36 | 000,557,424 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe -- (GoToMyPC)
SRV - [2010/07/23 13:24:48 | 000,296,808 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc)
SRV - [2010/06/02 04:11:24 | 000,380,928 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe -- (SynoDrService)
SRV - [2010/04/13 12:33:43 | 000,867,080 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/22 15:51:32 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/02/05 16:19:26 | 000,020,376 | ---- | M] (WebEx Communications, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\atashost.exe -- (atashost)
SRV - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/22 11:02:20 | 000,250,616 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/10/09 07:07:56 | 000,107,912 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/09/30 18:59:26 | 000,192,512 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe -- (HPBtnSrv)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/23 11:26:27 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012/07/23 11:26:16 | 001,294,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2012/07/23 11:26:08 | 000,994,912 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/07/23 11:26:01 | 000,211,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2012/07/23 11:25:49 | 000,146,528 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt67.sys -- (vidsflt67)
DRV:64bit: - [2012/07/23 11:25:47 | 000,320,096 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/07/23 11:25:45 | 000,137,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012/04/23 04:26:26 | 000,154,272 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\idmwfp.sys -- (IDMWFP)
DRV:64bit: - [2012/03/20 20:44:12 | 000,098,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/08/01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011/04/04 15:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 15:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/29 07:31:18 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/25 04:27:42 | 000,120,408 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010/11/20 06:34:02 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)
DRV:64bit: - [2010/11/20 06:34:02 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:35:32 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)
DRV:64bit: - [2010/11/20 04:35:20 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/09/08 18:01:00 | 000,322,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\V0610Vid.sys -- (V0610Vid)
DRV:64bit: - [2010/07/27 02:47:46 | 000,040,960 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Motive\MRESP50a64.sys -- (MRESP50a64)
DRV:64bit: - [2010/07/27 02:47:36 | 000,043,008 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50a64.sys -- (MREMP50a64)
DRV:64bit: - [2010/04/01 15:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/03/19 03:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/08/21 12:33:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 17:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 17:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009/07/13 17:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/07/10 14:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/12 11:19:58 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 11:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/01/29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 18:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 16:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2007/02/03 11:30:58 | 000,058,528 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
DRV:64bit: - [2007/02/03 11:25:56 | 000,955,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CamDrL64.sys -- (CamDrL64)
DRV - [2011/03/24 10:22:52 | 000,013,312 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\vdmzntm0.sys -- (vdmzntm0)
DRV - [2011/03/24 10:22:47 | 000,011,264 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\uzmzntm0.sys -- (uzmzntm0)
DRV - [2010/07/27 02:47:30 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2010/07/27 02:47:10 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0068AB8E-D323-4537-8D8D-80AD5CD94630}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0068AB8E-D323-4537-8D8D-80AD5CD94630}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0068AB8E-D323-4537-8D8D-80AD5CD94630}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{7C929119-562B-4D1D-A388-016A93F690B0}: "URL" = http://www.google.co...&rlz=1I7GGLD_en
IE - HKCU\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{FB48B168-84BB-CCE3-D32D-94102F37C5B0}: "URL" = http://www.bing.com/...eferrer:source}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?..._date=20111110"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [email protected]:7.2.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/01/21 19:22:49 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/01/21 19:22:49 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll File not found
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\anything\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/22 19:18:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/28 18:01:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/17 09:55:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/03 04:40:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\anything\AppData\Roaming\IDM\idmmzcc5 [2012/07/11 05:29:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\anything\AppData\Roaming\IDM\idmmzcc5 [2012/07/11 05:29:11 | 000,000,000 | ---D | M]

[2010/03/07 13:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anything\AppData\Roaming\mozilla\Extensions
[2012/07/17 09:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions
[2011/04/14 12:21:32 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/11/10 08:31:35 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012/07/17 09:55:32 | 000,000,000 | ---D | M] (ShopToWin20) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{a018b213-6b46-4791-9298-519020db5737}
[2011/12/15 17:47:12 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\[email protected]
[2012/04/13 05:48:43 | 000,000,000 | ---D | M] (We-Care Reminder) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\wecarereminder@bryan
[2011/11/10 08:31:27 | 000,001,945 | ---- | M] () -- C:\Users\anything\AppData\Roaming\Mozilla\Firefox\Profiles\e574yg1b.default\searchplugins\bing-zugo.xml
[2012/04/22 10:14:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/22 10:14:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/07/11 05:29:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\ANYTHING\APPDATA\ROAMING\IDM\IDMMZCC5
[2012/07/17 09:55:29 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/11 11:13:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/05/28 18:01:07 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2012/03/07 06:57:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/07 06:57:19 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.igoogle.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: http://www.igoogle.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.75\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: HP Product Detection Plugin for Mozilla (Enabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npProductDetectPlugin.dll
CHR - plugin: HP Active Check Plugin (Enabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npAclmPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\anything\AppData\Roaming\Mozilla\plugins\npatgpc.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\anything\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Angry Birds = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: YouTube = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Add to Amazon Wish List = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Google Search = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: HP Product Detection Plugin = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\
CHR - Extension: Advanced Periodic Table = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpkghbakijeifcoimhhechlmcbdmmli\1.7_0\
CHR - Extension: Gmail = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2011/03/24 11:09:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\anything\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\anything\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll ()
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Alcatel-Lucent)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [V0610Mon.exe] C:\Windows\V0610Mon.exe (Creative Technology Ltd.)
O4 - HKCU..\Run: [E6CFA7A82BF59BA52DCECD7046EF4487B1BB74E0._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3A.EXE /EPT "EPLTarget\P0000000000000000" /M "WP-4530 Series" /EF "HKCU" File not found
O4 - HKCU..\Run: [Eye-Fi] C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe (Eye-Fi, Inc.)
O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
O4 - Startup: C:\Users\anything\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\anything\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15:64bit: - ..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Domains: boats.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {BC0AE9E6-E549-4554-A222-EA083A894683} http://a03-b03.mypic...r/x/Upld_47.CAB (QuickUpload)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15111/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53B4974C-A469-4FD2-9855-FA7E8561B5AC}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0929FD7-D2D5-4BE3-9A7A-53F8070C4EED}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/02/14 21:53:50 | 000,000,027 | ---- | M] () - K:\Autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/11 13:33:02 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\anything\Desktop\OTL.exe
[2012/08/04 11:08:05 | 009,673,088 | ---- | C] (Memeo) -- C:\Users\anything\Desktop\Memeo Instant Backup.exe
[2012/08/01 09:14:23 | 003,907,920 | ---- | C] (Piriform Ltd) -- C:\Users\anything\Desktop\ccsetup321.exe
[2012/07/23 11:26:25 | 000,000,000 | ---D | C] -- C:\Users\anything\AppData\Roaming\0A81AE1A-4638-4281-B85F-696C74253B3C
[2012/07/14 11:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MemeoCommon
[2012/07/14 11:25:16 | 000,000,000 | ---D | C] -- C:\Users\anything\AppData\Roaming\Memeo
[2012/07/14 11:25:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memeo
[2012/07/14 11:25:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Memeo
[2012/07/14 11:24:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Memeo
[2012/07/14 11:15:53 | 000,000,000 | ---D | C] -- C:\Users\anything\AppData\Roaming\Seagate
[2012/07/14 11:15:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate Dashboard
[2010/06/07 10:46:54 | 007,046,096 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\anything\gosetup.exe
[2010/01/19 23:29:08 | 000,726,008 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\anything\gotomypc_437.exe
[2010/01/14 07:02:20 | 000,601,408 | ---- | C] (Microsoft Corporation) -- C:\Users\anything\officesas.exe
[2010/01/14 07:01:48 | 001,618,320 | ---- | C] (Microsoft Corporation) -- C:\Users\anything\X16-19318_6BGMG-WVTGB-4JBWK-VP66D-3D7F2.exe
[2010/01/13 11:31:00 | 000,133,992 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xmlparse_tok.dll
[2010/01/13 11:31:00 | 000,107,880 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xmlparse.dll
[2010/01/13 11:31:00 | 000,031,080 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xsell.dll
[2010/01/13 11:30:58 | 002,832,232 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwutil.dll
[2010/01/13 11:30:58 | 002,778,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\ofxsdk_qw.dll
[2010/01/13 11:30:58 | 002,602,856 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwonline.dll
[2010/01/13 11:30:58 | 001,491,304 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\online.dll
[2010/01/13 11:30:58 | 001,259,880 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qaccess.dll
[2010/01/13 11:30:58 | 001,163,112 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qreports.dll
[2010/01/13 11:30:58 | 000,879,464 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qvault.dll
[2010/01/13 11:30:58 | 000,810,344 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwwin.dll
[2010/01/13 11:30:58 | 000,631,656 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qdb.dll
[2010/01/13 11:30:58 | 000,380,264 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qcomutil.dll
[2010/01/13 11:30:58 | 000,330,088 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qtax.dll
[2010/01/13 11:30:58 | 000,321,384 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwpr.dll
[2010/01/13 11:30:58 | 000,275,304 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbtmngr.dll
[2010/01/13 11:30:58 | 000,229,224 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwapp.dll
[2010/01/13 11:30:58 | 000,148,840 | ---- | C] (Connected Corporation) -- C:\Program Files (x86)\olbservice.dll
[2010/01/13 11:30:58 | 000,136,040 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qrep.dll
[2010/01/13 11:30:58 | 000,133,992 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwxmlparse_tok.dll
[2010/01/13 11:30:58 | 000,132,968 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qsac.dll
[2010/01/13 11:30:58 | 000,127,848 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\Qsetup.dll
[2010/01/13 11:30:58 | 000,117,608 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvcl14n.dll
[2010/01/13 11:30:58 | 000,114,024 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QCONNECT.DLL
[2010/01/13 11:30:58 | 000,111,976 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwinet.dll
[2010/01/13 11:30:58 | 000,107,880 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwxmlparse.dll
[2010/01/13 11:30:58 | 000,092,008 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwsnap.dll
[2010/01/13 11:30:58 | 000,089,448 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qindex.dll
[2010/01/13 11:30:58 | 000,082,280 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QShowHelp.dll
[2010/01/13 11:30:58 | 000,079,208 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvmc14n.dll
[2010/01/13 11:30:58 | 000,078,696 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwinver.dll
[2010/01/13 11:30:58 | 000,077,160 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\graphs.dll
[2010/01/13 11:30:58 | 000,074,088 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvix14n.dll
[2010/01/13 11:30:58 | 000,071,528 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qdapp.dll
[2010/01/13 11:30:58 | 000,070,504 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwcntr.dll
[2010/01/13 11:30:58 | 000,061,800 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvfs14n.dll
[2010/01/13 11:30:58 | 000,056,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvsr14n.dll
[2010/01/13 11:30:58 | 000,056,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvtl14n.dll
[2010/01/13 11:30:58 | 000,053,608 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_savgol.dll
[2010/01/13 11:30:58 | 000,049,000 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QWVER.DLL
[2010/01/13 11:30:58 | 000,042,856 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\onlncall.dll
[2010/01/13 11:30:58 | 000,038,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvmg14n.dll
[2010/01/13 11:30:58 | 000,031,080 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvbk14n.dll
[2010/01/13 11:30:58 | 000,027,496 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qsapi_eng.dll
[2010/01/13 11:30:58 | 000,026,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qdappui.dll
[2010/01/13 11:30:58 | 000,026,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\gdipapi.dll
[2010/01/13 11:30:58 | 000,025,448 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qsapi.dll
[2010/01/13 11:30:58 | 000,015,720 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvut14n.dll
[2010/01/13 11:30:58 | 000,013,672 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwsync.dll
[2010/01/13 11:30:56 | 000,166,248 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\cashflow.dll
[2010/01/13 11:30:56 | 000,115,048 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_frcast.dll
[2010/01/13 11:30:56 | 000,107,368 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_dbtred.dll
[2010/01/13 11:30:56 | 000,105,832 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_plan.dll
[2010/01/13 11:30:56 | 000,066,920 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\atwork_xprint.dll
[2010/01/13 11:30:56 | 000,063,336 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_dedfnd.dll
[2010/01/13 11:30:56 | 000,038,248 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\bgt_pnf.dll
[2010/01/13 11:30:56 | 000,026,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\calnote.dll
[2010/01/13 11:30:56 | 000,016,744 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\custprof.dll
[2010/01/13 11:30:38 | 000,433,968 | ---- | C] (Intuit Inc. ) -- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe
[2010/01/13 11:30:36 | 000,861,424 | ---- | C] (Intuit Inc. ) -- C:\Program Files (x86)\QuickenHomeInventory.exe
[2010/01/13 11:30:00 | 000,048,488 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\InetTools.dll
[2010/01/13 11:29:02 | 000,538,472 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\UpdateContent.dll
[2010/01/13 11:29:00 | 000,046,440 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\BindContent.exe
[2010/01/13 11:28:58 | 000,057,192 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\RestartExe.exe
[2010/01/13 11:28:56 | 000,312,680 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\SendError.dll
[2010/01/13 11:28:54 | 000,032,104 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwutilnet.dll
[2010/01/13 11:28:50 | 000,359,784 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwplan.dll
[2010/01/13 11:28:48 | 000,129,896 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwonlineFeatures.dll
[2010/01/13 11:28:44 | 000,076,136 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwipa.dll
[2010/01/13 11:28:18 | 010,145,128 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwmain.dll
[2010/01/13 11:28:16 | 000,319,848 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qw.exe
[2010/01/13 11:28:08 | 000,103,272 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qnet.dll
[2010/01/13 11:28:02 | 000,114,024 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qcon32.dll
[2010/01/13 11:28:00 | 000,680,808 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\decapi.dll
[2010/01/13 11:27:54 | 000,173,416 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xport.dll
[2010/01/13 11:27:52 | 000,185,192 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\sport.dll
[2010/01/13 11:27:48 | 000,156,008 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\MoneyFileReader.dll
[2010/01/13 11:27:46 | 000,142,696 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\MoneyFileConverter.dll
[2010/01/13 11:27:44 | 000,063,336 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_ux.dll
[2010/01/13 11:27:44 | 000,060,264 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\txstuff.dll
[2010/01/13 11:27:42 | 000,315,752 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_webrequest.dll
[2010/01/13 11:27:40 | 000,071,528 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_qupddir.dll
[2010/01/13 11:27:40 | 000,066,920 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_rte.dll
[2010/01/13 11:27:38 | 000,080,744 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_qplus.dll
[2010/01/13 11:27:38 | 000,068,456 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_pvsync.dll
[2010/01/13 11:27:36 | 000,063,848 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_decompression.dll
[2010/01/13 11:27:36 | 000,041,320 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_excite.dll
[2010/01/13 11:27:34 | 000,357,736 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_customerCentral.dll
[2010/01/13 11:27:34 | 000,064,360 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_bullseye.dll
[2010/01/13 11:27:32 | 000,061,800 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_Auto1Way.dll
[2010/01/13 11:27:32 | 000,028,520 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt.dll
[2010/01/13 11:27:30 | 000,129,896 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QCustomAction.dll
[2010/01/13 11:27:20 | 000,023,912 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dellid.dll
[2010/01/13 11:27:18 | 000,156,008 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\cashgen.dll
[2010/01/13 11:27:18 | 000,039,784 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\convert_stub.dll
[2010/01/13 11:27:16 | 000,034,152 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\CalendarSync.dll
[2010/01/13 11:27:14 | 000,116,584 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\billmind_qwrmnd.dll
[2010/01/13 11:27:12 | 000,047,464 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\billmind_alrtpkg.dll
[2010/01/13 11:27:12 | 000,026,472 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\billmind.exe
[2010/01/13 11:27:10 | 000,078,184 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\bgt.dll
[2010/01/13 11:27:08 | 000,077,672 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\bagent.exe
[2010/01/13 11:27:06 | 000,354,152 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\alert.dll
[2010/01/13 11:27:04 | 000,038,760 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\printenv.exe
[2010/01/13 11:26:52 | 001,035,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\dbghelp.dll
[2010/01/13 11:26:50 | 000,071,016 | ---- | C] (Intuit) -- C:\Program Files (x86)\techhelp.exe
[1 C:\Users\anything\Desktop\*.tmp files -> C:\Users\anything\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/11 13:33:03 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\anything\Desktop\OTL.exe
[2012/08/11 13:31:16 | 000,025,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/11 13:31:16 | 000,025,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/11 13:10:21 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012/08/11 13:09:43 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/11 13:08:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/11 13:07:33 | 2945,835,007 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/09 18:07:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/09 18:01:04 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/09 16:27:14 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2012/08/09 12:54:00 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2012/08/07 07:10:45 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012/08/04 11:08:36 | 009,673,088 | ---- | M] (Memeo) -- C:\Users\anything\Desktop\Memeo Instant Backup.exe
[2012/08/04 11:07:01 | 005,686,344 | ---- | M] () -- C:\Users\anything\Desktop\autosync.exe
[2012/08/04 08:14:35 | 000,733,948 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/04 08:14:35 | 000,630,806 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/04 08:14:35 | 000,109,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/04 07:40:26 | 000,003,031 | ---- | M] () -- C:\Users\anything\Desktop\GoToMyPC - home.lnk
[2012/08/04 07:40:26 | 000,002,587 | ---- | M] () -- C:\Users\anything\Desktop\FLV Player - Shortcut.lnk
[2012/08/04 07:40:26 | 000,001,848 | ---- | M] () -- C:\Users\anything\Desktop\BookDB2.lnk
[2012/08/04 07:40:26 | 000,001,834 | ---- | M] () -- C:\Users\anything\Desktop\Google Earth - Tanaya Lodge.kmz - Shortcut.lnk
[2012/08/04 07:40:24 | 000,002,826 | ---- | M] () -- C:\Users\anything\Desktop\FiOS Information.lnk
[2012/08/04 07:40:24 | 000,001,756 | ---- | M] () -- C:\Users\anything\Desktop\ERUNT.lnk
[2012/08/04 07:40:13 | 000,084,265 | ---- | M] () -- C:\Users\anything\Desktop\Capture.PNG
[2012/08/04 06:27:20 | 000,007,621 | ---- | M] () -- C:\Users\anything\AppData\Local\Resmon.ResmonCfg
[2012/08/01 14:16:09 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForanything.job
[2012/08/01 09:15:17 | 000,000,855 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/01 09:14:29 | 003,907,920 | ---- | M] (Piriform Ltd) -- C:\Users\anything\Desktop\ccsetup321.exe
[2012/07/23 11:25:41 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2012.lnk
[2012/07/17 09:55:31 | 000,002,077 | ---- | M] () -- C:\Users\anything\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/07/15 09:50:08 | 000,001,040 | ---- | M] () -- C:\Users\anything\AppData\Roaming\wklnhst.dat
[2012/07/14 11:15:42 | 000,001,314 | ---- | M] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[1 C:\Users\anything\Desktop\*.tmp files -> C:\Users\anything\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/09 16:27:14 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2012/08/04 11:06:43 | 005,686,344 | ---- | C] () -- C:\Users\anything\Desktop\autosync.exe
[2012/07/18 07:58:45 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForanything.job
[2012/07/14 11:15:42 | 000,001,314 | ---- | C] () -- C:\Users\Public\Desktop\Seagate Dashboard.lnk
[2012/07/11 06:48:58 | 000,000,388 | ---- | C] () -- C:\Users\anything\AppData\Roaming\Xtend2_state.xml
[2012/04/24 11:03:31 | 000,000,106 | ---- | C] () -- C:\Windows\EP4530.ini
[2011/09/16 06:10:50 | 000,213,187 | ---- | C] () -- C:\Users\anything\AppData\Roaming\MMUpgrade.jpg
[2011/06/12 16:40:00 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2011/03/24 10:22:52 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\drivers\vdmzntm0.sys
[2011/03/24 10:22:46 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\drivers\uzmzntm0.sys
[2011/02/09 11:08:01 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2010/12/21 13:49:25 | 000,003,075 | ---- | C] () -- C:\Users\anything\AppData\Roaming\SAS7_000.DAT
[2010/10/25 18:11:21 | 000,749,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/08/24 14:22:10 | 000,001,040 | ---- | C] () -- C:\Users\anything\AppData\Roaming\wklnhst.dat
[2010/04/18 15:33:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Static Library
[2010/04/18 15:33:43 | 000,000,268 | RH-- | C] () -- C:\Users\anything\AppData\Roaming\Sports
[2010/04/18 15:33:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT
[2010/04/18 15:32:23 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Standard Tool
[2010/04/18 15:32:23 | 000,000,268 | RH-- | C] () -- C:\Users\anything\AppData\Roaming\Specifications
[2010/04/18 15:32:23 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/04/13 13:09:15 | 000,075,264 | ---- | C] () -- C:\Users\anything\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/22 18:59:55 | 000,007,621 | ---- | C] () -- C:\Users\anything\AppData\Local\Resmon.ResmonCfg
[2010/02/20 13:18:10 | 000,113,256 | ---- | C] () -- C:\Program Files (x86)\splash.png
[2010/02/20 13:18:10 | 000,031,577 | ---- | C] () -- C:\Program Files (x86)\qbillminder.gadget
[2010/02/20 13:18:10 | 000,000,519 | ---- | C] () -- C:\Program Files (x86)\pkgsettings.ini
[2010/02/20 13:18:10 | 000,000,051 | ---- | C] () -- C:\Program Files (x86)\qappid.ini
[2010/01/13 11:30:58 | 000,946,536 | ---- | C] () -- C:\Program Files (x86)\ttaximp.dll
[2010/01/13 11:30:24 | 000,050,204 | ---- | C] () -- C:\Program Files (x86)\TAX.THP
[2010/01/13 11:30:24 | 000,022,888 | ---- | C] () -- C:\Program Files (x86)\QuickenOLBackupLauncher.exe
[2010/01/13 11:30:24 | 000,013,531 | ---- | C] () -- C:\Program Files (x86)\TAX.SCD
[2010/01/13 11:30:24 | 000,000,635 | ---- | C] () -- C:\Program Files (x86)\TAX.PRI
[2010/01/13 11:29:52 | 000,004,360 | ---- | C] () -- C:\Program Files (x86)\convert_stub.dat
[2010/01/13 11:29:50 | 001,343,953 | ---- | C] () -- C:\Program Files (x86)\phash.dat
[2010/01/13 11:29:50 | 000,230,752 | ---- | C] () -- C:\Program Files (x86)\patchw32.dll
[2010/01/13 11:29:50 | 000,138,328 | ---- | C] () -- C:\Program Files (x86)\QUpdate.bmp
[2010/01/13 11:29:50 | 000,019,951 | ---- | C] () -- C:\Program Files (x86)\err_rep.chm
[2010/01/13 11:29:50 | 000,015,581 | ---- | C] () -- C:\Program Files (x86)\Intellic.cat
[2010/01/13 11:29:50 | 000,004,622 | ---- | C] () -- C:\Program Files (x86)\ttaxexpt.dat
[2010/01/13 11:29:50 | 000,000,024 | ---- | C] () -- C:\Program Files (x86)\qif_ub.dat
[2010/01/13 11:29:48 | 000,333,333 | ---- | C] () -- C:\Program Files (x86)\dedfindr.dat
[2010/01/13 11:29:48 | 000,007,158 | ---- | C] () -- C:\Program Files (x86)\khash.dat
[2010/01/13 11:29:48 | 000,000,666 | ---- | C] () -- C:\Program Files (x86)\cnfirmfi.ini
[2010/01/13 11:29:48 | 000,000,188 | ---- | C] () -- C:\Program Files (x86)\icconfig.ini
[2010/01/13 11:29:48 | 000,000,152 | ---- | C] () -- C:\Program Files (x86)\fri.dat
[2010/01/13 11:29:48 | 000,000,126 | ---- | C] () -- C:\Program Files (x86)\bgtbrwsr.dat
[2010/01/13 11:29:48 | 000,000,080 | ---- | C] () -- C:\Program Files (x86)\mmedia.ver
[2010/01/13 11:29:48 | 000,000,080 | ---- | C] () -- C:\Program Files (x86)\deluxe.ver
[2010/01/13 11:29:48 | 000,000,027 | ---- | C] () -- C:\Program Files (x86)\SendError.ini
[2010/01/13 11:27:06 | 000,034,152 | ---- | C] () -- C:\Program Files (x86)\atwork.dll

========== LOP Check ==========

[2012/07/23 11:26:25 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\0A81AE1A-4638-4281-B85F-696C74253B3C
[2012/03/24 17:55:28 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Acronis
[2010/11/16 20:28:08 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Canon
[2011/06/13 15:15:03 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Charles Schwab
[2010/04/13 13:01:07 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/11/10 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Complitly
[2012/08/09 18:09:53 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\DMCache
[2012/08/11 13:10:32 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Dropbox
[2012/04/25 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Epson
[2010/09/05 10:12:10 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\ESET
[2012/08/06 06:50:05 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Eye-Fi
[2010/12/25 12:54:42 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Flip Video
[2011/03/28 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\GARMIN
[2012/08/06 09:24:05 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\IDM
[2012/04/24 13:31:16 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Leader Technologies
[2012/03/27 18:11:00 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Leadertech
[2012/07/14 11:25:16 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Memeo
[2010/04/20 05:58:51 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Nikon
[2010/06/05 11:38:45 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\No Company Name
[2011/01/21 10:33:26 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Nuance
[2010/01/19 12:50:16 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\NVD
[2011/02/09 07:04:39 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\OpenOffice.org
[2011/08/03 08:29:53 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1
[2010/01/19 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\PictureMover
[2012/02/13 08:25:07 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Racket
[2012/07/14 11:15:53 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Seagate
[2010/08/27 11:15:05 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\SoftGrid Client
[2011/12/15 17:58:29 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\StreamTorrent
[2011/06/07 16:02:06 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\TechWizard
[2010/08/24 14:22:12 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Template
[2012/04/03 07:02:30 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Titanium
[2010/01/14 07:07:38 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\TP
[2012/08/01 10:44:10 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\uTorrent
[2012/02/01 15:54:29 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\webex
[2010/01/19 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\WinBatch
[2011/10/21 07:16:46 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Xtend2.71305F52FFD36D9BDDE00284EF6181AE6688276A.1
[2012/06/30 10:52:13 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\ZumoCast
[2012/08/07 07:10:45 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/07/11 03:29:37 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:0FF263E8
@Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:F35A93AD

< End of report >

#2
Gammo

Posted 14 August 2012 - 08:49 AM

Member 2k

Malware Removal
2,299 posts

Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Check the box that says Scan All Users.
Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

#3
horizonatdawn

Posted 14 August 2012 - 01:50 PM

Member

Topic Starter
Member
83 posts

I appreciate your response and I'm still waiting here, but I'm patient. Below is a paste of my original post (in red):

Hello and thanks in advance, I have an HP Elite I-7 processor with 9 GB ram. The disk is 1TB. When I look at "computer", the usable is 880GB with 142GB free and 737GB used. Most of that is pictures. The PC stays on 24/7. Over the last few weeks the PC has gotten very slow. I've run Spinrite - Steve Gibson with no disk errors. I've run the standard memory tests and system tests - 10 passes with no errors. PC is clean and cool enough. Good ventilation. I've got these backups running - Carbonite to the cloud, Memeo instant backup to 4TB USB 3.0 drive but compatible with 2.0 which HP is, Acronis to the network Synology drive. As far as CPU use and memory use in task manager, every thing seems normal with normal low usage of CPU and about 3-5 GB of 9 GB of the ram being used. I've restarted numerous times and the processes that are running decrease directly after restart which is also normal. I ran Ccleaner on the advice of a more knowledgeable friend and that did seem to speed up the system a teeny. Probably placebo effect. I hope I've been accurate and concise enough!
Thanks in advance for your help.

Now to the present... I've tried to do some more stuff on my own from your guide. I downloaded and ran Erunt and the other file that is downloaded with it to make the registry more concise and then ran Erunt again. The question I have is this: I'm reading that I have to set UAC off since I'm running Windows 7. So I set UAC off before running Erunt and then the registry fixer, than run Erunt again and then turn UAC back on. All the while, rebooting when told to for making the changes to UAC.
Now I'll include the new otl.txt and extras.txt. But I ran otl previously awhile back when I had a problem and you guys resolved it. So I couldn't get extras unless I performed run scan and select safe list from extra registry, so that's how I ran it. and here are extras.txt and otl.txt: (I hope I've made things clear. And also I hope that highlighting in red, above is not some forbidden color that offends.

OTL Extras logfile created on: 8/14/2012 12:24:07 PM - Run 7
OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\anything\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

8.99 Gb Total Physical Memory | 3.48 Gb Available Physical Memory | 38.74% Memory free
17.98 Gb Paging File | 12.39 Gb Available in Paging File | 68.92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 880.08 Gb Total Space | 291.28 Gb Free Space | 33.10% Space Free | Partition Type: NTFS
Drive D: | 12.27 Gb Total Space | 2.17 Gb Free Space | 17.71% Space Free | Partition Type: NTFS
Drive E: | 465.76 Gb Total Space | 104.29 Gb Free Space | 22.39% Space Free | Partition Type: NTFS
Drive K: | 3726.01 Gb Total Space | 2123.47 Gb Free Space | 56.99% Space Free | Partition Type: NTFS
Drive M: | 38.09 Gb Total Space | 15.79 Gb Free Space | 41.45% Space Free | Partition Type: NTFS

Computer Name: ELITE | User Name: anything | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithHiDefMedia] -- "C:\Program Files (x86)\HiDefMedia\HiDefMedia\HiDefMedia.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05E020A6-9A37-45DE-B926-07FA2549E131}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{0AF3CC83-0396-4DA7-BE5C-E89B0481CAEC}" = lport=445 | protocol=6 | dir=in | app=system |
"{11D5D004-3DB4-4BB4-AAA7-344E844F4163}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{18994AE4-11D0-4CA4-B2A0-CF58264D7792}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{1B678C3B-A267-400F-ABF6-2972DAB390AE}" = lport=139 | protocol=6 | dir=in | app=system |
"{1C254F5B-2831-49E1-A843-FF536402696A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
"{1CEE6D85-987B-4EBE-AFDA-75AC44D99EA8}" = lport=445 | protocol=6 | dir=in | app=system |
"{1EF68E8D-E2AC-408C-B397-358E3C9753D9}" = lport=10243 | protocol=6 | dir=in | app=system |
"{251CB56F-CC4D-4A28-8EE1-434849E386F7}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{2A2DC153-9E98-4862-B9C9-E15620246429}" = lport=3390 | protocol=6 | dir=in | app=system |
"{2BE1B448-90F9-4C9D-AE4C-C05BB45F174E}" = rport=139 | protocol=6 | dir=out | app=system |
"{41E6A4C0-FBEE-4E1C-AAA4-5DEABBFFF7D7}" = lport=24726 | protocol=6 | dir=in | name=flipshareserver |
"{494D7465-DD83-44BC-A899-3B43F0E2D12F}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{5621F405-45A2-4916-B67F-67667E009CA3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{5C6160D5-006A-4AF2-A5AA-70023F3AEEC5}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{621E218D-A227-4737-A19B-1263786FC9EB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{6AC40BF1-69F1-4282-8E82-6969C9D3E431}" = lport=rpc | protocol=6 | dir=in | svc=eventlog | app=%systemroot%\system32\svchost.exe |
"{6CBB6760-08A0-4A45-A45F-87EB3469E1A8}" = lport=10244 | protocol=6 | dir=in | app=system |
"{759E362C-6480-439F-8AF3-E1A3CAA2CE7F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77C1B573-3DFB-4863-ABC0-8EDD15B39C45}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=c:\windows\system32\spoolsv.exe |
"{7B2DF338-B4E1-4B95-AC60-072B172CB3B1}" = lport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7BAB6E03-6A7B-4270-88C8-65FC2CABF86C}" = rport=445 | protocol=6 | dir=out | app=system |
"{7D09D674-FC7D-4578-A899-5A6107907C39}" = lport=24727 | protocol=6 | dir=in | name=flipshareserver |
"{836197BC-928A-46F0-917C-F1EE9A81D361}" = rport=137 | protocol=17 | dir=out | app=system |
"{86E589CF-389E-4AD4-8F10-CBF3460BF0DB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{979B2D2B-6A6B-4171-8928-31D874583AA9}" = lport=3389 | protocol=6 | dir=in | svc=termservice | app=%systemroot%\system32\svchost.exe |
"{991AAB23-A7C5-40DB-9B39-E3F5E805306A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=file and printer sharing (spooler service - rpc-epmap) |
"{A00753CE-A300-45F0-A2C7-AFAB1E8C664A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{A70D2FC2-D17C-4266-A208-485B7A731C13}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{A9EC028A-707F-4F41-A9F4-6495AFFDAE2D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B4D98E48-A56B-4B89-90FE-D536B04B3F3E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA78700F-1117-41A1-90DD-8EED56672680}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB152AC7-34C5-440C-B62D-0C3A8CDDEA3D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C18CDAB7-1FBE-4A60-B148-4922F623847F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C25EC0E2-2327-42EA-8CCF-D8B73D1E3E1E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C2E2A97E-31DC-4A6C-9A82-50D5FDF42C5B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C49D6885-18DD-4748-B525-DE4419FD60AC}" = lport=rpc | protocol=6 | dir=in | svc=schedule | app=%systemroot%\system32\svchost.exe |
"{C5B83B51-DFE0-4B2B-A01F-83E1C6B528EC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C7E8E4FF-E4D8-4976-84B3-F1E6B6FA409D}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{CF0511E7-9161-4392-A3F3-36E8B609F38E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D9B8AA33-0EC9-4CE1-8879-49E8C2E00122}" = lport=138 | protocol=17 | dir=in | app=system |
"{DC3696AC-EF1B-478B-8C79-27ABA3F98B3A}" = rport=138 | protocol=17 | dir=out | app=system |
"{EC3582C2-874A-4B11-A511-D70EA6E5DF75}" = lport=137 | protocol=17 | dir=in | app=system |
"{F9DCB6B2-B643-41FB-B6CB-28EDDAD0F793}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FCFBAAA4-F2E7-4FE2-B3B4-C6CF2615C112}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FEB32BB3-09BB-4EC0-AD67-55348C128222}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0BE09E61-8A56-446C-B42E-0DDF34EADBBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{12142EB3-5F66-43BC-A3B0-5992D3A88067}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{176ED099-DBAC-41A8-BBE6-621928A8CA38}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{1AEA7D9B-0B0F-429F-876E-0F9C8547DB78}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{205AD008-79CA-4FEF-9015-4CE6022B1EA5}" = protocol=6 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{219CF70A-54C9-4E23-BA23-8855136B9374}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{21F33BFC-EFE4-47AC-A6D9-C4681BEA3671}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{22F4E5A5-68B0-4DE0-A414-2EEA79A72A8E}" = protocol=6 | dir=in | app=c:\users\anything\appdata\roaming\dropbox\bin\dropbox.exe |
"{2AE469C0-1AEA-4497-9FF8-4FDEA61B864C}" = protocol=1 | dir=in | name=file and printer sharing (echo request - icmpv4-in) |
"{2B71119A-6D11-4A5E-AECA-07C7AF8E588B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{329352CB-7FD3-4665-BCBA-456261AC644C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{3375643C-2DB2-4AF4-9935-48B4E3EF7862}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3891364C-EF2C-4960-9D12-01D85B01977B}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{39AA37E3-60F6-4540-9349-D7B14E8479EE}" = dir=in | app=c:\program files (x86)\zecter\zumocast\zumocast.exe |
"{3E242241-1F70-4ECC-86B8-BB937B7AE895}" = protocol=6 | dir=out | app=system |
"{5022FA93-8BB0-45DC-ABD0-3BD6B73EA31A}" = protocol=17 | dir=in | app=f:\common\epsonnet setup\eneasyapp.exe |
"{5663CC25-9979-4D8B-A3B3-64BB3C9B61D5}" = dir=in | app=c:\program files (x86)\seagate\seagate dashboard\hipservagent\hipservagent.exe |
"{58E4D933-2653-46CC-B267-C94D22B13342}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{59444AEE-6791-48F0-A946-631DE4F3B778}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{5BF4A6F2-A3AE-41CC-B467-A42A44C1F65D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{657A020F-4EC0-4C16-8ADF-D60AF6ABD108}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{6FC4CBEA-4ED0-4F1F-9BAC-1CD4B55CB570}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{716F3097-44D1-43BB-8A6B-448EEAE3B51E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{781F0E2D-7756-49AF-872E-E471B47291B4}" = protocol=58 | dir=in | name=file and printer sharing (echo request - icmpv6-in) |
"{7CA849A4-B1CC-42EC-8867-3A68FE910D38}" = protocol=17 | dir=in | app=c:\users\anything\appdata\roaming\dropbox\bin\dropbox.exe |
"{7CFD7DFD-A48F-477C-8B2B-75C8A24B647D}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{84B42AE2-09F3-421D-AEAE-67D59C9C7621}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{8DF79AC2-D1FD-4B63-B2FB-23C09E8F142A}" = protocol=1 | dir=out | name=file and printer sharing (echo request - icmpv4-out) |
"{92B1067F-EFDE-4052-8B5C-31B82954F3FC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95A6C032-8A46-4F15-8784-27172FC744C4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{968310C3-DA81-4821-A6AF-62B15D60C1E9}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{9A97D687-9BBF-4871-9E1C-A6D8A030FFEC}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcrmgr.exe |
"{9C8942C7-F1D1-41CF-8FA8-98D3AA757824}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{9E549B47-DC7F-4928-B7C3-BB4462FDDFA3}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9FE26C49-BB59-4CB2-8650-1078F599B02D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A0A96217-1BF7-40DA-B81E-87064E044137}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A2C19601-E27D-482C-B7C2-18B18C21C2A7}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{AB527AC2-D482-4763-A196-067A6D2D4B49}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{B1320886-AEAB-4346-B63B-A859413ED2F7}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B157CBCE-230D-4625-B885-6C9E24E1870D}" = dir=out | app=c:\program files (x86)\zecter\zumocast\zumocast.exe |
"{B4BA34DF-9830-4C75-8619-6F03E8A7C75C}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{B7D7390C-3D2E-4608-A6F6-D4DFCBE25A1E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{BC57219D-0B1C-4891-920C-7115A2B0D711}" = dir=out | app=c:\program files (x86)\zecter\zumocast\bin\gst-thumbnailer.exe |
"{C06A5762-EDC0-4C9B-9AB2-60BE2DA9025B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{C0A4AB75-4982-412D-BF5A-7376233DFBCE}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |
"{C2D13A77-83A3-4F36-82BF-E3BE998F2B04}" = protocol=6 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{C305D7BC-1CAC-4C9C-8C3E-66F116A131BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C7872FA5-C8E5-4313-9C4D-F82A3A2A08F5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CA8AB1FA-7981-4E9B-9E30-8D3C248B2182}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CB759F32-2C03-47C6-A80F-046D128A174E}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{D409A1CD-1DF4-42EB-A80C-070B176E6418}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{D7BAA8C7-132D-4BFD-BA40-8EA0C39FAFBE}" = protocol=58 | dir=out | name=file and printer sharing (echo request - icmpv6-out) |
"{E0540681-0B10-4F70-8C6B-3AD931648EAD}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{E6E3E89B-EF39-49C4-A482-1AB3D47A5839}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{E8A761E8-B243-48D5-8729-FC2F648B5C73}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E90FE65B-7825-44F5-9AD4-B14CEC31BE3C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{EEC95A95-51AC-4D4E-BD81-C7411BAFD549}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{EF42D633-3485-4B6C-B1E1-7118F3299BFB}" = protocol=17 | dir=in | app=c:\windows\ehome\ehshell.exe |
"{FDA29479-1063-4F75-945C-FD594505787F}" = dir=in | app=c:\program files (x86)\zecter\zumocast\bin\gst-thumbnailer.exe |
"TCP Query User{0234AF06-7BD4-4B78-A2E8-DE041C42E030}C:\program files\schwab\sspro\sspro.exe" = protocol=6 | dir=in | app=c:\program files\schwab\sspro\sspro.exe |
"TCP Query User{060EC1E6-A2D6-43FD-A860-69B0916A1294}C:\program files (x86)\mirc\mirc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"TCP Query User{0F50E452-EBCB-4FEF-A447-9538FD00C2BD}C:\program files\schwab\sspro\sspro.exe" = protocol=6 | dir=in | app=c:\program files\schwab\sspro\sspro.exe |
"TCP Query User{15F5F59A-8511-416C-9EA1-CA482F6E4AEE}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{20E6BDFA-0592-4D90-BEA2-0621ABAEA6B0}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{39DB9017-830B-4983-B737-C37537B36AD9}C:\program files (x86)\verizon\verizon media manager\release\verizon media manager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\verizon\verizon media manager\release\verizon media manager.exe |
"TCP Query User{3E0896CD-40E4-4468-8418-A0A3A62F4E4D}C:\program files (x86)\synology download redirector\redirector.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology download redirector\redirector.exe |
"TCP Query User{40EAF976-0854-48D7-B157-B5948EEC2451}C:\windows\system32\mmc.exe" = protocol=6 | dir=in | app=c:\windows\system32\mmc.exe |
"TCP Query User{44AEB8F2-3E4D-4609-9612-1F68F4E71FF9}C:\program files (x86)\skype\phone\skype1.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype1.exe |
"TCP Query User{4E0D4E98-6F70-4A23-8E37-6DF1E821D8A3}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"TCP Query User{59D3032F-F219-458E-B51F-FB5244EC6269}F:\windows\dsassistant\dsassistant.exe" = protocol=6 | dir=in | app=f:\windows\dsassistant\dsassistant.exe |
"TCP Query User{5AA77466-A026-43A0-9224-8225AC94B154}L:\techwizard.exe" = protocol=6 | dir=in | app=l:\techwizard.exe |
"TCP Query User{6B392D01-CE19-4068-A507-730E3BA5B2B9}C:\users\anything\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\anything\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{729F410F-975B-4AAA-9F33-30FACB5FF492}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{7C4E1C5B-2D26-4538-94B7-6FB66B9796FB}C:\program files (x86)\synology data replicator 3\backup.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology data replicator 3\backup.exe |
"TCP Query User{B9988CEE-108C-4597-84B6-3612B317F59C}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe |
"TCP Query User{C48822B7-D4F7-4F5F-AE25-0516ED520646}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{E737A7FD-14C0-4EA8-A508-85730D513E62}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"TCP Query User{ECD9C321-0109-4548-A44E-9B0E80273E91}C:\windows\system32\mmc.exe" = protocol=6 | dir=in | app=c:\windows\system32\mmc.exe |
"TCP Query User{F290284E-57D2-4909-A4F2-3FC6DBCAF518}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{F34BC619-953F-42A0-9BC8-2E36BD5BDACC}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=6 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"TCP Query User{F5FB4DA7-ED5C-4207-8C96-DE6026FF840D}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{07676166-8AD4-46E0-8D4E-6DD575A42821}C:\program files (x86)\eye-fi\helper\eyefihelper.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eye-fi\helper\eyefihelper.exe |
"UDP Query User{0CE0ADD2-9B67-460D-9BE4-B3B868D13A16}L:\techwizard.exe" = protocol=17 | dir=in | app=l:\techwizard.exe |
"UDP Query User{1EC49C6D-4F44-46CF-B3FF-698FA241DBAC}C:\program files\schwab\sspro\sspro.exe" = protocol=17 | dir=in | app=c:\program files\schwab\sspro\sspro.exe |
"UDP Query User{294B3B45-6049-4716-B5AB-40CB0A25DF80}C:\users\anything\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\anything\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{2A0649F4-9E1F-4174-BAF5-F9691E274085}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{2F930BCC-E9F2-4017-94AB-339CC93526CA}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{34CFFE3E-4D2A-41E9-8728-F4E30C63BC38}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{37A2C9AD-CDE7-44E5-8EDE-CA91CAB502AE}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{399451B9-DF07-46FC-8B5A-6034C2A1DB79}C:\program files\schwab\sspro\sspro.exe" = protocol=17 | dir=in | app=c:\program files\schwab\sspro\sspro.exe |
"UDP Query User{73400CDB-7F23-4FE0-9050-3A3918EA3829}C:\program files (x86)\mirc\mirc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mirc\mirc.exe |
"UDP Query User{73805534-A3D4-43DE-8837-00EDA99CD165}C:\program files (x86)\skype\phone\skype1.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype1.exe |
"UDP Query User{73B91AA5-CC9A-4DA4-B601-4C5D0BD12731}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"UDP Query User{7C51BFD3-A13A-450C-A3F3-DCFE015B3C71}C:\program files (x86)\synology download redirector\redirector.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology download redirector\redirector.exe |
"UDP Query User{82E27D50-D0E4-4B1B-BFA1-39ABE0F4528C}C:\windows\system32\mmc.exe" = protocol=17 | dir=in | app=c:\windows\system32\mmc.exe |
"UDP Query User{8D858C47-8B7A-4F60-9549-A6EC7C81E0CA}F:\windows\dsassistant\dsassistant.exe" = protocol=17 | dir=in | app=f:\windows\dsassistant\dsassistant.exe |
"UDP Query User{90979385-B588-4596-B2EB-8552BB7B2562}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"UDP Query User{AB95860C-7F34-4058-B18A-26A0048045CD}C:\program files (x86)\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\program files (x86)\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{B75D36FA-5936-4010-AA33-E901E988D151}C:\program files (x86)\synology data replicator 3\backup.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology data replicator 3\backup.exe |
"UDP Query User{D423F9D3-4109-4550-A974-12A5908DC349}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |
"UDP Query User{ECAB3E49-0CD5-473D-898C-261C818AE9D3}C:\program files (x86)\verizon\verizon media manager\release\verizon media manager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\verizon\verizon media manager\release\verizon media manager.exe |
"UDP Query User{F9CB2BC8-F13F-41DF-AF1B-D174F4DC9D55}C:\program files (x86)\synology\assistant\dsassistant.exe" = protocol=17 | dir=in | app=c:\program files (x86)\synology\assistant\dsassistant.exe |
"UDP Query User{FF7FADDD-EB94-412C-B62C-7533AA6BD689}C:\windows\system32\mmc.exe" = protocol=17 | dir=in | app=c:\windows\system32\mmc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series" = Canon MX860 series MP Drivers
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1CCF1727-A817-4FEE-A028-5466FB542934}" = Motorola Mobile Drivers Installation 5.2.0
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java™ 7 Update 1 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}" = Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{64A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java™ SE Development Kit 7 Update 1 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Bing Maps 3D
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo Layers Runtime 1.10.01
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}" = Adobe Photoshop Lightroom 3.6 64-bit
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F7ADB493-B913-4D61-9A63-DA736C20C3F2}" = Adobe Photoshop Lightroom 4.1 64-bit
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"ATT-RC" = ATT-RC Self Support Tool
"CCleaner" = CCleaner
"Creative VF0610" = Creative Live! Cam Socialize HD (VF0610) (1.03.04.00)
"Defraggler" = Defraggler
"EPSON WP-4530 Series" = EPSON WP-4530 Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardware Diagnostic Tools

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{007F778D-F15C-4EAB-AE92-071D21FAF632}" = Adobe Photoshop Elements 9
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F052922-4BCE-4763-A540-00857554336D}" = Redist
"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{131FE272-DA3F-7F80-3996-A4F904EEF337}" = Xtend
"{13A5E785-5197-4EAD-8EE3-D660271E49BC}" = Feedback Tool
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17C4A35A-2041-42C0-8D10-DEF55B47BE56}" = Adobe Premiere Elements 8.0 Templates
"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1896E712-2B3D-45eb-BCE9-542742A51032}" = PictureMover
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1CCF681C-C203-49B3-83F4-A54F0F944416}" = ASPCA Reminder by We-Care.com v5.0.5.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{243EF3E5-537D-4A15-8EE8-47D5473D9C73}" = Acronis True Image Home 2012
"{243EF3E5-537D-4A15-8EE8-47D5473D9C73}Visible" = Acronis True Image Home 2012
"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java™ 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37D59F62-2FC7-412D-AA55-3D0E6A9BD9C7}" = Microsoft Live Search Toolbar
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{420DFB63-8AE7-F7D6-E4B4-AB6D140221F4}" = FlipShare
"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4FFBB818-B13C-11E0-931D-B2664824019B}_is1" = Complitly
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5646676A-5A97-4B66-BE71-1B1770AD982B}" = StreetSmart Edge
"{58F4D4FD-1814-4068-B316-C28FC776C6DD}" = GoToMyPC
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6421F085-1FAA-DE13-D02A-CFB412C522A4}" = Acrobat.com
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{664708B3-C730-11D5-ADE7-00B0D07D157A}" = StreetSmart Pro
"{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1" = HP Easy Backup
"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{730EF0E8-8B8E-4054-B2CE-5D4BA3BCE510}" = Vz In Home Agent
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7764F7B0-7225-4145-82B6-2AB4540D33A6}" = Eye-Fi Center 3.4
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator 3
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95140000-007D-0409-0000-0000000FF1CE}" = Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}" = HP MediaSmart Demo
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A3D88A98-506E-4CFC-B294-E256C679B0EE}" = Microsoft Store Download Manager
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{B1E9B7ED-8187-433a-9EAE-20DF1A8968B1}" = Synology Download Redirector
"{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}" = Garmin Communicator Plugin
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B83FC356-B7C0-441F-8A4D-D71E088E7974}" = NVIDIA PhysX
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BEDF5135-3DDC-4488-BA2C-D94AB4BB8DA2}" = IHA_MessageCenter
"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = Nikon RAW Codec
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CCF6F57B-F6B4-4508-BF45-63AAC9DE416A}" = Quicken 2010
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
[size="2"]"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10[/size]
[size="2"]"{E2AE009D-37E5-4724-A6B8-0ED6A6BA4F68}" = Elements STI Installer[/size]
[size="2"]"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer[/size]
[size="2"]"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)[/size]
[size="2"]"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger[/size]
[size="2"]"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9[/size]
[size="2"]"{EC8282AB-48DD-91D2-7387-01CD6E100A5D}" = Adobe Photoshop.com Inspiration Browser[/size]
[size="2"]"{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}" = Dragon NaturallySpeaking 11[/size]
[size="2"]"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX[/size]
[size="2"]"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU][/size]
[size="2"]"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver[/size]
[size="2"]"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup[/size]
[size="2"]"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint[/size]
[size="2"]"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials[/size]
[size="2"]"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint[/size]
[size="2"]"ActiveTouchMeetingClient" = WebEx[/size]
[size="2"]"Adobe AIR" = Adobe AIR[/size]
[size="2"]"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX[/size]
[size="2"]"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin[/size]
[size="2"]"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0[/size]
[size="2"]"Adobe Photoshop Elements 9" = Adobe Photoshop Elements 9[/size]
[size="2"]"Adobe Shockwave Player" = Adobe Shockwave Player 11.6[/size]
[size="2"]"Advanced Audio FX Engine" = Advanced Audio FX Engine[/size]
[size="2"]"Android SDK Tools" = Android SDK Tools[/size]
[size="2"]"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor[/size]
[size="2"]"ATT-RC" = ATT-RC Self Support Tool[/size]
[size="2"]"ATT-SST" = AT&T Service & Support Tool[/size]
[size="2"]"BookDB2_is1" = BookDB2[/size]
[size="2"]"Canon MX860 series User Registration" = Canon MX860 series User Registration[/size]
[size="2"]"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility[/size]
[size="2"]"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool[/size]
[size="2"]"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program[/size]
[size="2"]"CanonMyPrinter" = Canon Utilities My Printer[/size]
[size="2"]"CanonSolutionMenu" = Canon Utilities Solution Menu[/size]
[size="2"]"Carbonite Backup" = Carbonite[/size]
[size="2"]"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help[/size]
[size="2"]"Cisco Connect" = Cisco Connect[/size]
[size="2"]"CobBackup8" = Cobian Backup 8[/size]
[size="2"]"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com[/size]
[size="2"]"Creative Live! Central 2" = Creative Live! Central 2[/size]
[size="2"]"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX[/size]
[size="2"]"EPSON Scanner" = EPSON Scan[/size]
[size="2"]"ERUNT_is1" = ERUNT 1.1j[/size]
[size="2"]"ESET Online Scanner" = ESET Online Scanner v3[/size]
[size="2"]"FLV Player2.0.25" = FLV Player[/size]
[size="2"]"Freecorder5.07" = Freecorder 5[/size]
[size="2"]"freecordertoolbar" = Freecorder Toolbar[/size]
[size="2"]"Google Calendar Sync" = Google Calendar Sync[/size]
[size="2"]"Google Chrome" = Google Chrome[/size]
[size="2"]"Google Desktop" = Google Desktop[/size]
[size="2"]"Google Updater" = Google Updater[/size]
[size="2"]"Gravity_is1" = Gravity version 2.7[/size]
[size="2"]"HiDef Media Player" = HiDef Media Player 1.1.12[/size]
[size="2"]"Homepage Protection" = Homepage Protection[/size]
[size="2"]"HP Remote Solution" = HP Remote Solution[/size]
[size="2"]"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe[/size]
[size="2"]"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes[/size]
[size="2"]"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go[/size]
[size="2"]"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0[/size]
[size="2"]"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0[/size]
[size="2"]"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video[/size]
[size="2"]"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint[/size]
[size="2"]"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector[/size]
[size="2"]"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD[/size]
[size="2"]"Internet Download Manager" = Internet Download Manager[/size]
[size="2"]"LTCM Client" = LTCM Client[/size]
[size="2"]"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware[/size]
[size="2"]"mIRC" = mIRC[/size]
[size="2"]"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)[/size]
[size="2"]"MozillaMaintenanceService" = Mozilla Maintenance Service[/size]
[size="2"]"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1[/size]
[size="2"]"Office14.SingleImage" = Microsoft Office Home and Business 2010[/size]
[size="2"]"PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1" = Adobe Photoshop.com Inspiration Browser[/size]
[size="2"]"Picasa 3" = Picasa 3[/size]
[size="2"]"PremElem80" = Adobe Premiere Elements 8.0[/size]
[size="2"]"PremElem80Templates" = Adobe Premiere Elements 8.0 Templates[/size]
[size="2"]"PremElem90" = Adobe Premiere Elements 9[/size]
[size="2"]"PremiumSoft Navicat Lite_is1" = PremiumSoft Navicat Lite 9.1[/size]
[size="2"]"RealPlayer 15.0" = RealPlayer[/size]
[size="2"]"STAPLES 18799_is1" = STAPLES 18799[/size]
[size="2"]"StreamTorrent 1.0" = StreamTorrent 1.0[/size]
[size="2"]"Synology Assistant" = Synology Assistant (remove only)[/size]
[size="2"]"SysInfo" = Creative System Information[/size]
[size="2"]"uTorrent" = µTorrent[/size]
[size="2"]"Verizon Media Manager" = Verizon Media Manager[/size]
[size="2"]"WildTangent hp Master Uninstall" = HP Games[/size]
[size="2"]"WinLiveSuite" = Windows Live Essentials[/size]
[size="2"]"X-Chat 2_is1" = X-Chat 2.8.6-2[/size]
[size="2"]"Xtend2.71305F52FFD36D9BDDE00284EF6181AE6688276A.1" = Xtend[/size]
[size="2"]"YInstHelper" = Yahoo! Install Manager[/size]
[size="2"]"ZumoCast" = ZumoCast[/size]

[size="2"]========== HKEY_CURRENT_USER Uninstall List ==========[/size]

[size="2"][HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall][/size]
[size="2"]"Dropbox" = Dropbox[/size]
[size="2"]"FoxTab Media Player" = FoxTab Media Player[/size]
[size="2"]"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8[/size]

[size="2"]========== Last 20 Event Log Errors ==========[/size]

[size="2"][ Application Events ][/size]
[size="2"]Error - 8/8/2012 5:37:41 AM | Computer Name = Elite | Source = Desktop Window Manager | ID = 9020[/size]
[size="2"]Description = The Desktop Window Manager has encountered a fatal error (0x80070008)[/size]

[size="2"]Error - 8/8/2012 7:28:58 AM | Computer Name = Elite | Source = Desktop Window Manager | ID = 9020[/size]
[size="2"]Description = The Desktop Window Manager has encountered a fatal error (0x80070008)[/size]

[size="2"]Error - 8/8/2012 9:07:57 AM | Computer Name = Elite | Source = Desktop Window Manager | ID = 9020[/size]
[size="2"]Description = The Desktop Window Manager has encountered a fatal error (0x80070008)[/size]

[size="2"]Error - 8/8/2012 10:31:29 AM | Computer Name = Elite | Source = Application Error | ID = 1000[/size]
[size="2"]Description = Faulting application name: InstantBackup.exe, version: 1.0.0.0, time[/size]
[size="2"] stamp: 0x4f88eaec Faulting module name: ntdll.dll, version: 6.1.7601.17725, time[/size]
[size="2"] stamp: 0x4ec49b8f Exception code: 0xc0000374 Fault offset: 0x000ce6c3 Faulting process[/size]
[size="2"] id: 0x1558 Faulting application start time: 0x01cd7243a52b5597 Faulting application[/size]
[size="2"] path: C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe Faulting module [/size]
[size="2"]path: C:\Windows\SysWOW64\ntdll.dll Report Id: bd62e51c-e165-11e1-a88a-90e6baa4fde5[/size]

[size="2"]Error - 8/8/2012 3:56:28 PM | Computer Name = Elite | Source = Microsoft-Windows-Defrag | ID = 257[/size]
[size="2"]Description = [/size]

[size="2"]Error - 8/8/2012 5:39:18 PM | Computer Name = Elite | Source = SideBySide | ID = 16842832[/size]
[size="2"]Description = Activation context generation failed for "c:\Users\anything\Desktop\esetsmartinstaller_enu.exe".Error[/size]
[size="2"] in manifest or policy file "" on line . A component version required by the application[/size]
[size="2"] conflicts with another component version already active. Conflicting components [/size]
[size="2"]are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.[/size]
[size="2"]Component[/size]
[size="2"] 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.[/size]

[size="2"]Error - 8/8/2012 5:39:38 PM | Computer Name = Elite | Source = SideBySide | ID = 16842832[/size]
[size="2"]Description = Activation context generation failed for "c:\Users\anything\Desktop\esetsmartinstaller_enu.exe".Error[/size]
[size="2"] in manifest or policy file "" on line . A component version required by the application[/size]
[size="2"] conflicts with another component version already active. Conflicting components [/size]
[size="2"]are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.[/size]
[size="2"]Component[/size]
[size="2"] 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.[/size]

[size="2"]Error - 8/11/2012 4:29:17 PM | Computer Name = Elite | Source = VSS | ID = 8193[/size]
[size="2"]Description = [/size]

[size="2"]Error - 8/11/2012 7:17:09 PM | Computer Name = Elite | Source = Application Error | ID = 1000[/size]
[size="2"]Description = Faulting application name: Defraggler64.exe, version: 2.7.0.346, time[/size]
[size="2"] stamp: 0x4e6f246e Faulting module name: Defraggler64.exe, version: 2.7.0.346, time[/size]
[size="2"] stamp: 0x4e6f246e Exception code: 0xc0000005 Fault offset: 0x00000000001a0093 Faulting[/size]
[size="2"] process id: 0x2560 Faulting application start time: 0x01cd78106b9265b1 Faulting application[/size]
[size="2"] path: C:\Program Files\Defraggler\Defraggler64.exe Faulting module path: C:\Program[/size]
[size="2"] Files\Defraggler\Defraggler64.exe Report Id: ac192d9f-e40a-11e1-ab05-90e6baa4fde5[/size]

[size="2"]Error - 8/14/2012 8:54:02 AM | Computer Name = Elite | Source = SideBySide | ID = 16842832[/size]
[size="2"]Description = Activation context generation failed for "C:\Users\anything\Desktop\esetsmartinstaller_enu.exe".Error[/size]
[size="2"] in manifest or policy file "" on line . A component version required by the application[/size]
[size="2"] conflicts with another component version already active. Conflicting components [/size]
[size="2"]are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.[/size]
[size="2"]Component[/size]
[size="2"] 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.[/size]

[size="2"]Error - 8/14/2012 3:23:10 PM | Computer Name = Elite | Source = SideBySide | ID = 16842832[/size]
[size="2"]Description = Activation context generation failed for "C:\Users\anything\Desktop\esetsmartinstaller_enu.exe".Error[/size]
[size="2"] in manifest or policy file "" on line . A component version required by the application[/size]
[size="2"] conflicts with another component version already active. Conflicting components [/size]
[size="2"]are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.[/size]
[size="2"]Component[/size]
[size="2"] 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.[/size]

[size="2"][ Hewlett-Packard Events ][/size]
[size="2"]Error - 2/20/2012 1:48:54 PM | Computer Name = Elite | Source = Hewlett-Packard | ID = 0[/size]
[size="2"]Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP[/size]
[size="2"] Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32[/size]
[size="2"] errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode[/size]
[size="2"] mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32[/size]
[size="2"] bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, [/size]
[size="2"]Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, [/size]
[size="2"]FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String[/size]
[size="2"] msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode[/size]
[size="2"] mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)[/size]

[size="2"] at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,[/size]
[size="2"] Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)[/size]

[size="2"] at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a() [/size]

[size="2"]Error - 2/23/2012 11:10:15 PM | Computer Name = Elite | Source = Hewlett-Packard | ID = 0[/size]
[size="2"]Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP[/size]
[size="2"] Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32[/size]
[size="2"] errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode[/size]
[size="2"] mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32[/size]
[size="2"] bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, [/size]
[size="2"]Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, [/size]
[size="2"]FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String[/size]
[size="2"] msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode[/size]
[size="2"] mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)[/size]

[size="2"] at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,[/size]
[size="2"] Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)[/size]

[size="2"] at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a() [/size]

[size="2"]Error - 3/28/2012 9:15:17 AM | Computer Name = Elite | Source = Hewlett-Packard | ID = 0[/size]
[size="2"]Description = en-US Object reference not set to an instance of an object. HPSF at[/size]
[size="2"] HPAssistant.Pages.Settings.loadTuneUPSettings() at HPAssistant.Pages.Settings.Page_Loaded(Object[/size]
[size="2"] sender, RoutedEventArgs e) at System.Windows.RoutedEventHandlerInfo.InvokeHandler(Object[/size]
[size="2"] target, RoutedEventArgs routedEventArgs) at System.Windows.EventRoute.InvokeHandlersImpl(Object[/size]
[size="2"] source, RoutedEventArgs args, Boolean reRaised) at System.Windows.UIElement.RaiseEventImpl(DependencyObject[/size]
[size="2"] sender, RoutedEventArgs args) at System.Windows.UIElement.RaiseEvent(RoutedEventArgs[/size]
[size="2"] e) at System.Windows.BroadcastEventHelper.BroadcastEvent(DependencyObject root,[/size]
[size="2"] RoutedEvent routedEvent) at System.Windows.BroadcastEventHelper.BroadcastLoadedEvent(Object[/size]
[size="2"] root) at MS.Internal.LoadedOrUnloadedOperation.DoWork() at System.Windows.Media.MediaContext.FireLoadedPendingCallbacks()[/size]

[size="2"] at System.Windows.Media.MediaContext.FireInvokeOnRenderCallbacks() at System.Windows.Media.MediaContext.RenderMessageHandlerCore(Object[/size]
[size="2"] resizedCompositionTarget) at System.Windows.Media.MediaContext.RenderMessageHandler(Object[/size]
[size="2"] resizedCompositionTarget) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate[/size]
[size="2"] callback, Object args, Boolean isSingleParameter) at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object[/size]
[size="2"] source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)[/size]

[size="2"]Error - 3/28/2012 9:15:38 AM | Computer Name = Elite | Source = Hewlett-Packard | ID = 0[/size]
[size="2"]Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP[/size]
[size="2"] Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32[/size]
[size="2"] errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode[/size]
[size="2"] mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32[/size]
[size="2"] bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, [/size]
[size="2"]Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, [/size]
[size="2"]FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String[/size]
[size="2"] msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode[/size]
[size="2"] mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)[/size]

[size="2"] at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,[/size]
[size="2"] Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)[/size]

[size="2"] at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a() [/size]

[size="2"]Error - 4/2/2012 12:55:44 PM | Computer Name = Elite | Source = Hewlett-Packard | ID = 0[/size]
[size="2"]Description = en-US Could not find file 'C:\Program Files (x86)\Hewlett-Packard\HP[/size]
[size="2"] Support Framework\Logs\SystemInfoAA.xml'. mscorlib at System.IO.__Error.WinIOError(Int32[/size]
[size="2"] errorCode, String maybeFullPath) at System.IO.FileStream.Init(String path, FileMode[/size]
[size="2"] mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32[/size]
[size="2"] bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, [/size]
[size="2"]Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode mode, [/size]
[size="2"]FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String[/size]
[size="2"] msgPath, Boolean bFromProxy) at System.IO.FileStream..ctor(String path, FileMode[/size]
[size="2"] mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options)[/size]

[size="2"] at System.IO.StreamReader..ctor(String path, Encoding encoding, Boolean detectEncodingFromByteOrderMarks,[/size]
[size="2"] Int32 bufferSize) at System.IO.StreamReader..ctor(String path, Encoding encoding)[/size]

[size="2"] at System.IO.File.ReadAllText(String path, Encoding encoding) at n.a() [/size]

[size="2"]Error - 4/25/2012 10:14:25 AM | Computer Name = Elite | Source = HPSF.exe | ID = 4000[/size]
[size="2"]Description = [/size]

[size="2"]Error - 4/25/2012 10:16:54 AM | Computer Name = Elite | Source = HPSF.exe | ID = 4000[/size]
[size="2"]Description = HP Error ID: -2146233087HPSF.exe Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String[/size]
[size="2"] action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[][/size]
[size="2"] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String[/size]
[size="2"] action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[][/size]
[size="2"] outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage[/size]
[size="2"] methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage[/size]
[size="2"] message) Exception rethrown at [0] Message: The server did not provide a meaningful[/size]
[size="2"] reply; this might be caused by a contract mismatch, a premature session shutdown[/size]
[size="2"] or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String[/size]
[size="2"] action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[][/size]
[size="2"] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String[/size]
[size="2"] action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[][/size]
[size="2"] outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage[/size]
[size="2"] methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage[/size]
[size="2"] message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage[/size]
[size="2"] reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&[/size]
[size="2"] msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer()[/size]

[size="2"] at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib[/size]

[size="2"]Name:[/size]
[size="2"] HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support[/size]
[size="2"] Framework\HPSF.exe Format: en-US RAM: 9207 Ram Utilization: 60 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,[/size]
[size="2"] System.Runtime.Remoting.Messaging.IMessage) [/size]

[size="2"]Error - 4/25/2012 10:16:54 AM | Computer Name = Elite | Source = HPSF.exe | ID = 4000[/size]
[size="2"]Description = [/size]

[size="2"]Error - 5/9/2012 10:54:56 AM | Computer Name = Elite | Source = HPSF.exe | ID = 4000[/size]
[size="2"]Description = [/size]

[size="2"]Error - 5/9/2012 10:57:09 AM | Computer Name = Elite | Source = HPSF.exe | ID = 4000[/size]
[size="2"]Description = [/size]

[size="2"][ Media Center Events ][/size]
[size="2"]Error - 5/20/2012 12:20:05 AM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:20:05 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/20/2012 12:47:32 PM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:47:26 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/21/2012 12:19:39 AM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:19:39 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/21/2012 12:30:26 PM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:30:21 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/22/2012 12:52:44 AM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:52:44 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/22/2012 6:51:31 AM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 3:51:31 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/22/2012 12:34:09 PM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:34:08 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/23/2012 1:00:12 AM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 10:00:12 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 5/23/2012 12:50:13 PM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:50:07 AM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 404: The requested URL does not exist on the server. ) [/size]

[size="2"]Error - 6/7/2012 12:47:02 AM | Computer Name = Elite | Source = MCUpdate | ID = 0[/size]
[size="2"]Description = 9:47:02 PM - Failed to retrieve SportsSchedule.enc (Error: HTTP status[/size]
[size="2"] 400: The server cannot process the request because the syntax is not valid. ) [/size]

[size="2"][ System Events ][/size]
[size="2"]Error - 8/14/2012 9:28:46 AM | Computer Name = Elite | Source = Service Control Manager | ID = 7022[/size]
[size="2"]Description = The Windows Update service hung on starting.[/size]

[size="2"]Error - 8/14/2012 9:53:22 AM | Computer Name = Elite | Source = Application Popup | ID = 1060[/size]
[size="2"]Description = \??\C:\Windows\SysWow64\Drivers\uzmzntm0.sys has been blocked from[/size]
[size="2"] loading due to incompatibility with this system. Please contact your software vendor[/size]
[size="2"] for a compatible version of the driver.[/size]

[size="2"]Error - 8/14/2012 9:53:22 AM | Computer Name = Elite | Source = Application Popup | ID = 1060[/size]
[size="2"]Description = \??\C:\Windows\SysWow64\Drivers\vdmzntm0.sys has been blocked from[/size]
[size="2"] loading due to incompatibility with this system. Please contact your software vendor[/size]
[size="2"] for a compatible version of the driver.[/size]

[size="2"]Error - 8/14/2012 9:56:27 AM | Computer Name = Elite | Source = DCOM | ID = 10016[/size]
[size="2"]Description = [/size]

[size="2"]Error - 8/14/2012 10:02:06 AM | Computer Name = Elite | Source = Service Control Manager | ID = 7022[/size]
[size="2"]Description = The Windows Update service hung on starting.[/size]

[size="2"]Error - 8/14/2012 10:23:30 AM | Computer Name = Elite | Source = Application Popup | ID = 1060[/size]
[size="2"]Description = \??\C:\Windows\SysWow64\Drivers\uzmzntm0.sys has been blocked from[/size]
[size="2"] loading due to incompatibility with this system. Please contact your software vendor[/size]
[size="2"] for a compatible version of the driver.[/size]

[size="2"]Error - 8/14/2012 10:23:30 AM | Computer Name = Elite | Source = Application Popup | ID = 1060[/size]
[size="2"]Description = \??\C:\Windows\SysWow64\Drivers\vdmzntm0.sys has been blocked from[/size]
[size="2"] loading due to incompatibility with this system. Please contact your software vendor[/size]
[size="2"] for a compatible version of the driver.[/size]

[size="2"]Error - 8/14/2012 10:26:37 AM | Computer Name = Elite | Source = DCOM | ID = 10016[/size]
[size="2"]Description = [/size]

[size="2"]Error - 8/14/2012 10:33:56 AM | Computer Name = Elite | Source = Service Control Manager | ID = 7022[/size]
[size="2"]Description = The Windows Update service hung on starting.[/size]

[size="2"]Error - 8/14/2012 3:27:45 PM | Computer Name = Elite | Source = iaStor | ID = 262153[/size]
[size="2"]Description = The device, \Device\Ide\iaStor0, did not respond within the timeout[/size]
[size="2"] period.[/size]

[size="2"]< End of report >[/size]

[size="2"]==========================[/size]

[size="2"]OTL logfile created on: 8/14/2012 12:24:07 PM - Run 7[/size]
[size="2"]OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\anything\Desktop[/size]
[size="2"]64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation[/size]
[size="2"]Internet Explorer (Version = 9.0.8112.16421)[/size]
[size="2"]Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy[/size]

[size="2"]8.99 Gb Total Physical Memory | 3.48 Gb Available Physical Memory | 38.74% Memory free[/size]
[size="2"]17.98 Gb Paging File | 12.39 Gb Available in Paging File | 68.92% Paging File free[/size]
[size="2"]Paging file location(s): ?:\pagefile.sys [binary data][/size]

[size="2"]%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)[/size]
[size="2"]Drive C: | 880.08 Gb Total Space | 291.28 Gb Free Space | 33.10% Space Free | Partition Type: NTFS[/size]
[size="2"]Drive D: | 12.27 Gb Total Space | 2.17 Gb Free Space | 17.71% Space Free | Partition Type: NTFS[/size]
[size="2"]Drive E: | 465.76 Gb Total Space | 104.29 Gb Free Space | 22.39% Space Free | Partition Type: NTFS[/size]
[size="2"]Drive K: | 3726.01 Gb Total Space | 2123.47 Gb Free Space | 56.99% Space Free | Partition Type: NTFS[/size]
[size="2"]Drive M: | 38.09 Gb Total Space | 15.79 Gb Free Space | 41.45% Space Free | Partition Type: NTFS[/size]

[size="2"]Computer Name: ELITE | User Name: anything | Logged in as Administrator.[/size]
[size="2"]Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans[/size]
[size="2"]Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days[/size]

[size="2"]========== Processes (SafeList) ==========[/size]

[size="2"]PRC - C:\Users\anything\Desktop\OTL.exe (OldTimer Tools)[/size]
[size="2"]PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)[/size]
[size="2"]PRC - C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe (Google Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)[/size]
[size="2"]PRC - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)[/size]
[size="2"]PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)[/size]
[size="2"]PRC - C:\Users\anything\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe ()[/size]
[size="2"]PRC - C:\Program Files\Schwab\SSPro\SSPro.exe (Charles Schwab & Co., Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)[/size]
[size="2"]PRC - C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe (Eye-Fi, Inc.)[/size]
[size="2"]PRC - C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))[/size]
[size="2"]PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe (Memeo)[/size]
[size="2"]PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)[/size]
[size="2"]PRC - C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe (Axentra Corporation)[/size]
[size="2"]PRC - C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)[/size]
[size="2"]PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)[/size]
[size="2"]PRC - C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)[/size]
[size="2"]PRC - C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)[/size]
[size="2"]PRC - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe ()[/size]
[size="2"]PRC - C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe ()[/size]
[size="2"]PRC - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)[/size]
[size="2"]PRC - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)[/size]
[size="2"]PRC - C:\Windows\V0610Mon.exe (Creative Technology Ltd.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Motive\McciContextHookShim.exe (Alcatel-Lucent)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe (Tonec Inc.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)[/size]
[size="2"]PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)[/size]
[size="2"]PRC - C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.)[/size]
[size="2"]PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)[/size]
[size="2"]PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)[/size]
[size="2"]PRC - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)[/size]
[size="2"]PRC - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)[/size]
[size="2"]PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)[/size]
[size="2"]PRC - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()[/size]

[size="2"]========== Modules (No Company Name) ==========[/size]

[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\ppgooglenaclpluginchrome.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\PepperFlash\pepflashplayer.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\pdf.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\libglesv2.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\libegl.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\avutil-51.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\avformat-54.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\avcodec-54.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\6c59a14a23f734093e80d6093e25302a\Microsoft.VisualBasic.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\69ca4a43ba14b66689715ad62aed70e6\System.ServiceProcess.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\761fd1afc17f11bf6d49c3a7d16465ca\System.Web.Services.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\635b3aec298ad5e8c903b2323d79cc5a\IAStorUtil.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Eye-Fi\Helper\libexif.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Eye-Fi\Helper\libopenraw.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Google\Google Desktop Search\gzlib.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()[/size]
[size="2"]MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()[/size]
[size="2"]MOD - C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.dll ()[/size]
[size="2"]MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()[/size]

[size="2"]========== Win32 Services (SafeList) ==========[/size]

[size="2"]SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)[/size]
[size="2"]SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)[/size]
[size="2"]SRV:64bit: - (EpsonCustomerParticipation) -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe (SEIKO EPSON CORPORATION)[/size]
[size="2"]SRV:64bit: - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (www.carbonite.com))[/size]
[size="2"]SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)[/size]
[size="2"]SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)[/size]
[size="2"]SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)[/size]
[size="2"]SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)[/size]
[size="2"]SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)[/size]
[size="2"]SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)[/size]
[size="2"]SRV - (syncagentsrv) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)[/size]
[size="2"]SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)[/size]
[size="2"]SRV - (IHA_MessageCenter) -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe (Verizon)[/size]
[size="2"]SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)[/size]
[size="2"]SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Hewlett-Packard Company)[/size]
[size="2"]SRV - (SeagateDashboardService) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe (Memeo)[/size]
[size="2"]SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)[/size]
[size="2"]SRV - (FlipShare Service) -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe ()[/size]
[size="2"]SRV - (FlipShareServer) -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe ()[/size]
[size="2"]SRV - (AdobeActiveFileMonitor9.0) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)[/size]
[size="2"]SRV - (GoToMyPC) -- C:\Program Files (x86)\Citrix\GoToMyPC\g2svc.exe (Citrix Online, a division of Citrix Systems, Inc.)[/size]
[size="2"]SRV - (DragonSvc) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe (Nuance Communications, Inc.)[/size]
[size="2"]SRV - (SynoDrService) -- C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe ()[/size]
[size="2"]SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)[/size]
[size="2"]SRV - (MemeoBackgroundService) -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Memeo)[/size]
[size="2"]SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)[/size]
[size="2"]SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)[/size]
[size="2"]SRV - (atashost) -- C:\Windows\SysWOW64\atashost.exe (WebEx Communications, Inc.)[/size]
[size="2"]SRV - (AdobeActiveFileMonitor8.0) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)[/size]
[size="2"]SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)[/size]
[size="2"]SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)[/size]
[size="2"]SRV - (ABBYY.Licensing.FineReader.Sprint.9.0) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (ABBYY)[/size]
[size="2"]SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe ()[/size]
[size="2"]SRV - (HPBtnSrv) -- C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe ()[/size]

[size="2"]========== Driver Services (SafeList) ==========[/size]

[size="2"]DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)[/size]
[size="2"]DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis)[/size]
[size="2"]DRV:64bit: - (timounter) -- C:\Windows\SysNative\drivers\timntr.sys (Acronis)[/size]
[size="2"]DRV:64bit: - (vididr) -- C:\Windows\SysNative\drivers\vididr.sys (Acronis)[/size]
[size="2"]DRV:64bit: - (vidsflt67) -- C:\Windows\SysNative\drivers\vsflt67.sys (Acronis)[/size]
[size="2"]DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)[/size]
[size="2"]DRV:64bit: - (fltsrv) -- C:\Windows\SysNative\drivers\fltsrv.sys (Acronis)[/size]
[size="2"]DRV:64bit: - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)[/size]
[size="2"]DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)[/size]
[size="2"]DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (motccgp) -- C:\Windows\SysNative\drivers\motccgp.sys (Motorola)[/size]
[size="2"]DRV:64bit: - (motmodem) -- C:\Windows\SysNative\drivers\motmodem.sys (Motorola)[/size]
[size="2"]DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)[/size]
[size="2"]DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)[/size]
[size="2"]DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)[/size]
[size="2"]DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)[/size]
[size="2"]DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)[/size]
[size="2"]DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (V0610Vid) -- C:\Windows\SysNative\drivers\V0610Vid.sys (Creative Technology Ltd.)[/size]
[size="2"]DRV:64bit: - (MRESP50a64) -- C:\Program Files\Common Files\Motive\MRESP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))[/size]
[size="2"]DRV:64bit: - (MREMP50a64) -- C:\Program Files\Common Files\Motive\MREMP50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))[/size]
[size="2"]DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\drivers\Motousbnet.sys (Motorola)[/size]
[size="2"]DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)[/size]
[size="2"]DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)[/size]
[size="2"]DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)[/size]
[size="2"]DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)[/size]
[size="2"]DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)[/size]
[size="2"]DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)[/size]
[size="2"]DRV:64bit: - (motandroidusb) -- C:\Windows\SysNative\drivers\motoandroid.sys (Motorola)[/size]
[size="2"]DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y62x64.sys (Intel Corporation)[/size]
[size="2"]DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)[/size]
[size="2"]DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)[/size]
[size="2"]DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)[/size]
[size="2"]DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)[/size]
[size="2"]DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)[/size]
[size="2"]DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)[/size]
[size="2"]DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\drivers\motccgpfl.sys (Motorola)[/size]
[size="2"]DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\drivers\motfilt.sys (Motorola Inc)[/size]
[size="2"]DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\drivers\motswch.sys (Motorola)[/size]
[size="2"]DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)[/size]
[size="2"]DRV:64bit: - (CamDrL64) -- C:\Windows\SysNative\drivers\CamDrL64.sys (Logitech Inc.)[/size]
[size="2"]DRV - (vdmzntm0) -- C:\Windows\SysWOW64\drivers\vdmzntm0.sys ()[/size]
[size="2"]DRV - (uzmzntm0) -- C:\Windows\SysWOW64\drivers\uzmzntm0.sys ()[/size]
[size="2"]DRV - (MRESP50) -- C:\Program Files (x86)\Common Files\Motive\MRESP50.sys (Printing Communications Assoc., Inc. (PCAUSA))[/size]
[size="2"]DRV - (MREMP50) -- C:\Program Files (x86)\Common Files\Motive\MREMP50.sys (Printing Communications Assoc., Inc. (PCAUSA))[/size]
[size="2"]DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)[/size]

[size="2"]========== Standard Registry (SafeList) ==========[/size]

[size="2"]========== Internet Explorer ==========[/size]

[size="2"]IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt[/size]
[size="2"]IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}[/size]
[size="2"]IE:64bit: - HKLM\..\SearchScopes\{0068AB8E-D323-4537-8D8D-80AD5CD94630}: "URL" = http://www.bing.com/...rc=IE-SearchBox[/size]
[size="2"]IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC[/size]
[size="2"]IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7[/size]
[size="2"]IE:64bit: - HKLM\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd[/size]
[size="2"]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm[/size]
[size="2"]IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie[/size]
[size="2"]IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}[/size]
[size="2"]IE - HKLM\..\SearchScopes\{0068AB8E-D323-4537-8D8D-80AD5CD94630}: "URL" = http://www.bing.com/...rc=IE-SearchBox[/size]
[size="2"]IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC[/size]
[size="2"]IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7[/size]
[size="2"]IE - HKLM\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd[/size]

[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data][/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.google.com/[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie[/size]
[size="2"]IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie[/size]
[size="2"]IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found[/size]
[size="2"]IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}[/size]
[size="2"]IE - HKCU\..\SearchScopes\{0068AB8E-D323-4537-8D8D-80AD5CD94630}: "URL" = http://www.bing.com/...rc=IE-SearchBox[/size]
[size="2"]IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC[/size]
[size="2"]IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7[/size]
[size="2"]IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}[/size]
[size="2"]IE - HKCU\..\SearchScopes\{7C929119-562B-4D1D-A388-016A93F690B0}: "URL" = http://www.google.co...&rlz=1I7GGLD_en[/size]
[size="2"]IE - HKCU\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd[/size]
[size="2"]IE - HKCU\..\SearchScopes\{FB48B168-84BB-CCE3-D32D-94102F37C5B0}: "URL" = http://www.bing.com/...eferrer:source}[/size]
[size="2"]IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0[/size]
[size="2"]IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local[/size]

[size="2"]========== FireFox ==========[/size]

[size="2"]FF - prefs.js..browser.search.selectedEngine: "Bing"[/size]
[size="2"]FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?..._date=20111110"[/size]
[size="2"]FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20[/size]
[size="2"]FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21[/size]
[size="2"]FF - prefs.js..extensions.enabledItems: [email protected]:7.2.7[/size]
[size="2"]FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22[/size]
[size="2"]FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.2[/size]
[size="2"]FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23[/size]
[size="2"]FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24[/size]

[size="2"]FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_270.dll File not found[/size]
[size="2"]FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)[/size]
[size="2"]FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found[/size]
[size="2"]FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)[/size]
[size="2"]FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/01/21 19:22:49 | 000,000,000 | ---D | M][/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll ()[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010/01/21 19:22:49 | 000,000,000 | ---D | M][/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files (x86)\Common Files\Motive\npMotive.dll (Alcatel-Lucent)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)[/size]
[size="2"]FF - HKLM\Software\MozillaPlugins\[email protected]/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll File not found[/size]
[size="2"]FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\anything\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)[/size]

[size="2"]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2010/02/22 19:18:30 | 000,000,000 | ---D | M][/size]
[size="2"]FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/28 18:01:21 | 000,000,000 | ---D | M][/size]
[size="2"]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/17 09:55:29 | 000,000,000 | ---D | M][/size]
[size="2"]FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/06/03 04:40:31 | 000,000,000 | ---D | M][/size]
[size="2"]FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird[/size]
[size="2"]FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\anything\AppData\Roaming\IDM\idmmzcc5 [2012/07/11 05:29:11 | 000,000,000 | ---D | M][/size]
[size="2"]FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\[email protected]: C:\Users\anything\AppData\Roaming\IDM\idmmzcc5 [2012/07/11 05:29:11 | 000,000,000 | ---D | M][/size]

[size="2"][2010/03/07 13:36:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anything\AppData\Roaming\mozilla\Extensions[/size]
[size="2"][2012/07/17 09:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions[/size]
[size="2"][2011/04/14 12:21:32 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}[/size]
[size="2"][2011/11/10 08:31:35 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}[/size]
[size="2"][2012/07/17 09:55:32 | 000,000,000 | ---D | M] (ShopToWin20) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{a018b213-6b46-4791-9298-519020db5737}[/size]
[size="2"][2011/12/15 17:47:12 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\[email protected][/size]
[size="2"][2012/04/13 05:48:43 | 000,000,000 | ---D | M] (We-Care Reminder) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\wecarereminder@bryan[/size]
[size="2"][2011/11/10 08:31:27 | 000,001,945 | ---- | M] () -- C:\Users\anything\AppData\Roaming\Mozilla\Firefox\Profiles\e574yg1b.default\searchplugins\bing-zugo.xml[/size]
[size="2"][2012/04/22 10:14:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions[/size]
[size="2"][2012/04/22 10:14:53 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}[/size]
[size="2"][2012/07/11 05:29:11 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\ANYTHING\APPDATA\ROAMING\IDM\IDMMZCC5[/size]
[size="2"][2012/07/17 09:55:29 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll[/size]
[size="2"][2012/03/11 11:13:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll[/size]
[size="2"][2012/05/28 18:01:07 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll[/size]
[size="2"][2012/03/07 06:57:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml[/size]
[size="2"][2012/03/07 06:57:19 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml[/size]

[size="2"]========== Chrome ==========[/size]

[size="2"]CHR - homepage: http://www.igoogle.com/[/size]
[size="2"]CHR - default_search_provider: Google (Enabled)[/size]
[size="2"]CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}[/size]
[size="2"]CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},[/size]
[size="2"]CHR - homepage: http://www.igoogle.com/[/size]
[size="2"]CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer[/size]
[size="2"]CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\ppGoogleNaClPluginChrome.dll[/size]
[size="2"]CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\pdf.dll[/size]
[size="2"]CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.77\gcswf32.dll[/size]
[size="2"]CHR - plugin: Shockwave Flash (Disabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll[/size]
[size="2"]CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll[/size]
[size="2"]CHR - plugin: Skype Toolbars (Enabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll[/size]
[size="2"]CHR - plugin: HP Product Detection Plugin for Mozilla (Enabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npProductDetectPlugin.dll[/size]
[size="2"]CHR - plugin: HP Active Check Plugin (Enabled) = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\plugins/npAclmPlugin.dll[/size]
[size="2"]CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll[/size]
[size="2"]CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll[/size]
[size="2"]CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll[/size]
[size="2"]CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll[/size]
[size="2"]CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll[/size]
[size="2"]CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll[/size]
[size="2"]CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll[/size]
[size="2"]CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll[/size]
[size="2"]CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll[/size]
[size="2"]CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll[/size]
[size="2"]CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll[/size]
[size="2"]CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll[/size]
[size="2"]CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll[/size]
[size="2"]CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll[/size]
[size="2"]CHR - plugin: ActiveTouch General Plugin Container (Enabled) = C:\Users\anything\AppData\Roaming\Mozilla\plugins\npatgpc.dll[/size]
[size="2"]CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL[/size]
[size="2"]CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL[/size]
[size="2"]CHR - plugin: Motive Plugin (Enabled) = C:\Program Files (x86)\Common Files\Motive\npMotive.dll[/size]
[size="2"]CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll[/size]
[size="2"]CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll[/size]
[size="2"]CHR - plugin: Google Updater (Enabled) = C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll[/size]
[size="2"]CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll[/size]
[size="2"]CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll[/size]
[size="2"]CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll[/size]
[size="2"]CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll[/size]
[size="2"]CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll[/size]
[size="2"]CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll[/size]
[size="2"]CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\anything\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll[/size]
[size="2"]CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll[/size]
[size="2"]CHR - Extension: Angry Birds = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\[/size]
[size="2"]CHR - Extension: YouTube = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\[/size]
[size="2"]CHR - Extension: Add to Amazon Wish List = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\[/size]
[size="2"]CHR - Extension: Google Search = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\[/size]
[size="2"]CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\[/size]
[size="2"]CHR - Extension: Skype Click to Call = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\[/size]
[size="2"]CHR - Extension: HP Product Detection Plugin = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnhbepgnjnaoahohppnffanmkjkjoglp\1.0.15.0_0\[/size]
[size="2"]CHR - Extension: Advanced Periodic Table = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\obpkghbakijeifcoimhhechlmcbdmmli\1.7_0\[/size]
[size="2"]CHR - Extension: Gmail = C:\Users\anything\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\[/size]

[size="2"]O1 HOSTS File: ([2011/03/24 11:09:34 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts[/size]
[size="2"]O1 - Hosts: 127.0.0.1 localhost[/size]
[size="2"]O2:64bit: - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)[/size]
[size="2"]O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\anything\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)[/size]
[size="2"]O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)[/size]
[size="2"]O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)[/size]
[size="2"]O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)[/size]
[size="2"]O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\anything\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)[/size]
[size="2"]O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)[/size]
[size="2"]O2 - BHO: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll ()[/size]
[size="2"]O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)[/size]
[size="2"]O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)[/size]
[size="2"]O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)[/size]
[size="2"]O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)[/size]
[size="2"]O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)[/size]
[size="2"]O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)[/size]
[size="2"]O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)[/size]
[size="2"]O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll (Microsoft Corp.)[/size]
[size="2"]O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll ()[/size]
[size="2"]O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)[/size]
[size="2"]O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)[/size]
[size="2"]O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)[/size]
[size="2"]O4:64bit: - HKLM..\Run: [ATT-SST_McciTrayApp] C:\Program Files\ATT-SST\McciTrayApp.exe (Alcatel-Lucent)[/size]
[size="2"]O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)[/size]
[size="2"]O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)[/size]
[size="2"]O4 - HKLM..\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)[/size]
[size="2"]O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))[/size]
[size="2"]O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)[/size]
[size="2"]O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)[/size]
[size="2"]O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)[/size]
[size="2"]O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)[/size]
[size="2"]O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)[/size]
[size="2"]O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)[/size]
[size="2"]O4 - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)[/size]
[size="2"]O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)[/size]
[size="2"]O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)[/size]
[size="2"]O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)[/size]
[size="2"]O4 - HKLM..\Run: [Seagate Dashboard] C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe ()[/size]
[size="2"]O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)[/size]
[size="2"]O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)[/size]
[size="2"]O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)[/size]
[size="2"]O4 - HKLM..\Run: [V0610Mon.exe] C:\Windows\V0610Mon.exe (Creative Technology Ltd.)[/size]
[size="2"]O4 - HKCU..\Run: [E6CFA7A82BF59BA52DCECD7046EF4487B1BB74E0._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)[/size]
[size="2"]O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIH3A.EXE /EPT "EPLTarget\P0000000000000000" /M "WP-4530 Series" /EF "HKCU" File not found[/size]
[size="2"]O4 - HKCU..\Run: [Eye-Fi] C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe (Eye-Fi, Inc.)[/size]
[size="2"]O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)[/size]
[size="2"]O4 - Startup: C:\Users\anything\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\anything\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)[/size]
[size="2"]O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present[/size]
[size="2"]O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present[/size]
[size="2"]O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0[/size]
[size="2"]O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3[/size]
[size="2"]O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5[/size]
[size="2"]O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1[/size]
[size="2"]O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present[/size]
[size="2"]O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0[/size]
[size="2"]O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found[/size]
[size="2"]O8:64bit: - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()[/size]
[size="2"]O8:64bit: - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()[/size]
[size="2"]O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)[/size]
[size="2"]O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()[/size]
[size="2"]O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()[/size]
[size="2"]O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)[/size]
[size="2"]O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)[/size]
[size="2"]O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)[/size]
[size="2"]O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)[/size]
[size="2"]O15:64bit: - ..Trusted Domains: localhost ([]http in Local intranet)[/size]
[size="2"]O15 - HKCU\..Trusted Domains: boats.com ([www] https in Trusted sites)[/size]
[size="2"]O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)[/size]
[size="2"]O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)[/size]
[size="2"]O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)[/size]
[size="2"]O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)[/size]
[size="2"]O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)[/size]
[size="2"]O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab (Shockwave ActiveX Control)[/size]
[size="2"]O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll (Installation Support)[/size]
[size="2"]O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.5.0.cab (DLM Control)[/size]
[size="2"]O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)[/size]
[size="2"]O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)[/size]
[size="2"]O16 - DPF: {BC0AE9E6-E549-4554-A222-EA083A894683} http://a03-b03.mypic...r/x/Upld_47.CAB (QuickUpload)[/size]
[size="2"]O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)[/size]
[size="2"]O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)[/size]
[size="2"]O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)[/size]
[size="2"]O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creat...15111/CTPID.cab (Creative Software AutoUpdate Support Package)[/size]
[size="2"]O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1[/size]
[size="2"]O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{53B4974C-A469-4FD2-9855-FA7E8561B5AC}: DhcpNameServer = 192.168.1.1[/size]
[size="2"]O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D0929FD7-D2D5-4BE3-9A7A-53F8070C4EED}: DhcpNameServer = 192.168.1.1[/size]
[size="2"]O18:64bit: - Protocol\Handler\livecall - No CLSID value found[/size]
[size="2"]O18:64bit: - Protocol\Handler\ms-help - No CLSID value found[/size]
[size="2"]O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found[/size]
[size="2"]O18:64bit: - Protocol\Handler\msnim - No CLSID value found[/size]
[size="2"]O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found[/size]
[size="2"]O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found[/size]
[size="2"]O18:64bit: - Protocol\Handler\wlpg - No CLSID value found[/size]
[size="2"]O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)[/size]
[size="2"]O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)[/size]
[size="2"]O20 - AppInit_DLLs: (C:\PROGRA~2\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)[/size]
[size="2"]O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)[/size]
[size="2"]O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)[/size]
[size="2"]O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found[/size]
[size="2"]O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)[/size]
[size="2"]O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)[/size]
[size="2"]O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found[/size]
[size="2"]O28:64bit: - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.[/size]
[size="2"]O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.[/size]
[size="2"]O32 - HKLM CDRom: AutoRun - 1[/size]
[size="2"]O32 - AutoRun File - [2009/06/10 14:42:20 | 000,000,024 | ---- | M] () - E:\autoexec.bat -- [ NTFS ][/size]
[size="2"]O32 - AutoRun File - [2010/02/14 21:53:50 | 000,000,027 | ---- | M] () - K:\Autorun.inf -- [ NTFS ][/size]
[size="2"]O34 - HKLM BootExecute: (autocheck autochk *)[/size]
[size="2"]O35:64bit: - HKLM\..comfile [open] -- "%1" %*[/size]
[size="2"]O35:64bit: - HKLM\..exefile [open] -- "%1" %*[/size]
[size="2"]O35 - HKLM\..comfile [open] -- "%1" %*[/size]
[size="2"]O35 - HKLM\..exefile [open] -- "%1" %*[/size]
[size="2"]O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*[/size]
[size="2"]O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*[/size]
[size="2"]O37 - HKLM\...com [@ = comfile] -- "%1" %*[/size]
[size="2"]O37 - HKLM\...exe [@ = exefile] -- "%1" %*[/size]
[size="2"]O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)[/size]
[size="2"]O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)[/size]
[size="2"]O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)[/size]

[size="2"]========== Files/Folders - Created Within 30 Days ==========[/size]

[size="2"][2012/08/14 05:53:51 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\anything\Desktop\erunt-setup.exe[/size]
[size="2"][2012/08/11 13:33:02 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\anything\Desktop\OTL.exe[/size]
[size="2"][2012/08/04 11:08:05 | 009,673,088 | ---- | C] (Memeo) -- C:\Users\anything\Desktop\Memeo Instant Backup.exe[/size]
[size="2"][2012/07/23 11:26:27 | 000,367,200 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys[/size]
[size="2"][2012/07/23 11:26:25 | 000,000,000 | ---D | C] -- C:\Users\anything\AppData\Roaming\0A81AE1A-4638-4281-B85F-696C74253B3C[/size]
[size="2"][2012/07/23 11:26:08 | 000,994,912 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys[/size]
[size="2"][2012/07/23 11:26:01 | 000,211,552 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\vididr.sys[/size]
[size="2"][2012/07/23 11:25:49 | 000,146,528 | ---- | C] (Acronis) -- C:\Windows\SysNative\drivers\vsflt67.sys[/size]
[size="2"][2010/06/07 10:46:54 | 007,046,096 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\anything\gosetup.exe[/size]
[size="2"][2010/01/19 23:29:08 | 000,726,008 | ---- | C] (Citrix Online, a division of Citrix Systems, Inc.) -- C:\Users\anything\gotomypc_437.exe[/size]
[size="2"][2010/01/14 07:02:20 | 000,601,408 | ---- | C] (Microsoft Corporation) -- C:\Users\anything\officesas.exe[/size]
[size="2"][2010/01/14 07:01:48 | 001,618,320 | ---- | C] (Microsoft Corporation) -- C:\Users\anything\X16-19318_6BGMG-WVTGB-4JBWK-VP66D-3D7F2.exe[/size]
[size="2"][2010/01/13 11:31:00 | 000,133,992 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xmlparse_tok.dll[/size]
[size="2"][2010/01/13 11:31:00 | 000,107,880 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xmlparse.dll[/size]
[size="2"][2010/01/13 11:31:00 | 000,031,080 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xsell.dll[/size]
[size="2"][2010/01/13 11:30:58 | 002,832,232 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwutil.dll[/size]
[size="2"][2010/01/13 11:30:58 | 002,778,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\ofxsdk_qw.dll[/size]
[size="2"][2010/01/13 11:30:58 | 002,602,856 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwonline.dll[/size]
[size="2"][2010/01/13 11:30:58 | 001,491,304 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\online.dll[/size]
[size="2"][2010/01/13 11:30:58 | 001,259,880 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qaccess.dll[/size]
[size="2"][2010/01/13 11:30:58 | 001,163,112 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qreports.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,879,464 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qvault.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,810,344 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwwin.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,631,656 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qdb.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,380,264 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qcomutil.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,330,088 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qtax.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,321,384 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwpr.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,275,304 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbtmngr.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,229,224 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwapp.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,148,840 | ---- | C] (Connected Corporation) -- C:\Program Files (x86)\olbservice.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,136,040 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qrep.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,133,992 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwxmlparse_tok.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,132,968 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qsac.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,127,848 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\Qsetup.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,117,608 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvcl14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,114,024 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QCONNECT.DLL[/size]
[size="2"][2010/01/13 11:30:58 | 000,111,976 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwinet.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,107,880 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwxmlparse.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,092,008 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwsnap.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,089,448 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qindex.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,082,280 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QShowHelp.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,079,208 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvmc14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,078,696 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwinver.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,077,160 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\graphs.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,074,088 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvix14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,071,528 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qdapp.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,070,504 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwcntr.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,061,800 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvfs14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,056,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvsr14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,056,168 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvtl14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,053,608 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_savgol.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,049,000 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QWVER.DLL[/size]
[size="2"][2010/01/13 11:30:58 | 000,042,856 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\onlncall.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,038,248 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvmg14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,031,080 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvbk14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,027,496 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qsapi_eng.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,026,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qdappui.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,026,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\gdipapi.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,025,448 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qsapi.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,015,720 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\mvut14n.dll[/size]
[size="2"][2010/01/13 11:30:58 | 000,013,672 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwsync.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,166,248 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\cashflow.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,115,048 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_frcast.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,107,368 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_dbtred.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,105,832 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_plan.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,066,920 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\atwork_xprint.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,063,336 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dllapps_dedfnd.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,038,248 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\bgt_pnf.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,026,984 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\calnote.dll[/size]
[size="2"][2010/01/13 11:30:56 | 000,016,744 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\custprof.dll[/size]
[size="2"][2010/01/13 11:30:38 | 000,433,968 | ---- | C] (Intuit Inc. ) -- C:\Program Files (x86)\EmergencyRecordsOrganizer.exe[/size]
[size="2"][2010/01/13 11:30:36 | 000,861,424 | ---- | C] (Intuit Inc. ) -- C:\Program Files (x86)\QuickenHomeInventory.exe[/size]
[size="2"][2010/01/13 11:30:00 | 000,048,488 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\InetTools.dll[/size]
[size="2"][2010/01/13 11:29:02 | 000,538,472 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\UpdateContent.dll[/size]
[size="2"][2010/01/13 11:29:00 | 000,046,440 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\BindContent.exe[/size]
[size="2"][2010/01/13 11:28:58 | 000,057,192 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\RestartExe.exe[/size]
[size="2"][2010/01/13 11:28:56 | 000,312,680 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\SendError.dll[/size]
[size="2"][2010/01/13 11:28:54 | 000,032,104 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwutilnet.dll[/size]
[size="2"][2010/01/13 11:28:50 | 000,359,784 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwplan.dll[/size]
[size="2"][2010/01/13 11:28:48 | 000,129,896 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwonlineFeatures.dll[/size]
[size="2"][2010/01/13 11:28:44 | 000,076,136 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwipa.dll[/size]
[size="2"][2010/01/13 11:28:18 | 010,145,128 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qwmain.dll[/size]
[size="2"][2010/01/13 11:28:16 | 000,319,848 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qw.exe[/size]
[size="2"][2010/01/13 11:28:08 | 000,103,272 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qnet.dll[/size]
[size="2"][2010/01/13 11:28:02 | 000,114,024 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\qcon32.dll[/size]
[size="2"][2010/01/13 11:28:00 | 000,680,808 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\decapi.dll[/size]
[size="2"][2010/01/13 11:27:54 | 000,173,416 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\xport.dll[/size]
[size="2"][2010/01/13 11:27:52 | 000,185,192 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\sport.dll[/size]
[size="2"][2010/01/13 11:27:48 | 000,156,008 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\MoneyFileReader.dll[/size]
[size="2"][2010/01/13 11:27:46 | 000,142,696 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\MoneyFileConverter.dll[/size]
[size="2"][2010/01/13 11:27:44 | 000,063,336 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_ux.dll[/size]
[size="2"][2010/01/13 11:27:44 | 000,060,264 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\txstuff.dll[/size]
[size="2"][2010/01/13 11:27:42 | 000,315,752 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_webrequest.dll[/size]
[size="2"][2010/01/13 11:27:40 | 000,071,528 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_qupddir.dll[/size]
[size="2"][2010/01/13 11:27:40 | 000,066,920 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_rte.dll[/size]
[size="2"][2010/01/13 11:27:38 | 000,080,744 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_qplus.dll[/size]
[size="2"][2010/01/13 11:27:38 | 000,068,456 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_pvsync.dll[/size]
[size="2"][2010/01/13 11:27:36 | 000,063,848 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_decompression.dll[/size]
[size="2"][2010/01/13 11:27:36 | 000,041,320 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_excite.dll[/size]
[size="2"][2010/01/13 11:27:34 | 000,357,736 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_customerCentral.dll[/size]
[size="2"][2010/01/13 11:27:34 | 000,064,360 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_bullseye.dll[/size]
[size="2"][2010/01/13 11:27:32 | 000,061,800 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt_Auto1Way.dll[/size]
[size="2"][2010/01/13 11:27:32 | 000,028,520 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\lbt.dll[/size]
[size="2"][2010/01/13 11:27:30 | 000,129,896 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\QCustomAction.dll[/size]
[size="2"][2010/01/13 11:27:20 | 000,023,912 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\dellid.dll[/size]
[size="2"][2010/01/13 11:27:18 | 000,156,008 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\cashgen.dll[/size]
[size="2"][2010/01/13 11:27:18 | 000,039,784 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\convert_stub.dll[/size]
[size="2"][2010/01/13 11:27:16 | 000,034,152 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\CalendarSync.dll[/size]
[size="2"][2010/01/13 11:27:14 | 000,116,584 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\billmind_qwrmnd.dll[/size]
[size="2"][2010/01/13 11:27:12 | 000,047,464 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\billmind_alrtpkg.dll[/size]
[size="2"][2010/01/13 11:27:12 | 000,026,472 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\billmind.exe[/size]
[size="2"][2010/01/13 11:27:10 | 000,078,184 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\bgt.dll[/size]
[size="2"][2010/01/13 11:27:08 | 000,077,672 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\bagent.exe[/size]
[size="2"][2010/01/13 11:27:06 | 000,354,152 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\alert.dll[/size]
[size="2"][2010/01/13 11:27:04 | 000,038,760 | ---- | C] (Intuit Inc.) -- C:\Program Files (x86)\printenv.exe[/size]
[size="2"][2010/01/13 11:26:52 | 001,035,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\dbghelp.dll[/size]
[size="2"][2010/01/13 11:26:50 | 000,071,016 | ---- | C] (Intuit) -- C:\Program Files (x86)\techhelp.exe[/size]
[size="2"][1 C:\Users\anything\Desktop\*.tmp files -> C:\Users\anything\Desktop\*.tmp -> ][/size]

[size="2"]========== Files - Modified Within 30 Days ==========[/size]

[size="2"][2012/08/14 12:10:43 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job[/size]
[size="2"][2012/08/14 12:01:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[/size]
[size="2"][2012/08/14 07:40:55 | 000,025,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[/size]
[size="2"][2012/08/14 07:40:54 | 000,025,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[/size]
[size="2"][2012/08/14 07:26:25 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job[/size]
[size="2"][2012/08/14 07:25:56 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl[/size]
[size="2"][2012/08/14 07:25:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[/size]
[size="2"][2012/08/14 07:23:34 | 2945,835,007 | -HS- | M] () -- C:\hiberfil.sys[/size]
[size="2"][2012/08/14 06:52:00 | 011,010,048 | -HS- | M] () -- C:\Users\anything\ntuser.bak[/size]
[size="2"][2012/08/14 06:51:55 | 000,000,000 | ---- | M] () -- C:\Windows\EEventManager.INI[/size]
[size="2"][2012/08/14 06:44:17 | 000,000,957 | ---- | M] () -- C:\Users\anything\Desktop\NTREGOPT.lnk[/size]
[size="2"][2012/08/14 06:44:17 | 000,000,938 | ---- | M] () -- C:\Users\anything\Desktop\ERUNT.lnk[/size]
[size="2"][2012/08/14 06:13:36 | 000,000,981 | ---- | M] () -- C:\Users\anything\Application Data\Microsoft\Internet Explorer\Quick Launch\NTREGOPT.lnk[/size]
[size="2"][2012/08/14 06:13:36 | 000,000,962 | ---- | M] () -- C:\Users\anything\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk[/size]
[size="2"][2012/08/14 05:53:54 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\anything\Desktop\erunt-setup.exe[/size]
[size="2"][2012/08/13 12:54:11 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job[/size]
[size="2"][2012/08/13 10:49:17 | 000,000,456 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job[/size]
[size="2"][2012/08/11 13:33:03 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\anything\Desktop\OTL.exe[/size]
[size="2"][2012/08/09 16:27:14 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat[/size]
[size="2"][2012/08/04 11:08:36 | 009,673,088 | ---- | M] (Memeo) -- C:\Users\anything\Desktop\Memeo Instant Backup.exe[/size]
[size="2"][2012/08/04 11:07:01 | 005,686,344 | ---- | M] () -- C:\Users\anything\Desktop\autosync.exe[/size]
[size="2"][2012/08/04 08:14:35 | 000,733,948 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI[/size]
[size="2"][2012/08/04 08:14:35 | 000,630,806 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat[/size]
[size="2"][2012/08/04 08:14:35 | 000,109,012 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[/size]
[size="2"][2012/08/04 07:40:26 | 000,003,031 | ---- | M] () -- C:\Users\anything\Desktop\GoToMyPC - home.lnk[/size]
[size="2"][2012/08/04 07:40:26 | 000,002,587 | ---- | M] () -- C:\Users\anything\Desktop\FLV Player - Shortcut.lnk[/size]
[size="2"][2012/08/04 07:40:26 | 000,001,848 | ---- | M] () -- C:\Users\anything\Desktop\BookDB2.lnk[/size]
[size="2"][2012/08/04 07:40:26 | 000,001,834 | ---- | M] () -- C:\Users\anything\Desktop\Google Earth - Tanaya Lodge.kmz - Shortcut.lnk[/size]
[size="2"][2012/08/04 07:40:24 | 000,002,826 | ---- | M] () -- C:\Users\anything\Desktop\FiOS Information.lnk[/size]
[size="2"][2012/08/04 07:40:13 | 000,084,265 | ---- | M] () -- C:\Users\anything\Desktop\Capture.PNG[/size]
[size="2"][2012/08/04 06:27:20 | 000,007,621 | ---- | M] () -- C:\Users\anything\AppData\Local\Resmon.ResmonCfg[/size]
[size="2"][2012/08/02 17:01:13 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe[/size]
[size="2"][2012/08/02 17:01:13 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl[/size]
[size="2"][2012/08/01 14:16:09 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForanything.job[/size]
[size="2"][2012/07/23 11:26:27 | 000,367,200 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\afcdp.sys[/size]
[size="2"][2012/07/23 11:26:16 | 001,294,432 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\tdrpman.sys[/size]
[size="2"][2012/07/23 11:26:08 | 000,994,912 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\timntr.sys[/size]
[size="2"][2012/07/23 11:26:01 | 000,211,552 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\vididr.sys[/size]
[size="2"][2012/07/23 11:25:49 | 000,146,528 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\vsflt67.sys[/size]
[size="2"][2012/07/23 11:25:47 | 000,320,096 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\snapman.sys[/size]
[size="2"][2012/07/23 11:25:45 | 000,137,312 | ---- | M] (Acronis) -- C:\Windows\SysNative\drivers\fltsrv.sys[/size]
[size="2"][2012/07/23 11:25:41 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\Acronis True Image Home 2012.lnk[/size]
[size="2"][2012/07/17 09:55:31 | 000,002,077 | ---- | M] () -- C:\Users\anything\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk[/size]
[size="2"][1 C:\Users\anything\Desktop\*.tmp files -> C:\Users\anything\Desktop\*.tmp -> ][/size]

[size="2"]========== Files Created - No Company Name ==========[/size]

[size="2"][2012/08/14 06:51:55 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI[/size]
[size="2"][2012/08/14 05:55:05 | 000,000,981 | ---- | C] () -- C:\Users\anything\Application Data\Microsoft\Internet Explorer\Quick Launch\NTREGOPT.lnk[/size]
[size="2"][2012/08/14 05:55:05 | 000,000,962 | ---- | C] () -- C:\Users\anything\Application Data\Microsoft\Internet Explorer\Quick Launch\ERUNT.lnk[/size]
[size="2"][2012/08/09 16:27:14 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat[/size]
[size="2"][2012/08/04 11:06:43 | 005,686,344 | ---- | C] () -- C:\Users\anything\Desktop\autosync.exe[/size]
[size="2"][2012/07/18 07:58:45 | 000,000,344 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForanything.job[/size]
[size="2"][2012/07/11 06:48:58 | 000,000,388 | ---- | C] () -- C:\Users\anything\AppData\Roaming\Xtend2_state.xml[/size]
[size="2"][2012/04/24 11:03:31 | 000,000,106 | ---- | C] () -- C:\Windows\EP4530.ini[/size]
[size="2"][2011/09/16 06:10:50 | 000,213,187 | ---- | C] () -- C:\Users\anything\AppData\Roaming\MMUpgrade.jpg[/size]
[size="2"][2011/06/12 16:40:00 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI[/size]
[size="2"][2011/03/24 10:22:52 | 000,013,312 | ---- | C] () -- C:\Windows\SysWow64\drivers\vdmzntm0.sys[/size]
[size="2"][2011/03/24 10:22:46 | 000,011,264 | ---- | C] () -- C:\Windows\SysWow64\drivers\uzmzntm0.sys[/size]
[size="2"][2011/02/09 11:08:01 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll[/size]
[size="2"][2010/12/21 13:49:25 | 000,003,075 | ---- | C] () -- C:\Users\anything\AppData\Roaming\SAS7_000.DAT[/size]
[size="2"][2010/10/25 18:11:21 | 000,749,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI[/size]
[size="2"][2010/08/24 14:22:10 | 000,001,040 | ---- | C] () -- C:\Users\anything\AppData\Roaming\wklnhst.dat[/size]
[size="2"][2010/04/18 15:33:43 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Static Library[/size]
[size="2"][2010/04/18 15:33:43 | 000,000,268 | RH-- | C] () -- C:\Users\anything\AppData\Roaming\Sports[/size]
[size="2"][2010/04/18 15:33:43 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT[/size]
[size="2"][2010/04/18 15:32:23 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Standard Tool[/size]
[size="2"][2010/04/18 15:32:23 | 000,000,268 | RH-- | C] () -- C:\Users\anything\AppData\Roaming\Specifications[/size]
[size="2"][2010/04/18 15:32:23 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT[/size]
[size="2"][2010/04/13 13:09:15 | 000,075,264 | ---- | C] () -- C:\Users\anything\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini[/size]
[size="2"][2010/02/22 18:59:55 | 000,007,621 | ---- | C] () -- C:\Users\anything\AppData\Local\Resmon.ResmonCfg[/size]
[size="2"][2010/02/20 13:18:10 | 000,113,256 | ---- | C] () -- C:\Program Files (x86)\splash.png[/size]
[size="2"][2010/02/20 13:18:10 | 000,031,577 | ---- | C] () -- C:\Program Files (x86)\qbillminder.gadget[/size]
[size="2"][2010/02/20 13:18:10 | 000,000,519 | ---- | C] () -- C:\Program Files (x86)\pkgsettings.ini[/size]
[size="2"][2010/02/20 13:18:10 | 000,000,051 | ---- | C] () -- C:\Program Files (x86)\qappid.ini[/size]
[size="2"][2010/01/19 12:40:13 | 011,010,048 | -HS- | C] () -- C:\Users\anything\ntuser.bak[/size]
[size="2"][2010/01/13 11:30:58 | 000,946,536 | ---- | C] () -- C:\Program Files (x86)\ttaximp.dll[/size]
[size="2"][2010/01/13 11:30:24 | 000,050,204 | ---- | C] () -- C:\Program Files (x86)\TAX.THP[/size]
[size="2"][2010/01/13 11:30:24 | 000,022,888 | ---- | C] () -- C:\Program Files (x86)\QuickenOLBackupLauncher.exe[/size]
[size="2"][2010/01/13 11:30:24 | 000,013,531 | ---- | C] () -- C:\Program Files (x86)\TAX.SCD[/size]
[size="2"][2010/01/13 11:30:24 | 000,000,635 | ---- | C] () -- C:\Program Files (x86)\TAX.PRI[/size]
[size="2"][2010/01/13 11:29:52 | 000,004,360 | ---- | C] () -- C:\Program Files (x86)\convert_stub.dat[/size]
[size="2"][2010/01/13 11:29:50 | 001,343,953 | ---- | C] () -- C:\Program Files (x86)\phash.dat[/size]
[size="2"][2010/01/13 11:29:50 | 000,230,752 | ---- | C] () -- C:\Program Files (x86)\patchw32.dll[/size]
[size="2"][2010/01/13 11:29:50 | 000,138,328 | ---- | C] () -- C:\Program Files (x86)\QUpdate.bmp[/size]
[size="2"][2010/01/13 11:29:50 | 000,019,951 | ---- | C] () -- C:\Program Files (x86)\err_rep.chm[/size]
[size="2"][2010/01/13 11:29:50 | 000,015,581 | ---- | C] () -- C:\Program Files (x86)\Intellic.cat[/size]
[size="2"][2010/01/13 11:29:50 | 000,004,622 | ---- | C] () -- C:\Program Files (x86)\ttaxexpt.dat[/size]
[size="2"][2010/01/13 11:29:50 | 000,000,024 | ---- | C] () -- C:\Program Files (x86)\qif_ub.dat[/size]
[size="2"][2010/01/13 11:29:48 | 000,333,333 | ---- | C] () -- C:\Program Files (x86)\dedfindr.dat[/size]
[size="2"][2010/01/13 11:29:48 | 000,007,158 | ---- | C] () -- C:\Program Files (x86)\khash.dat[/size]
[size="2"][2010/01/13 11:29:48 | 000,000,666 | ---- | C] () -- C:\Program Files (x86)\cnfirmfi.ini[/size]
[size="2"][2010/01/13 11:29:48 | 000,000,188 | ---- | C] () -- C:\Program Files (x86)\icconfig.ini[/size]
[size="2"][2010/01/13 11:29:48 | 000,000,152 | ---- | C] () -- C:\Program Files (x86)\fri.dat[/size]
[size="2"][2010/01/13 11:29:48 | 000,000,126 | ---- | C] () -- C:\Program Files (x86)\bgtbrwsr.dat[/size]
[size="2"][2010/01/13 11:29:48 | 000,000,080 | ---- | C] () -- C:\Program Files (x86)\mmedia.ver[/size]
[size="2"][2010/01/13 11:29:48 | 000,000,080 | ---- | C] () -- C:\Program Files (x86)\deluxe.ver[/size]
[size="2"][2010/01/13 11:29:48 | 000,000,027 | ---- | C] () -- C:\Program Files (x86)\SendError.ini[/size]
[size="2"][2010/01/13 11:27:06 | 000,034,152 | ---- | C] () -- C:\Program Files (x86)\atwork.dll[/size]

[size="2"]========== LOP Check ==========[/size]

[size="2"][2012/07/23 11:26:25 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\0A81AE1A-4638-4281-B85F-696C74253B3C[/size]
[size="2"][2012/03/24 17:55:28 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Acronis[/size]
[size="2"][2010/11/16 20:28:08 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Canon[/size]
[size="2"][2011/06/13 15:15:03 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Charles Schwab[/size]
[size="2"][2010/04/13 13:01:07 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1[/size]
[size="2"][2011/11/10 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Complitly[/size]
[size="2"][2012/08/14 07:22:35 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\DMCache[/size]
[size="2"][2012/08/14 07:27:45 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Dropbox[/size]
[size="2"][2012/04/25 18:35:03 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Epson[/size]
[size="2"][2010/09/05 10:12:10 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\ESET[/size]
[size="2"][2012/08/06 06:50:05 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Eye-Fi[/size]
[size="2"][2010/12/25 12:54:42 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Flip Video[/size]
[size="2"][2011/03/28 18:24:42 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\GARMIN[/size]
[size="2"][2012/08/06 09:24:05 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\IDM[/size]
[size="2"][2012/04/24 13:31:16 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Leader Technologies[/size]
[size="2"][2012/03/27 18:11:00 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Leadertech[/size]
[size="2"][2012/07/14 11:25:16 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Memeo[/size]
[size="2"][2010/04/20 05:58:51 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Nikon[/size]
[size="2"][2010/06/05 11:38:45 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\No Company Name[/size]
[size="2"][2011/01/21 10:33:26 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Nuance[/size]
[size="2"][2010/01/19 12:50:16 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\NVD[/size]
[size="2"][2011/02/09 07:04:39 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\OpenOffice.org[/size]
[size="2"][2011/08/03 08:29:53 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1[/size]
[size="2"][2010/01/19 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\PictureMover[/size]
[size="2"][2012/02/13 08:25:07 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Racket[/size]
[size="2"][2012/07/14 11:15:53 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Seagate[/size]
[size="2"][2010/08/27 11:15:05 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\SoftGrid Client[/size]
[size="2"][2011/12/15 17:58:29 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\StreamTorrent[/size]
[size="2"][2011/06/07 16:02:06 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\TechWizard[/size]
[size="2"][2010/08/24 14:22:12 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Template[/size]
[size="2"][2012/04/03 07:02:30 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Titanium[/size]
[size="2"][2010/01/14 07:07:38 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\TP[/size]
[size="2"][2012/08/01 10:44:10 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\uTorrent[/size]
[size="2"][2012/02/01 15:54:29 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\webex[/size]
[size="2"][2010/01/19 12:50:17 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\WinBatch[/size]
[size="2"][2011/10/21 07:16:46 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Xtend2.71305F52FFD36D9BDDE00284EF6181AE6688276A.1[/size]
[size="2"][2012/06/30 10:52:13 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\ZumoCast[/size]
[size="2"][2012/08/13 10:49:17 | 000,000,456 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job[/size]
[size="2"][2012/07/11 03:29:37 | 000,032,656 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT[/size]

[size="2"]========== Purity Check ==========[/size]

[size="2"]========== Alternate Data Streams ==========[/size]

[size="2"]@Alternate Data Stream - 233 bytes -> C:\ProgramData\Temp:0FF263E8[/size]
[size="2"]@Alternate Data Stream - 167 bytes -> C:\ProgramData\Temp:F35A93AD[/size]

[size="2"]< End of report >[/size]

#4
Gammo

Posted 14 August 2012 - 05:22 PM

Member 2k

Malware Removal
2,299 posts

Run OTL

Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
IE:64bit: - HKLM\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No CLSID value found
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:466...q={searchTerms}
IE - HKCU\..\SearchScopes\{D75DEEB4-956C-4EF0-91AA-B96AAD6A031C}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
[2011/11/10 08:31:35 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012/07/17 09:55:32 | 000,000,000 | ---D | M] (ShopToWin20) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\{a018b213-6b46-4791-9298-519020db5737}
[2011/12/15 17:47:12 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\[email protected]
[2012/04/13 05:48:43 | 000,000,000 | ---D | M] (We-Care Reminder) -- C:\Users\anything\AppData\Roaming\mozilla\Firefox\Profiles\e574yg1b.default\extensions\wecarereminder@bryan
[2011/11/10 08:31:27 | 000,001,945 | ---- | M] () -- C:\Users\anything\AppData\Roaming\Mozilla\Firefox\Profiles\e574yg1b.default\searchplugins\bing-zugo.xml
O2:64bit: - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\anything\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
O2 - BHO: (Complitly) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\anything\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
O2 - BHO: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll ()
O2 - BHO: (WeCareReminder Class) - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll (We-Care.com)
O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {70dd86e8-b5bc-4e4a-9d5c-b6234c24323c} - C:\Program Files (x86)\freecordertoolbar\vmntemplateX.dll ()
O4 - HKLM..\Run: [Freecorder FLV Service] C:\Program Files (x86)\Freecorder\FLVSrvc.exe (Applian Technologies, Inc.)
[2012/07/23 11:26:25 | 000,000,000 | ---D | C] -- C:\Users\anything\AppData\Roaming\0A81AE1A-4638-4281-B85F-696C74253B3C
[2010/01/14 07:02:20 | 000,601,408 | ---- | C] (Microsoft Corporation) -- C:\Users\anything\officesas.exe
[2010/01/14 07:01:48 | 001,618,320 | ---- | C] (Microsoft Corporation) -- C:\Users\anything\X16-19318_6BGMG-WVTGB-4JBWK-VP66D-3D7F2.exe
[1 C:\Users\anything\Desktop\*.tmp files -> C:\Users\anything\Desktop\*.tmp -> ]
[2011/11/10 08:31:34 | 000,000,000 | ---D | M] -- C:\Users\anything\AppData\Roaming\Complitly

:Services

:Reg

:Files
ipconfig /flushdns /c
C:\Program Files (x86)\freecordertoolbar
C:\ProgramData\WeCareReminder
C:\Program Files (x86)\Yontoo Layers Runtime

:Commands
[purity]
[resethosts]
[emptytemp]
[emptyflash]
[createrestorepoint]
[reboot]

Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

Double click on ComboFix.exe & follow the prompts.
Accept the disclaimer and allow to update if it asks
When finished, it shall produce a log for you.
Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

#5
horizonatdawn

Posted 16 August 2012 - 07:37 AM

Member

Topic Starter
Member
83 posts

Thanks Gammo for fixing my machine!!!

Below is the combofix.txt file that you requested.

I have one question - I did indeed have the "marked for deletion" condition that you mentioned. After a reboot everything was was good and fast but my system was stripped (no taskbar shortcuts, outlook had to be reconfigured, etc.). But after I installed MSFT updates that were due and rebooted everything seems to be as it was before the system slowed down. Should I have rebooted twice at the last step or can you tell me what happened? I'm talking monor stuff since I have the procedures to restore my system pretty close, but it's a time save, right?

Again, Thanks. Donation Pay-Pal-ed.

ComboFix 12-08-14.05 - anything 08/15/2012 6:20.2.8 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.9207.5732 [GMT -7:00]
Running from: c:\users\anything\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Complitly
c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx
c:\program files (x86)\Complitly\FireFoxExtension.exe
c:\program files (x86)\Complitly\InstTracker.exe
c:\program files (x86)\Complitly\[email protected]\chrome.manifest
c:\program files (x86)\Complitly\[email protected]\chrome\content\appIcon.png
c:\program files (x86)\Complitly\[email protected]\chrome\content\browserOverlay.xul
c:\program files (x86)\Complitly\[email protected]\chrome\content\options.js
c:\program files (x86)\Complitly\[email protected]\chrome\content\options.xul
c:\program files (x86)\Complitly\[email protected]\chrome\content\utils.js
c:\program files (x86)\Complitly\[email protected]\defaults\preferences\predictad.js
c:\program files (x86)\Complitly\[email protected]\install.rdf
c:\program files (x86)\Complitly\unins000.dat
c:\program files (x86)\Complitly\unins000.exe
c:\program files (x86)\qw.exe
c:\users\anything\Documents\ShopToWin
K:\Autorun.inf
K:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-15 to 2012-08-15 )))))))))))))))))))))))))))))))
.
.
2012-08-15 13:37 . 2012-08-15 13:37 -------- d-----w- c:\users\User\AppData\Local\temp
2012-08-15 13:37 . 2012-08-15 13:37 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-08-15 13:37 . 2012-08-15 13:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-15 12:50 . 2012-08-15 12:50 -------- d-----w- C:\_OTL
2012-08-15 09:54 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D4116694-E554-4DE0-8901-3DEA2EE7494B}\mpengine.dll
2012-08-14 10:20 . 2012-06-29 10:04 9133488 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-07-23 18:26 . 2012-07-23 18:26 367200 ----a-w- c:\windows\system32\drivers\afcdp.sys
2012-07-23 18:26 . 2012-07-23 18:26 994912 ----a-w- c:\windows\system32\drivers\timntr.sys
2012-07-23 18:26 . 2012-07-23 18:26 211552 ----a-w- c:\windows\system32\drivers\vididr.sys
2012-07-23 18:25 . 2012-07-23 18:25 146528 ----a-w- c:\windows\system32\drivers\vsflt67.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-15 01:01 . 2012-07-03 16:50 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 01:01 . 2012-07-03 16:50 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-23 18:26 . 2012-03-25 00:53 1294432 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2012-07-23 18:25 . 2012-03-25 00:52 320096 ----a-w- c:\windows\system32\drivers\snapman.sys
2012-07-23 18:25 . 2012-03-25 00:52 137312 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2012-07-11 10:02 . 2010-01-21 03:53 59701280 ----a-w- c:\windows\system32\MRT.exe
2012-06-25 23:04 . 2012-06-25 23:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-12 03:08 . 2012-07-11 10:07 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-06-09 05:43 . 2012-07-11 03:23 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-11 03:23 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 03:23 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 03:23 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 03:23 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 03:23 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 03:23 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-22 05:08 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 05:08 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 05:08 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 05:08 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 05:08 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-22 05:08 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 05:08 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 05:08 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-22 05:08 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 12:49 . 2012-07-11 10:01 17807360 ----a-w- c:\windows\system32\mshtml.dll
2012-06-02 12:17 . 2012-07-11 10:01 10924032 ----a-w- c:\windows\system32\ieframe.dll
2012-06-02 12:12 . 2012-07-11 10:01 2311680 ----a-w- c:\windows\system32\jscript9.dll
2012-06-02 12:05 . 2012-07-11 10:01 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-06-02 12:05 . 2012-07-11 10:01 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-06-02 12:04 . 2012-07-11 10:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-06-02 12:04 . 2012-07-11 10:01 237056 ----a-w- c:\windows\system32\url.dll
2012-06-02 12:03 . 2012-07-11 10:01 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-06-02 12:01 . 2012-07-11 10:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-06-02 12:00 . 2012-07-11 10:01 818688 ----a-w- c:\windows\system32\jscript.dll
2012-06-02 11:59 . 2012-07-11 10:01 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-06-02 11:57 . 2012-07-11 10:01 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-06-02 11:57 . 2012-07-11 10:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-06-02 11:54 . 2012-07-11 10:01 248320 ----a-w- c:\windows\system32\ieui.dll
2012-06-02 08:33 . 2012-07-11 10:01 1800192 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-06-02 08:25 . 2012-07-11 10:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-06-02 08:25 . 2012-07-11 10:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-06-02 08:20 . 2012-07-11 10:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-06-02 08:16 . 2012-07-11 10:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-06-02 05:50 . 2012-07-11 03:23 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 03:23 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 03:23 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 03:23 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 03:23 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 03:23 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 03:23 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 03:23 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 03:23 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2012-05-29 01:00 . 2009-07-24 03:46 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-05-29 01:00 . 2009-07-24 03:46 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2010-02-17 21:38 . 2010-01-13 18:31 31080 ------w- c:\program files (x86)\xsell.dll
2010-02-17 21:38 . 2010-01-13 18:31 133992 ------w- c:\program files (x86)\xmlparse_tok.dll
2010-02-17 21:38 . 2010-01-13 18:31 107880 ------w- c:\program files (x86)\xmlparse.dll
2010-02-17 21:38 . 2010-01-13 18:30 946536 ------w- c:\program files (x86)\ttaximp.dll
2010-02-17 21:38 . 2010-01-13 18:30 92008 ------w- c:\program files (x86)\qwsnap.dll
2010-02-17 21:38 . 2010-01-13 18:30 879464 ------w- c:\program files (x86)\qvault.dll
2010-02-17 21:38 . 2010-01-13 18:30 82280 ------w- c:\program files (x86)\QShowHelp.dll
2010-02-17 21:38 . 2010-01-13 18:30 810344 ------w- c:\program files (x86)\qwwin.dll
2010-02-17 21:38 . 2010-01-13 18:30 78696 ------w- c:\program files (x86)\qwinver.dll
2010-02-17 21:38 . 2010-01-13 18:30 70504 ------w- c:\program files (x86)\qwcntr.dll
2010-02-17 21:38 . 2010-01-13 18:30 49000 ------w- c:\program files (x86)\QWVER.DLL
2010-02-17 21:38 . 2010-01-13 18:30 330088 ------w- c:\program files (x86)\qtax.dll
2010-02-17 21:38 . 2010-01-13 18:30 321384 ------w- c:\program files (x86)\qwpr.dll
2010-02-17 21:38 . 2010-01-13 18:30 2832232 ------w- c:\program files (x86)\qwutil.dll
2010-02-17 21:38 . 2010-01-13 18:30 2602856 ------w- c:\program files (x86)\qwonline.dll
2010-02-17 21:38 . 2010-01-13 18:30 229224 ------w- c:\program files (x86)\qwapp.dll
2010-02-17 21:38 . 2010-01-13 18:30 13672 ------w- c:\program files (x86)\qwsync.dll
2010-02-17 21:38 . 2010-01-13 18:30 133992 ------w- c:\program files (x86)\qwxmlparse_tok.dll
2010-02-17 21:38 . 2010-01-13 18:30 111976 ------w- c:\program files (x86)\qwinet.dll
2010-02-17 21:38 . 2010-01-13 18:30 107880 ------w- c:\program files (x86)\qwxmlparse.dll
2010-02-17 21:38 . 2010-01-13 18:30 89448 ------w- c:\program files (x86)\qindex.dll
2010-02-17 21:38 . 2010-01-13 18:30 79208 ------w- c:\program files (x86)\mvmc14n.dll
2010-02-17 21:38 . 2010-01-13 18:30 77160 ------w- c:\program files (x86)\graphs.dll
2010-02-17 21:38 . 2010-01-13 18:30 74088 ------w- c:\program files (x86)\mvix14n.dll
2010-02-17 21:38 . 2010-01-13 18:30 71528 ------w- c:\program files (x86)\qdapp.dll
2010-02-17 21:38 . 2010-01-13 18:30 631656 ------w- c:\program files (x86)\qdb.dll
2010-02-17 21:38 . 2010-01-13 18:30 61800 ------w- c:\program files (x86)\mvfs14n.dll
2010-02-17 21:38 . 2010-01-13 18:30 56680 ------w- c:\program files (x86)\mvsr14n.dll
2010-02-17 21:38 . 2010-01-13 18:30 56168 ------w- c:\program files (x86)\mvtl14n.dll
2010-02-17 21:38 . 2010-01-13 18:30 53608 ------w- c:\program files (x86)\dllapps_savgol.dll
2010-02-17 21:38 . 2010-01-13 18:30 42856 ------w- c:\program files (x86)\onlncall.dll
2010-02-17 21:38 . 2010-01-13 18:30 38248 ------w- c:\program files (x86)\mvmg14n.dll
2010-02-17 21:38 . 2010-01-13 18:30 380264 ------w- c:\program files (x86)\qcomutil.dll
2010-02-17 21:38 . 2010-01-13 18:30 31080 ------w- c:\program files (x86)\mvbk14n.dll
2010-02-17 21:38 . 2010-01-13 18:30 2778984 ------w- c:\program files (x86)\ofxsdk_qw.dll
2010-02-17 21:38 . 2010-01-13 18:30 275304 ------w- c:\program files (x86)\lbtmngr.dll
2010-02-17 21:38 . 2010-01-13 18:30 27496 ------w- c:\program files (x86)\qsapi_eng.dll
2010-02-17 21:38 . 2010-01-13 18:30 26984 ------w- c:\program files (x86)\qdappui.dll
2010-02-17 21:38 . 2010-01-13 18:30 26984 ------w- c:\program files (x86)\gdipapi.dll
2010-02-17 21:38 . 2010-01-13 18:30 25448 ------w- c:\program files (x86)\qsapi.dll
2010-02-17 21:38 . 2010-01-13 18:30 1491304 ------w- c:\program files (x86)\online.dll
2010-02-17 21:38 . 2010-01-13 18:30 148840 ------w- c:\program files (x86)\olbservice.dll
2010-02-17 21:38 . 2010-01-13 18:30 136040 ------w- c:\program files (x86)\qrep.dll
2010-02-17 21:38 . 2010-01-13 18:30 132968 ------w- c:\program files (x86)\qsac.dll
2010-02-17 21:38 . 2010-01-13 18:30 127848 ------w- c:\program files (x86)\Qsetup.dll
2010-02-17 21:38 . 2010-01-13 18:30 1259880 ------w- c:\program files (x86)\qaccess.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}]
2009-06-08 21:41 120104 ------w- c:\program files (x86)\Common Files\Homepage Protection\HomepageProtection.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 03:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 03:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 03:52 762000 ----a-r- c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 94208 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"E6CFA7A82BF59BA52DCECD7046EF4487B1BB74E0._service_run"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2012-08-14 1229848]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-01-13 39408]
"Eye-Fi"="c:\program files (x86)\Eye-Fi\Helper\EyeFiHelper.exe" [2011-12-22 3961464]
"EPLTarget\P0000000000000000"="c:\windows\system32\spool\DRIVERS\x64\3\E_YATIH3A.EXE" [2011-07-18 239488]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2012-06-07 3491264]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"V0610Mon.exe"="c:\windows\V0610Mon.exe" [2010-09-01 24576]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-17 81920]
"Carbonite Backup"="c:\program files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe" [2011-03-04 948880]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Google Desktop Search"="c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" [2011-08-31 30192]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2011-07-29 217256]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2012-06-29 5955088]
"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]
"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]
"LTCM Client"="c:\program files (x86)\LTCM Client\ltcmClient.exe" [2009-08-05 1596096]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-05-29 296056]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"Seagate Dashboard"="c:\program files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" [2011-06-01 79112]
"Memeo Instant Backup"="c:\program files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe" [2012-04-14 131072]
"AcronisTimounterMonitor"="c:\program files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe" [2012-06-29 1171336]
.
c:\users\anything\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\anything\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Google Calendar Sync.lnk - c:\program files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [2011-4-8 542264]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll c:\progra~2\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R1 uzmzntm0;AVZ-RK Kernel Driver;c:\windows\system32\Drivers\uzmzntm0.sys [x]
R1 vdmzntm0;AVZ-BC Kernel Driver;c:\windows\system32\Drivers\vdmzntm0.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-22 135664]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [2009-01-30 6144]
R3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);c:\windows\system32\DRIVERS\CamDrL64.sys [2007-02-03 955680]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2011-08-31 30192]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-22 135664]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [2009-07-10 31744]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [2011-04-04 21504]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [2009-01-30 9216]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [2010-04-01 26624]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-17 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 utmzntm0;AVZ Kernel Driver;c:\windows\system32\Drivers\utmzntm0.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-26 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2012-07-23 137312]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys [2012-07-23 211552]
S0 vidsflt67;Acronis Disk Storage Filter (67);c:\windows\system32\DRIVERS\vsflt67.sys [2012-07-23 146528]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-15 759048]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2012-07-23 3459024]
S2 atashost;WebEx Service Host for Support Center;c:\windows\SysWOW64\atashost.exe [2010-02-05 20376]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2010-07-23 296808]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [2011-06-09 555392]
S2 FlipShareServer;FlipShare Server;c:\program files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe [2010-12-15 1085440]
S2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe [2008-10-01 192512]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys [2012-04-23 154272]
S2 IHA_MessageCenter;IHA_MessageCenter;c:\program files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [2012-06-12 335888]
S2 McciCMService64;McciCMService64;c:\program files\Common Files\Motive\McciCMService.exe [2010-11-18 517632]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2010-03-22 25824]
S2 SeagateDashboardService;Seagate Dashboard Service;c:\program files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe [2011-06-01 14088]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2012-06-29 5915352]
S2 SynoDrService;SynoDrService;c:\program files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2010-06-02 380928]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2012-07-23 367200]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-08-21 172704]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [2009-06-12 287960]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-02-03 58528]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
S3 V0610Vid;Creative Live! Cam Socialize HD Driver;c:\windows\system32\DRIVERS\V0610Vid.sys [2010-09-09 322912]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - avgntflt
*Deregistered* - sftfs
*Deregistered* - sftplay
*Deregistered* - Sftredir
*Deregistered* - sftvol
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 01:01]
.
2012-08-14 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-01-13 02:15]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-22 02:31]
.
2012-08-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-22 02:31]
.
2012-08-01 c:\windows\Tasks\HPCeeScheduleForanything.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-08-13 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Green]
@="{95A27763-F62A-4114-9072-E81D87DE3B68}"
[HKEY_CLASSES_ROOT\CLSID\{95A27763-F62A-4114-9072-E81D87DE3B68}]
2011-03-04 03:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Partial]
@="{E300CD91-100F-4E67-9AF3-1384A6124015}"
[HKEY_CLASSES_ROOT\CLSID\{E300CD91-100F-4E67-9AF3-1384A6124015}]
2011-03-04 03:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\Carbonite.Yellow]
@="{5E529433-B50E-4bef-A63B-16A6B71B071A}"
[HKEY_CLASSES_ROOT\CLSID\{5E529433-B50E-4bef-A63B-16A6B71B071A}]
2011-03-04 03:36 1174672 ----a-r- c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-14 22:58 97792 ----a-w- c:\users\anything\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2012-02-08 00:49 23432 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATT-SST_McciTrayApp"="c:\program files\ATT-SST\McciTrayApp.exe" [2010-07-27 3453440]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2012-06-29 403144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 1271168]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: boats.com\www
TCP: DhcpNameServer = 192.168.1.1
DPF: {BC0AE9E6-E549-4554-A222-EA083A894683} - hxxp://a03-b03.mypicturetown.com/P2PwebCmdController/x/Upld_47.CAB
FF - ProfilePath - c:\users\anything\AppData\Roaming\Mozilla\Firefox\Profiles\e574yg1b.default\
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z149&install_date=20111110
FF - user.js: extentions.y2layers.installId - e8f22563-4615-4a86-b8e4-24696b1d559b
.
- - - - ORPHANS REMOVED - - - -
.
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
ShellIconOverlayIdentifiers- - (no file)
AddRemove-freecordertoolbar - c:\program files (x86)\freecordertoolbar\uninstall.exe
AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
AddRemove-FoxTab Media Player - c:\program files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3357085197-2515357421-441871210-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):e0,55,05,58,09,3e,f4,36,f6,b6,0a,4e,68,0b,96,0e,ab,c9,d3,12,44,
c8,30,39,0b,99,e5,b6,20,9f,fd,a3,06,0a,28,5b,1e,73,ec,38,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3357085197-2515357421-441871210-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):0a,64,18,2f,83,27,c8,10,cf,47,93,24,d4,b0,ad,05,9e,64,26,38,d8,
62,95,09,cd,1c,c4,66,42,c4,5c,ac,fb,33,19,05,fb,62,ca,33,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3357085197-2515357421-441871210-1000_Classes\Wow6432Node\CLSID\{e9de74da-6e0f-4214-99c2-20c8addf3e29}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:0000004f
"Therad"=dword:00000016
"MData"=hex(0):7b,d6,72,ca,ae,34,c7,f4,a6,1d,1e,dd,09,37,0f,5d,09,f5,9a,bb,d5,
f9,6e,ae,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Flip Video\FlipShare\FlipShareService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Common Files\Motive\McciCMService.exe
c:\program files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Completion time: 2012-08-15 06:49:22 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-15 13:49
ComboFix2.txt 2011-03-24 18:11
.
Pre-Run: 311,907,774,464 bytes free
Post-Run: 311,753,400,320 bytes free
.
- - End Of File - - 4E340F6A58A5B14F829FC47AD861C5E6

#6
Gammo

Posted 16 August 2012 - 07:50 AM

Member 2k

Malware Removal
2,299 posts

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish, so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

How is your PC running now?

#7
horizonatdawn

Posted 17 August 2012 - 05:35 PM

Member

Topic Starter
Member
83 posts

I didn't realize that they're are more things to do such as malwarebytes. I've left home for a few days and only have my laptop with me. I will run the malwarebytes when I get home on Monday Aug. 20th.

When I left home, everything seemed to be running fine as per my previous reply, but I was wondering if the question I asked makes any sense or do I just run as is without really knowing the reason why?

Thanks again and I'll post the malwarebytes log when I return home.

Rich
------

#8
Gammo

Posted 17 August 2012 - 06:09 PM

Member 2k

Malware Removal
2,299 posts

Thanks again and I'll post the malwarebytes log when I return home.

Fine with me. :thumbsup:

I have one question - I did indeed have the "marked for deletion" condition that you mentioned. After a reboot everything was was good and fast but my system was stripped (no taskbar shortcuts, outlook had to be reconfigured, etc.). But after I installed MSFT updates that were due and rebooted everything seems to be as it was before the system slowed down. Should I have rebooted twice at the last step or can you tell me what happened?

I'm not sure what happened. Usually one reboot fixes it. I wouldn't worry too much about it since the problem is resolved anyway.

I'm talking monor stuff since I have the procedures to restore my system pretty close, but it's a time save, right?

You're right.

#9
horizonatdawn

Posted 20 August 2012 - 10:42 AM

Member

Topic Starter
Member
83 posts

OK, I'm back home and there were no errors found during the scan with MBytes so there was nothing to remove.The results of the Malwarebytes text file which printed out directly after the scan finished are listed below:.

So, my system seems a bit slower than when I left on Thursday. Not like it was but a bit slower. I left my system on while I was gone, which was 5 days today. You've cleaned my system completely as far as I can see. Are there anymore diagnostics to run? I've rechecked the temperature inside the cabinet and the CPU temperature. They are all good. I wonder if I may have a gradually failing component. I'm going to take the side off my PC temporarily and run it like that for a few days and see. The disk is good. I defragged it also. I'm also going to move pictures to another drive (USB 3.0 external). That will at the least drop the % used of this drive by probably 50% so that I'll have about 70% of the 1 TB drive free.

Maybe I need to toubleshoot the memory cards by removing one at a time or something like that. I have 5 memory cards for a total of 9 GB. 3X2GB and 2X1.5GB or something close to that. I'll see if removing the side tends to help any. My bench tests for CPU and memory as far as speed seem to be OK...

So, please try to put this rambling note into some sense of order... If you have any other suggestions I'll take them. Otherwise I'll report back in about two days after running the system with side off.

Thanks so much for everything!!!!!!!!!!!

Rich
-------

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.20.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
anything :: ELITE [administrator]

8/20/2012 7:50:19 AM
mbam-log-2012-08-20 (07-50-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 229380
Time elapsed: 22 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#10
Gammo

Posted 20 August 2012 - 03:21 PM

Member 2k

Malware Removal
2,299 posts

Your logs appear to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. ^_^

Remove Combofix now that we're done with it.

Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
Please follow the prompts to uninstall Combofix.
You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Download OTC to your desktop and run it
A list of tool components used in the Cleanup of malware will be downloaded.
If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
Click Yes to begin the Cleanup process and remove these components, including this application.
You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files
Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall
You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated
It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Google Chrome and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.

The WOT add-on will nicely help to enhance your security, no matter which web browser you use. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.

A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?
If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Gammo :cool: