OTL logfile created on: 11/11/2013 23:24:15 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julie\Desktop\Geeks
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.10% Memory free
4.22 Gb Paging File | 2.05 Gb Available in Paging File | 48.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.28 Gb Total Space | 119.85 Gb Free Space | 54.41% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.85 Gb Free Space | 48.45% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: JULIE-PC | User Name: Julie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/11/11 21:35:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julie\Desktop\Geeks\OTL.exe
PRC - [2013/11/11 17:07:13 | 002,420,248 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2013/11/11 17:07:12 | 001,734,680 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe
PRC - [2013/11/11 17:07:11 | 000,159,768 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exe
PRC - [2013/10/16 18:07:48 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
PRC - [2013/10/16 18:07:39 | 001,673,680 | ---- | M] (APN) -- C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
PRC - [2013/10/11 09:34:21 | 000,065,304 | ---- | M] (Whilokii) -- C:\Program Files\Whilokii\bin\utilWhilokii.exe
PRC - [2013/10/09 00:02:45 | 000,844,752 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/10/05 01:05:26 | 000,065,304 | ---- | M] (Whilokii) -- C:\Program Files\Whilokii\updateWhilokii.exe
PRC - [2013/09/19 22:45:18 | 001,953,320 | ---- | M] (MyPCBackup.com) -- C:\Program Files\MyPC Backup\MyPC Backup.exe
PRC - [2013/09/19 22:45:18 | 000,038,440 | ---- | M] (Just Develop It) -- C:\Program Files\MyPC Backup\BackupStack.exe
PRC - [2013/09/10 22:18:16 | 002,476,312 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2013/09/10 22:18:16 | 001,435,928 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2013/05/10 07:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/09/10 10:12:51 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/08/01 03:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/07/25 08:46:44 | 001,326,176 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psia.exe
PRC - [2012/07/25 08:46:42 | 000,572,000 | ---- | M] (Secunia) -- C:\Program Files\Secunia\PSI\psi_tray.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/09/09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2010/07/30 05:51:50 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\Windows\System32\dgdersvc.exe
PRC - [2010/06/24 13:00:14 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/09/13 15:44:48 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
PRC - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/07/24 18:02:42 | 000,174,616 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
========== Modules (No Company Name) ========== MOD - [2013/11/11 17:07:15 | 000,142,360 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\SiteSafety.dll
MOD - [2013/11/11 17:07:14 | 000,519,704 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\log4cplusU.dll
MOD - [2013/11/11 17:07:13 | 002,420,248 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2013/10/11 10:50:56 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f453ecc6bb7fc8d52d61247676944623\System.Configuration.ni.dll
MOD - [2013/10/11 10:49:13 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\73d9bc894522543b561a0342dac87c06\System.Windows.Forms.ni.dll
MOD - [2013/10/09 00:02:43 | 000,415,184 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppgooglenaclpluginchrome.dll
MOD - [2013/10/09 00:02:42 | 013,584,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
MOD - [2013/10/09 00:02:41 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
MOD - [2013/10/09 00:01:47 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
MOD - [2013/09/19 22:37:30 | 000,012,288 | ---- | M] () -- C:\Program Files\MyPC Backup\GetText.dll
MOD - [2013/09/19 22:32:28 | 000,904,704 | ---- | M] () -- C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
MOD - [2013/08/18 14:10:47 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\59eba2680c01c33b2b3f5385979e32c6\System.Web.ni.dll
MOD - [2013/08/18 14:10:38 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b167ef6967ad27503c6ac6aabcef1aff\System.Runtime.Remoting.ni.dll
MOD - [2013/08/18 14:10:35 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9e0ade6fc2bcb5fbd4c8978bf92784a3\System.Transactions.ni.dll
MOD - [2013/08/18 14:10:33 | 000,627,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5ba1ebef462c4f9cb1a8fe05c0419d0e\System.EnterpriseServices.ni.dll
MOD - [2013/08/18 14:08:23 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/08/18 14:07:52 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/18 14:07:30 | 006,622,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1eff630f4194c74287d1dd4a859693f7\System.Data.ni.dll
MOD - [2013/08/18 14:06:40 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/08/06 07:39:21 | 000,996,080 | ---- | M] () -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\57595\RapportMS.dll
MOD - [2013/07/14 15:21:34 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2012/06/27 14:09:06 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/06/24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2009/03/30 04:42:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2009/03/30 04:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2007/12/08 14:34:10 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
========== Services (SafeList) ========== SRV - [2013/11/11 17:07:12 | 001,734,680 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe -- (vToolbarUpdater17.1.2)
SRV - [2013/10/16 18:07:48 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)
SRV - [2013/10/11 09:34:21 | 000,065,304 | ---- | M] (Whilokii) [Auto | Running] -- C:\Program Files\Whilokii\bin\utilWhilokii.exe -- (Util Whilokii)
SRV - [2013/10/09 18:49:03 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/05 01:05:26 | 000,065,304 | ---- | M] (Whilokii) [Auto | Running] -- C:\Program Files\Whilokii\updateWhilokii.exe -- (Update Whilokii)
SRV - [2013/09/19 22:45:18 | 000,038,440 | ---- | M] (Just Develop It) [Auto | Running] -- C:\Program Files\MyPC Backup\BackupStack.exe -- (BackupStack)
SRV - [2013/09/10 22:18:16 | 001,435,928 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2013/05/10 07:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/10 10:12:51 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/07/25 08:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012/07/25 08:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/11/10 13:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010/07/30 05:51:50 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\Windows\System32\dgdersvc.exe -- (dgdersvc)
SRV - [2010/06/24 13:00:14 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008/01/21 02:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/09/20 15:31:10 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/09/13 15:45:38 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/07/24 18:02:44 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\BCM42RLY.sys -- (BCM42RLY)
DRV - [2013/11/11 17:07:15 | 000,037,664 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2013/09/10 22:18:28 | 000,222,416 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2013/09/10 22:18:28 | 000,148,688 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2013/09/10 22:18:28 | 000,097,008 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\RapportKELL.sys -- (RapportKELL)
DRV - [2013/08/21 00:14:53 | 000,330,960 | ---- | M] () [Kernel | System | Running] -- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys -- (RapportCerberus_56758)
DRV - [2012/11/12 04:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/10 10:12:47 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2012/09/10 10:12:46 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)
DRV - [2011/05/27 18:05:18 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:12:38 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:30 | 000,028,624 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:28 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2010/09/01 08:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010/07/30 05:51:50 | 000,018,120 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/06/24 13:00:14 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2007/09/13 15:46:06 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/06/06 23:21:32 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2007/03/21 22:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 14:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 16:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/...ms}&FORM=IE8SRCIE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.co...g}&sourceid=ie7IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" =
http://us.yhs.search...p={searchTerms} IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://isearch.avg.c...fr&d=2011-12-12 11:45:39&v=15.2.0.5&pid=avg&sg=0&sap=hp
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://uk.msn.com/?ocid=iehpIE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 04 31 3C 87 80 CD 01 [binary data]
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" =
http://www.searchgol...125035&tsp=5030IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" =
http://isearch.avg.c...fr&d=2011-12-12 11:45:39&v=15.2.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\..\SearchScopes\{B96EC0DD-4441-4379-AC72-376FF4E882B1}: "URL" =
http://websearch.ask...CC-636199E00A92IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.1.2\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\17.1.2.1 [2013/11/11 17:10:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2013/04/10 20:32:08 | 000,000,000 | ---D | M]
[2013/10/09 22:31:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ========== CHR - default_search_provider: SearchGol (Enabled)
CHR - default_search_provider: search_url =
http://www.searchgol...125035&tsp=5030CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Ask Toolbar = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaajpkhjdkhhnkmgfjodbkfpbmibkkk\25.60699_0\
CHR - Extension: SparkleBox = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjigkifooejljidiapmgeaoeglmgonll\10.22.0.588_0\
CHR - Extension: SparkleBox = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjigkifooejljidiapmgeaoeglmgonll\10.22.0.588_0\nativeMessaging\nmHost
CHR - Extension: Whilokii = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0\
CHR - Extension: AVG Safe Search = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_1\
CHR - Extension: Wajam = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_1\
CHR - Extension: AVG Secure Search = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\17.1.2.1_0\
CHR - Extension: Google Wallet = C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\
O1 HOSTS File: ([2006/09/18 21:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\17.1.2.1\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [ApnTBMon] C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {705EC6D4-B138-4079-A307-EF13E4889A82}
https://vpn.nhsstock...ies/instweb.cab (CSD ActiveX Installer)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429}
http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {B8E73359-3422-4384-8D27-4EA1B4C01232}
https://vpn.nhsstock...COL /cscopf.cab (CISCO Portforwarder Control)
O16 - DPF: {C861B75F-EE32-4AA4-B610-281AF26A8D1C}
https://vpn.nhsstock...COL /cscopf.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC9E4B55-386C-45D6-B435-F6D7CC00619B}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\PROGRA~1\INBOXT~1\Inbox.dll File not found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ========== [2013/11/07 23:31:07 | 000,000,000 | ---D | C] -- C:\Users\Julie\Documents\emma and james_files
[2013/10/25 13:08:37 | 000,000,000 | -HSD | C] -- C:\found.013
[2013/10/17 22:30:40 | 000,000,000 | ---D | C] -- C:\Users\Julie\Documents\Sport, Culture & Media - Rowe, David - Google Books_files
[2013/10/17 21:31:59 | 000,000,000 | ---D | C] -- C:\Users\Julie\Documents\Sport, History, and Heritage Studies in Public Representation - Google Books_files
[2013/10/17 20:23:19 | 000,000,000 | -HSD | C] -- C:\Config.Msi
========== Files - Modified Within 30 Days ========== [2013/11/11 23:19:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/11 23:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/11/11 22:23:52 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/11/11 22:23:52 | 000,003,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/11/11 19:40:43 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/11 19:40:39 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2013/11/11 19:39:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/11/11 18:23:37 | 2137,042,944 | -HS- | M] () -- C:\hiberfil.sys
[2013/11/11 17:15:23 | 143,144,488 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2013/11/11 17:07:15 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2013/11/10 19:08:42 | 000,454,430 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2013/11/08 13:44:19 | 006,622,682 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/11/08 13:44:17 | 003,228,188 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/11/07 23:31:07 | 000,554,733 | ---- | M] () -- C:\Users\Julie\Documents\emma and james.htm
[2013/10/25 17:40:57 | 241,880,094 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/10/24 19:30:52 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/10/21 21:46:07 | 000,161,296 | ---- | M] () -- C:\Users\Julie\Documents\celtic.pdf
[2013/10/17 22:30:40 | 000,138,428 | ---- | M] () -- C:\Users\Julie\Documents\Sport, Culture & Media - Rowe, David - Google Books.htm
[2013/10/17 21:31:59 | 000,167,482 | ---- | M] () -- C:\Users\Julie\Documents\Sport, History, and Heritage Studies in Public Representation - Google Books.htm
[2013/10/14 22:13:38 | 000,055,720 | ---- | M] () -- C:\Users\Julie\Documents\football governance.pdf
[2013/10/13 11:14:12 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
========== Files Created - No Company Name ========== [2013/11/07 23:31:04 | 000,554,733 | ---- | C] () -- C:\Users\Julie\Documents\emma and james.htm
[2013/10/25 17:40:57 | 241,880,094 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/10/21 21:46:06 | 000,161,296 | ---- | C] () -- C:\Users\Julie\Documents\celtic.pdf
[2013/10/17 22:30:40 | 000,138,428 | ---- | C] () -- C:\Users\Julie\Documents\Sport, Culture & Media - Rowe, David - Google Books.htm
[2013/10/17 21:31:58 | 000,167,482 | ---- | C] () -- C:\Users\Julie\Documents\Sport, History, and Heritage Studies in Public Representation - Google Books.htm
[2013/10/14 22:13:37 | 000,055,720 | ---- | C] () -- C:\Users\Julie\Documents\football governance.pdf
[2013/10/12 14:24:54 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2013/10/09 22:30:46 | 000,086,016 | ---- | C] () -- C:\Windows\System32\custmon32i.dll
[2011/11/12 22:01:51 | 000,000,000 | ---- | C] () -- C:\Users\Julie\AppData\Local\{32E91E92-7276-4F47-922E-B981E8B6271D}
[2011/10/26 12:27:21 | 000,000,000 | ---- | C] () -- C:\Users\Julie\AppData\Local\{518E4141-3390-48BB-BF84-3F0C6B4ABBA1}
[2011/09/19 21:46:59 | 000,000,000 | ---- | C] () -- C:\Users\Julie\AppData\Local\{BBB2E6C0-188E-405D-9D4D-A8DEABADA71A}
[2011/05/16 11:01:36 | 000,198,421 | ---- | C] () -- C:\Users\Julie\AQA-3701-2H-W-QP-NOV09.pdf
[2010/10/04 07:58:01 | 000,005,989 | ---- | C] () -- C:\Users\Julie\Session 4 Identifying Verbs.notebook
[2010/10/04 07:57:41 | 000,012,405 | ---- | C] () -- C:\Users\Julie\Session 3 Baking Bread Instructions.notebook
[2010/07/01 19:09:25 | 000,000,798 | ---- | C] () -- C:\Users\Julie\AppData\Local\Images.fl
[2010/03/25 20:45:05 | 000,000,370 | ---- | C] () -- C:\Users\Julie\Pictures - Shortcut.lnk
[2010/02/15 13:01:35 | 000,005,632 | ---- | C] () -- C:\Users\Julie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/01/19 20:00:19 | 000,000,680 | ---- | C] () -- C:\Users\Julie\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ========== [2006/11/02 12:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 17:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 06:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 06:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ========== [2012/12/12 08:57:17 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012/12/12 08:57:17 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013/10/09 22:31:16 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
[2010/10/14 20:58:26 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\AVG10
[2011/02/06 16:26:48 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\Cisco
[2010/06/25 22:06:44 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\GetRightToGo
[2010/04/12 07:16:19 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\licenses
[2010/04/12 07:16:12 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\PCMM2010
[2011/02/03 21:16:35 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\Samsung
[2013/10/09 22:31:41 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\searchgol
[2013/10/13 12:06:55 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\Systweak
[2010/01/19 22:44:28 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\TMP
[2013/06/17 19:39:10 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\VSO
[2010/06/25 22:10:38 | 000,000,000 | ---D | M] -- C:\Users\Julie\AppData\Roaming\Xilisoft
========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.exe > < MD5 for: EXPLORER.EXE >[2008/10/29 06:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 06:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 06:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/30 03:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2008/10/30 03:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows.old\Windows\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\ERDNT\cache\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/28 02:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/10/28 02:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/21 02:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[2008/01/21 02:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: SVCHOST.EXE >[2008/01/21 02:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\System32\svchost.exe
[2008/01/21 02:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2008/01/21 02:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\ERDNT\cache\svchost.exe
[2008/01/21 02:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/21 02:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USERINIT.EXE >[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\System32\userinit.exe
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/21 02:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows.old\Windows\System32\winlogon.exe
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\ERDNT\cache\winlogon.exe
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 06:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013/04/04 13:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/21 02:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows.old\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[2008/01/21 02:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< dir C:\ /S /A:L /C > Volume in drive C is OS
Volume Serial Number is 628E-60E5
Directory of C:\
02/11/2006 13:02 <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\ProgramData
02/11/2006 13:02 <JUNCTION> Application Data [C:\ProgramData]
02/11/2006 13:02 <JUNCTION> Desktop [C:\Users\Public\Desktop]
02/11/2006 13:02 <JUNCTION> Documents [C:\Users\Public\Documents]
02/11/2006 13:02 <JUNCTION> Favorites [C:\Users\Public\Favorites]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
02/11/2006 13:02 <SYMLINKD> All Users [C:\ProgramData]
02/11/2006 13:02 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
02/11/2006 13:02 <JUNCTION> Application Data [C:\ProgramData]
02/11/2006 13:02 <JUNCTION> Desktop [C:\Users\Public\Desktop]
02/11/2006 13:02 <JUNCTION> Documents [C:\Users\Public\Documents]
02/11/2006 13:02 <JUNCTION> Favorites [C:\Users\Public\Favorites]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
02/11/2006 13:02 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> My Documents [C:\Users\Default\Documents]
02/11/2006 13:02 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/11/2006 13:02 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/11/2006 13:02 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
02/11/2006 13:02 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
02/11/2006 13:02 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
02/11/2006 13:02 <JUNCTION> My Music [C:\Users\Default\Music]
02/11/2006 13:02 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
02/11/2006 13:02 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Julie
19/01/2010 20:00 <JUNCTION> Application Data [C:\Users\Julie\AppData\Roaming]
19/01/2010 20:00 <JUNCTION> Cookies [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Cookies]
19/01/2010 20:00 <JUNCTION> Local Settings [C:\Users\Julie\AppData\Local]
19/01/2010 20:00 <JUNCTION> My Documents [C:\Users\Julie\Documents]
19/01/2010 20:00 <JUNCTION> NetHood [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
19/01/2010 20:00 <JUNCTION> PrintHood [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19/01/2010 20:00 <JUNCTION> Recent [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Recent]
19/01/2010 20:00 <JUNCTION> SendTo [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\SendTo]
19/01/2010 20:00 <JUNCTION> Start Menu [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu]
19/01/2010 20:00 <JUNCTION> Templates [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Julie\AppData\Local
19/01/2010 20:00 <JUNCTION> Application Data [C:\Users\Julie\AppData\Local]
19/01/2010 20:00 <JUNCTION> History [C:\Users\Julie\AppData\Local\Microsoft\Windows\History]
19/01/2010 20:00 <JUNCTION> Temporary Internet Files [C:\Users\Julie\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Julie\Documents
19/01/2010 20:00 <JUNCTION> My Music [C:\Users\Julie\Music]
19/01/2010 20:00 <JUNCTION> My Pictures [C:\Users\Julie\Pictures]
19/01/2010 20:00 <JUNCTION> My Videos [C:\Users\Julie\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
02/11/2006 13:02 <JUNCTION> My Music [C:\Users\Public\Music]
02/11/2006 13:02 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
02/11/2006 13:02 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile
19/01/2010 23:26 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
19/01/2010 23:26 <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Windows\System32\config\systemprofile\AppData\Local
19/01/2010 23:26 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
19/01/2010 23:26 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
19/01/2010 23:26 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old
27/11/2008 20:28 <JUNCTION> Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings
02/11/2006 13:02 <SYMLINKD> All Users [C:\ProgramData]
02/11/2006 13:02 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\All Users
02/11/2006 13:02 <JUNCTION> Application Data [C:\ProgramData]
02/11/2006 13:02 <JUNCTION> Desktop [C:\Users\Public\Desktop]
02/11/2006 13:02 <JUNCTION> Documents [C:\Users\Public\Documents]
02/11/2006 13:02 <JUNCTION> Favorites [C:\Users\Public\Favorites]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\Default
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
02/11/2006 13:02 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> My Documents [C:\Users\Default\Documents]
02/11/2006 13:02 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/11/2006 13:02 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/11/2006 13:02 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
02/11/2006 13:02 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\Default\AppData\Local
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
02/11/2006 13:02 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\Default\Documents
02/11/2006 13:02 <JUNCTION> My Music [C:\Users\Default\Music]
02/11/2006 13:02 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
02/11/2006 13:02 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\Julie
19/01/2010 20:00 <JUNCTION> Application Data [C:\Users\Julie\AppData\Roaming]
19/01/2010 20:00 <JUNCTION> Cookies [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Cookies]
19/01/2010 20:00 <JUNCTION> Local Settings [C:\Users\Julie\AppData\Local]
19/01/2010 20:00 <JUNCTION> My Documents [C:\Users\Julie\Documents]
19/01/2010 20:00 <JUNCTION> NetHood [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
19/01/2010 20:00 <JUNCTION> PrintHood [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19/01/2010 20:00 <JUNCTION> Recent [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Recent]
19/01/2010 20:00 <JUNCTION> SendTo [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\SendTo]
19/01/2010 20:00 <JUNCTION> Start Menu [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu]
19/01/2010 20:00 <JUNCTION> Templates [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\Julie\AppData\Local
19/01/2010 20:00 <JUNCTION> Application Data [C:\Users\Julie\AppData\Local]
19/01/2010 20:00 <JUNCTION> History [C:\Users\Julie\AppData\Local\Microsoft\Windows\History]
19/01/2010 20:00 <JUNCTION> Temporary Internet Files [C:\Users\Julie\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\Julie\Documents
19/01/2010 20:00 <JUNCTION> My Music [C:\Users\Julie\Music]
19/01/2010 20:00 <JUNCTION> My Pictures [C:\Users\Julie\Pictures]
19/01/2010 20:00 <JUNCTION> My Videos [C:\Users\Julie\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Documents and Settings\Public\Documents
02/11/2006 13:02 <JUNCTION> My Music [C:\Users\Public\Music]
02/11/2006 13:02 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
02/11/2006 13:02 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\ProgramData
27/11/2008 20:28 <JUNCTION> Application Data [C:\ProgramData]
27/11/2008 20:28 <JUNCTION> Desktop [C:\Users\Public\Desktop]
27/11/2008 20:28 <JUNCTION> Documents [C:\Users\Public\Documents]
27/11/2008 20:28 <JUNCTION> Favorites [C:\Users\Public\Favorites]
27/11/2008 20:28 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
27/11/2008 20:28 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\ProgramData\Application Data
02/11/2006 13:02 <JUNCTION> Application Data [C:\ProgramData]
02/11/2006 13:02 <JUNCTION> Desktop [C:\Users\Public\Desktop]
02/11/2006 13:02 <JUNCTION> Documents [C:\Users\Public\Documents]
02/11/2006 13:02 <JUNCTION> Favorites [C:\Users\Public\Favorites]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\ProgramData\Documents
02/11/2006 13:02 <JUNCTION> My Music [C:\Users\Public\Music]
02/11/2006 13:02 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
02/11/2006 13:02 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users
27/11/2008 20:28 <SYMLINKD> All Users [C:\ProgramData]
27/11/2008 20:28 <JUNCTION> Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\All Users
02/11/2006 13:02 <JUNCTION> Application Data [C:\ProgramData]
02/11/2006 13:02 <JUNCTION> Desktop [C:\Users\Public\Desktop]
02/11/2006 13:02 <JUNCTION> Documents [C:\Users\Public\Documents]
02/11/2006 13:02 <JUNCTION> Favorites [C:\Users\Public\Favorites]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default
27/11/2008 20:28 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
27/11/2008 20:28 <JUNCTION> Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
27/11/2008 20:28 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
27/11/2008 20:28 <JUNCTION> My Documents [C:\Users\Default\Documents]
27/11/2008 20:28 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
27/11/2008 20:28 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
27/11/2008 20:28 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
27/11/2008 20:28 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
27/11/2008 20:28 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
27/11/2008 20:28 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default\AppData\Local
27/11/2008 20:28 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
27/11/2008 20:28 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
27/11/2008 20:28 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default\AppData\Local\Application Data
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
02/11/2006 13:02 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default\Documents
27/11/2008 20:28 <JUNCTION> My Music [C:\Users\Default\Music]
27/11/2008 20:28 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
27/11/2008 20:28 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default\Local Settings
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
02/11/2006 13:02 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default\My Documents
02/11/2006 13:02 <JUNCTION> My Music [C:\Users\Default\Music]
02/11/2006 13:02 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
02/11/2006 13:02 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default User
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Roaming]
02/11/2006 13:02 <JUNCTION> Local Settings [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> My Documents [C:\Users\Default\Documents]
02/11/2006 13:02 <JUNCTION> NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
02/11/2006 13:02 <JUNCTION> PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
02/11/2006 13:02 <JUNCTION> Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
02/11/2006 13:02 <JUNCTION> SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
02/11/2006 13:02 <JUNCTION> Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
02/11/2006 13:02 <JUNCTION> Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default User\AppData\Local
02/11/2006 13:02 <JUNCTION> Application Data [C:\Users\Default\AppData\Local]
02/11/2006 13:02 <JUNCTION> History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
02/11/2006 13:02 <JUNCTION> Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Default User\Documents
02/11/2006 13:02 <JUNCTION> My Music [C:\Users\Default\Music]
02/11/2006 13:02 <JUNCTION> My Pictures [C:\Users\Default\Pictures]
02/11/2006 13:02 <JUNCTION> My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Julie
27/11/2008 20:32 <JUNCTION> Application Data [C:\Users\Julie\AppData\Roaming]
27/11/2008 20:32 <JUNCTION> Cookies [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Cookies]
27/11/2008 20:32 <JUNCTION> Local Settings [C:\Users\Julie\AppData\Local]
27/11/2008 20:32 <JUNCTION> My Documents [C:\Users\Julie\Documents]
27/11/2008 20:32 <JUNCTION> NetHood [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
27/11/2008 20:32 <JUNCTION> PrintHood [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
27/11/2008 20:32 <JUNCTION> Recent [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Recent]
27/11/2008 20:32 <JUNCTION> SendTo [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\SendTo]
27/11/2008 20:32 <JUNCTION> Start Menu [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu]
27/11/2008 20:32 <JUNCTION> Templates [C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Julie\AppData\Local
27/11/2008 20:32 <JUNCTION> Application Data [C:\Users\Julie\AppData\Local]
27/11/2008 20:32 <JUNCTION> History [C:\Users\Julie\AppData\Local\Microsoft\Windows\History]
27/11/2008 20:32 <JUNCTION> Temporary Internet Files [C:\Users\Julie\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Julie\AppData\Local\Application Data
19/01/2010 20:00 <JUNCTION> Application Data [C:\Users\Julie\AppData\Local]
19/01/2010 20:00 <JUNCTION> History [C:\Users\Julie\AppData\Local\Microsoft\Windows\History]
19/01/2010 20:00 <JUNCTION> Temporary Internet Files [C:\Users\Julie\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Julie\Documents
27/11/2008 20:32 <JUNCTION> My Music [C:\Users\Julie\Music]
27/11/2008 20:32 <JUNCTION> My Pictures [C:\Users\Julie\Pictures]
27/11/2008 20:32 <JUNCTION> My Videos [C:\Users\Julie\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Julie\Local Settings
19/01/2010 20:00 <JUNCTION> Application Data [C:\Users\Julie\AppData\Local]
19/01/2010 20:00 <JUNCTION> History [C:\Users\Julie\AppData\Local\Microsoft\Windows\History]
19/01/2010 20:00 <JUNCTION> Temporary Internet Files [C:\Users\Julie\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Julie\My Documents
19/01/2010 20:00 <JUNCTION> My Music [C:\Users\Julie\Music]
19/01/2010 20:00 <JUNCTION> My Pictures [C:\Users\Julie\Pictures]
19/01/2010 20:00 <JUNCTION> My Videos [C:\Users\Julie\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Users\Public\Documents
27/11/2008 20:28 <JUNCTION> My Music [C:\Users\Public\Music]
27/11/2008 20:28 <JUNCTION> My Pictures [C:\Users\Public\Pictures]
27/11/2008 20:28 <JUNCTION> My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Windows.old\Windows\System32\config\systemprofile
20/11/2008 15:15 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Roaming]
20/11/2008 15:15 <JUNCTION> Cookies [C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies]
20/11/2008 15:15 <JUNCTION> Local Settings [C:\Windows\system32\config\systemprofile\AppData\Local]
0 File(s) 0 bytes
Directory of C:\Windows.old\Windows\System32\config\systemprofile\AppData\Local
20/11/2008 15:15 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
20/11/2008 15:15 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
20/11/2008 15:15 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Windows\System32\config\systemprofile\AppData\Local\Application Data
19/01/2010 23:26 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
19/01/2010 23:26 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
19/01/2010 23:26 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Windows.old\Windows\System32\config\systemprofile\Local Settings
19/01/2010 23:26 <JUNCTION> Application Data [C:\Windows\system32\config\systemprofile\AppData\Local]
19/01/2010 23:26 <JUNCTION> History [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History]
19/01/2010 23:26 <JUNCTION> Temporary Internet Files [C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Total Files Listed:
0 File(s) 0 bytes
200 Dir(s) 128,541,483,008 bytes free
< End of report >
OTL Extras logfile created on: 11/11/2013 23:24:15 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Julie\Desktop\Geeks
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
1.99 Gb Total Physical Memory | 0.84 Gb Available Physical Memory | 42.10% Memory free
4.22 Gb Paging File | 2.05 Gb Available in Paging File | 48.63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 220.28 Gb Total Space | 119.85 Gb Free Space | 54.41% Space Free | Partition Type: NTFS
Drive D: | 10.00 Gb Total Space | 4.85 Gb Free Space | 48.45% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Computer Name: JULIE-PC | User Name: Julie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0D062DC1-48E9-4E25-A743-725C66507ED6}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2DBE9D9B-08C3-4316-80FA-4E01C2E65C78}" = rport=445 | protocol=6 | dir=out | app=system |
"{397FA5F9-0FB4-49C1-B2F2-4114585463A4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{52B3D892-6F96-4A81-87AD-016E582353BE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5B7A2EAA-DD64-4B7A-8191-E8FEE0F59679}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{69E280FC-DFCA-4620-BF0D-B9E77564D050}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{7B2C15F9-396F-4015-B8DD-A6CCB672F7B7}" = rport=138 | protocol=17 | dir=out | app=system |
"{830B6558-F490-4E30-A367-9B9D2924C8BC}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{9D569D38-E32B-40F0-BCF2-687DDC073B96}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A260F5E5-107D-41B9-A911-80AE18896D4B}" = lport=445 | protocol=6 | dir=in | app=system |
"{A9B1A70F-DEAB-40C9-AAD3-03A9640D1A17}" = lport=138 | protocol=17 | dir=in | app=system |
"{AE042D6F-B36C-4FF5-99E7-47E4C0D38A86}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{AED3904C-84E3-491A-8BDE-E30DB5B44288}" = rport=137 | protocol=17 | dir=out | app=system |
"{B2ECED14-5637-47B7-A336-3BDAA44EC8E6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B3D63D64-625B-4D2B-811E-993604CC85EC}" = lport=137 | protocol=17 | dir=in | app=system |
"{C46F1C3B-2C58-4D8D-A00E-92A0BD2C2592}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D43DBFBA-CEE5-4E16-8535-54C40FE98E95}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{DDED07F7-7458-4E89-ACEF-DD804C43DA03}" = rport=139 | protocol=6 | dir=out | app=system |
"{E74C6E00-69CA-4758-9895-64B927EE791E}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02F93C74-943A-4A05-827A-953F1EC2D5AC}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{0D8437E9-BE77-4C05-9C97-3AA30CD73949}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{0E58F732-6F6D-45F2-AD08-F37F099E6566}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{11983C6A-AEB4-49DE-B33F-05A60B0187C1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{1239E043-FF49-4B56-AB32-E28D8F660257}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{12DCD094-B147-4A4B-9CC9-3E1E4615CAB0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{18672E67-2B69-4DAA-B5A0-DA244938D5F8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{19C8BFD2-B84C-48F0-815F-DFC9BD9CAA5F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1F23C6DE-BEE7-4DBF-AF46-038BB6E06CF3}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{225B2692-2548-40A4-A9E5-362BFAFD996A}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{2A324199-FBB0-49ED-9683-2CFDE7921539}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{2C9F47FB-A91B-4AA8-991E-9719C8BCEC71}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{2FA6A48D-5F53-40C1-A08B-0FB6517EA00C}" = protocol=58 | dir=out |
[email protected],-28546 |
"{30607618-54A3-412B-B408-12181BEB66ED}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{40D61C5D-AF3D-4447-858D-BACC073B7AD1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{44F32126-62F0-4228-A9C9-8AA2E2905113}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgnsx.exe |
"{4EA5686A-E145-4463-B809-5DBA486C8BE2}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{5941B7E8-AA47-44FC-9CB4-FD57B2B26748}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{5E566F2F-0E9D-4B47-AE1F-76CF3F2EC12C}" = protocol=58 | dir=in |
[email protected],-28545 |
"{6013778F-DF4C-44B2-8386-C5E949C46B2E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{82A457E5-87F9-49FE-A95F-AFDDE9D30FDD}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgemcx.exe |
"{8469B328-4B3D-41F8-887C-C7509573E13C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{8C978D2C-ADE5-4EDF-8527-11754F34D9B9}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{8F12A04D-02F3-4E59-A5F7-9015B45A3210}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgmfapx.exe |
"{92EAE00B-259C-47FF-BE0D-CC326F4DE5EB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{97C913E0-A4D5-4167-8AE6-3BBA41D585D3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{99434582-F24F-4A64-908B-09C221322B0D}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{A355F8BD-564B-4F16-8C7C-C540B75FAAEB}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{A4BB05D1-E28B-4194-BE3F-7B3B0F465DA6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{AE595102-38C6-43D1-B520-AF3A67804247}" = protocol=17 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{B74262F7-2DF9-486A-AD07-8FFBE57B5492}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{C312C90D-5EEA-406D-8016-724367F92274}" = protocol=1 | dir=in |
[email protected],-28543 |
"{C9AD7E1C-BB0A-466F-88A4-0EED2B1893DC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{CB9FE1FE-8DC9-41CF-BE89-D4FD9E9BA8C3}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{D9D23260-C4F1-40CD-8E5B-2FB29C6BA998}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{DCA65060-24AF-40A6-84ED-ED456353260B}" = protocol=1 | dir=out |
[email protected],-28544 |
"{E3031F05-C157-445F-8C41-8BAD59F8A035}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{E4C2F2B1-9E1C-4F58-85C4-C1C233C19425}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{E7EF69C8-E670-4FB3-96F5-3E17E2BC9C2E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{F7E29805-DA09-42D2-9A33-CFA76E286FDE}" = protocol=6 | dir=in | app=c:\program files\avg\avg10\avgdiagex.exe |
"{F9ED1D4A-C256-438B-9762-6EAC3A5A79A9}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{FC06B5A0-DE33-46D0-A6FD-2FDE47A04C50}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{FE60B53F-7949-470D-A449-58CC75AEF111}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"TCP Query User{A0A73AD9-FDC8-44BC-8A6D-70F3B391A17B}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{F1E1C13B-3737-4E90-A641-5D3ADB5D28A3}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{4F524A2D-5637-006A-76A7-A758B70C0600}" = Ask Toolbar
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{56504C77-8B9F-4EB2-B33B-C5B9F50B5D64}" = AVG 2011
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
"{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}" = OutlookAddInNet3Setup
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D9B17E4-5C34-45B2-9C95-8B9DB4CF7AF3}" = HP_Network_UserGuide
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only)
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1" = VSO Image Resizer 4.0.0.36
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B486871-27EB-49A5-8832-77176E63333C}" = iTunes
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}" = SigmaTel Audio
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.8)
"{ACDE260A-602B-4cfb-A650-D0DBA6FFAD85}" = NetDeviceManager
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C8FC7066-4457-4365-9BDF-4E439BF703C8}" = AVG 2011
"{C950420B-4182-49EA-850A-A6A2ABF06C6B}" = Marvell Miniport Driver
"{CAC5A4CF-0800-4D0B-9DD6-A5BC2708D6D7}" = AVG 2011
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AVG" = AVG 2011
"AVG Secure Search" = AVG Security Toolbar
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CCleaner" = CCleaner
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Google Chrome" = Google Chrome
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}" = Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"MyPC Backup" = MyPC Backup
"PDF Creator" = PDF Creator
"Rapport_msi" = Trusteer Endpoint Protection
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"Shop for HP Supplies" = Shop for HP Supplies
"Whilokii" = Whilokii 1.0.0
"Xilisoft Video Converter Standard" = Xilisoft Video Converter Standard 6
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2252881703-585418222-1894100648-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PDF Writer Packages" = PDF Writer Packages
"Spotify" = Spotify
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 11/11/2013 15:40:20 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 748040
Error - 11/11/2013 15:40:24 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/11/2013 15:40:24 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 751144
Error - 11/11/2013 15:40:24 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 751144
Error - 11/11/2013 15:40:39 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/11/2013 15:40:39 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 766791
Error - 11/11/2013 15:40:39 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 766791
Error - 11/11/2013 15:40:55 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/11/2013 15:40:55 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 782423
Error - 11/11/2013 15:40:55 | Computer Name = Julie-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 782423
[ Broadcom Wireless LAN Events ]
Error - 16/10/2013 20:27:06 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 01:27:06, Thu, Oct 17, 13 Error - Unable to gain access to user store
Error - 21/10/2013 09:58:48 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 14:58:48, Mon, Oct 21, 13 Error - Unable to gain access to user store
Error - 25/10/2013 13:43:30 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 18:43:30, Fri, Oct 25, 13 Error - Unable to gain access to user store
Error - 25/10/2013 19:56:33 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 00:56:33, Sat, Oct 26, 13 Error - Unable to gain access to user store
Error - 29/10/2013 14:50:04 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 18:50:04, Tue, Oct 29, 13 Error - Unable to gain access to user store
Error - 31/10/2013 19:18:53 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 23:18:53, Thu, Oct 31, 13 Error - Unable to gain access to user store
Error - 10/11/2013 03:31:48 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 07:31:48, Sun, Nov 10, 13 Error - Unable to gain access to user store
Error - 10/11/2013 03:37:40 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 07:37:40, Sun, Nov 10, 13 Error - Unable to gain access to user store
Error - 11/11/2013 14:25:47 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 18:25:47, Mon, Nov 11, 13 Error - Unable to gain access to user store
Error - 11/11/2013 14:31:36 | Computer Name = Julie-PC | Source = WLAN-Tray | ID = 0
Description = 18:31:36, Mon, Nov 11, 13 Error - Unable to gain access to user store
[ OSession Events ]
Error - 01/12/2011 16:52:07 | Computer Name = Julie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 126 seconds with 120 seconds of active time. This session ended with a crash.
Error - 10/06/2012 13:35:03 | Computer Name = Julie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 68 seconds with 60 seconds of active time. This session ended with a crash.
Error - 07/10/2013 01:15:47 | Computer Name = Julie-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 41001 seconds with 180 seconds of active time. This session ended with a
crash.
[ System Events ]
Error - 11/11/2013 15:39:42 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/11/2013 15:40:12 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/11/2013 15:40:12 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/11/2013 15:40:33 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 11/11/2013 15:41:10 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 11/11/2013 15:41:10 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/11/2013 15:41:11 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 11/11/2013 15:41:41 | Computer Name = Julie-PC | Source = Service Control Manager | ID = 7011
Description =
Error - 11/11/2013 18:30:39 | Computer Name = Julie-PC | Source = Print | ID = 6161
Description = The document Meanings%20of%20Theory%20(1).pdf, owned by Julie, failed
to print on printer HP Photosmart C4380 series. Try to print the document again,
or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in
bytes: 8454144. Number of bytes printed: 0. Total number of pages in the document:
9. Number of pages printed: 0. Client computer: \\JULIE-PC. Win32 error code returned
by the print processor: 6. The handle is invalid.
Error - 11/11/2013 18:48:02 | Computer Name = Julie-PC | Source = Print | ID = 6161
Description = The document Meanings%20of%20Theory%20(1).pdf, owned by Julie, failed
to print on printer HP Photosmart C4380 series. Try to print the document again,
or restart the print spooler. Data type: NT EMF 1.008. Size of the spool file in
bytes: 8454144. Number of bytes printed: 0. Total number of pages in the document:
9. Number of pages printed: 0. Client computer: \\JULIE-PC. Win32 error code returned
by the print processor: 6. The handle is invalid.
< End of report >
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-11-11 23:52:34
-----------------------------
23:52:34.848 OS Version: Windows 6.0.6002 Service Pack 2
23:52:34.848 Number of processors: 2 586 0xF0D
23:52:34.848 ComputerName: JULIE-PC UserName: Julie
23:52:36.735 Initialize success
23:52:59.081 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
23:52:59.081 Disk 0 Vendor: Hitachi_ FBEO Size: 238475MB BusType: 3
23:52:59.315 Disk 0 MBR read successfully
23:52:59.315 Disk 0 MBR scan
23:52:59.315 Disk 0 Windows VISTA default MBR code
23:52:59.331 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 109 MB offset 63
23:52:59.347 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 225280
23:52:59.362 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 225563 MB offset 21196800
23:52:59.362 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 483151872
23:52:59.409 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 483153920
23:52:59.409 Disk 0 scanning sectors +488394752
23:52:59.581 Disk 0 scanning C:\Windows\system32\drivers
23:53:10.096 Service scanning
23:53:45.882 Modules scanning
23:54:23.291 Disk 0 trace - called modules:
23:54:23.322 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
23:54:23.322 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x89276968]
23:54:23.338 3 CLASSPNP.SYS[8b7b58b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x88206030]
23:54:23.338 Scan finished successfully
00:13:31.178 Disk 0 MBR has been saved successfully to "C:\Users\Julie\Desktop\Geeks\MBR.dat"
00:13:31.193 The log file has been saved successfully to "C:\Users\Julie\Desktop\Geeks\aswMBR.txt"
# AdwCleaner v3.012 - Report created 11/11/2013 at 23:59:06
# Updated 11/11/2013 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Julie - JULIE-PC
# Running from : C:\Users\Julie\Desktop\Geeks\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
Service Found : APNMCP
Service Found : BackupStack
Service Found : update whilokii
Service Found : Util Whilokii
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\Users\Julie\Desktop\MyPC Backup.lnk
File Found : C:\Users\Public\Desktop\Advanced System Protector.lnk
File Found : C:\Users\Public\Desktop\RegClean Pro.lnk
File Found : C:\Windows\System32\Tasks\Advanced System Protector
File Found : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Found : C:\Windows\System32\Tasks\EPUpdater
File Found : C:\Windows\System32\Tasks\RegClean Pro
Folder Found : C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjigkifooejljidiapmgeaoeglmgonll
Folder Found : C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Folder Found : C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Folder Found : C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found C:\Program Files\AskPartnerNetwork
Folder Found C:\Program Files\AVG Secure Search
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\Conduit
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\searchgol
Folder Found C:\Program Files\Whilokii
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Ask
Folder Found C:\ProgramData\AskPartnerNetwork
Folder Found C:\ProgramData\AVG Secure Search
Folder Found C:\ProgramData\AVG Security Toolbar
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\BitGuard
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Found C:\ProgramData\Systweak
Folder Found C:\Users\Julie\AppData\Local\AVG Secure Search
Folder Found C:\Users\Julie\AppData\Local\Temp\apn
Folder Found C:\Users\Julie\AppData\Local\Wajam
Folder Found C:\Users\Julie\AppData\LocalLow\AVG Secure Search
Folder Found C:\Users\Julie\AppData\LocalLow\Conduit
Folder Found C:\Users\Julie\AppData\LocalLow\Inbox Toolbar
Folder Found C:\Users\Julie\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Folder Found C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Found C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Found C:\Users\Julie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Found C:\Users\Julie\AppData\Roaming\searchgol
Folder Found C:\Users\Julie\AppData\Roaming\Systweak
***** [ Shortcuts ] *****
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Help.lnk ( /showurl hxxp://toolbar.inbox.com/faq.aspx )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar\Inbox.com.lnk ( /showurl hxxp://www.inbox.com/homepage.aspx?tbid=82435&iwk=257&lng=en )
***** [ Registry ] *****
Key Found : HKCU\Software\5d4d68cb23cb944
Key Found : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\AskPartnerNetwork
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\Google\Chrome\Extensions\cjigkifooejljidiapmgeaoeglmgonll
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean Pro_is1
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchgol
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Search-Gol Chrome Toolbar
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Whilokii
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\Whilokii
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\5d4d68cb23cb944
Key Found : HKLM\Software\AskPartnerNetwork
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4277F7CF-0000-46CF-BA49-D624465C4BAB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{88AF4F6A-C6B7-4229-9275-824E98BF97F9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Inbox.AppServer
Key Found : HKLM\SOFTWARE\Classes\Inbox.IBX404
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\inbox
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjigkifooejljidiapmgeaoeglmgonll
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\Software\Inbox Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C5CBB76-7379-4490-AA5B-B037C0A36381}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Advanced System Protector
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Advanced System Protector_startup
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\RegClean Pro
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{124B8C86-A31F-4B3F-9897-712DB1BAA275}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{124B8C86-A31F-4B3F-9897-712DB1BAA275}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24C966A1-9396-4E97-916C-C20DDE3376FB}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A679F241-9DC5-4A10-A0B1-99204E621380}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6DA8030-0CC1-439A-88F5-153AFACB0419}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Whilokii
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\systweak
Key Found : HKLM\Software\Whilokii
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16514
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://isearch.avg.com/?cid={13C5DFAC-8873-4C79-B65F-3897D657AB17}&mid=5bc14335263b1c9aff30dc32e95589b6-3550ea5b749d35f128fd9d3b24b1635218411da4&lang=us&ds=AVG&pr=fr&d=2011-12-12 11:45:39&v=15.2.0.5&pid=avg&sg=0&sap=hp
-\\ Google Chrome v30.0.1599.101
[ File : C:\Users\Julie\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Found : icon_url
Found : search_url
Found : keyword
*************************
AdwCleaner[R0].txt - [17948 octets] - [11/11/2013 23:59:06]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [18009 octets] ##########
Results of screen317's Security Check version 0.99.76
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2011
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:````````` SUPERAntiSpyware
Secunia PSI (3.0.0.3001)
Malwarebytes Anti-Malware version 1.75.0.1300
CCleaner
Java 7 Update 40
Java version out of Date! Adobe Reader 10.1.8
Adobe Reader out of Date! Google Chrome 30.0.1599.101
Google Chrome 30.0.1599.69
````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe
AVG avgtray.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
`````````````````System Health check````````````````` Total Fragmentation on Drive C: 0 %
````````````````````End of Log`````````````````````` I hope I have done the scans correctly. Thanks for your help.
This topic is locked
Sign In
Create Account
