I need some help in analyzing the logs from OTL.
thank you
OTL logfile created on: 5/22/2013 12:48:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Office\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19418)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.75 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 32.82% Memory free
5.72 Gb Paging File | 3.75 Gb Available in Paging File | 65.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.30 Gb Total Space | 67.54 Gb Free Space | 46.81% Space Free | Partition Type: NTFS
Drive D: | 144.03 Gb Total Space | 143.93 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Drive I: | 7.40 Gb Total Space | 6.71 Gb Free Space | 90.71% Space Free | Partition Type: FAT32
Computer Name: OFFICE-PC | User Name: Office | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/05/22 12:47:24 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Office\Downloads\OTL (3).exe
PRC - [2013/05/21 17:53:04 | 000,119,072 | ---- | M] (Sendori, Inc.) -- C:\Program Files\Sendori\SendoriSvc.exe
PRC - [2013/05/21 17:53:04 | 000,083,232 | ---- | M] (Sendori, Inc.) -- C:\Program Files\Sendori\SendoriTray.exe
PRC - [2013/05/21 17:53:02 | 003,623,200 | ---- | M] (Sendori) -- C:\Program Files\Sendori\sndappv2.exe
PRC - [2013/05/21 17:53:02 | 000,019,744 | ---- | M] (sendori) -- C:\Program Files\Sendori\Sendori.Service.exe
PRC - [2013/05/17 16:35:44 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/04/11 23:45:42 | 001,281,120 | ---- | M] (Crawler.com, LLC) -- C:\Program Files\Crawler Toolbar\Crawler.exe
PRC - [2013/03/08 13:45:52 | 001,083,704 | ---- | M] (PC Health Labs) -- C:\Program Files\PC Health Kit\PCHKReminder.exe
PRC - [2013/03/06 07:36:54 | 002,731,296 | ---- | M] (Conduit) -- C:\Users\Office\AppData\Roaming\SearchProtect\bin\cltmng.exe
PRC - [2013/03/06 07:36:52 | 000,093,984 | ---- | M] (Conduit) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe
PRC - [2012/11/27 21:16:00 | 000,296,096 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/08/21 15:43:58 | 000,794,272 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2012/08/21 15:43:58 | 000,105,120 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2012/06/18 18:24:38 | 000,255,880 | ---- | M] (Vertro Inc.) -- C:\Users\Office\AppData\LocalLow\alotservice\alotservice.exe
PRC - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\6.4.1.14\ccsvchst.exe
PRC - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012/04/11 16:51:12 | 000,770,080 | ---- | M] (Fitbit, Inc.) -- C:\Program Files\Fitbit\fitbit.exe
PRC - [2012/04/11 16:51:04 | 002,177,056 | ---- | M] (Fitbit, Inc.) -- C:\Program Files\Fitbit\fitbit-tray.exe
PRC - [2009/09/25 14:16:06 | 000,093,960 | ---- | M] (Sling Media Inc.) -- C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/02/16 10:44:56 | 001,358,384 | ---- | M] (Linksys, LLC) -- C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe
PRC - [2009/01/26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
PRC - [2007/04/04 20:54:08 | 000,266,343 | ---- | M] (CyberLink) -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2007/02/07 02:04:26 | 000,457,512 | ---- | M] (HiTRSUT) -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
PRC - [2007/01/31 19:18:42 | 000,053,248 | ---- | M] (Acer Inc.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
PRC - [2007/01/24 12:27:50 | 000,319,488 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
PRC - [2006/12/29 19:51:56 | 000,028,672 | ---- | M] () -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/17 16:35:42 | 000,393,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.93\ppgooglenaclpluginchrome.dll
MOD - [2013/05/17 16:35:41 | 013,136,336 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.93\PepperFlash\pepflashplayer.dll
MOD - [2013/05/17 16:35:40 | 004,051,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.93\pdf.dll
MOD - [2013/05/17 16:34:45 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.93\ffmpegsumo.dll
MOD - [2012/12/12 00:34:13 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/10/05 05:59:03 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012/10/05 05:59:03 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/08/31 06:01:10 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/03/29 23:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2007/03/14 08:54:58 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007/01/24 12:27:50 | 000,319,488 | ---- | M] () -- C:\Acer\Empowering Technology\SysMonitor.exe
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - File not found [Auto | Stopped] -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon -- (CLTNetCnService)
SRV - [2013/05/21 17:53:04 | 000,119,072 | ---- | M] (Sendori, Inc.) [Auto | Running] -- C:\Program Files\Sendori\SendoriSvc.exe -- (Application Sendori)
SRV - [2013/05/21 17:53:02 | 003,623,200 | ---- | M] (Sendori) [Auto | Running] -- C:\Program Files\Sendori\sndappv2.exe -- (sndappv2)
SRV - [2013/05/21 17:53:02 | 000,019,744 | ---- | M] (sendori) [Auto | Running] -- C:\Program Files\Sendori\Sendori.Service.exe -- (Service Sendori)
SRV - [2013/05/15 15:24:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/06 07:36:52 | 000,093,984 | ---- | M] (Conduit) [Auto | Running] -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe -- (CltMngSvc)
SRV - [2012/08/21 15:43:58 | 000,794,272 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2012/06/18 18:24:38 | 000,255,880 | ---- | M] (Vertro Inc.) [Auto | Running] -- C:\Users\Office\AppData\LocalLow\alotservice\alotservice.exe -- (AlotService)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\6.4.1.14\ccSvcHst.exe -- (N360)
SRV - [2012/06/11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/06/11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012/04/11 16:51:12 | 000,770,080 | ---- | M] (Fitbit, Inc.) [Auto | Running] -- C:\Program Files\Fitbit\fitbit.exe -- (Fitbit)
SRV - [2012/01/12 03:07:32 | 000,695,640 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfeeScanAndRepair\McAfeeScanRepairSvc.exe -- (McAfee ScanAndRepair Svc)
SRV - [2009/09/25 14:16:06 | 000,093,960 | ---- | M] (Sling Media Inc.) [Auto | Running] -- C:\Program Files\Sling Media\SlingAgent\SlingAgentService.exe -- (SlingAgentService)
SRV - [2008/12/12 19:06:40 | 000,642,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe -- (nmservice)
SRV - [2008/01/19 02:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/04/04 20:54:08 | 000,266,343 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
SRV - [2007/02/07 02:04:26 | 000,457,512 | ---- | M] (HiTRSUT) [Auto | Running] -- C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe -- (eDataSecurity Service)
SRV - [2007/01/31 19:18:42 | 000,053,248 | ---- | M] (Acer Inc.) [Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe -- (eRecoveryService)
SRV - [2006/12/29 19:51:56 | 000,028,672 | ---- | M] () [Auto | Running] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Office\AppData\Local\Temp\wndproxy.sys -- (wndproxy)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Office\AppData\Local\Temp\kintelid.sys -- (kintelid)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2013/05/21 23:05:20 | 001,611,992 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\VirusDefs\20130522.003\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/05/21 23:05:19 | 000,093,272 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\VirusDefs\20130522.003\NAVENG.SYS -- (NAVENG)
DRV - [2013/04/12 18:53:06 | 001,000,024 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\BASHDefs\20130515.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2013/04/11 20:50:25 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2013/04/11 20:50:25 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/09/06 04:54:30 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\Definitions\IPSDefs\20130521.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/08/22 15:48:31 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/07/05 21:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\System32\drivers\N360\0604010.00E\srtsp.sys -- (SRTSP)
DRV - [2012/07/05 21:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604010.00E\srtspx.sys -- (SRTSPX)
DRV - [2012/06/06 23:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604010.00E\ccsetx86.sys -- (ccSet_N360)
DRV - [2012/05/21 20:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0604010.00E\symefa.sys -- (SymEFA)
DRV - [2012/04/17 21:13:32 | 000,345,208 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604010.00E\symtdiv.sys -- (SYMTDIv)
DRV - [2012/04/17 21:13:22 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0604010.00E\symds.sys -- (SymDS)
DRV - [2012/04/17 20:42:14 | 000,149,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604010.00E\ironx86.sys -- (SymIRON)
DRV - [2012/04/02 14:47:26 | 000,021,992 | ---- | M] (Silicon Laboratories) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV - [2011/05/13 03:21:06 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/05/13 03:21:06 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/05/13 03:21:06 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011/05/13 03:21:06 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2009/08/14 08:45:24 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2009/08/14 08:45:24 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008/12/12 19:05:18 | 000,026,416 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\purendis.sys -- (purendis)
DRV - [2008/12/12 19:05:18 | 000,024,880 | ---- | M] (Cisco Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\pnarp.sys -- (pnarp)
DRV - [2008/12/04 14:17:16 | 000,645,120 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WUSB54GCv3.sys -- (WUSB54GCv3)
DRV - [2007/03/14 09:04:28 | 002,427,392 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007/02/02 03:37:36 | 000,982,272 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006/12/07 19:12:02 | 000,076,584 | ---- | M] () [Kernel | Auto | Running] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15)
DRV - [2006/10/29 22:22:26 | 000,008,192 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://en.us.acer.yahoo.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.coupons.com/
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c.../search/ie.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SEARCH PAGE = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://att.net/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://att.my.yahoo.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {92dd07ab-ab7f-424d-aa58-452f1b6815d5} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{3C0A6788-B2AE-4BA4-86E9-4D7B726CFFBA}: "URL" = http://search.yahoo....=utf-8&fr=b1ie7
IE - HKCU\..\SearchScopes\{645701DB-0A59-AE3F-8D62-BAA040AFB663}: "URL" = http://www.bing.com/...007&form=ZGAIDF
IE - HKCU\..\SearchScopes\{666F3745-4E2F-4A18-B9C7-841A6B572F92}: "URL" = http://websearch.ask...9B-561B690E36B7
IE - HKCU\..\SearchScopes\{A26C36F3-9D6C-4551-86A4-B3E9C4B7B3CD}: "URL" = http://www.crawler.c...id=10002&lng=en
IE - HKCU\..\SearchScopes\{A531D99C-5A22-449b-83DA-872725C6D0ED}: "URL" = http://search.alot.c...on=1.2.2000.2(B)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: {f999a48b-1950-4d81-9971-79018f807b4b}:3.9.0.3
FF - prefs.js..extensions.enabledAddons: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.8.0.8855
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.0.68 - 1
FF - prefs.js..extensions.enabledAddons: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2011.7.5.2
FF - prefs.js..keyword.URL: "http://www.google.co...-8&oe=UTF-8&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Motive.com/NpMotive,version=1.0: C:\Program Files\Common Files\Motive\npMotive.dll (Motive, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Office\AppData\Local\Roblox\Versions\version-fbaf58bbbe84491d\\NPRobloxProxy.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/31 06:33:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\IPSFFPlgn\ [2012/08/22 15:53:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.3.0.14\coFFPlgn\ [2013/05/21 18:02:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/11/27 21:16:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Mozilla Firefox\extensions\[email protected] [2013/04/01 15:07:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/04/01 15:06:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/11/27 22:13:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/08/31 06:33:27 | 000,000,000 | ---D | M]
[2012/08/16 06:25:36 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Office\AppData\Roaming\mozilla\Extensions
[2013/04/01 15:07:04 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Office\AppData\Roaming\mozilla\Firefox\Profiles\whbvl329.default\extensions
[2012/05/08 08:46:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Office\AppData\Roaming\mozilla\Firefox\Profiles\whbvl329.default\extensions\{7d9e1adc-7db1-4eaf-b6c7-7e062074e6be}
[2013/04/01 15:07:05 | 000,000,000 | ---D | M] (SelectionLinks) -- C:\Users\Office\AppData\Roaming\mozilla\Firefox\Profiles\whbvl329.default\extensions\[email protected]
[2011/12/06 04:27:50 | 000,968,181 | ---- | M] () (No name found) -- C:\Users\Office\AppData\Roaming\mozilla\firefox\profiles\whbvl329.default\extensions\FreeVideoConverter_EN.xpi
[2012/08/01 06:47:31 | 000,001,678 | ---- | M] () (No name found) -- C:\Users\Office\AppData\Roaming\mozilla\firefox\profiles\whbvl329.default\extensions\[email protected]
[2011/06/20 21:24:42 | 000,019,153 | -H-- | M] () (No name found) -- C:\Users\Office\AppData\Roaming\mozilla\firefox\profiles\whbvl329.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/04/01 15:07:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/08/12 13:05:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2013/04/01 15:07:40 | 000,000,000 | ---D | M] (InfoAtoms) -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2011/04/14 11:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/01/12 03:07:32 | 000,183,200 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMcAfeeSRPlgn.dll
[2012/11/27 21:16:04 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/05/05 17:54:51 | 000,002,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\blekkotb.xml
========== Chrome ==========
CHR - default_search_provider: Yahoo! (Enabled)
CHR - default_search_provider: search_url = http://search.yahoo....p={searchTerms}
CHR - default_search_provider: suggest_url = http://ff.search.yah...d={searchTerms}
CHR - homepage: http://search.condui...2433330106&UM=2
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.93\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.93\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.93\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.13.5_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Acrobat 7.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: McAfeeScanAndRepair (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMcAfeeSRPlgn.dll
CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Motive Plugin (Enabled) = C:\Program Files\Common Files\Motive\npMotive.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Roblox Launcher Plugin (Enabled) = C:\Users\Office\AppData\Local\Roblox\Versions\version-fbaf58bbbe84491d\\NPRobloxProxy.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll
CHR - Extension: Google Drive = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: InfoAtoms = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbgpoakplhahbklhkcfbpicgjcaoglk\1.5.0.0_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Norton Identity Protection = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.13.5_0\
CHR - Extension: Pin Tool = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajneknfikopikcibdegfdkdicmnefmg\1.0.5_1\
CHR - Extension: Select-Links = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocfgchjgnohfbichkpeigldkmoogijoc\4.3_0\
CHR - Extension: Gmail = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: InternetHelper3 = C:\Users\Office\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjnnnhampgflieglcelomcofocioegp\10.16.1.521_0\
O1 HOSTS File: ([2012/11/29 18:19:24 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (InfoAtoms) - {103089DA-0F31-4A8B-843F-7D24A7FE8345} - C:\Program Files\InfoAtoms\IE32\InfoAtomsClientIE.dll (InfoAtoms Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.4.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\System32\ActiveToolBand.dll (HiTRUST)
O2 - BHO: (ALOT Appbar Helper) - {85F5CF95-EC8F-49fc-BB3F-38C79455CBA2} - C:\Program Files\alotappbar\bin\BHO\ALOTHelperBHO.dll (Vertro, Inc)
O2 - BHO: (VideoFileDownload) - {91013d36-f9cf-49a1-8974-0fda7a71744f} - C:\Program Files\OApps\bho_project.dll File not found
O2 - BHO: (Crawler Toolbar) - {9234F5E0-56CC-4F0B-AAE4-0D4BD5032180} - C:\Program Files\Crawler Toolbar\Crawler.dll (Crawler.com, LLC)
O2 - BHO: (FreePriceAlerts) - {A7C0A55C-300E-4193-8FB5-5DB8E6533D35} - C:\Program Files\FreePriceAlerts\vbobho.dll (FreePriceAlerts.com)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SelectionLinks) - {E8861423-0DAB-459E-A8D5-DB264E69E70C} - C:\Program Files\OApps\SelectionLinks.dll (SelectionLinks)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.4.1.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Coupons.com CouponBar) - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files\Coupons.com CouponBar\tbcore3.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (ALOT Appbar) - {A531D99C-5A22-449b-83DA-872725C6D0ED} - C:\Program Files\alotappbar\bin\alothelper.dll (Vertro, Inc)
O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {C4D78C72-08DB-4A3F-9175-B265157283F3} - C:\Program Files\Crawler Toolbar\Crawler.dll (Crawler.com, LLC)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O3 - HKCU\..\Toolbar\WebBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Windows\System32\eDStoolbar.dll (HiTRUST)
O4 - HKLM..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe ()
O4 - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CrawlerToolbar] C:\Program Files\Crawler Toolbar\Crawler.exe (Crawler.com, LLC)
O4 - HKLM..\Run: [Linksys Wireless Manager] C:\Program Files\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe (Linksys, LLC)
O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\Run: [Sendori Tray] C:\Program Files\Sendori\SendoriTray.exe (Sendori, Inc.)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Fitbit Service Monitor] C:\Program Files\Fitbit\fitbit-tray.exe (Fitbit, Inc.)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_DF31C8A2E4640D318CF7808D6E5C6704] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [PC Health Kit] C:\Program Files\PC Health Kit\PCHKLauncher.exe (PC Health Labs)
O4 - HKCU..\Run: [SearchProtect] C:\Users\Office\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
O4 - HKLM..\RunOnceEx: [] File not found
O4 - Startup: C:\Users\Office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\Sendori.dll (Sendori)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\Sendori.dll (Sendori)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: facebook.com ([www] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{741ACAF4-B8A5-4A29-8B0D-EB2533F80AA3}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5CFA03F-E0EF-4616-A3EB-B2C09437DFED}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B5CFA03F-E0EF-4616-A3EB-B2C09437DFED}: NameServer = 216.146.35.240,216.146.36.240,192.168.1.254
O18 - Protocol\Handler\crawler {4545C96B-15D0-4E22-8DDE-6F2CAF531281} - C:\Program Files\Crawler Toolbar\Crawler.dll (Crawler.com, LLC)
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\Platform\puresp4.dll (Cisco Systems, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Office\Desktop\Fred Watson EHS 4-26-12 1627 - 1797\Fred Watson Collage.jpg
O24 - Desktop BackupWallPaper: C:\Users\Office\Desktop\Fred Watson EHS 4-26-12 1627 - 1797\Fred Watson Collage.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{4a4f7ce5-2188-11df-9834-001c252951e7}\Shell - "" = AutoRun
O33 - MountPoints2\{4a4f7ce5-2188-11df-9834-001c252951e7}\Shell\AutoRun\command - "" = K:\LaunchU3.exe
O33 - MountPoints2\{6d86a3fa-4c18-11e2-a070-001c252951e7}\Shell - "" = AutoRun
O33 - MountPoints2\{6d86a3fa-4c18-11e2-a070-001c252951e7}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/17 09:22:44 | 000,000,000 | ---D | C] -- C:\Users\Office\Desktop\Dad's stuff
[2013/05/06 14:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPEG to MP3 Converter
[2013/04/30 22:46:09 | 000,000,000 | ---D | C] -- C:\Users\Office\AppData\Roaming\dvdcss
[2013/04/30 22:45:19 | 000,000,000 | ---D | C] -- C:\Users\Office\AppData\Local\Aiseesoft Studio
[2013/04/30 22:45:18 | 000,000,000 | ---D | C] -- C:\Users\Office\Documents\Aiseesoft Studio
[2013/04/30 22:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
[2013/04/30 22:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Aiseesoft Studio
[2013/04/30 22:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Aiseesoft Studio
[2013/04/30 22:37:32 | 000,000,000 | ---D | C] -- C:\Users\Office\AppData\Roaming\tiger-k
[2013/04/30 22:37:29 | 000,000,000 | ---D | C] -- C:\Users\Office\Documents\Leawo
[2013/04/30 22:37:29 | 000,000,000 | ---D | C] -- C:\Users\Office\AppData\Roaming\Leawo
[2013/04/30 22:37:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Leawo
[2013/04/30 22:36:53 | 000,606,208 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvidcore.dll
[2013/04/30 22:36:53 | 000,139,264 | ---- | C] (http://www.xvid.org) -- C:\Windows\System32\xvid.ax
[2013/04/30 22:36:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Ripper
[2013/04/30 22:36:35 | 000,000,000 | ---D | C] -- C:\Program Files\Leawo
[2013/04/29 03:11:01 | 000,000,000 | ---D | C] -- C:\Real
========== Files - Modified Within 30 Days ==========
[2013/05/22 12:43:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/22 12:42:33 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/22 12:01:35 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/22 12:01:35 | 000,003,168 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/22 09:37:30 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMSchedule.job
[2013/05/22 03:11:00 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Office.job
[2013/05/22 00:33:46 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Office.job
[2013/05/21 18:08:14 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/21 18:08:13 | 000,104,202 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/21 18:02:01 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\RMAutoUpdate.job
[2013/05/21 18:01:42 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/21 18:01:41 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Office.job
[2013/05/21 18:01:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/21 18:00:53 | 2952,257,536 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/21 18:00:49 | 540,687,641 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/05/21 17:53:02 | 000,325,920 | ---- | M] (Sendori) -- C:\Windows\System32\Sendori.dll
[2013/05/21 17:52:14 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Office.job
[2013/05/16 03:27:35 | 000,381,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/06 18:16:21 | 000,002,627 | ---- | M] () -- C:\Users\Office\Desktop\Microsoft Office Word 2007 (2).lnk
[2013/05/06 14:19:11 | 000,000,786 | ---- | M] () -- C:\Users\Office\Application Data\Microsoft\Internet Explorer\Quick Launch\WAV MP3 Converter.lnk
[2013/05/01 17:34:04 | 000,325,920 | ---- | M] (Sendori) -- C:\Windows\System32\Sendori.dll.old.tuq
[2013/04/30 22:45:08 | 000,002,073 | ---- | M] () -- C:\Users\Office\Application Data\Microsoft\Internet Explorer\Quick Launch\Aiseesoft DVD Ripper.lnk
[2013/04/30 22:36:57 | 000,000,890 | ---- | M] () -- C:\Users\Office\Application Data\Microsoft\Internet Explorer\Quick Launch\Leawo DVD Ripper.lnk
[2013/04/29 06:57:35 | 000,001,183 | ---- | M] () -- C:\Users\Office\Desktop\Google Chrome.lnk
========== Files Created - No Company Name ==========
[2013/05/06 14:19:11 | 000,000,786 | ---- | C] () -- C:\Users\Office\Application Data\Microsoft\Internet Explorer\Quick Launch\WAV MP3 Converter.lnk
[2013/04/30 22:45:08 | 000,002,073 | ---- | C] () -- C:\Users\Office\Application Data\Microsoft\Internet Explorer\Quick Launch\Aiseesoft DVD Ripper.lnk
[2013/04/30 22:36:57 | 000,000,890 | ---- | C] () -- C:\Users\Office\Application Data\Microsoft\Internet Explorer\Quick Launch\Leawo DVD Ripper.lnk
[2013/04/16 21:26:26 | 000,001,494 | ---- | C] () -- C:\ProgramData\SMRResults322.dat
[2013/02/14 08:38:24 | 000,038,560 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2012/07/11 03:03:07 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2012/06/18 16:25:44 | 000,000,000 | ---- | C] () -- C:\Users\Office\AppData\Roaming\wklnhst.dat
[2012/05/08 20:22:24 | 000,004,096 | -H-- | C] () -- C:\Users\Office\AppData\Local\keyfile3.drm
[2012/05/05 18:13:07 | 000,004,144 | ---- | C] () -- C:\ProgramData\knmesfut.gey
[2011/11/16 18:24:11 | 000,000,106 | ---- | C] () -- C:\Users\Office\AppData\Roaming\avbase.dat
[2011/06/08 21:50:52 | 000,000,160 | -H-- | C] () -- C:\ProgramData\~34070264r
[2011/06/08 21:50:52 | 000,000,144 | -H-- | C] () -- C:\ProgramData\~34070264
[2011/06/08 21:50:45 | 000,000,344 | -H-- | C] () -- C:\ProgramData\34070264
[2011/06/06 17:25:39 | 000,205,894 | ---- | C] () -- C:\Windows\hpoins46.dat
[2011/06/01 14:37:23 | 000,000,000 | ---- | C] () -- C:\Windows\ka.ini
[2010/02/25 09:15:01 | 000,013,312 | ---- | C] () -- C:\Users\Office\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== ZeroAccess Check ==========
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010/01/31 15:12:13 | 000,000,000 | -H-D | M] -- C:\Users\Office\AppData\Roaming\Acer
[2012/01/23 18:03:20 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\Acoustica
[2013/04/01 15:06:41 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\Conduit
[2010/02/10 22:25:21 | 000,000,000 | -H-D | M] -- C:\Users\Office\AppData\Roaming\eSobi
[2012/01/24 19:41:00 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\Free YouTube to MP3 WMA Converter
[2012/11/27 21:57:33 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\FreePriceAlerts
[2010/01/31 15:11:57 | 000,000,000 | -H-D | M] -- C:\Users\Office\AppData\Roaming\Leadertech
[2013/04/30 22:37:29 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\Leawo
[2013/04/01 15:08:03 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\PC Health Kit
[2012/05/08 08:41:07 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\PerformerSoft
[2013/04/01 15:06:07 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\SearchProtect
[2011/06/21 12:59:38 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\SmartDraw
[2012/01/23 18:08:21 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\SynthMaker
[2013/04/30 22:38:16 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\tiger-k
[2011/06/09 10:41:38 | 000,000,000 | ---D | M] -- C:\Users\Office\AppData\Roaming\WhiteSmokeSetup
[2011/01/01 10:25:28 | 000,000,000 | -H-D | M] -- C:\Users\Office\AppData\Roaming\WhiteSmokeTranslator
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:D1B5B4F1
< End of report >
OTL Extras logfile created on: 5/22/2013 12:48:01 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Office\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19418)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.75 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 32.82% Memory free
5.72 Gb Paging File | 3.75 Gb Available in Paging File | 65.61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 144.30 Gb Total Space | 67.54 Gb Free Space | 46.81% Space Free | Partition Type: NTFS
Drive D: | 144.03 Gb Total Space | 143.93 Gb Free Space | 99.93% Space Free | Partition Type: NTFS
Drive I: | 7.40 Gb Total Space | 6.71 Gb Free Space | 90.71% Space Free | Partition Type: FAT32
Computer Name: OFFICE-PC | User Name: Office | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E39F5B-0301-4202-A1F3-5B041C0D3EEC}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{05EDE5EA-49FB-4283-AB2B-148A289319FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{104E2754-768F-441E-A855-0A3CAFF85B16}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1B91CEE3-B47D-4399-83CD-0850A1AE4999}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21C4F8F1-9264-4F72-9C48-A029CA5FC42C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{281C05A1-A812-4E0C-8C88-FFAA94C87FDD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{28586F8A-7F98-469A-809D-EA9406EFB79D}" = rport=139 | protocol=6 | dir=out | app=system |
"{2D033FAA-0514-4E6F-9837-577B878F1118}" = rport=137 | protocol=17 | dir=out | app=system |
"{349B96ED-18CC-4FE4-BA3A-91BBBF54A774}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{358D8348-36FF-44A5-BF78-D3B97C2264E0}" = lport=10244 | protocol=6 | dir=in | app=system |
"{3917E618-409A-4F98-B5C5-EE4BFF673AA0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{39D190EE-8045-494B-90A8-BD7D353C664B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{3A740CF1-9080-493F-908D-9D9013984FD3}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{40166126-4E11-42FC-A113-A63FB6D0F4C6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F32D4D9-7C3C-416D-9A0A-B177BA7F96CA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5434DF3A-D5DE-4601-9859-08B7C2865F2C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{5AC53798-5473-4AF4-AA4D-DF95B7EB265C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5D273366-126B-42FF-BEF4-811A6AC52A44}" = lport=10244 | protocol=6 | dir=in | app=system |
"{5D88F940-B49F-40C8-A989-6D0041430205}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5FA1D3DC-B292-4579-9563-F50616B765BB}" = rport=138 | protocol=17 | dir=out | app=system |
"{63466025-8E3F-4105-A541-048314885B45}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6A3E7E6C-1A68-44B2-B1BF-618F77E711A6}" = rport=10244 | protocol=6 | dir=out | app=system |
"{83C6E6DB-986D-4AC7-86B0-96CC73F44F10}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{877FD384-FCA5-4011-A0DE-0EB2A4FC19D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{8DE301AB-37C5-4E5C-B8EE-9279BFEA3DA3}" = rport=445 | protocol=6 | dir=out | app=system |
"{8F03CA4C-5979-4DCA-BCEA-DECA7836E8D6}" = lport=139 | protocol=6 | dir=in | app=system |
"{8FF6C08A-6C34-4B05-BCE7-7CC98399CCF9}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{A3BCFF37-5D62-4D47-90E5-B811A64EFEED}" = lport=3390 | protocol=6 | dir=in | app=system |
"{AB3332EB-DE12-4AE5-9867-1B0FBD9D24C9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AB41BC47-A798-4197-A689-53FF5A4F674D}" = rport=10244 | protocol=6 | dir=out | app=system |
"{ADFF068E-2C59-4067-883F-9BA55EFF3AC1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AF14F749-C6AE-4991-BDD5-2418EAE81EF3}" = lport=445 | protocol=6 | dir=in | app=system |
"{BC0C02CC-6557-4ED1-9CE7-51F6BE8AF344}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CA002236-1DAD-4DEE-8171-77585101769C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{CBA11733-8200-4F25-B477-38572946C92D}" = lport=137 | protocol=17 | dir=in | app=system |
"{D0A6EE76-40AD-4021-B063-30DF3BC95EBF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DDC56886-DF19-41BB-8AF0-CA6AC3FC4AD6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DEF072D5-F351-4963-834E-A525E7A31D09}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E18F9B77-3704-4BA9-A564-F58247835A07}" = lport=3390 | protocol=6 | dir=in | app=system |
"{E560FB52-56D3-426D-ACD4-0C885D49EEC7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E748949A-3EEB-4E0D-A7AA-A97C509FB95D}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
"{F4E61E74-65AF-4899-9EAA-626A54ADCA6C}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{070092CC-9AE7-4CEA-A467-A3C8812E84B8}" = protocol=58 | dir=out | [email protected],-28546 |
"{10281120-119F-4AA0-9F43-833FED88F17A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{17D7935D-7761-4689-B928-D55EE60BFD56}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{1955E669-BE1F-4C13-B854-FB32F2900974}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe |
"{1A256392-0C29-4B91-BDF4-434CC32B1D4D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A454546-E443-4670-BC72-919899553F44}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{1E44373F-B643-442A-A167-16629EEA7FFD}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{27040674-8EE4-41DC-8E08-8A75C62B8A39}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{27DE306C-74EA-4CC0-ADE4-3429765958F4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{28937AAB-03A5-48B0-9A02-D1ABE298E16F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{3025239F-0C3D-4A71-A6FB-A10C07BA7D19}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{309878BD-F7AC-4D49-948D-121945EE44FD}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{3247000A-9B37-4128-B3E6-58419390E205}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3E33F6D8-28B6-4006-BA59-74CE3829F6D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3E3F22FE-07AC-4DF3-A20E-1B013D7A2C41}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{44EFCEF9-3389-49D7-ACAB-AA157BAC8E3B}" = protocol=58 | dir=in | [email protected],-28545 |
"{55639177-8ABC-4883-A400-6309FFBA4F50}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{5B7D673E-E3BC-4578-9DB4-D1518AFC0652}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{5DCC22AA-F00A-4014-9F8B-8F1832E614A3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{5F06C73B-3B46-4ED5-983C-2880071833B2}" = dir=in | app=c:\program files\acer arcade live\acer homemedia connect\homemedia connect.exe |
"{64C52DD3-2977-4C34-BDA1-8FD96179DF00}" = dir=in | app=c:\program files\acer arcade live\slideshow dvd\component\clsldvd.exe |
"{65F6CCE6-71F7-4982-AD6E-EBD8D637F9DC}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{68712986-939A-413B-BF85-DED902B5E06F}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
"{69F6906A-E5E2-4BC7-B089-5A6FB9B6A4AC}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{7417F978-A38B-4F5F-95CE-2AC9E12F7ADA}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
"{7495274E-5EA5-4886-947C-C5FDC24E4B3D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{7D6C8002-7EF0-4517-982D-DBADD6E0118A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{814E142D-A58D-4BDD-9121-B8FE6D948A55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8422EA09-442D-4FB6-B09C-932C5AB91E73}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{84C13AB5-E586-469A-A86E-F0F45171CFC9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{8EA9BE68-132C-40CA-8737-769DD4FBC60D}" = protocol=6 | dir=out | app=system |
"{9772D6B9-6B93-43B4-A28D-35AD85CBCCB9}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{998D6855-21C5-4D5A-8F9C-3C2F9D80258D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{9C440509-7149-4939-BADC-607A61C99FE4}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9DC180F2-3468-4726-AC4A-26F740F7EB5B}" = protocol=1 | dir=in | [email protected],-28543 |
"{9F621A7F-207B-42EB-B651-AD5E34C7ECAF}" = protocol=1 | dir=out | [email protected],-28544 |
"{A0E22BD1-9D17-41A4-BF50-419B503C50D0}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\component\dvax2process.exe |
"{A8757501-B402-4C19-AD10-EA4697A9512B}" = dir=in | app=c:\program files\acer arcade live\acer videomagician\videomagician.exe |
"{ABE80A58-C248-41BC-8DE2-2AA0C96D537A}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{AFD761E2-EC74-4999-82F6-C84B720C8284}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{BD28E5D8-8ACC-4DF3-9378-D87594D1C765}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{BD2BB322-72E9-408B-A66D-71A784F358AC}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{C0B04953-9D63-4886-9FEE-B20972592777}" = dir=in | app=c:\program files\acer arcade live\acer arcade live main page\acer arcade live.exe |
"{C25E7E8F-0B06-4B93-B804-72F14C9D0C5A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C5A6A6A0-D297-4AA6-9383-21A16C3F9929}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C66EE41A-DA45-4ECB-AA86-8833E31CE65A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6F4AEE9-0B6C-4588-85C3-DBCDB8DF5DFA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{CA392348-1E57-489B-A7E3-E7BD9169B812}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{CB8D1848-9DD5-4407-B477-BE0F88CD549D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CBB9A167-0435-46F7-8667-AB34BA14F279}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CE880BA2-4F61-4455-8A74-0BFC37966BAB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D18E520B-B2CE-4278-A7E1-B18991FA753C}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
"{D34CAE73-3608-434E-AE0A-6279FE753FE3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{D6323283-BD96-451E-B617-FBF21F668635}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{D632DAE4-0D53-4817-A6A7-E7A0B7CE88D0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{D9E3C98B-349C-4224-B95D-88EE361FD0B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DFFF3429-DA90-43DB-898C-FAEEFE3F39E2}" = dir=in | app=c:\program files\acer arcade live\acer homemedia\homemedia.exe |
"{E59634F8-1C07-40AC-84E1-E301FBC238EE}" = dir=in | app=c:\program files\acer arcade live\acer dvdivine\dvdivine.exe |
"{E6F33E1E-845A-4CAD-A0AD-4E5DBD672CE2}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{ED1E9675-5C5C-4552-8979-8FFBD704C996}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{F42A10AE-D383-4A78-9E05-64BBC84376C5}" = dir=in | app=c:\program files\acer arcade live\acer dv magician\component\arawp.exe |
"{FE02601A-6A71-4AAA-B6AF-3FFEA6115E58}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{FFF3293C-A9E1-45BA-8B79-DAFEB8A272D7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"TCP Query User{05C4C118-DC42-42CB-922B-D5B93595F014}C:\program files\sling media\slingplayer\slingplayer.exe" = protocol=6 | dir=in | app=c:\program files\sling media\slingplayer\slingplayer.exe |
"TCP Query User{110BBB74-9BAC-4671-93D9-1223DC81835B}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"TCP Query User{42F05059-76E9-4F08-B8ED-4E59F4FDB072}C:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe" = protocol=6 | dir=in | app=c:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe |
"TCP Query User{8C29D3B9-E735-4DCD-9128-94F7D65B424C}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{4C1C6EC3-EFAA-42FB-8F6F-E6819B9DE4B4}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
"UDP Query User{4CDE3D2F-AF71-4AC8-A8F0-BB1770B9E017}C:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe" = protocol=17 | dir=in | app=c:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe |
"UDP Query User{5F4A6285-730C-4878-90CD-313295FC7DF1}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{D225C281-52AA-472A-AB71-163C5F46937B}C:\program files\sling media\slingplayer\slingplayer.exe" = protocol=17 | dir=in | app=c:\program files\sling media\slingplayer\slingplayer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0008546E-DF6E-4CC1-AFD0-2CB8E16C95A2}" = Notifier
"{021661E0-C377-C87B-9583-E0A69E61A489}" = Catalyst Control Center Localization Thai
"{023387B5-AF74-D690-D2C6-C8D474597284}" = CCC Help Polish
"{042B8532-E27C-C06E-A8F5-71F36B98B2DE}" = Catalyst Control Center Localization Portuguese
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07AE9F43-360F-7412-577B-2B4B73E5EAB9}" = CCC Help Hungarian
"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver Software 14.0 Rel. 6
"{0C09E020-9996-4E1C-9839-97DA8F9C8D6B}" = CCC Help Danish
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{154508C0-07C5-4659-A7A0-E49968750D21}" = HLPPDOCK
"{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1861D449-590B-71F5-2C62-21730731FC4C}" = ccc-utility
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FE417E2-6B8F-44CA-A7DF-A4BD072E8ED8}_is1" = Leawo DVD Ripper version 5.1.0.0
"{20EFC9AA-BBC1-4DFD-81FF-99654F71CBF8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{21565317-7E58-CEED-E5BE-6916533442F4}" = Catalyst Control Center Localization Czech
"{2224B408-E7E4-15CF-0674-EC7C36D68741}" = Catalyst Control Center Localization Hungarian
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{236D1288-99DB-C3D6-D132-EDE6317BF619}" = CCC Help Japanese
"{2376AAB2-F4D9-48D7-A42B-4E80B8967A8B}" = F4500
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 26
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{2AABA091-41DF-D0D3-83F8-0133F8C7AA97}" = Catalyst Control Center Localization Swedish
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{317DE552-B622-0DD2-4E7E-28400D64C100}" = Catalyst Control Center Localization Dutch
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{38441BE7-79B0-42B8-8297-833704F949FE}" = HLPIndex
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CA39B0C-BA85-4D42-AC0F-1FF5F60C3353}" = OTtBPSDK
"{3D08333C-C366-425D-8C2D-D05630D68A46}" = SlingPlayer
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{42DF661F-6351-B582-DE2C-B8C46B30303F}" = CCC Help Dutch
"{432C3720-37BF-4BD7-8E49-F38E090246D0}" = CR2
"{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}" = Sawbuck
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{48C82F7A-F100-4DAB-A310-8E18BF2159E1}" = ESSvpot
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F5641C5-409C-7E5A-A2F9-B6D00A190B55}" = Catalyst Control Center Graphics Previews Vista
"{4F677FC7-7AA8-412B-A957-F13CBE1C7331}" = ESSSONIC
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{54F6C98F-94A0-421C-B90E-0B6A2A96A9CF}" = Pure Networks Platform
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{5EA96EEF-4E57-C1F0-6A06-088191FE110C}" = CCC Help Thai
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{67ADE9AF-5CD9-4089-8825-55DE4B366799}" = NTI Backup NOW! 4.7
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B73D186-ED5C-6EB1-96EE-8F866269243C}" = Catalyst Control Center Localization Danish
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7007D9E6-F820-CFEA-EB87-9C9377A967F7}" = CCC Help Swedish
"{710EA46C-2A49-F39A-5EC7-3884DC5329D7}" = Catalyst Control Center Localization Spanish
"{74AF0F2A-A87D-B6B7-6671-61B53F98254B}" = Catalyst Control Center Localization Turkish
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{760F3E42-B1E4-5324-4C4A-0459C8938B6A}" = Catalyst Control Center Localization Italian
"{7760B7DD-C922-C286-AB6C-2E06B32C1D4F}" = Catalyst Control Center Graphics Full Existing
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{79F41FC6-07F9-47C2-BBAC-37C7C70EE703}" = MCEBrowser
"{837F9742-DCC8-3FF4-5066-E11E48EE2391}" = Catalyst Control Center Localization Korean
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{8674DA43-CE5D-48EB-94E8-E0DC5B59AF88}_is1" = Satellite Direct v9.25.1.1
"{86861408-CB40-247E-B851-608792116658}" = CCC Help Norwegian
"{86E71966-9EE0-9AD3-2C17-FC3A0B8BB810}" = Catalyst Control Center Localization Chinese Standard
"{87843A41-7808-4F2E-B13F-25C1E67CF2FD}" = ESShelp
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8BB4B58A-A402-4DE8-8FCD-287E60B88DD8}" = ESSCT
"{8BCA7792-CF78-46C6-66A7-EB9A8F0FB0A2}" = Catalyst Control Center Localization Russian
"{8C42C789-B0EF-3226-9069-D1956B220B38}" = Catalyst Control Center Localization Greek
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{94389919-B0AA-4882-9BE8-9F0B004ECA35}" = Acer Tour
"{969CAD22-B9F0-4476-9F00-D86C47551BC0}" = PS_AIO_04_C5500_Software_Min
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BE1CAAF-31C0-6B2A-45EE-7761FDEFC806}" = ccc-core-static
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9C353B52-07E4-07A7-B95F-392D8AA37210}" = Catalyst Control Center Localization Japanese
"{9D8FEE90-0377-49A9-AEFB-525BDE549BA4}" = ESScore
"{9DBB76DD-812B-26E9-C681-B7CD2DA27A78}" = CCC Help French
"{9F96AFEF-28F1-2479-1D6A-33F8D4A7BF11}" = CCC Help Chinese Standard
"{A10FCB8E-F4C3-0C5E-4FFC-8C9A560095A8}" = CCC Help Russian
"{A4A14B15-F25D-44F8-8483-291C1DF7C548}_is1" = WAV MP3 Converter v4.4 build 1429
"{A5B3EB8A-4071-42F0-8E8E-7A8342AA8E69}" = ESSvpaht
"{A6038CD2-72AF-2C0A-C1A3-93D360F5A889}" = CCC Help Korean
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BA65A6-BEA6-48DF-991A-CB28A23CBAE3}" = C5500
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AADAC983-FDE9-42FA-8FD9-7BB324155593}" = HLPRFO
"{AB6097D9-D722-4987-BD9E-A076E2848EE2}" = Acer Empowering Technology
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A70000000000}" = Adobe Reader 7.0
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AE223864-BFA1-1F17-49B2-13C8971DACA2}" = Catalyst Control Center Localization German
"{AEEAE013-92F1-4515-B278-139F1A692A36}" = Acer eDataSecurity Management
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B22D8435-CB77-849A-B9AE-D1737A073914}" = Catalyst Control Center Localization Polish
"{B28635AB-1DF3-4F07-BFEA-975D911B549B}" = hpphotosmartdisclabelplugin
"{B3BA8D55-5397-6712-1B6C-5A8849AF19F5}" = Catalyst Control Center Core Implementation
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B7B8AA42-B894-4668-A652-D9915C7EDDCF}" = Sling Link Turbo
"{B8000353-9E60-4e84-BF3E-CD9996EF80EE}" = HP Photosmart C5500 All-In-One Driver Software 12.0 Rel .4
"{B997C2A0-4383-41BF-B76E-9B8B7ECFB267}" = KSU
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1722D10-8C05-B66D-A160-7C2CFF589176}" = Catalyst Control Center Graphics Light
"{C485A66D-3521-20E8-2A7B-F060B1773491}" = Catalyst Control Center Localization French
"{C9DC3EE4-7A92-F473-510D-48A5EAD52845}" = ATI Catalyst Install Manager
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA60320D-6A16-49C8-A34F-84EEF4799567}" = ESSTUTOR
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CD1C40A4-2836-1911-673E-18572FD2B62A}" = Catalyst Control Center Graphics Full New
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe 1.4.142.1
"{CF6FE5A8-1338-188F-35B3-8372FA31D822}" = Skins
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D462BF9E-0C35-4705-BF9B-3DF9F3816643}" = Acer ePerformance Management
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D5E905F1-7657-7B1E-E5BD-2C69C89C8ABE}" = CCC Help Italian
"{D6BAD6AB-D3D9-46ad-B2C4-5A969006CE48}_is1" = Aiseesoft DVD Ripper 6.2.62
"{D6DB00A1-4BCC-AB1B-24C2-0999BDA43D85}" = CCC Help Greek
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D7D4DB0F-9070-AED1-D2F4-D11BD42C7588}" = CCC Help Chinese Traditional
"{D7F01E28-9D36-F8EC-872F-9FD71792F858}" = CCC Help Finnish
"{D9D8F2CF-FE2D-4644-9762-01F916FE90A9}" = HPPhotoSmartDiscLabel_PaperLabel
"{DA6AB13B-4D72-6EBB-AA4D-656CE9C0E512}" = CCC Help English
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DC3381CB-10D4-431D-B9B3-7DB84B00645F}" = FreePriceAlerts 2.3.5
"{DF59BA36-54DC-6BB4-FCED-C9B9F2BCB4AE}" = CCC Help Spanish
"{E0325EFE-9D02-0F1E-7306-F4D95979715A}" = Catalyst Control Center Localization Chinese Traditional
"{E63AA3F4-5647-0BC8-24FC-F40CFE56B579}" = Catalyst Control Center Localization Norwegian
"{E6541F6A-3D2D-30E5-57F9-4DD411C2E4F0}" = CCC Help German
"{E720B248-D9F5-5E20-8E72-3E419D45D703}" = Catalyst Control Center Localization Finnish
"{E8E32E53-18F7-095E-CC75-F77E412F1AD9}" = CCC Help Portuguese
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F09030B7-7B8A-30DE-539B-607C9B1831DB}" = CCC Help Czech
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F13E61C0-917B-4AAD-96CD-7A5860E25A73}_is1" = Crawler Toolbar
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F71760CD-0F8B-4DCC-B7B7-6B223CC3843C}" = OTtBP
"{F76D7388-A433-E572-4718-CD3421738166}" = CCC Help Turkish
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FDF9943A-3D5C-46B3-9679-586BD237DDEE}" = SKIN0001
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Assist" = Acer Assist
"Acer Registration" = Acer Registration
"Acoustica Effects Pack" = Acoustica Effects Pack
"Acoustica Mixcraft 5" = Acoustica Mixcraft 5
"Acoustica Mixcraft 6" = Acoustica Mixcraft 6
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"alotAppbar" = ALOT Appbar
"ATI Uninstaller" = ATI Uninstaller
"ATT-PRT22" = ATT-PRT22
"ENTERPRISER" = Microsoft Office Enterprise 2007
"ERUNT_is1" = ERUNT 1.1j
"Fitbit Data Uploader_is1" = Fitbit v2.1.0.8
"FITBIT&10C4&84C4" = Fitbit Base Station (Driver Removal)
"Flash Player Pro_is1" = Flash Player Pro V5.4
"Free YouTube to MP3 WMA Converter_is1" = Free YouTube to MP3 WMA Converter 4.4.9
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InfoAtoms" = InfoAtoms [Uninstall]
"InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}" = NTI CD & DVD-Maker
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{3D08333C-C366-425D-8C2D-D05630D68A46}" = SlingPlayer
"InternetHelper3 Chrome Toolbar" = InternetHelper3 Chrome Toolbar
"Linksys Wireless Manager" = Linksys Wireless Manager
"McAfeeLiteScanner" = McAfee Scan and Repair 1.5.121
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US)
"N360" = Norton 360
"NSS" = Norton Security Scan
"PC Health Kit_is1" = PC Health Kit v3.2
"RealPlayer 15.0" = RealPlayer
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.1
"SearchProtect" = Search Protect by conduit
"Sendori" = Sendori
"Shop for HP Supplies" = Shop for HP Supplies
"sl-cb" = SelectionLinks
"SMSERIAL" = Motorola SM56 Speakerphone Modem
"vfd-apl" = VideoFileDownload
"Yahoo! Companion" = Yahoo! Toolbar
"Yahoo! Toolbar" = Yahoo! Toolbar
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Office
Error encountered while reading event logs.
< End of report >