OTL logfile created on: 9/18/2012 6:19:22 PM - Run 4
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Users\Kimber\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 49.90% Memory free
6.19 Gb Paging File | 4.75 Gb Available in Paging File | 76.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.62 Gb Total Space | 131.24 Gb Free Space | 59.22% Space Free | Partition Type: NTFS
Drive D: | 11.26 Gb Total Space | 1.94 Gb Free Space | 17.20% Space Free | Partition Type: NTFS
Drive F: | 244.63 Mb Total Space | 238.03 Mb Free Space | 97.30% Space Free | Partition Type: FAT
Computer Name: KIMBER-PC | User Name: Kimber | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2012/09/14 22:01:13 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Kimber\Desktop\otl.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/07/26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/03/19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgemcx.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/03/14 11:22:06 | 002,125,472 | ---- | M] (Audible, Inc.) -- C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/08/17 20:26:38 | 000,560,848 | ---- | M] (CrossLoop Inc) -- C:\Users\Kimber\AppData\Local\CrossLoop\CrossLoopService.exe
PRC - [2009/07/09 13:21:14 | 000,078,104 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) -- c:\Program Files\Common Files\Symantec Shared\CCSVCHST.EXE
PRC - [2007/09/05 13:09:54 | 001,620,520 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007/09/05 13:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/08/31 11:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
========== Modules (No Company Name) ========== MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/06/16 07:55:10 | 000,925,696 | ---- | M] () -- C:\Program Files\Yahoo!\Messenger\yui.dll
MOD - [2007/12/19 19:27:04 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2007/09/05 13:03:06 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007/09/05 12:52:04 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
MOD - [2007/08/14 15:43:46 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007/07/12 13:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007/07/12 13:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
========== Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2012/08/14 19:06:02 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/12 10:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/17 20:26:38 | 000,560,848 | ---- | M] (CrossLoop Inc) [Auto | Running] -- C:\Users\Kimber\AppData\Local\CrossLoop\CrossLoopService.exe -- (CrossLoopService)
SRV - [2010/07/21 09:50:26 | 000,814,080 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Users\Kimber\AppData\Local\CrossLoop\tvnserver.exe -- (tvnserver)
SRV - [2009/07/09 13:21:14 | 000,078,104 | ---- | M] (iWin Inc.) [Auto | Running] -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2008/11/09 13:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccSetMgr)
SRV - [2008/10/17 15:52:10 | 000,149,352 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe -- (ccEvtMgr)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/08/31 11:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/08/23 12:35:00 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/03/05 10:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Kimber\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Kimber\AppData\Local\Temp\aswMBR.sys -- (aswMBR)
DRV - [2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/07/26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2009/10/03 06:02:06 | 009,905,096 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/08/09 21:31:55 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/05/21 11:16:05 | 000,124,464 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/02/19 13:31:42 | 000,024,112 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/02/19 13:31:16 | 000,184,496 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\symtdi.sys -- (SYMTDI)
DRV - [2009/02/19 13:31:16 | 000,022,320 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\symredrv.sys -- (SYMREDRV)
DRV - [2008/11/17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2008/07/10 03:49:14 | 000,242,712 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0102.sys -- (RsFx0102)
DRV - [2008/03/04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/01/20 19:23:21 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/10/01 08:35:52 | 000,183,352 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/08/08 20:42:08 | 000,045,568 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/07/30 11:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 10:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/11 10:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/28 08:09:56 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/04/18 05:03:26 | 000,141,312 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2006/11/02 00:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm60x32.sys -- (NVENETFD)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...rch/search.htmlIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://us.rd.yahoo.c...rch/search.htmlIE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{31622B41-A0EC-4BB0-885C-1FEB4B1054FD}: "URL" =
http://www.ask.com/w...}&l=dis&o=ushpdIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\..\SearchScopes\{B34D129D-F8F5-4C25-823E-D345223838C1}: "URL" =
http://search.yahoo....ing}&fr=hp-pvdt IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes\{CDE121E1-3587-47E7-9356-31142E4ADC36}: "URL" =
http://websearch.ask...E-2DE2D19619EFIE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\..\SearchScopes\{CDE121E1-3587-47E7-9356-31142E4ADC36}: "URL" =
http://websearch.ask...E-2DE2D19619EFIE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
https://www.google.com/accounts/Se [Binary data over 200 bytes]
IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/?fr=fptb-hptb6IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" =
http://www.offos.com...=t&rls=SpU4Dc71IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" =
http://search.yahoo....p={searchTerms}IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:1.6.0.20080712
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..browser.search.selectedEngine: "Yahoo!"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Kimber\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kimber\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kimber\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kimber\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2007/04/26 13:07:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/07/02 18:36:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Users\Kimber\AppData\Roaming\Move Networks [2009/11/26 21:34:14 | 000,000,000 | ---D | M]
[2008/09/09 18:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kimber\AppData\Roaming\Mozilla\Extensions
[2012/09/17 20:48:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kimber\AppData\Roaming\Mozilla\Firefox\Profiles\1xk65svd.default\extensions
[2009/01/26 16:26:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2009/01/26 16:26:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{463F6CA5-EE3C-4BE1-B7E6-7FEE11953374}
========== Chrome ========== CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kimber\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kimber\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kimber\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kimber\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Kimber\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Kimber\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Kimber\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: AVG Safe Search = C:\Users\Kimber\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: AVG Do Not Track = C:\Users\Kimber\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
O1 HOSTS File: ([2010/11/06 17:44:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll File not found
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1125.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\..\Toolbar\WebBrowser: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ccApp] c:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000..\Run: [MobileDocuments] C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-2130653408-2093767854-1150711463-1000\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Dream%20Day%20Wedding%202%20-%20Married%20in%20Manhattan/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
http://download.bitd...can8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5}
http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968}
http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Dream%20Day%20Wedding%202%20-%20Married%20in%20Manhattan/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{68288BB9-830C-48D4-8DCE-2D724A906ECB}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img19.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/01 05:39:03 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 08:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ========== [2012/09/18 07:44:11 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/09/18 07:44:11 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/09/18 07:44:11 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/09/17 21:35:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/09/17 21:35:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/09/17 20:46:09 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Kimber\Desktop\aswMBR.exe
[2012/09/14 22:01:38 | 000,599,552 | ---- | C] (OldTimer Tools) -- C:\Users\Kimber\Desktop\otl.exe
[2012/08/31 23:54:32 | 000,000,000 | ---D | C] -- C:\Users\Kimber\Documents\Arias Series
[2012/08/24 15:43:18 | 000,301,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012/08/21 13:44:07 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012/08/21 13:44:04 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012/08/21 13:44:03 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012/08/21 13:44:02 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012/08/21 13:44:01 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012/08/21 13:44:00 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012/08/21 13:43:59 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012/08/21 13:42:58 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012/08/20 13:33:38 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2009/03/29 14:19:26 | 006,638,504 | ---- | C] (Opera Software ASA) -- C:\Users\Kimber\o100a1_1139m.exe
========== Files - Modified Within 30 Days ========== [2012/09/18 18:30:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/18 18:17:48 | 095,212,345 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/09/18 18:16:27 | 000,363,135 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/09/18 18:15:03 | 000,064,382 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/09/18 18:15:02 | 000,064,382 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/09/18 18:14:52 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130653408-2093767854-1150711463-1000UA.job
[2012/09/18 18:14:52 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/18 18:14:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/18 18:14:48 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130653408-2093767854-1150711463-1001UA.job
[2012/09/18 07:48:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130653408-2093767854-1150711463-1000Core.job
[2012/09/17 22:19:10 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/17 22:19:08 | 000,000,844 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2130653408-2093767854-1150711463-1001Core.job
[2012/09/17 21:35:28 | 000,001,878 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012/09/17 20:59:11 | 000,000,466 | ---- | M] () -- C:\Windows\tasks\SDMsgUpdate (TE).job
[2012/09/17 20:55:17 | 000,000,579 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2012/09/17 20:52:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 20:52:18 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 20:52:07 | 3219,513,344 | -HS- | M] () -- C:\hiberfil.sys
[2012/09/17 20:50:55 | 000,001,076 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/09/17 20:49:10 | 000,660,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/17 20:49:10 | 000,125,752 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/17 20:43:10 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Kimber\Desktop\aswMBR.exe
[2012/09/17 20:42:06 | 000,512,737 | ---- | M] () -- C:\Users\Kimber\Desktop\adwcleaner.exe
[2012/09/14 22:01:13 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Users\Kimber\Desktop\otl.exe
[2012/09/10 00:11:11 | 000,167,127 | ---- | M] () -- C:\Users\Kimber\Desktop\183321_397262180328446_1039119916_n.jpg
[2012/09/08 14:50:21 | 000,031,124 | ---- | M] () -- C:\Users\Kimber\AppData\Roaming\wklnhst.dat
[2012/09/05 16:49:39 | 000,000,371 | ---- | M] () -- C:\Users\Kimber\Documents\Pictures - Shortcut.lnk
[2012/09/05 09:12:09 | 000,000,680 | ---- | M] () -- C:\Users\Kimber\AppData\Local\d3d9caps.dat
[2012/09/03 14:05:02 | 000,002,047 | ---- | M] () -- C:\Users\Kimber\Desktop\Google Chrome.lnk
[2012/09/03 14:05:02 | 000,002,009 | ---- | M] () -- C:\Users\Kimber\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/28 20:24:56 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll
[2012/08/28 20:24:53 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2012/08/28 20:10:12 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2012/08/28 20:10:07 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2012/08/28 20:09:57 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012/08/21 17:56:57 | 000,306,800 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/08/20 17:39:41 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForKimber.job
========== Files Created - No Company Name ========== [2012/09/17 20:46:09 | 000,512,737 | ---- | C] () -- C:\Users\Kimber\Desktop\adwcleaner.exe
[2012/09/10 00:11:18 | 000,167,127 | ---- | C] () -- C:\Users\Kimber\Desktop\183321_397262180328446_1039119916_n.jpg
[2012/09/05 16:49:39 | 000,000,371 | ---- | C] () -- C:\Users\Kimber\Documents\Pictures - Shortcut.lnk
[2010/11/06 17:30:26 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010/11/06 17:30:26 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010/11/06 17:30:26 | 000,088,576 | ---- | C] () -- C:\Windows\MBR.exe
[2010/11/06 17:30:26 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010/11/06 17:30:26 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010/08/16 21:28:26 | 000,000,120 | ---- | C] () -- C:\Users\Kimber\webct_upload_applet.properties
[2010/07/17 08:12:41 | 000,064,382 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010/07/17 08:12:41 | 000,064,382 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010/03/26 20:08:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2008/09/21 19:29:40 | 000,000,680 | ---- | C] () -- C:\Users\Kimber\AppData\Local\d3d9caps.dat
[2008/09/10 09:20:29 | 000,023,552 | ---- | C] () -- C:\Users\Kimber\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/09/08 22:40:54 | 000,027,430 | ---- | C] () -- C:\Users\Kimber\AppData\Roaming\nvModes.001
[2008/09/08 22:37:49 | 000,027,430 | ---- | C] () -- C:\Users\Kimber\AppData\Roaming\nvModes.dat
[2008/09/08 21:19:58 | 000,031,124 | ---- | C] () -- C:\Users\Kimber\AppData\Roaming\wklnhst.dat
========== LOP Check ========== [2009/01/04 19:12:00 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\SmartDraw
[2009/01/25 13:08:17 | 000,000,000 | ---D | M] -- C:\Users\Guest\AppData\Roaming\Template
[2009/04/29 15:04:29 | 000,000,000 | ---D | M] -- C:\Users\JD\AppData\Roaming\Any Video Converter Professional
[2009/11/09 21:41:28 | 000,000,000 | ---D | M] -- C:\Users\JD\AppData\Roaming\MechCAD
[2008/09/09 18:07:13 | 000,000,000 | ---D | M] -- C:\Users\JD\AppData\Roaming\SystemGadgets
[2008/10/29 15:22:53 | 000,000,000 | ---D | M] -- C:\Users\JD\AppData\Roaming\Template
[2009/08/25 12:35:18 | 000,000,000 | ---D | M] -- C:\Users\JD\AppData\Roaming\WildTangent
[2010/11/27 18:21:34 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\.minecraft
[2008/10/08 14:44:25 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\7Wonders
[2009/11/13 19:51:17 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\Amazon
[2011/10/02 12:29:52 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\AVG2012
[2008/09/10 23:38:59 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\funkitron
[2011/07/19 13:33:36 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\GetRightToGo
[2011/02/17 21:28:15 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\Oberon Media
[2009/03/29 14:21:48 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\Opera
[2009/03/14 12:25:51 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\PlayFirst
[2009/08/17 21:14:50 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\Printer Info Cache
[2008/09/22 20:08:42 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\SmartDraw
[2009/08/30 17:45:17 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\SpinTop
[2008/09/12 09:20:31 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\Template
[2010/08/23 16:12:36 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\Wal-Mart Digital Photo Manager
[2009/08/17 21:24:32 | 000,000,000 | ---D | M] -- C:\Users\Kimber\AppData\Roaming\Wal-Mart Digital Photo Viewer
[2012/09/17 20:50:54 | 000,032,604 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/09/17 20:59:11 | 000,000,466 | ---- | M] () -- C:\Windows\Tasks\SDMsgUpdate (TE).job
[2011/03/09 14:24:07 | 000,000,420 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{560A41E0-A69E-445A-9440-DAE78A604BD2}.job
[2010/12/19 04:25:59 | 000,000,412 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{E9F57957-7A88-4B53-B80B-7958CC003690}.job
========== Purity Check ========== ========== Custom Scans ========== ========== Base Services ==========SRV - [2006/11/02 02:46:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\aelupsvc.dll -- (AeLookupSvc)
SRV - [2008/01/20 19:24:17 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\appinfo.dll -- (Appinfo)
SRV - [2008/01/20 19:24:14 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\alg.exe -- (ALG)
SRV - [2009/04/10 23:28:23 | 000,758,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\qmgr.dll -- (BITS)
SRV - [2009/04/10 23:28:18 | 000,334,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\BFE.DLL -- (BFE)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\lsass.exe -- (KeyIso)
SRV - [2009/04/10 23:28:19 | 000,268,800 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\es.dll -- (EventSystem)
SRV - [2008/01/20 19:24:36 | 000,081,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\browser.dll -- (Browser)
SRV - [2012/04/23 09:00:53 | 000,133,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\cryptsvc.dll -- (CryptSvc)
SRV - [2009/04/10 23:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (DcomLaunch)
SRV - [2009/04/10 23:28:18 | 000,204,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcsvc.dll -- (Dhcp)
SRV - [2011/03/02 08:44:27 | 000,086,528 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dnsrslvr.dll -- (Dnscache)
SRV - [2008/01/20 19:25:01 | 000,057,344 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\eapsvc.dll -- (EapHost)
SRV - [2009/04/10 23:28:19 | 000,026,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\hidserv.dll -- (hidserv)
SRV - [2008/01/20 19:24:09 | 000,288,256 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\ipnathlp.dll -- (SharedAccess)
SRV - [2009/04/10 23:28:20 | 000,364,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV - [2009/04/10 23:28:24 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\swprv.dll -- (swprv)
SRV - [2008/01/20 19:24:54 | 000,045,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\mmcss.dll -- (MMCSS)
SRV - [2008/01/20 19:24:11 | 000,274,432 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\netman.dll -- (Netman)
SRV - [2008/01/20 19:24:23 | 000,237,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\netprofm.dll -- (netprofm)
SRV - [2008/01/20 19:23:44 | 000,168,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nlasvc.dll -- (NlaSvc)
SRV - [2008/01/20 19:24:47 | 000,018,432 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\nsisvc.dll -- (nsi)
SRV - [2009/04/10 23:28:25 | 000,222,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpnpmgr.dll -- (PlugPlay)
SRV - [2010/08/17 07:11:37 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\spoolsv.exe -- (Spooler)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\lsass.exe -- (ProtectedStorage)
SRV - [2009/04/10 23:28:19 | 000,564,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\emdmgmt.dll -- (EMDMgmt)
SRV - [2008/01/20 19:24:19 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\rasauto.dll -- (RasAuto)
SRV - [2009/04/10 23:28:24 | 000,262,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\rasmans.dll -- (RasMan)
SRV - [2009/04/10 23:28:24 | 000,550,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\rpcss.dll -- (RpcSs)
SRV - [2008/01/20 19:24:35 | 000,019,968 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\seclogon.dll -- (seclogon)
SRV - [2011/11/16 07:12:25 | 000,009,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\lsass.exe -- (SamSs)
SRV - [2009/04/10 23:28:26 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wscsvc.dll -- (wscsvc)
SRV - [2010/09/06 09:20:29 | 000,125,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\srvsvc.dll -- (LanmanServer)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/04/10 23:27:49 | 003,408,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\SLsvc.exe -- (slsvc)
SRV - [2010/11/04 11:55:12 | 000,601,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\schedsvc.dll -- (Schedule)
SRV - [2009/04/10 23:28:24 | 000,242,688 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\tapisrv.dll -- (TapiSrv)
SRV - [2009/07/10 04:47:42 | 000,247,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\shsvcs.dll -- (Themes)
SRV - [2009/04/10 23:28:23 | 000,153,088 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\profsvc.dll -- (ProfSvc)
SRV - [2009/04/10 23:28:10 | 001,055,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\VSSVC.exe -- (VSS)
SRV - [2009/04/10 23:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (Audiosrv)
SRV - [2009/04/10 23:28:18 | 000,315,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\audiosrv.dll -- (AudioEndpointBuilder)
SRV - [2008/01/20 19:23:27 | 000,104,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sdrsvc.dll -- (SDRSVC)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/04/10 23:28:25 | 001,017,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wevtsvc.dll -- (Eventlog)
SRV - [2009/04/10 23:28:20 | 000,407,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\MPSSVC.dll -- (MpsSvc)
SRV - [2009/04/10 23:28:25 | 000,453,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wiaservc.dll -- (stisvc)
SRV - [2009/04/10 23:27:45 | 000,073,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\msiexec.exe -- (msiserver)
SRV - [2009/04/10 23:28:25 | 000,162,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wbem\WMIsvc.dll -- (Winmgmt)
SRV - [2012/06/02 15:19:17 | 001,933,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wuaueng.dll -- (wuauserv)
SRV - [2009/04/10 23:28:18 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\dot3svc.dll -- (dot3svc)
SRV - [2009/07/11 12:01:42 | 000,513,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wlansvc.dll -- (Wlansvc)
SRV - [2009/06/10 04:42:23 | 000,160,256 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\wkssvc.dll -- (LanmanWorkstation)
< %SYSTEMDRIVE%\*.exe >[2009/03/29 14:33:12 | 025,492,336 | ---- | M] (Microsoft Corporation) -- C:\IE8-WindowsVista-x64-ENU.exe
[2009/03/29 14:34:41 | 013,944,160 | ---- | M] (Microsoft Corporation) -- C:\IE8-WindowsVista-x86-ENU11.exe
< MD5 for: EXPLORER.EXE >[2008/10/28 23:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/28 23:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 20:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 19:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 19:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SERVICES >[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\System32\drivers\etc\services
[2006/09/18 14:41:30 | 000,017,244 | ---- | M] () MD5=9F534244B7F8F55D5C0BB498D8D481E7 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\services
< MD5 for: SERVICES.EXE >[2008/01/20 19:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\ERDNT\cache\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\System32\services.exe
[2009/04/10 23:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SERVICES.EXE.MUI >[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\System32\en-US\services.exe.mui
[2006/11/02 05:40:53 | 000,017,920 | ---- | M] (Microsoft Corporation) MD5=1626EACF0E7E59F85C59DDDD27C4169C -- C:\Windows\winsxs\x86_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.0.6000.16386_en-us_67c6851b290a1ced\services.exe.mui
< MD5 for: SERVICES.ICO >[2005/12/14 16:21:08 | 000,007,318 | ---- | M] () MD5=9443DA63ACDF55D7D153D6B22E40722E -- C:\Program Files\Yahoo!\Common\Icons\services.ico
< MD5 for: SERVICES.LNK >[2008/01/20 19:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2008/01/20 19:42:58 | 000,001,688 | ---- | M] () MD5=C50AE46E57C3F3FB61A3B3A1E5D9C412 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
< MD5 for: SERVICES.MOCHIADS.COM.SOL >[2011/07/30 22:11:12 | 000,000,374 | ---- | M] () MD5=9BDB31B8F98AA3D6E31447FC921325F0 -- C:\Users\Kimber\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\TNW75VGP\mochiads.com\services.mochiads.com.sol
< MD5 for: SERVICES.MOF >[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\System32\wbem\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.mof
[2006/09/18 14:46:11 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.mof
< MD5 for: SERVICES.MSC >[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\en-US\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\System32\services.msc
[2006/11/02 05:41:29 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.0.6000.16386_en-us_a2085506ff73b6e0\services.msc
[2006/09/18 14:29:40 | 000,092,745 | ---- | M] () MD5=7A1D35F59468B8118AF5B8E21DF78AE2 -- C:\Windows\winsxs\x86_microsoft-windows-servicessnapin_31bf3856ad364e35_6.0.6001.18000_none_cf63e2a445bae4e3\services.msc
< MD5 for: SVCHOST.EXE >[2008/01/20 19:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/20 19:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 19:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/20 19:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/20 19:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 19:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/10 23:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 19:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
========== Alternate Data Streams ========== @Alternate Data Stream - 210 bytes -> C:\ProgramData\TEMP:8530A643
@Alternate Data Stream - 136 bytes -> C:\ProgramData\TEMP:E1982A23
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:1681A352
< End of report >
OTL Extras logfile created on: 9/18/2012 6:19:22 PM - Run 4
OTL by OldTimer - Version 3.2.61.4 Folder = C:\Users\Kimber\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.00 Gb Total Physical Memory | 1.50 Gb Available Physical Memory | 49.90% Memory free
6.19 Gb Paging File | 4.75 Gb Available in Paging File | 76.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 221.62 Gb Total Space | 131.24 Gb Free Space | 59.22% Space Free | Partition Type: NTFS
Drive D: | 11.26 Gb Total Space | 1.94 Gb Free Space | 17.20% Space Free | Partition Type: NTFS
Drive F: | 244.63 Mb Total Space | 238.03 Mb Free Space | 97.30% Space Free | Partition Type: FAT
Computer Name: KIMBER-PC | User Name: Kimber | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2130653408-2093767854-1150711463-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1"
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05B92789-A000-4E72-8CF0-B1E8C0AE52F2}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{06A437B4-A7EC-4F26-BC9C-A4E54542B0C5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0B5C25BC-C664-4324-A240-008E15F6E6FC}" = lport=137 | protocol=17 | dir=in | app=system |
"{0C8D87E1-9CEE-4679-944E-4C65EB216261}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2EAE4D01-0D76-4B27-8872-047DCF1A7AC7}" = lport=138 | protocol=17 | dir=in | app=system |
"{3A242ADD-10F1-4D12-9A8C-50CEEE0AFE9D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3A7988AA-003F-409E-B8C9-C1A6F0569986}" = rport=138 | protocol=17 | dir=out | app=system |
"{3CC4DE24-CC16-43D2-B15E-0D9D1A0B1BB4}" = rport=137 | protocol=17 | dir=out | app=system |
"{4D6BADBD-6971-47BD-8002-DDFEA5E57349}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{74322D44-ADFA-464A-B3B2-BA832B794C57}" = rport=445 | protocol=6 | dir=out | app=system |
"{7A1DAD65-C80E-4EC6-B2DB-1C67B6AAD6B3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7C645E20-56B5-4ED6-B2ED-87E6BC4A1BB1}" = lport=445 | protocol=6 | dir=in | app=system |
"{83B45CBA-3A2D-445C-AB27-E3C2DEED57ED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8BA8F53D-8183-464E-9CD8-CC5C7EF5424D}" = lport=139 | protocol=6 | dir=in | app=system |
"{A8648E91-AB64-41A6-89EB-956D6573D719}" = rport=139 | protocol=6 | dir=out | app=system |
"{AAC9DE11-D26C-4A37-9117-0CBEB0F218FE}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BA5DD262-AF91-4DA3-87FE-177A32309F9D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C872813A-B6AA-4728-9A0F-F48E4B992C5F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D1F07E92-C9A3-4105-A792-62562C3F1D25}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdater.exe |
"{E3676E68-15D3-4B2A-AB28-0B912830599A}" = rport=80 | protocol=6 | dir=out | app=c:\program files\common files\intuit\update service\intuitupdateservice.exe |
"{FD04F282-26E1-437F-B99E-9A172C5B64ED}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04547EFA-675B-4BD5-A988-BDA781EDB21C}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{049327BA-9533-42B8-B718-96E1E59285A6}" = protocol=6 | dir=in | app=c:\users\kimber\appdata\local\crossloop\vncviewer.exe |
"{05AD8750-94EB-463D-A25E-7EE28CB953A5}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{094A716D-DA8A-4F64-8082-CC5DD2C6E65B}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{09E965DB-96F1-4E41-BCC1-ED83E569F63B}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{09F340CC-4A07-4213-8349-CE574D52F31D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0C0C7EAA-1F5B-423C-B2A8-EC92F4A68488}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{11164B1D-9A7A-4DBF-A928-9FEF74129F35}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{1772E57D-7BDE-4895-A055-C620C863DD1F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{17ACCDC1-72DA-481F-B912-389A5D0DDBD1}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{1A7E4C56-76D9-4E55-B68A-01FC41CF88CD}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{1B3E6369-86FC-4904-A570-69AA94644ADF}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{1C08E569-EBCA-4EB8-B9C7-F79E413598ED}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{1D02B1D5-9CAC-4574-9BB6-6BFB058EBD1B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1D8993D3-E030-4F79-81F5-852B437B4B79}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D8E84FC-5D6D-4ED5-A3FA-D27056FC93F1}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{1E9DF8DA-0953-4A7A-A6D8-58F093DBB197}" = protocol=17 | dir=in | app=c:\users\kimber\appdata\local\crossloop\tvnserver.exe |
"{2565EB14-A535-4430-A93D-DFEDA0327610}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{282CED0F-2250-45C3-B41C-0D12F76B5F79}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{2D7F1541-A78F-4C44-9CF5-7268C5EB5A6E}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{30AB5378-DC2A-4B16-991F-3C87243E42D8}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{3214C665-A285-4FAE-86D2-C983B4B9932D}" = protocol=1 | dir=in |
[email protected],-28543 |
"{3406C9B1-99CA-4692-A137-AD48B99A94F2}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yserver.exe |
"{396F5C4D-92D7-4022-9457-94987594E8FA}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{3CE88B61-188D-4C04-9A5C-1BBB3FC9B72A}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{3F3A698B-C8EB-430A-B805-671D6C3E7CF5}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{457B20F7-1BF9-41B7-8C62-06BA830528E2}" = protocol=58 | dir=out |
[email protected],-28546 |
"{4646B22F-014E-4A6D-98D7-9356E20A1D18}" = protocol=6 | dir=out | app=system |
"{4C5F4E69-8D7F-48C4-BF99-E6656B928079}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5993D86E-26DE-406F-B34F-DE229D69958A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{5A732204-1D3E-4168-925E-CC877E9B7601}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
"{5D75D3C0-8954-4195-89E6-78D07E39DAD1}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{6394F8CD-3B3D-418B-A30F-E5E8676C5B61}" = protocol=1 | dir=out |
[email protected],-28544 |
"{6449CCCC-3F75-4149-8867-9E6C9724AB0B}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{6711B49F-1E25-4EE5-BF9E-47D1630B89D8}" = protocol=58 | dir=in |
[email protected],-28545 |
"{701E6551-40D8-46DA-8497-B88E42BF2F82}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75485D74-8631-4411-B932-8C87BE13C1C9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{78B0F3AC-CA48-482E-AB30-6CEA3F821DE2}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{7AA734D7-1234-4BF0-962C-86EBE6857CF3}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
"{7AD026E7-76CA-419F-B205-09AC94959E50}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{7E5B0C39-E54C-4579-9AE3-4D804B36137C}" = protocol=6 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{86568C92-4606-4564-A003-48C6B20982A2}" = protocol=17 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{96D9F032-B503-4ABD-99DB-24D30514DE3E}" = protocol=17 | dir=in | app=c:\users\kimber\appdata\local\crossloop\vncviewer.exe |
"{98A3C5D8-9D07-4993-B86E-C9E86552C6F0}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{98DA81CF-1827-46CC-B72C-6B58BF8D9B98}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{9D41AB8B-EA94-4070-B17B-8A20FDCBBE64}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{A3B7BD0B-9593-460E-B314-E2FD8712E7F2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{AF23F2CE-2124-4456-AE2A-C1F82F31C6C1}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{BDBDED1C-D472-4A51-93BA-AC8B54772748}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{BECA6FD5-6DCA-499F-B75E-ACCECF75A6A1}" = protocol=6 | dir=in | app=c:\users\kimber\appdata\local\crossloop\tvnserver.exe |
"{C1451909-CE20-4CC9-9E2C-DB80333C3D18}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C4A16791-98A5-4538-9279-1B5F2C1C594A}" = protocol=17 | dir=in | app=c:\program files\iwin games\webupdater.exe |
"{CAFC9794-13AB-440A-A96B-935625A2ACFD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DEE1C6D0-B657-4802-9657-67F6B4C7EE74}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{E0606F61-47D8-430D-B14B-E856174EE3D8}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
"{E12B350E-C4C6-497B-B394-FE2CB8B3CDA9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E4E2563B-381B-4698-A462-B432CE359AA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EA32ACC6-6D97-4A39-9004-D5C1C2EE684F}" = protocol=6 | dir=in | app=c:\program files\iwin games\iwingames.exe |
"{F2DE7968-1894-4707-B4E1-0D3F3C2C52C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3C2C815-0848-49AD-B8AF-14E6DC8AEF64}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F7D396C8-E0D8-49D2-A3EB-E68C13797DF0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{FA539501-DFE7-45DB-8328-2F17DACC1B71}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
"{FE6F4A75-65D5-499C-A7FE-29C69B202566}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{FF75EFF8-8C8A-491B-B568-CAC3270BD30B}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"TCP Query User{16DAA0EB-FC82-47B3-BB39-72717CDE3B20}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{22C5571A-A01B-4FE2-8EA8-196F712802B6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{29962AD8-30E9-433E-B5B1-67EB7EDD1E3D}C:\program files\gamehouse\solitaire2\ghsol2.exe" = protocol=6 | dir=in | app=c:\program files\gamehouse\solitaire2\ghsol2.exe |
"TCP Query User{44A7FE47-531E-4BB6-8A19-C918F8EAB7EE}C:\program files\gamehouse\solitaire2\ghsol2.exe" = protocol=6 | dir=in | app=c:\program files\gamehouse\solitaire2\ghsol2.exe |
"TCP Query User{499E6E15-674A-4A9C-AD46-99C29BBDED50}C:\users\kimber\appdata\local\crossloop\crossloopconnect.exe" = protocol=6 | dir=in | app=c:\users\kimber\appdata\local\crossloop\crossloopconnect.exe |
"TCP Query User{D35ECD94-A29C-4E4A-90EB-6EB9322C0B48}C:\users\kimber\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\kimber\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{F24C3355-EF83-4102-A18D-B7AE8DB609B9}C:\program files\imovicha\imovicha.exe" = protocol=6 | dir=in | app=c:\program files\imovicha\imovicha.exe |
"UDP Query User{1885F803-92C1-4A9F-8D16-D6F33F577FE2}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{9F0B8918-F379-421D-8469-F5ADDA72D142}C:\users\kimber\appdata\local\crossloop\crossloopconnect.exe" = protocol=17 | dir=in | app=c:\users\kimber\appdata\local\crossloop\crossloopconnect.exe |
"UDP Query User{B5FE98F0-5E20-4575-8A25-D69B1B19B04E}C:\users\kimber\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\kimber\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{C4F83B7E-F082-49BD-BC61-11B3081F2FEB}C:\program files\gamehouse\solitaire2\ghsol2.exe" = protocol=17 | dir=in | app=c:\program files\gamehouse\solitaire2\ghsol2.exe |
"UDP Query User{C76A9ED6-8A9E-41C1-A151-E41F7B0B246B}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{D64CF791-7321-469A-B87D-7488F230509D}C:\program files\gamehouse\solitaire2\ghsol2.exe" = protocol=17 | dir=in | app=c:\program files\gamehouse\solitaire2\ghsol2.exe |
"UDP Query User{E69157F0-998A-4FF0-8D27-6C7528739E8B}C:\program files\imovicha\imovicha.exe" = protocol=17 | dir=in | app=c:\program files\imovicha\imovicha.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}" = OpenOffice.org Installer 1.0
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{162d74e4-7d6d-4949-8018-50e96e314696}" = C6200_Help
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1B6863DA-76B6-4878-A334-AD711469B20C}" = SymNet
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{26A24AE4-039D-4CA4-87B4-2F83216034FF}" = Java 6 Update 35
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{31216452-5540-4C96-B754-94890A63D5AB}" = HP Help and Support
"{31478BE1-CDE5-4753-A8B2-F6D4BC1FBE09}" = Component Framework
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{38580E5E-AF78-4536-AD1E-6A62661372C5}" = AVG 2012
"{38EAC694-0D90-445F-8C17-8B50ADFE3162}" = Slingbox Flash Tour
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40ABE28B-26C4-4A93-84B2-4B5BEB5E4ABB}" = Meet Your Computer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{423CF09F-11C9-410E-9B1A-31E087CED383}" = Opera 10.00
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.52.02
"{5ABB5D02-BBAA-41D4-BDED-A52DB89A2D2F}" = Wal-Mart Digital Photo Manager
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3}" = HP_Network_UserGuide
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7BAA7D05-A4D1-44EC-9CFE-566AB43AE75D}_is1" = iMovicha
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110491263}" = Aloha Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113494430}" = Wedding Dash
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{87FF0E39-8490-4EB4-A557-FF12F712EF7E}" = TurboTax 2010 wcaiper
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{98177940-C048-4831-A279-F3888B1E2C7F}" = InstallMgr
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9D6D76A6-4328-49E8-97A7-531A74841DA5}" = Microsoft SQL Server 2008 Setup Support Files (English)
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Touch Pad Driver
"{9FC18E06-247F-4878-BCC6-A8850F980975}" = muvee autoProducer 6.1
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A8AC89BA-D8CB-4372-9743-1C54D23286B0}" = MSN Toolbar
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B24E05CC-46FF-4787-BBB8-5CD516AFB118}" = ccCommon
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B53620C0-3A83-4F50-A7AB-175DB64C1CE3}" = HP User Guides 0090
"{B69C390B-826F-473C-86EB-7AD4950818C3}" = AVG 2012
"{B6EF6DCE-078E-4952-A7FA-352A9C349EB0}" = MSN Toolbar
"{B7148D71-0A8F-4501-96B4-4E1CC67F874E}" = Microsoft Default Manager
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BCE72AED-3332-4863-9567-C5DCB9052CA2}" = Netflix Movie Viewer
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C73CA646-73B3-4AEF-A136-C37505745174}" = iTunes
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{D9D937B0-E842-4130-9588-B948E876904A}" = Microsoft SQL Server 2008 Native Client
"{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}" = iCloud
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F1DC7648-8623-442F-92B7-E118DF61872E}" = Microsoft SQL Server 2008 RsFx Driver
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network
"{FE54D686-ACC0-42db-A46B-987A5B6D8325}" = C6200
"AceMoney Lite_is1" = AceMoney Lite
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_6" = AIM 6
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10
"AudibleDownloadManager" = Audible Download Manager
"AudibleManager" = AudibleManager
"AVG" = AVG 2012
"BlueVoda_Website_Builder_1.0" = BlueVoda Website Builder 10.2
"Cake Mania 3" = Cake Mania 3 (remove only)
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"CrossLoop_is1" = CrossLoop 2.74
"Diner Dash - Flo on the Go" = Diner Dash - Flo on the Go
"Diner Dash Flo Through Time" = Diner Dash Flo Through Time (remove only)
"Dream Day Wedding_is1" = Dream Day Wedding
"ESET Online Scanner" = ESET Online Scanner v3
"Hamachi" = Hamachi 1.0.2.5
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"iWinArcade" = iWin Games (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"NVIDIA Drivers" = NVIDIA Drivers
"Parking Dash" = Parking Dash (remove only)
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RealArcade" = RealArcade
"Shop for HP Supplies" = Shop for HP Supplies
"SlingMedia.QPSlingPlayer_is1" = QuickPlay SlingPlayer 0.4.6
"SymSetup.{C1C185CA-C531-49F5-A6FA-B838405A049D}" = Norton Internet Security (Symantec Corporation)
"Text Twist 2" = Text Twist 2
"Tradewinds 2™" = Tradewinds 2™
"TurboTax 2010" = TurboTax 2010
"Wedding Dash 2_is1" = Wedding Dash 2
"WildTangent hp Master Uninstall" = My HP Games
"WildTangent wildgames Master Uninstall" = WildTangent Games
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager
"Zoo Tycoon 1.0" = Zoo Tycoon: Complete Collection
"Zoombinis Logical Journey" = Zoombinis Logical Journey
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2130653408-2093767854-1150711463-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Media Player" = Move Media Player
"SmartDraw 2009" = SmartDraw 2009
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 9/18/2012 9:14:49 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 9/18/2012 9:14:49 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 36837967
Error - 9/18/2012 9:14:49 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 36837967
Error - 9/18/2012 9:14:53 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 9/18/2012 9:14:53 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 36841648
Error - 9/18/2012 9:14:53 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 36841648
Error - 9/18/2012 9:14:55 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 9/18/2012 9:14:55 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 36843864
Error - 9/18/2012 9:14:55 PM | Computer Name = Kimber-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 36843864
Error - 9/18/2012 9:29:43 PM | Computer Name = Kimber-PC | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Informasjonsnivĺ: error Initialization of the COM subsystem failed.
Error code: 0x80004005.
[ Media Center Events ]
Error - 2/28/2009 2:36:59 PM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 3/18/2009 9:44:10 PM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 4/10/2009 12:25:55 AM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/7/2009 4:35:27 PM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/21/2009 12:27:26 AM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 10/21/2009 11:48:15 PM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 11/11/2009 10:23:47 PM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = Failed to wait on MCUpdate mutex with exception: 'The wait completed
due to an abandoned mutex.'.
Error - 12/4/2009 6:48:55 PM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
Error - 2/18/2010 2:26:14 PM | Computer Name = Kimber-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.
[ System Events ]
Error - 12/30/2008 1:34:33 PM | Computer Name = Kimber-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/30/2008 9:37:50 PM | Computer Name = Kimber-PC | Source = DCOM | ID = 10000
Description =
Error - 12/31/2008 12:31:29 AM | Computer Name = Kimber-PC | Source = HTTP | ID = 15016
Description =
Error - 12/31/2008 12:32:10 AM | Computer Name = Kimber-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/31/2008 1:48:27 PM | Computer Name = Kimber-PC | Source = HTTP | ID = 15016
Description =
Error - 12/31/2008 1:49:14 PM | Computer Name = Kimber-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 12/31/2008 3:49:18 PM | Computer Name = Kimber-PC | Source = HTTP | ID = 15016
Description =
Error - 12/31/2008 3:50:29 PM | Computer Name = Kimber-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 1/1/2009 4:47:18 AM | Computer Name = Kimber-PC | Source = HTTP | ID = 15016
Description =
Error - 1/1/2009 4:48:53 AM | Computer Name = Kimber-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >