Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Many Pages Can't Be Displayed When Using The Internet


  • Please log in to reply

#1
BadLuckBettie

BadLuckBettie

    New Member

  • Member
  • Pip
  • 9 posts
I'm not sure what is wrong with my desktop. When I surf the web many pages don't come up and I have to constantly refresh the webpage to try and view a website. Also my computer has been running slow. I have run an anti-virus scan but nothing bad has come up in the results. Any help would be greatly appreciated. Thanks.
  • 0

Advertisements


#2
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Hello and welcome to Geekstogo!

We apologize for the delay in responding to your request for help.
If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

If you haven't done so yet, please go to Malware and Spyware Cleaning Guide and follow the steps instructed there. If you have already done this, we still need a new log to see what has changed since you originally posted your problem.

We need to create an OTL Report
Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Check the box that says Scan All Users.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.
  • 0

#3
BadLuckBettie

BadLuckBettie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
My problem is that my desktop computer has difficulty displaying webpages. If I click on a link I constantly get a page that says "404 Not Found" or "Page Cannot Be Displayed" in return. I have not taken any steps so far in resolving this issue.

Here is my OTL log:

OTL logfile created on: 8/20/2012 1:49:24 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Bettie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.75 Gb Total Physical Memory | 2.92 Gb Available Physical Memory | 61.44% Memory free
9.50 Gb Paging File | 7.34 Gb Available in Paging File | 77.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.70 Gb Total Space | 292.19 Gb Free Space | 49.97% Space Free | Partition Type: NTFS
Drive D: | 11.37 Gb Total Space | 1.39 Gb Free Space | 12.20% Space Free | Partition Type: NTFS
Drive F: | 931.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32

Computer Name: FAM_BAM-HP | User Name: Bettie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/20 12:52:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bettie\Desktop\OTL.exe
PRC - [2012/08/18 19:22:05 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/08/14 16:48:20 | 001,536,712 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/05/03 11:07:40 | 000,217,256 | ---- | M] (Visicom Media Inc. (Powered by Panda Security)) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
PRC - [2012/04/23 16:53:44 | 000,014,336 | ---- | M] (Brand Affinity Technologies) -- C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Updater\FantapperUpdater.exe
PRC - [2011/12/14 14:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2011/12/13 18:42:08 | 000,922,976 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/15 15:56:18 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/09/02 13:18:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe
PRC - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/01/18 10:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2008/11/20 10:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/18 19:22:03 | 002,242,528 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/08/14 16:48:20 | 009,465,032 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
MOD - [2012/06/13 13:26:15 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
MOD - [2012/06/13 13:25:48 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
MOD - [2012/05/10 03:38:33 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
MOD - [2012/05/10 03:36:53 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll
MOD - [2012/05/10 03:36:40 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 03:36:38 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f3814b488d9e083cbbc623e01b389f09\System.Data.ni.dll
MOD - [2012/05/10 03:36:03 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
MOD - [2012/05/10 03:35:59 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012/05/10 03:35:56 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012/05/10 03:35:56 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012/05/10 03:35:47 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/02/05 11:59:35 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2010/11/04 17:58:06 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/09/28 15:00:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2010/09/28 15:00:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2010/09/28 15:00:14 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2010/01/18 10:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/04/19 08:22:48 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2011/01/27 19:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2010/02/02 08:17:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/08/18 19:22:04 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/08/14 16:48:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/04/23 16:53:44 | 000,014,336 | ---- | M] (Brand Affinity Technologies) [Auto | Running] -- C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Updater\FantapperUpdater.exe -- (FTSvc)
SRV - [2012/01/13 11:21:16 | 000,103,440 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/12/14 14:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 18:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/15 22:27:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/15 15:56:18 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/09/02 13:18:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe -- (McComponentHostService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/26 16:27:16 | 000,127,984 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/01/04 11:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/09/20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)
DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011/04/13 15:04:38 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
DRV:64bit: - [2011/04/08 23:00:20 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2010/11/20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 03:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/03/10 09:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 07:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/05 14:34:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/05 14:34:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/02/02 08:55:20 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/02/02 07:24:00 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009/10/19 14:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE:64bit: - HKLM\..\SearchScopes\{7765B199-C3D8-4B47-AB9D-33588CF0DE3E}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{C98BA8B3-D9CA-40C1-8244-74E175E62BF8}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1
IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{7765B199-C3D8-4B47-AB9D-33588CF0DE3E}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{C98BA8B3-D9CA-40C1-8244-74E175E62BF8}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://my.yahoo.com/
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes,DefaultScope = {162E1E2E-36D6-4642-AD81-7B8ABD97D1DE}
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes\{162E1E2E-36D6-4642-AD81-7B8ABD97D1DE}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7ADRA_en
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes\{7765B199-C3D8-4B47-AB9D-33588CF0DE3E}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes\{C98BA8B3-D9CA-40C1-8244-74E175E62BF8}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.order.1: "Blekko"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "http://blekko.com/ws...E&tbp=homepage"
FF - prefs.js..keyword.URL: "http://blekko.com/ws...&u=USERGUID&q="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.11.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\Bettie\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/11 17:11:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/04/17 22:58:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/06/21 15:15:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/18 19:22:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/04/17 22:58:04 | 000,000,000 | ---D | M]

[2011/09/17 19:11:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Extensions
[2012/08/08 09:00:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\extensions
[2012/07/26 11:54:19 | 000,000,000 | ---D | M] (blekko search bar) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\extensions\{8769adce-dba5-48e9-afb5-67b12cdf2e61}
[2012/07/05 13:44:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\jetpack\[email protected]
[2012/07/05 13:49:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\jetpack\[email protected]\simple-storage
[2012/08/06 14:03:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/18 19:22:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\distribution\extensions
[2011/12/15 22:13:07 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\FF
[2012/08/08 09:00:23 | 001,184,804 | ---- | M] () (No name found) -- C:\USERS\BETTIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\UJZ1R6HG.DEFAULT\EXTENSIONS\[email protected]
[2012/08/18 19:22:05 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
[2012/07/31 18:19:52 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/06/26 16:32:32 | 000,002,134 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
[2012/07/31 18:19:52 | 000,002,253 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120621145009.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2:64bit: - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblockx64.dll (Simple Adblock)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120621145009.dll (McAfee, Inc.)
O2 - BHO: (blekko search bar) - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll ()
O2 - BHO: (Fantapper) - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll ()
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O2 - BHO: (SimpleAdblock Class) - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\Common Files\Simple Adblock\SimpleAdblock.dll (Simple Adblock)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (blekko search bar) - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3:64bit: - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Anti-phishing Domain Advisor] C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe (Visicom Media Inc. (Powered by Panda Security))
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000..\Run: [cdloader] C:\Users\Bettie\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (Hewlett-Packard)
O4 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto....veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68777DB1-499D-472C-82EC-90D7AA355E3E}: DhcpNameServer = 192.168.1.254
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/11/15 12:08:04 | 000,000,036 | -H-- | M] () - F:\autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2008/02/04 14:48:30 | 000,000,000 | ---D | M] - F:\autorun -- [ FAT32 ]
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/20 12:52:53 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Bettie\Desktop\OTL.exe
[2012/08/20 11:02:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/08/20 10:58:40 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{3A830654-2057-4E0E-BA1D-4A1ECDB93B88}
[2012/08/17 11:43:12 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{A7449BA3-4C60-4771-9B58-A6BA9B35E59C}
[2012/08/17 11:42:57 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{FBC8A831-C9BF-4BCE-A967-AAE61C4B8AA7}
[2012/08/16 13:27:20 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{6318610D-D42F-4AFB-B8BF-B0359798C347}
[2012/08/16 13:26:58 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{0366ECAB-4F3C-4BC1-B8BD-59CD3967418B}
[2012/08/15 10:28:45 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{BC391999-9F4D-4FCC-9197-FFD36D05E332}
[2012/08/15 10:28:26 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{F96F145B-7B76-4444-81A7-1E915DB7B0E8}
[2012/08/14 14:54:58 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{D876EC1C-9944-4C6A-AAE2-36837EBF3E5C}
[2012/08/14 14:54:43 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{2BD00652-8CBA-4437-96FE-ACD0B81A5522}
[2012/08/13 11:02:17 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{4C53931F-4CF9-4F7F-898C-2FF16F8DEA34}
[2012/08/13 11:01:44 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{2B320716-69E0-43A4-8D46-CF3C4FDB3176}
[2012/08/12 10:31:41 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{91DF2A13-4A2C-4400-9504-002463E6A994}
[2012/08/12 10:31:26 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{F9021BD2-A766-4C83-BA51-B76834FAE1BF}
[2012/08/11 17:14:47 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{45AE983E-156C-47E9-B5CF-2AD06874629E}
[2012/08/11 17:14:28 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{A5AE682E-2041-4950-BF8F-DBE2DF19D1C3}
[2012/08/11 00:19:57 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{3C24757C-6315-4172-86EA-6A134E31A06A}
[2012/08/11 00:19:40 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{AD1AFBC0-464C-40EC-BEE9-6BD680D5F215}
[2012/08/08 06:10:31 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{8CCFDC7A-7171-4113-B354-55C24C06EE83}
[2012/08/08 06:10:18 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{77677F89-D0D9-4654-8739-A6CC9FCC044F}
[2012/08/07 13:56:55 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{2FB030A8-18D4-4DB4-84BD-D4DA29FE5252}
[2012/08/07 13:56:31 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{2D8073F2-4012-44C4-BFCC-FEBDAB14FED4}
[2012/08/06 14:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/08/06 14:07:48 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012/08/06 11:37:37 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{8EDF9160-3554-4930-A816-6E3C3C47657B}
[2012/08/06 11:37:24 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{3A508504-4D0F-40EE-8A1E-B6B9D2F5F063}
[2012/08/05 22:26:06 | 000,000,000 | ---D | C] -- C:\Users\Bettie\Desktop\New folder (2)
[2012/08/05 20:40:00 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{48A87DA0-4ACB-4D5C-A836-19FFE2F08907}
[2012/08/05 20:39:43 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{35444D45-2E8F-43F7-9E6D-8934AFC28212}
[2012/08/04 13:36:38 | 000,000,000 | ---D | C] -- C:\Users\Bettie\Desktop\Cowboys vs aliens
[2012/08/04 10:28:44 | 000,000,000 | ---D | C] -- C:\Users\Bettie\Desktop\Innkeepers
[2012/08/04 10:27:48 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{EDA4AD8C-24EA-403C-A26D-15301E45E9FA}
[2012/08/04 10:27:30 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{F1F1BE10-B53C-44C5-954A-9F1BEFC05F55}
[2012/08/03 19:29:45 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{BCBFFDF4-5986-42AC-A1DC-CAA844974DBB}
[2012/08/02 16:41:36 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{73A8F264-0BC4-4A9F-A937-D82D6CA82D46}
[2012/08/02 16:41:18 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{C478784B-2A35-4E23-87C4-D35A7EB4FDBD}
[2012/07/30 13:09:01 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{BC94C937-5D18-4D2B-9AD3-692B86CA7F67}
[2012/07/30 13:08:35 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{F6616F77-78BD-49D0-ABBB-505A42FE275F}
[2012/07/29 15:50:16 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\Macromedia
[2012/07/29 15:06:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/07/29 15:05:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/07/29 15:05:11 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/07/29 15:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/07/29 14:51:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/07/29 14:50:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2012/07/29 14:43:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012/07/29 14:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com
[2012/07/29 11:53:05 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{B45B9212-4CF9-434E-ABD1-30BB38E747E6}
[2012/07/29 11:52:39 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{AE3F4043-8E51-4CDF-A5E1-621DCC9B2243}
[2012/07/28 17:38:25 | 000,000,000 | ---D | C] -- C:\Users\Bettie\Desktop\Nick 13
[2012/07/28 10:32:55 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{3209DA22-EF68-4280-8300-EF50F197C816}
[2012/07/28 10:32:31 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{00EE0579-AA46-4E12-A6CD-E3D1D4BE08E8}
[2012/07/27 13:19:14 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{F2C3A948-81D5-493E-8D94-8F3632D9197C}
[2012/07/27 13:18:57 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{55F61E6E-ECD3-4C54-8C35-4C2E76CADB28}
[2012/07/26 11:46:34 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{C24888D0-A6FC-4389-BA4A-A6AF14619D3A}
[2012/07/26 11:46:09 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{877C86C2-EC7A-4B1D-B97A-4E3C10F9A017}
[2012/07/25 11:42:09 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{23A4717C-2986-4F51-91F2-AC7EF612741B}
[2012/07/24 10:13:01 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{2D0D5B20-80B1-42AE-8A37-07CBD26116BB}
[2012/07/24 10:12:42 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{C986A990-91D8-4983-A35F-E81E5B5BA925}
[2012/07/22 14:06:28 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{86A84325-AE8D-4151-8CCA-BF103A9EC405}
[2012/07/22 14:06:00 | 000,000,000 | ---D | C] -- C:\Users\Bettie\AppData\Local\{ED3FDA53-72AA-4ABE-B265-023CC28640E5}
[1 C:\Users\Bettie\Documents\*.tmp files -> C:\Users\Bettie\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/08/20 13:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/20 13:10:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/20 12:52:56 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Bettie\Desktop\OTL.exe
[2012/08/20 11:17:59 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/20 11:17:59 | 000,624,162 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/20 11:17:59 | 000,106,538 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/20 10:57:22 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/20 10:43:36 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/20 10:43:36 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/20 10:35:35 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBettie.job
[2012/08/20 10:35:27 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/20 10:35:07 | 3824,640,000 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/16 16:15:38 | 000,001,000 | ---- | M] () -- C:\Users\Bettie\Desktop\magicJack.lnk
[2012/08/16 13:23:06 | 000,355,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/11 18:21:48 | 001,491,475 | ---- | M] () -- C:\Users\Bettie\Desktop\DSC02953.JPG
[2012/08/10 21:06:00 | 001,312,971 | ---- | M] () -- C:\Users\Bettie\Desktop\DSC02943.JPG
[2012/08/08 18:25:27 | 000,000,713 | ---- | M] () -- C:\Users\Bettie\Desktop\finaldestination5.msdvd
[2012/08/06 13:06:20 | 001,222,096 | ---- | M] () -- C:\Users\Bettie\Desktop\DSC02940.JPG
[2012/08/06 13:04:06 | 001,217,433 | ---- | M] () -- C:\Users\Bettie\Desktop\DSC02939.JPG
[2012/08/06 13:01:48 | 001,412,381 | ---- | M] () -- C:\Users\Bettie\Desktop\DSC02937.JPG
[2012/07/31 12:18:41 | 000,000,544 | ---- | M] () -- C:\Windows\tasks\PCDRScheduledMaintenance.job
[2012/07/29 15:12:59 | 000,002,097 | ---- | M] () -- C:\Users\Bettie\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/07/29 15:06:17 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/29 14:37:30 | 000,117,660 | ---- | M] () -- C:\Users\Bettie\Desktop\Beatriz_Sanchez_Student_Course_Sequence_Survey.pdf
[1 C:\Users\Bettie\Documents\*.tmp files -> C:\Users\Bettie\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/08/11 21:32:03 | 001,491,475 | ---- | C] () -- C:\Users\Bettie\Desktop\DSC02953.JPG
[2012/08/11 00:24:43 | 001,312,971 | ---- | C] () -- C:\Users\Bettie\Desktop\DSC02943.JPG
[2012/08/08 18:25:27 | 000,000,713 | ---- | C] () -- C:\Users\Bettie\Desktop\finaldestination5.msdvd
[2012/08/06 13:14:17 | 001,412,381 | ---- | C] () -- C:\Users\Bettie\Desktop\DSC02937.JPG
[2012/08/06 13:14:17 | 001,222,096 | ---- | C] () -- C:\Users\Bettie\Desktop\DSC02940.JPG
[2012/08/06 13:14:17 | 001,217,433 | ---- | C] () -- C:\Users\Bettie\Desktop\DSC02939.JPG
[2012/07/29 15:12:59 | 000,002,097 | ---- | C] () -- C:\Users\Bettie\Application Data\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk
[2012/07/29 15:06:17 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/29 14:43:42 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/07/29 14:16:42 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/29 14:11:51 | 000,002,001 | ---- | C] () -- C:\Users\Bettie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/04/18 00:47:56 | 000,221,759 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/04/18 00:47:56 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/04/17 22:55:11 | 000,169,826 | ---- | C] () -- C:\Windows\hpoins14.dat.temp
[2012/04/17 18:11:23 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat.temp
[2012/04/17 18:06:55 | 000,169,804 | ---- | C] () -- C:\Windows\hpoins14.dat
[2012/04/17 18:06:55 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat
[2011/09/18 11:52:55 | 000,012,288 | ---- | C] () -- C:\Users\Bettie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/09 20:24:48 | 000,000,632 | RHS- | C] () -- C:\Users\Bettie\ntuser.pol
[2010/09/28 22:07:11 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/09/28 22:07:11 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010/09/28 22:07:11 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010/09/28 22:07:11 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010/09/28 22:07:11 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010/09/28 22:07:11 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010/09/28 22:07:11 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010/09/28 22:07:11 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010/09/28 22:07:11 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010/09/28 22:07:11 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/09/28 22:07:11 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/09/28 22:07:11 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/09/28 22:07:11 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/09/28 22:07:11 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/09/28 22:07:11 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/09/28 22:07:11 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010/09/28 15:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/09/22 21:22:01 | 000,000,518 | ---- | C] () -- C:\Users\Bettie\AppData\Roaming\wklnhst.dat

========== LOP Check ==========

[2010/10/09 20:35:49 | 000,000,000 | ---D | M] -- C:\Users\Agent R\AppData\Roaming\WildTangent
[2012/08/14 16:43:06 | 000,000,000 | ---D | M] -- C:\Users\Bettie\AppData\Roaming\Azureus
[2012/06/26 16:36:24 | 000,000,000 | ---D | M] -- C:\Users\Bettie\AppData\Roaming\ImgBurn
[2012/08/16 16:15:40 | 000,000,000 | ---D | M] -- C:\Users\Bettie\AppData\Roaming\mjusbsp
[2010/09/22 21:22:22 | 000,000,000 | ---D | M] -- C:\Users\Bettie\AppData\Roaming\Template
[2010/10/02 13:48:16 | 000,000,000 | ---D | M] -- C:\Users\Bettie\AppData\Roaming\WinBatch
[2011/06/20 15:50:46 | 000,000,000 | ---D | M] -- C:\Users\Bettie\AppData\Roaming\Windows Live Writer
[2012/07/31 12:18:41 | 000,000,544 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job
[2012/07/20 12:48:23 | 000,032,612 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Here is the OTL Extras log:

OTL Extras logfile created on: 8/20/2012 1:49:24 PM - Run 1
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Bettie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.75 Gb Total Physical Memory | 2.92 Gb Available Physical Memory | 61.44% Memory free
9.50 Gb Paging File | 7.34 Gb Available in Paging File | 77.28% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 584.70 Gb Total Space | 292.19 Gb Free Space | 49.97% Space Free | Partition Type: NTFS
Drive D: | 11.37 Gb Total Space | 1.39 Gb Free Space | 12.20% Space Free | Partition Type: NTFS
Drive F: | 931.28 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32

Computer Name: FAM_BAM-HP | User Name: Bettie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{044E1CBE-6FCC-4B6C-8627-08B3D8FDCE70}" = lport=139 | protocol=6 | dir=in | app=system |
"{24C36C3A-3290-4B4A-9C74-B3BE9AB2C6E6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{309324E4-0C7F-472D-A9C1-8BC152ED921B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3A6CB317-B9FB-4681-9297-D8014E0B6758}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{420074DD-15CB-4413-8042-1C5668CC951D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4FE707BB-BA5D-42E5-9E86-8C778D614D6B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5A1EDE35-BB3E-4CAB-80E1-11C29FDF2779}" = rport=139 | protocol=6 | dir=out | app=system |
"{640EE207-F329-4A84-8784-7070B2D3333F}" = rport=137 | protocol=17 | dir=out | app=system |
"{6444B8E7-A5AC-4DEF-B6BE-68A81FBD8C73}" = lport=2869 | protocol=6 | dir=in | app=system |
"{651BC325-86B2-42BA-8F7E-0DBE648EBC40}" = rport=138 | protocol=17 | dir=out | app=system |
"{7677D41D-A0AB-4DE9-8F38-68BF0D5DD87A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{77371603-0F89-4931-B47D-13220EC26F5F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7E615814-0817-49FF-B328-03B735414A27}" = lport=445 | protocol=6 | dir=in | app=system |
"{83B12887-AED6-4D8B-AD56-2E9B875949FF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9434FA47-81F0-4399-AC3B-2A0DC2083937}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{95C47844-9A0E-4D5F-BE9F-5B87B5C0FCDE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6D6A999-C75E-49AD-B649-E369DBF3390C}" = rport=10243 | protocol=6 | dir=out | app=system |
"{AEAC3F3F-F41F-485A-8032-3B152EF299ED}" = lport=138 | protocol=17 | dir=in | app=system |
"{B5804BFD-F17B-4E81-980E-34F03862B985}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{BCBE8271-230E-45B8-8102-20362BF349FF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BD6AEA46-5DEF-46ED-904A-055820A1AAFA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C127056B-B345-45D3-B8F2-7D00AFE97B11}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CFD6800A-13BD-46D7-8A38-0EA16CC79D69}" = lport=10243 | protocol=6 | dir=in | app=system |
"{DB490EEA-C558-4A77-BAAD-62ECB2DA1125}" = rport=445 | protocol=6 | dir=out | app=system |
"{E8CA435D-1F98-42C1-8AD6-9891AB0BD4FE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{F00945A9-3F10-4693-BC70-FED4CBE93A1B}" = lport=137 | protocol=17 | dir=in | app=system |
"{F7E56413-C007-4571-A854-96839B8052B8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00914EA6-9F74-473D-9C4D-BFDB20ABE70B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{07175938-E01A-4438-8FE8-739A198D29CF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{0B371F43-0115-4F71-BCC2-4CF7CB0E7556}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{0F9B52D8-FDE5-4352-A118-D94D2365A028}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{10BA50C0-8079-4B1D-A022-B7C37815E95D}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{13E0F03C-0393-4A07-99DA-679E59910662}" = protocol=1 | dir=out | [email protected],-28544 |
"{1450E2DF-8FD4-4D7E-9B23-D066325D6212}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{19F5519C-404A-4D4C-9DF1-CAB0D51AA3E1}" = protocol=1 | dir=in | [email protected],-28543 |
"{1ADEBF2B-B9F8-4B3C-A16B-282C80E929FD}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1B233767-B526-483A-85D3-DE83A955AF8D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1C42496E-56EE-43C6-890E-7ED846892D5B}" = protocol=58 | dir=in | [email protected],-28545 |
"{1C642927-0F99-405A-860F-29898A263544}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{1DEB1968-7890-4FDB-8105-1EF1EAC0234B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{1E943176-DDF2-461D-8802-26B235442088}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{23BD2411-2092-4E00-983E-51B7E282C88E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{242BDDCC-96CF-43A7-BE91-FBCBC12A84DF}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{25D55024-CC52-4CE9-8958-65B88BC7EFBE}" = protocol=6 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{2625AE0D-B0A3-41A4-A2B4-D8E631ED5473}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{2667EEA0-8F51-4B68-9F6F-0AEF7A76D136}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{2BE20A7A-D03D-4558-BDAE-2349AB245065}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{2E0C22DE-2462-4FA7-94EF-A42A845BD363}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{3496F155-CCB0-4DAF-A3CF-6BD7D2F69B5E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{36383EB7-B63D-457A-87DD-BD3CDB742404}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{38E64333-1ACA-457D-AAF7-983AA67D6FA2}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{3C80387D-D822-482F-9290-DF6FE1140759}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{412CE1A9-CEE7-4B9D-BC81-A634CFF8C82B}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{4660BDDA-79D3-42B2-80DA-3F9989113FA9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{54585C72-FF8D-451F-B71C-EFAB5508451A}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{5CF17E3A-D93D-4378-96D2-4ACD349B15D7}" = protocol=17 | dir=in | app=c:\program files (x86)\vuze\azureus.exe |
"{5CFE311F-9DDF-4239-BA50-EFAFCFF63389}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5E59C844-2D14-4DD9-B275-08DCBE3EF12C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{62A2318E-59A6-4421-AE63-AB9D59E3D735}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{6698C121-845E-4FD8-A29E-05FC31BF962A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{67F6BB74-14C6-40B1-B75C-A35AD1B5448D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{6B87B838-CC97-42EC-B992-F813F8B919D3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{6C889849-EFE8-4DF7-86F6-61B92934630C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6CCC9E49-CB4C-4811-BD96-5562B6E069AD}" = protocol=6 | dir=in | app=c:\users\bettie\appdata\local\temp\7zs2158\hpdiagnosticcoreui.exe |
"{70A3F659-12FF-4227-A003-353A8785BF0E}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{71523B27-A1B8-4CD1-86B5-B42F0CC292DD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{7527F665-8837-49EC-A5F7-1E6A9195880F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{76FE88F7-FD0E-4ADA-BC0D-63F53033AE4C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{8173A4C5-FEC7-486E-BE35-190803D650D4}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8368C3FE-174A-4F65-9A59-FB94CC70F933}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{8532BE80-F684-4D5B-A130-ABB9F0B82548}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{8A0BBC54-DF91-4964-A6B8-4BF54807AF71}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{8CB49CB1-E485-482F-9926-F6D000EADEE6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{933F29E3-55F6-49A7-8FF1-2AE0F843D6C5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{97350466-98C2-424B-B8C7-8BEF7F06DC8F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9D626C41-9D0A-4794-ADEF-F86BF705614A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{9EF681FA-BFAE-4285-BBAD-F9262317A730}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A155D1CA-B9E2-4EA5-A3E8-F9247CB96B34}" = protocol=17 | dir=in | app=c:\users\bettie\appdata\local\temp\7zs2158\hpdiagnosticcoreui.exe |
"{A4919762-FE4F-485F-9767-7F934623C3B5}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{AA967BBC-7179-4717-9503-A08E20A63C92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACF7A5C5-0EBB-4B28-890F-D28C28AAAFE5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{B0842BDB-CC63-4ADE-A445-FEADF7CA1523}" = protocol=58 | dir=out | [email protected],-28546 |
"{B3CDCDF0-09CD-4513-8420-D1638F1607EC}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{B5ED1E10-18F2-445D-9BDF-03A1CA61FB26}" = protocol=6 | dir=out | app=system |
"{B6A833BC-5254-45FF-A5C0-881072A5FEB1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{B6B80DB1-451E-4B76-9D8E-3369A32B86A8}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{BC0F7CC9-5AA3-41B0-8693-0A59413D1557}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{BC545AFC-F7D5-4FC4-B4EB-3E20B34ACB44}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C482DF77-E86C-4568-9E96-4FAE8C297FAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{C9379607-73AE-4FF8-A1C6-0452D37AF595}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C984F890-9903-4969-AE37-ED0A9469BA18}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CF0EB366-216C-4672-9E0B-DB9B76EDAF5D}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe |
"{D1C3146C-61BE-4908-84DF-DC7A63B6E248}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{D52B9F7D-63FC-473D-9B04-ED20C21CD242}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D5F4852F-4A23-4E5C-847A-703D215207A0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{DA23702C-5C52-4DED-88BC-F344E6ADA1F1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{DB4C4E8A-8B9E-4C2B-82AE-65C01AE49A23}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E9F73DF5-BC06-42FF-8700-75F617FAE365}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{EDC0C5E6-03A5-4213-B6D8-4F0ACBD411B0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{F2F50666-2DD9-4C6A-B20C-593210990ECC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F8EA6686-06B3-43F6-9360-EA636BDE899C}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{FAF65809-12C8-43E5-894D-A93DC7DE595D}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{FBE040D8-3E0B-41E3-96CC-1B7DB2510BEB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{FFD2B8DB-EC1D-4408-9D5D-7D1E5789CF7E}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"TCP Query User{87E36327-A976-47C6-A6EA-C0B4B7A6CC96}C:\users\bettie\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\bettie\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{B26E3427-373D-49F7-ABAC-7BB3D2BBB5AE}C:\users\bettie\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\bettie\appdata\roaming\mjusbsp\magicjack.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{23170F69-40C1-2702-0922-000001000000}" = 7-Zip 9.22 (x64 edition)
"{3ED4AD02-F631-4A4C-AAC8-2325996E5A56}" = Microsoft IntelliPoint 8.1
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{948B1FD6-9F98-47EE-AABF-8697F2FD44B0}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9DADBA45-2B06-4F7F-970B-E854ABC8917A}" = WBFS Manager 2.5
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C7}" = WinZip 16.0
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{E50A5077-1654-BEAE-986B-7B7133DA7C48}" = ATI Catalyst Install Manager
"{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"EPSON Printer and Utilities" = EPSON Printer Software
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08235411-48C8-A293-8642-D9575891E7D9}" = Catalyst Control Center InstallProxy
"{08548558-3EC9-BD0B-3D09-632500268F59}" = CCC Help Portuguese
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{137B2CE7-30A2-4836-0830-707F1010F517}" = CCC Help English
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{22DD005D-0EF1-4E3E-92F8-49D89E31479A}" = 1400
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{25F2A86D-E2E2-C2AD-8173-86C18632F214}" = CCC Help Chinese Traditional
"{2640314A-2D9A-4F58-B501-DB109CD9DBA2}" = DJ_AIO_ProductContext
"{2842077A-7895-5310-4F0C-42C83501E770}" = CCC Help Thai
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2ACAB850-69A5-8090-08B7-D27CC6D8652C}" = CCC Help German
"{2BAD00A4-7FD1-61C5-10C3-8275723943AD}" = CCC Help Danish
"{2BF943D5-1468-589A-50E3-DD0ED6596022}" = Catalyst Control Center Graphics Full New
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34DB1D69-9FFC-7899-6F4D-22C4C15ADD54}" = CCC Help Polish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35021DFB-F9CA-402A-89A2-47F91E506465}" = HP MediaSmart/TouchSmart Netflix
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3F310D8D-AC3B-5478-5AEA-D2EF5D7437E7}" = CCC Help Swedish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{4640FDE1-B83A-4376-84ED-86F86BEE2D41}" = Driver Detective
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{54B19DCE-232F-45A3-80D9-2141DEDF6D8F}" = Simple Adblock
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{595007B2-E139-535C-D723-4B0442FC40F5}" = CCC Help Italian
"{5A21C631-0494-7377-1E3B-99353E04F83B}" = CCC Help Japanese
"{5BDA2F58-1F21-4D10-9910-92B01EBCC958}" = AMD USB Filter Driver
"{603C0DC4-665E-4CC9-8ED1-7FE1F03AB943}" = Fantapper Updater
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{695C04CF-CF98-FAD6-9590-6C555B2E2E79}" = CCC Help Chinese Standard
"{6A3C2391-BCE2-4D28-A336-73B953B4502F}" = 1400Trb
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F277272-77D6-1E03-B8BB-B408B26C5140}" = CCC Help Czech
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{6F6D8BC6-CE36-493B-996F-04CD8CCC35A8}" = Bing Bar
"{6FBE200D-1F00-40B7-BF48-FEB265AADE94}" = 1400_Help
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7240A994-0ED4-4841-AD3B-5E5F72850F67}" = Catalyst Control Center Graphics Previews Vista
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C66E480-E42D-3664-B207-5CE9A706BC1F}" = Catalyst Control Center Graphics Light
"{7CAAA7B2-D9EA-2416-9D63-DDBC8E669059}" = CCC Help French
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84B4C4F4-F244-6A7E-EDC6-ECD46ACAAE59}" = CCC Help Greek
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software
"{AF4A82A7-F453-CE12-A942-E55FAC234387}" = ccc-core-static
"{B5B7E8FF-62F6-FA85-4C4A-83AAF816CE6E}" = CCC Help Spanish
"{B8089767-9A45-0E84-FCDE-15698650FF17}" = CCC Help Hungarian
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C0E5147E-C9F3-4360-9ED0-2E875F11766C}" = Respondus LockDown Browser
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C9496C0E-BE4C-7800-900B-5E66B958AEC1}" = CCC Help Russian
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CDACD4C9-F984-409A-9D26-DF77E003FD89}" = Fantapper Player
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB1A6595-613F-9654-E58E-0876F8B0E8F3}" = Catalyst Control Center Localization All
"{EDD1E22B-249A-5ED7-BA0A-C41BAA8256ED}" = CCC Help Korean
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F252C428-A4AE-C73E-031A-C451FDD660A9}" = CCC Help Norwegian
"{F5C7FD70-2C0A-401E-95E9-916363567DDA}" = HP Setup
"{F67EA3C6-38B0-675A-E2F9-8C343DE1C826}" = Catalyst Control Center Graphics Full Existing
"{F686E613-03C4-085F-188A-9E5DC1455787}" = CCC Help Turkish
"{F7F7626C-4612-BF7B-38D5-07E247973A1A}" = Catalyst Control Center Core Implementation
"{F8CA8746-F561-61D7-A496-8D4C4E1F8A57}" = CCC Help Dutch
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FCDDC9D3-5524-9AD1-651C-467910CC1903}" = CCC Help Finnish
"{FD66AF34-C18A-4cea-8421-2F3B39E9B07E}" = YouTube Downloader Toolbar v4.9
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"8461-7759-5462-8226" = Vuze
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Anti-phishing Domain Advisor" = Anti-phishing Domain Advisor
"blekkotb_031" = blekko search bar
"conduitEngine" = Conduit Engine
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EPSON Scanner" = EPSON Scan
"FileHippo.com" = FileHippo.com Update Checker
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ImgBurn" = ImgBurn
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 15.0 (x86 en-US)" = Mozilla Firefox 15.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"My HP Game Console" = HP Game Console
"StarCraft II" = StarCraft II
"transformer_ie" = Widevine Media Transformer Plugin 5.0.0
"Vuze_Remote Toolbar" = Vuze Remote Toolbar
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials
"WT082122" = Blackhawk Striker 2
"WT082124" = Blasterball 3
"WT082133" = Dora's Carnival Adventure
"WT082141" = FATE
"WT082168" = Penguins!
"WT082170" = Plants vs. Zombies
"WT082171" = Poker Superstars III
"WT082172" = Polar Bowler
"WT082173" = Polar Golfer
"WT082188" = Virtual Families
"WT082189" = Wheel of Fortune 2
"WT082192" = Bejeweled 2 Deluxe
"WT082200" = Chuzzle Deluxe
"WT082241" = Virtual Villagers - The Secret City
"WT082396" = Diner Dash 2 Restaurant Rescue
"WT082438" = Build-a-lot 2
"WT082442" = Faerie Solitaire
"WT082443" = Jewel Quest 3
"WT082456" = Mystery P.I. - The New York Fortune
"WT082463" = Zuma's Revenge
"WT082468" = Jewel Quest Solitaire 2
"WT083477" = Cake Mania
"WT083484" = Escape Rosecliff Island
"WT083491" = TextTwist 2
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-159588428-1301233969-2923844379-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HuluDesktop" = Hulu Desktop
"magicJack" = magicJack
"Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/4/2012 12:05:52 AM | Computer Name = Fam_Bam-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: ConduitEngin0.dll_unloaded, version:
0.0.0.0, time stamp: 0x4c8ccf5c Exception code: 0xc0000005 Fault offset: 0x10246680
Faulting
process id: 0x132c Faulting application start time: 0x01cd29a59c53325a Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
ConduitEngin0.dll Report Id: 6fc490ce-959e-11e1-843d-1cc1de619874

Error - 5/5/2012 3:06:51 AM | Computer Name = Fam_Bam-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x78d15b90 Faulting process id:
0x1e98 Faulting application start time: 0x01cd2a7bf2869c8f Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: e2a72e57-9680-11e1-9521-1cc1de619874

Error - 5/5/2012 3:08:19 AM | Computer Name = Fam_Bam-HP | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2576 (0xa10) Thread address : 0x000000007731138A Thread message : Build VSCORE.14.4.0.387
/ 5400.1158 Object being scanned = \Device\HarddiskVolume8\DCIM\101MSDCF\DSC02720.JPG

by C:\Windows\system32\WUDFHost.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)

7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 5/5/2012 7:10:18 PM | Computer Name = Fam_Bam-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: ConduitEngin0.dll, version: 6.1.0.7,
time stamp: 0x4c8ccf5c Exception code: 0xc0000005 Fault offset: 0x00246680 Faulting
process id: 0x1ab0 Faulting application start time: 0x01cd2b13e8920cd1 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll Report Id: 7a50ba6d-9707-11e1-8a88-1cc1de619874

Error - 5/6/2012 5:19:04 PM | Computer Name = Fam_Bam-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: ConduitEngin0.dll_unloaded, version:
0.0.0.0, time stamp: 0x4c8ccf5c Exception code: 0xc0000005 Fault offset: 0x10246680
Faulting
process id: 0x6d4 Faulting application start time: 0x01cd2b2673594c2b Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
ConduitEngin0.dll Report Id: 1b1092b5-97c1-11e1-8a88-1cc1de619874

Error - 5/6/2012 10:05:11 PM | Computer Name = Fam_Bam-HP | Source = Windows Backup | ID = 4104
Description =

Error - 5/7/2012 10:05:19 PM | Computer Name = Fam_Bam-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: unknown, version: 0.0.0.0, time stamp:
0x00000000 Exception code: 0xc0000005 Fault offset: 0x77231264 Faulting process id:
0x18c0 Faulting application start time: 0x01cd2c761333170d Faulting application path:
C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path: unknown
Report
Id: 425c49b0-98b2-11e1-8a88-1cc1de619874

Error - 5/8/2012 4:00:45 PM | Computer Name = Fam_Bam-HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1374 Start
Time: 01cd2d551adf9cb5 Termination Time: 16 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 5/9/2012 1:21:13 PM | Computer Name = Fam_Bam-HP | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16421 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1424 Start
Time: 01cd2e07fb6a7629 Termination Time: 9 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

Error - 5/9/2012 9:22:33 PM | Computer Name = Fam_Bam-HP | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16421,
time stamp: 0x4d76255d Faulting module name: ConduitEngin0.dll, version: 6.1.0.7,
time stamp: 0x4c8ccf5c Exception code: 0xc0000409 Fault offset: 0x00246691 Faulting
process id: 0x1138 Faulting application start time: 0x01cd2e4b4ef1e6f1 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll Report Id: 9db719a5-9a3e-11e1-a021-1cc1de619874

[ Hewlett-Packard Events ]
Error - 8/11/2012 8:25:23 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262 at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4863 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/11/2012 8:25:23 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4863 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/11/2012 8:25:24 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4863 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/11/2012 8:25:24 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4863 Ram Utilization: 20 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/18/2012 6:08:55 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146233088 at HPSFConfigReader.ConfigHelper.loadXML()

at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Message: Exception of type 'System.Exception' was thrown. StackTrace:
at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor()

at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 4863
Ram
Utilization: 40 TargetSite: Void loadXML()

Error - 8/18/2012 6:10:32 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 8/18/2012 6:13:45 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 4000
Description =

Error - 8/18/2012 6:14:32 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4863 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/18/2012 6:14:33 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4863 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

Error - 8/18/2012 6:14:33 PM | Computer Name = Fam_Bam-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Message: Unable to cast object
of type 'System.DBNull' to type 'System.String'. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
dr, Boolean bOnlyDetected, HPSASession SFSession) Source: HP.SupportAssistant.Common

Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 4863 Ram Utilization: 40 TargetSite: Void SaveSessionInfo(System.Data.DataRow,
Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)

[ System Events ]
Error - 8/16/2012 4:26:10 PM | Computer Name = Fam_Bam-HP | Source = WMPNetworkSvc | ID = 866300
Description =

Error - 8/16/2012 4:26:59 PM | Computer Name = Fam_Bam-HP | Source = DCOM | ID = 10010
Description =

Error - 8/16/2012 7:15:22 PM | Computer Name = Fam_Bam-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.

Error - 8/17/2012 2:39:26 PM | Computer Name = Fam_Bam-HP | Source = NetBT | ID = 4321
Description = The name "WORKGROUP :1d" could not be registered on the interface
with IP address 192.168.1.65. The computer with the IP address 192.168.1.67 did
not allow the name to be claimed by this computer.

Error - 8/17/2012 2:44:02 PM | Computer Name = Fam_Bam-HP | Source = DCOM | ID = 10010
Description =

Error - 8/18/2012 3:20:30 AM | Computer Name = Fam_Bam-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 8/18/2012 2:34:16 PM | Computer Name = Fam_Bam-HP | Source = WMPNetworkSvc | ID = 866333
Description =

Error - 8/19/2012 2:23:59 AM | Computer Name = Fam_Bam-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 8/19/2012 12:13:26 PM | Computer Name = Fam_Bam-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk5\DR5.

Error - 8/20/2012 1:59:43 PM | Computer Name = Fam_Bam-HP | Source = DCOM | ID = 10010
Description =


< End of report >

Attached File  OTL.Txt   107.85KB   35 downloads
Attached File  Extras.Txt   102.55KB   70 downloads
  • 0

#4
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    SRV - [2012/04/23 16:53:44 | 000,014,336 | ---- | M] (Brand Affinity Technologies) [Auto | Running] -- C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Updater\FantapperUpdater.exe -- (FTSvc)
    SRV - [2011/12/14 14:13:28 | 000,748,440 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
    IE:64bit: - HKLM\..\SearchScopes\{7765B199-C3D8-4B47-AB9D-33588CF0DE3E}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
    IE - HKLM\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    IE - HKLM\..\SearchScopes\{7765B199-C3D8-4B47-AB9D-33588CF0DE3E}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
    IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
    IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/ws...q={searchTerms}
    IE - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\SearchScopes\{7765B199-C3D8-4B47-AB9D-33588CF0DE3E}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
    FF - prefs.js..browser.search.order.1: "Blekko"
    FF - prefs.js..browser.startup.homepage: "http://blekko.com/ws/?source=c3348dd4&toolbarid=blekkotb_031&u=6C09FD0375FB2FD327318B4FEA468E2E&tbp=homepage"
    FF - prefs.js..keyword.URL: "http://blekko.com/ws/?source={SourceID}&tbp=url&toolbarid=blekkotb_031&u=USERGUID&q="
    [2012/07/26 11:54:19 | 000,000,000 | ---D | M] (blekko search bar) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\extensions\{8769adce-dba5-48e9-afb5-67b12cdf2e61}
    [2012/07/05 13:44:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\jetpack\[email protected]
    [2012/07/05 13:49:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\jetpack\[email protected]\simple-storage
    [2011/12/15 22:13:07 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES (X86)\YOUTUBE DOWNLOADER TOOLBAR\FF
    [2012/06/26 16:32:32 | 000,002,134 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\search.xml
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
    O2 - BHO: (blekko search bar) - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll ()
    O2 - BHO: (Fantapper) - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files (x86)\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll ()
    O2 - BHO: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (blekko search bar) - {8769adce-dba5-48e9-afb5-67b12cdf2e61} - C:\Program Files (x86)\blekkotb_031\blekkotb_019X.dll ()
    O3 - HKLM\..\Toolbar: (Vuze Remote Toolbar) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files (x86)\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
    O3 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngin0.dll (Conduit Ltd.)
    O3 - HKU\S-1-5-21-159588428-1301233969-2923844379-1000\..\Toolbar\WebBrowser: (Vuze Remote Toolbar) - {BA14329E-9550-4989-B3F2-9732E92D17CC} - C:\Program Files (x86)\Vuze_Remote\tbVuz0.dll (Conduit Ltd.)
    O4 - HKLM..\Run: [SearchSettings] C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
    [1 C:\Users\Bettie\Documents\*.tmp files -> C:\Users\Bettie\Documents\*.tmp -> ]
    :Services
    
    :Reg
    
    :Files
    ipconfig /flushdns /c
    C:\Program Files (x86)\Brand Affinity Technologies
    C:\Program Files (x86)\Application Updater
    C:\Program Files (x86)\Vuze_Remote
    C:\Program Files (x86)\YouTube Downloader Toolbar
    C:\Program Files (x86)\ConduitEngine
    C:\Program Files (x86)\blekkotb_031
    C:\Program Files (x86)\Common Files\Spigot
    
    :Commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [createrestorepoint]
    [reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done




Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.



Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#5
BadLuckBettie

BadLuckBettie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Here is the ComboFix log:


ComboFix 12-08-20.02 - Bettie 08/20/2012 20:04:47.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4863.3355 [GMT -7:00]
Running from: c:\users\Bettie\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Brand Affinity Technologies
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\ChromeInstaller.dll
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\ChromeInstaller.InstallState
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\Fantapper.crx
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\Fantapper.xpi
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FirefoxInstaller.dll
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FirefoxInstaller.InstallState
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FT_Enabled.ico
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\FT_Plugin_Installer.jpg
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\OpenIE.dll
c:\program files (x86)\Brand Affinity Technologies\Fantapper Player\OpenIE.InstallState
F:\autorun.inf
F:\Setup.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-07-21 to 2012-08-21 )))))))))))))))))))))))))))))))
.
.
2012-08-21 02:32 . 2012-08-21 02:32 -------- d-----w- C:\_OTL
2012-08-17 23:32 . 2012-08-12 22:42 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\breakpadinjector.dll
2012-08-17 23:32 . 2012-08-12 22:42 266720 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\components\browsercomps.dll
2012-08-17 23:32 . 2012-08-12 22:42 18912 ----a-w- c:\program files (x86)\Mozilla Firefox\updated\AccessibleMarshal.dll
2012-08-15 17:37 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll
2012-08-15 17:37 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2012-08-15 17:37 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 17:37 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 17:37 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 17:37 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 17:37 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 17:37 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 17:37 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 17:37 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 17:37 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 17:37 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-06 21:07 . 2012-08-06 21:07 -------- d-----w- c:\program files\7-Zip
2012-08-06 21:03 . 2012-08-19 02:22 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-08-06 19:35 . 2012-08-01 01:19 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-08-06 19:35 . 2012-08-01 01:19 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-07-29 22:50 . 2012-07-29 22:50 -------- d-----w- c:\users\Bettie\AppData\Local\Macromedia
2012-07-29 22:05 . 2012-07-29 22:05 -------- d-----w- c:\program files\iPod
2012-07-29 22:05 . 2012-07-29 22:06 -------- d-----w- c:\program files\iTunes
2012-07-29 22:05 . 2012-07-29 22:06 -------- d-----w- c:\program files (x86)\iTunes
2012-07-29 21:51 . 2012-07-29 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-07-29 21:51 . 2012-07-29 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-07-29 21:51 . 2012-07-29 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-07-29 21:51 . 2012-07-29 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-07-29 21:51 . 2012-07-29 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-07-29 21:51 . 2012-07-29 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-07-29 21:51 . 2012-07-29 21:51 159744 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-07-29 21:50 . 2012-07-29 21:51 -------- d-----w- c:\program files (x86)\QuickTime
2012-07-29 21:43 . 2012-08-15 17:36 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-07-29 21:16 . 2012-08-14 23:48 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-29 21:11 . 2012-07-29 21:11 -------- d-----w- c:\program files (x86)\FileHippo.com
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 06:57 . 2010-09-25 20:29 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-08-14 23:48 . 2011-05-16 16:22 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-22 23:55 . 2012-06-22 23:55 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-09 05:43 . 2012-07-11 05:57 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-07 03:59 . 2012-06-07 03:59 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 05:57 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 05:57 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 05:57 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 05:57 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 05:57 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 05:57 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-21 16:15 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-21 16:16 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-21 16:16 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-21 16:16 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-21 16:15 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-21 16:15 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-21 16:16 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-21 16:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-21 16:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 05:50 . 2012-07-11 05:57 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 05:57 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 05:57 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 05:57 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 05:57 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 05:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 05:57 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 05:57 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 05:57 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-09-23 39408]
"HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-09-28 1715768]
"cdloader"="c:\users\Bettie\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-03 98304]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe" [2009-12-03 3331944]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1675160]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"Anti-phishing Domain Advisor"="c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe" [2012-05-03 217256]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-08 421776]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.189\SSScheduler.exe [2010-9-2 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-14 250056]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-16 183560]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 136176]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.189\McCHSvc.exe [2010-09-02 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-02-22 100912]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-08-19 114144]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-09-23 1255736]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-02-22 289664]
S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [2012-02-22 75936]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-02-02 202752]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2010-02-26 127984]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [2012-01-13 103440]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-28 249936]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-03-20 210584]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-03-20 162192]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-02-02 6366720]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-02-02 186880]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-02-22 65264]
S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-04-09 47616]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-02-22 487296]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-10-19 39480]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-29 23:48]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 04:44]
.
2012-08-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-23 04:44]
.
2012-08-20 c:\windows\Tasks\HPCeeScheduleForBettie.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2012-07-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2010-02-01 23:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-18 568888]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://my.yahoo.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Bettie\AppData\Roaming\Mozilla\Firefox\Profiles\ujz1r6hg.default\
FF - prefs.js: browser.search.selectedEngine - Yahoo
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
AddRemove-blekkotb_031 - c:\program files (x86)\blekkotb_031\uninstall.exe
AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-Vuze_Remote Toolbar - c:\progra~2\VUZE_R~1\UNWISE.EXE
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-159588428-1301233969-2923844379-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-159588428-1301233969-2923844379-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
c:\windows\SysWOW64\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-08-20 21:47:59 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-21 04:47
.
Pre-Run: 327,234,465,792 bytes free
Post-Run: 326,716,600,320 bytes free
.
- - End Of File - - 25B9B75E568DA8E637476734B22E05AD


Everything seems to be running better. I don't have trouble surfing the web anymore.

  • 0

#6
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
There is one final scan I'd like you to perform before I'm calling it clean. :)

Please download Malwarebytes' Anti-Malware

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.
  • 0

#7
BadLuckBettie

BadLuckBettie

    New Member

  • Topic Starter
  • Member
  • Pip
  • 9 posts
Nothing was detected :D

Here's the log:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.30.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Bettie :: FAM_BAM-HP [administrator]

8/30/2012 10:32:41 AM
mbam-log-2012-08-30 (10-32-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 241741
Time elapsed: 5 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#8
Gammo

Gammo

    Trusted Helper

  • Malware Removal
  • 2,299 posts
Your logs appear to be clean now. There is only a bit of cleanup that we will deal with in this post, as well as prevention from future infections. ^_^

Remove Combofix now that we're done with it.
  • Please press the Windows Key and R on your keyboard. This will bring up the Run... command.
  • Now type in Combofix /Uninstall in the runbox and click OK. (Notice the space between the "x" and "/")
    Posted Image
  • Please follow the prompts to uninstall Combofix.
  • You will then recieve a message saying Combofix was uninstalled successfully once it's done uninstalling itself.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • Download OTC to your desktop and run it
  • A list of tool components used in the Cleanup of malware will be downloaded.
  • If your Firewall or Real Time protection attempts to block OTC to reach the Internet, please allow the application to do so.
  • Click Yes to begin the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep a backup of your important files
Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Make proper use of your anti-virus and firewall
You should keep your anti-virus and firewall guard enabled at all times, don't shut them off unless there's a specific reason to do so.

Also, regularly performing a full system scan with your anti-virus program is a good idea to make sure nothing has slipped through your protection. Once every two weeks works well for many people. You can set the scan to run during a time when you don't plan to use the computer and just leave it to complete on its own.

Keep in mind that anti-virus programs are far from perfect. They don't protect you against every piece of malware that's out there, so don't trust them blindly. If an anti-virus reports a file as 'clean' then it's doesn't necessarily has to mean it is.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Keep all your software updated
It is important to keep up on system updates from Microsoft by regularly checking their website at: http://windowsupdate.microsoft.com/, as these patch critical security vulnerabilities and help to keep you safe.

It's also important to keep programs up to date so that malware doesn't exploit any old security flaws. FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Java and Adobe Reader are two of the main security vulnerabilities. You can find the latest version of Java here, you will want the Java SE Runtime Environment (JRE) one. You can find the latest version of Adobe Reader here.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Use a safer web browser
Internet Explorer is not the most secure tool for browsing the web. It has been known to be very susceptible to infection, and there are a couple good free alternatives: Google Chrome and Opera. Both are excellent faster, safer, more powerful and functional free alternatives to Internet Explorer. It's definitely worth the short period of adjustment to start using one of these.

The WOT add-on will nicely help to enhance your security, no matter which web browser you use. This add-on tells you whether the sites you are about to visit are safe or not. A must if you do a lot of Googling.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Some other security programs

It is wise these days to have a few security programs installed and running on your machine except from just an anti-virus and a firewall. I will list some of them.
  • A good anti-spyware program installed on your pc is very important to help remove any spyware that may have gotten on your computer. I highly recommend Malwarebytes' Anti-Malware.
  • MVPS Hosts file replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites in the future.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be careful
Having security programs installed is very helpful to you, but none of them have the gift of human thought. The best way to make sure you don't get infected is to exercise common sense. Be careful of what websites you visit - if a site looks suspicious, trust your instincts and get out of there. Be careful of what attachments you open in emails and files you download from websites - check them over carefully to make sure that you know what you're getting.

Using peer-to-peer programs (eg: LimeWire, BitTorrent, uTorrent, Kazaa) or downloading cracks and keygens is something else to avoid. These are the most common way to get infected. Malware writers use these programs to spread infections as it is the easiest way for them. The majority of infections we see in the Malware Removal forum are due to people using p2p programs to download cracks/keygens/warez. These are not only illegal, but will always contain some form of malware. You have no way of verifying that the things you download are legitimate or that they don't contain malware. Even with an up to date anti-virus and firewall, some of these things will still infect you. It is highly recommend that you uninstall all peer-to-peer programs. It just isn't worth it.

Other common ways of getting infected are dis-reputable sites forcing you to download and install a codec. Or viruses using Instant Messaging programs (Windows Live Messenger, MSN Messenger, AIM) to send a file claiming it to be "photos" from a friend, only for it to turn out to be a virus.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Slow computer?
If your computer begins to slow down in the future for no particular reason, your first step should not be to come to the malware forum. As your computer ages and is used, it's parts wear, files and programs accumulate, and its performance can decrease. To restore your computer's performance to its best possible level, follow the steps in this page written by malware expert Miekiemoes.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'll leave this thread open for a couple days in case you come across any lingering problems that need fixing, then I'll close it up. If you need it reopened for any reason just shoot me a PM. It's been a pleasure working with you, now best of luck!

Cheers,
Gammo :cool:
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP