Heres the JRT Log:
```~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista Home Premium x86
Ran by leah on Thu 04/03/2014 at 18:56:12.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59C6F12B-F004-43E5-9997-08F2123119B6}
~~~ Files
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\leah\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files\coupons"
~~~ FireFox
Successfully deleted: [File] C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\searchplugins\bing-zugo.xml
Successfully deleted: [Folder] C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\extensions\
[email protected]
Successfully deleted: [Folder] C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\extensions\staged
Successfully deleted the following from C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\prefs.js
user_pref("aim_toolbar.search.searchtype", "web");
Emptied folder: C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\minidumps [14 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/03/2014 at 19:22:20.71
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST LOG:
```~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista Home Premium x86
Ran by leah on Thu 04/03/2014 at 18:56:12.69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0B4A10D1-FBD6-451d-BFDA-F03252B05984}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59C6F12B-F004-43E5-9997-08F2123119B6}
~~~ Files
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"
~~~ Folders
Successfully deleted: [Folder] "C:\Users\leah\appdata\local\cre"
Successfully deleted: [Folder] "C:\Program Files\coupons"
~~~ FireFox
Successfully deleted: [File] C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\searchplugins\bing-zugo.xml
Successfully deleted: [Folder] C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\extensions\
[email protected]
Successfully deleted: [Folder] C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\extensions\staged
Successfully deleted the following from C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\prefs.js
user_pref("aim_toolbar.search.searchtype", "web");
Emptied folder: C:\Users\leah\AppData\Roaming\mozilla\firefox\profiles\o64ff3t1.default\minidumps [14 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/03/2014 at 19:22:20.71
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST ADDITION LOG:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-03-2014 01
Ran by leah at 2014-04-03 19:53:51
Running from C:\Users\leah\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG Anti-Virus Free (Disabled - Out of date) {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
AS: AVG Anti-Virus Free (Disabled - Out of date) {B7F27160-B86D-C455-D0D1-307E04E5E53F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
32 Bit HP CIO Components Installer (Version: 6.1.1 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Add or Remove Adobe Creative Suite 3 Master Collection (HKLM\...\Adobe_8bb24e071e5922899698c2105557bd2) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2 - Adobe Systems, Inc) Hidden
Adobe After Effects CS3 Presets (Version: 8 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS3 (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM\...\{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}) (Version: 9.0.45.0 - Adobe Systems, Inc.)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM\...\Adobe Photoshop CS4_is1) (Version: - )
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 Security Update 1 (KB403742) (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}_Adobe Reader 8.1.2) (Version: - )
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
Adobe SING CS3 (Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Video Profiles (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP DVA Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AIMTunes (HKLM\...\AIMTunes) (Version: - )
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.1 - Atheros)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG Free 8.5 (HKLM\...\AVG8Uninstall) (Version: - AVG Technologies)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 140.0.212.000 - Hewlett-Packard) Hidden
C4600 (Version: 140.0.690.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04066 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04066 - Cisco Systems, Inc.) Hidden
Cisco Clean Access Agent (HKLM\...\{04010300-6D72-4D54-8686-91D884A27B5C}) (Version: 4.1.3.2 - Cisco Systems, Inc)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.60 - Conexant)
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated) <==== ATTENTION
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)
CyberLink YouCam (Version: 1.0.1002 - CyberLink Corp.) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)
EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden
GenoPro 2.5.4.1 (HKLM\...\GenoPro) (Version: - GenoPro Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Talk Plugin (HKLM\...\{41101F0C-DBD9-321C-A6B1-E0689B495A4E}) (Version: 5.1.4.17398 - Google)
GPBaseService2 (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Help and Support (HKLM\...\{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}) (Version: 1.5.1 - Hewlett-Packard)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Integrated Module with Bluetooth wireless technology 6.0.1.5500 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.5500 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5 (HKLM\...\{1E1746EF-F5BF-4677-8F30-04FE399130DA}) (Version: 14.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden
HP Quick Launch Buttons 6.30 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.30 E1 - Hewlett-Packard)
HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
HP Update (HKLM\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )
HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Internet Download Manager² 1.0 (HKLM\...\IDMSQ) (Version: 1.0 - OR Interactive Ltd)
ÎÞÏß¿í´ø¿Í»§¶Ë (HKLM\...\C+WClient_is1) (Version: - )
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee VirusScan Enterprise (HKLM\...\{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}) (Version: 8.7.0 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 1.0.0 - AOL LLC) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Broadband Modem (HKLM\...\Mobile Broadband Modem) (Version: 11.302.09.04.134 - Huawei Technologies Co.,Ltd)
Move Networks Media Player for Internet Explorer (HKCU\...\Move Networks Player - IE) (Version: - )
Mozilla Firefox (3.5.6) (HKLM\...\Mozilla Firefox (3.5.6)) (Version: 3.5.6 (en-US) - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.46 - BVRP Software, Inc)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - NVIDIA Corporation)
ooVoo (HKLM\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 2.9.0076 - ooVoo LLC.)
ooVoo Toolbar (HKLM\...\oovootoolbar) (Version: 2.5.0.3 - Visicom Media Inc.)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3327 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2129 - CyberLink Corp.)
PowerDirector (Version: 6.5.2129 - CyberLink Corp.) Hidden
PS_AIO_05_C4600_Software_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickTime (HKLM\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
QuickTransfer (Version: 140.0.98.000 - Hewlett-Packard) Hidden
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag (HKLM\...\Smart Defrag_is1) (Version: 1.3.0 - IObit)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Status (Version: 140.0.212.000 - Hewlett-Packard) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1040 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)
ThreatFire (HKLM\...\3554AA4B-9B0B-451a-A269-2B5F53982209_is1) (Version: - PC Tools)
Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
WebReg (Version: 140.0.212.017 - Hewlett-Packard) Hidden
==================== Restore Points =========================
20-02-2014 13:45:33 Scheduled Checkpoint
26-02-2014 16:25:39 Scheduled Checkpoint
27-02-2014 14:15:33 Scheduled Checkpoint
01-03-2014 01:51:23 Scheduled Checkpoint
01-03-2014 08:00:19 Windows Update
06-03-2014 16:45:03 Scheduled Checkpoint
13-03-2014 00:58:50 Scheduled Checkpoint
13-03-2014 14:21:25 Windows Update
14-03-2014 07:17:07 Scheduled Checkpoint
17-03-2014 07:00:28 Windows Update
31-03-2014 14:43:44 Windows Update
03-04-2014 20:33:22 Removed McAfee VirusScan Enterprise
03-04-2014 20:37:06 Removed McAfee Agent.
03-04-2014 20:41:19 Removed McAfee VirusScan Enterprise
==================== Hosts content: ==========================
2006-11-02 06:23 - 2014-04-02 23:00 - 00001033 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 d3oxij66pru1i3.cloudfront.net
==================== Scheduled Tasks (whitelisted) =============
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1CE82827-B6AA-4055-8E07-92B1AC4FC6EC} - System32\Tasks\SmartDefrag => C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2009-11-24] (IObit)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3A634436-6431-4348-8CE5-856A47ED9BCB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {657098FB-B401-460F-8150-04856F6F2069} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1714742723-384278796-857783205-1000UA => C:\Users\leah\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-17] (Google Inc.)
Task: {9E192B9C-C171-4367-B353-5FFBF82126FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11] (Adobe Systems Incorporated)
Task: {A7068EF8-45C6-4393-AF54-5FDFC71FB9B5} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION
Task: {C3201DD9-31B5-4E5A-A03B-026E84FE0BF6} - System32\Tasks\{CB36C866-C8FD-4B91-8F4C-DEC640453B0B} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: {E8E5F2D6-278E-4E3C-A326-97A9FC1C1D36} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1714742723-384278796-857783205-1000Core => C:\Users\leah\AppData\Local\Google\Update\GoogleUpdate.exe [2009-10-17] (Google Inc.)
Task: {ECFF6005-6C21-408A-815B-7C095EAD53FA} - System32\Tasks\GreatArcadeHits => C:\Users\leah\AppData\Local\GreatArcadeHits\GAHUpdate.exe [2013-12-06] () <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1714742723-384278796-857783205-1000Core.job => C:\Users\leah\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1714742723-384278796-857783205-1000UA.job => C:\Users\leah\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SmartDefrag.job => C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{999D7783-F1CC-43C0-8F6A-B46537FBE87C}.job => C:\Windows\system32\msfeedssync.exe
==================== Loaded Modules (whitelisted) =============
2013-08-30 19:11 - 2013-08-30 19:11 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-08 05:16 - 2007-12-19 22:28 - 00271760 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
2008-08-08 05:16 - 2007-12-19 22:28 - 00251288 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapEngine.dll
2008-08-08 05:16 - 2007-12-19 22:28 - 00038184 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvcps.dll
2008-04-24 22:48 - 2007-01-09 06:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2009-04-29 20:07 - 2009-04-29 20:07 - 00148816 _____ () C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.dll
2008-08-08 05:16 - 2007-12-19 22:28 - 00112016 _____ () C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
2013-10-30 02:21 - 2013-10-30 02:21 - 02561088 _____ () C:\Program Files\IDMSQ\idmsq.exe
2007-09-05 15:52 - 2007-09-05 15:52 - 00389120 _____ () C:\Windows\system32\btwhidcs.DLL
2007-09-05 16:03 - 2007-09-05 16:03 - 00126976 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2008-08-08 05:15 - 2007-12-19 22:27 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2007-05-16 13:43 - 2007-05-16 13:43 - 00677432 ____R () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2014-02-03 21:21 - 2014-02-01 19:42 - 04055368 _____ () C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-03 21:21 - 2014-02-01 19:42 - 00399688 _____ () C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-03 21:21 - 2014-02-01 19:41 - 01634632 _____ () C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:1CA73D29
AlternateDataStreams: C:\Users\leah\Desktop\The Athlete [2010].mpg:AFP_Resource
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Aide => C:\Program Files\Chinatelecom C+W\Aide.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\leah\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\leah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Faulty Device Manager Devices =============
Name: isatap.att.net
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-04-03 19:47:26.682
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 19:47:25.989
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 19:47:25.303
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 19:47:24.615
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 19:47:23.916
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 19:47:23.231
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 19:47:22.536
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 19:47:21.839
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:40:03.593
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-04-03 14:40:02.383
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 3006.18 MB
Available physical RAM: 1519.1 MB
Total Pagefile: 6230.79 MB
Available Pagefile: 4676.45 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.05 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:174.47 GB) (Free:59.95 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.84 GB) (Free:2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:3.69 GB) (Free:3.56 GB) FAT32
Drive g: (Cruzer) (Removable) (Total:3.74 GB) (Free:2.9 GB) FAT32
Drive h: (U3 System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 186 GB) (Disk ID: 85D4156C)
Partition 1: (Active) - (Size=174 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
========================================================
Disk: 2 (Size: 4 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
OTL LOG:
OTL logfile created on: 4/3/2014 8:11:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\leah\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.94 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 50.41% Memory free
6.08 Gb Paging File | 4.56 Gb Available in Paging File | 74.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 174.47 Gb Total Space | 59.95 Gb Free Space | 34.36% Space Free | Partition Type: NTFS
Drive D: | 11.84 Gb Total Space | 2.00 Gb Free Space | 16.89% Space Free | Partition Type: NTFS
Drive F: | 3.69 Gb Total Space | 3.56 Gb Free Space | 96.70% Space Free | Partition Type: FAT32
Drive G: | 3.74 Gb Total Space | 2.90 Gb Free Space | 77.50% Space Free | Partition Type: FAT32
Drive H: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: LEAH-PC | User Name: leah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/04/03 15:01:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\leah\Downloads\OTL.exe
PRC - [2013/10/30 02:21:38 | 002,561,088 | ---- | M] () -- C:\Program Files\IDMSQ\idmsq.exe
PRC - [2013/08/30 19:10:22 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2013/05/23 16:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010/03/24 09:56:02 | 002,046,816 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe
PRC - [2010/01/14 19:08:13 | 000,070,928 | ---- | M] (PC Tools) -- C:\Program Files\ThreatFire\TFService.exe
PRC - [2009/11/25 12:35:01 | 000,693,016 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgcsrvx.exe
PRC - [2009/09/14 11:33:54 | 003,062,272 | ---- | M] (Official Ares) -- C:\Program Files\Ares\Ares.exe
PRC - [2009/08/26 13:03:24 | 000,486,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgrsx.exe
PRC - [2009/08/26 13:03:12 | 000,595,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgnsx.exe
PRC - [2009/08/26 13:03:06 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgemc.exe
PRC - [2009/08/26 13:03:03 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe
PRC - [2009/04/29 20:07:00 | 000,144,888 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
PRC - [2009/04/29 20:07:00 | 000,124,240 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\shstat.exe
PRC - [2009/04/29 20:07:00 | 000,070,216 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2009/04/29 20:07:00 | 000,062,800 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
PRC - [2009/04/29 20:07:00 | 000,027,960 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\mfeann.exe
PRC - [2009/04/29 20:07:00 | 000,021,256 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
PRC - [2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/09/05 16:09:54 | 001,620,520 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007/09/05 16:09:54 | 000,727,592 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
========== Modules (No Company Name) ==========
MOD - [2014/02/01 19:42:37 | 000,399,688 | ---- | M] () -- C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll
MOD - [2014/02/01 19:42:35 | 004,055,368 | ---- | M] () -- C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
MOD - [2014/02/01 19:41:43 | 001,634,632 | ---- | M] () -- C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
MOD - [2013/10/30 02:21:38 | 002,561,088 | ---- | M] () -- C:\Program Files\IDMSQ\idmsq.exe
MOD - [2007/12/19 22:27:04 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll
MOD - [2007/09/05 16:03:06 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007/09/05 15:52:04 | 000,389,120 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll
========== Services (SafeList) ==========
SRV - [2014/03/11 20:40:53 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/08/30 19:10:22 | 000,558,480 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2013/05/23 16:11:42 | 000,119,056 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/04/07 04:35:30 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/01/14 19:08:13 | 000,070,928 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\ThreatFire\TFService.exe -- (ThreatFire)
SRV - [2009/08/26 13:03:06 | 000,908,056 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgemc.exe -- (avg8emc)
SRV - [2009/08/26 13:03:03 | 000,297,752 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG8\avgwdsvc.exe -- (avg8wd)
SRV - [2009/04/29 20:07:00 | 000,144,888 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe -- (McShield)
SRV - [2009/04/29 20:07:00 | 000,070,216 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2009/04/29 20:07:00 | 000,062,800 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe -- (McTaskManager)
SRV - [2009/04/29 20:07:00 | 000,021,256 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe -- (McAfeeEngineService)
SRV - [2008/01/20 22:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/03/05 13:30:06 | 000,110,592 | ---- | M] (Hewlett-Packard Development Company, L.P.) [On_Demand | Stopped] -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe -- (Com4Qlb)
========== Driver Services (SafeList) ==========
DRV - File not found [Unknown (0) | On_Demand | Unknown] -- System32\Drivers\TfKbMon.sys -- (TfKbMon)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | System | Stopped] -- system32\drivers\netfilter.sys -- (netfilter)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013/08/30 18:53:14 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vpnva.sys -- (vpnva)
DRV - [2013/08/30 18:51:26 | 000,058,320 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acsmux.sys -- (acsmux)
DRV - [2013/08/30 18:51:26 | 000,039,888 | R--- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\acsint.sys -- (acsint)
DRV - [2011/07/22 12:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 17:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/01/14 19:08:30 | 000,059,664 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfSysMon.sys -- (TfSysMon)
DRV - [2010/01/14 19:08:29 | 000,033,552 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\TfNetMon.sys -- (TfNetMon)
DRV - [2010/01/14 19:08:28 | 000,051,984 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\TfFsMon.sys -- (TfFsMon)
DRV - [2009/09/10 14:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/08/26 13:03:24 | 000,335,240 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (AvgLdx86)
DRV - [2009/08/26 13:03:24 | 000,027,784 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (AvgMfx86)
DRV - [2009/07/24 15:51:38 | 000,101,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)
DRV - [2009/05/21 18:21:01 | 000,108,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (AvgTdiX)
DRV - [2009/04/29 20:07:00 | 000,342,128 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2009/04/29 20:07:00 | 000,091,640 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2009/04/29 20:07:00 | 000,075,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2009/04/29 20:07:00 | 000,065,224 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2009/04/29 20:07:00 | 000,063,696 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfetdik.sys -- (mfetdik)
DRV - [2009/04/29 20:07:00 | 000,043,288 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2008/12/04 03:42:00 | 007,606,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/03/04 02:32:00 | 000,188,416 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2007/12/06 16:40:14 | 000,761,856 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2007/10/18 06:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/09 18:12:28 | 000,176,640 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CHDART.sys -- (HdAudAddService)
DRV - [2007/07/11 13:30:22 | 000,007,168 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqRemHid.sys -- (HpqRemHid)
DRV - [2007/06/18 20:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/03/22 01:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/03/06 22:15:58 | 001,059,112 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2007/02/24 17:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/02/16 17:50:32 | 000,012,032 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/01/23 19:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/08/17 07:45:00 | 000,058,352 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook: {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopba
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50607;https=127.0.0.1:50607
========== FireFox ==========
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "Bing "
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.search.defaultenginename: "Bing "
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\leah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\leah\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\leah\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\leah\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\leah\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/17 22:21:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2014/04/03 18:16:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2014/04/03 19:05:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/10/17 22:21:13 | 000,000,000 | ---D | M]
[2008/11/08 08:33:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\leah\AppData\Roaming\Mozilla\Extensions
[2014/04/03 19:20:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\leah\AppData\Roaming\Mozilla\Firefox\Profiles\o64ff3t1.default\extensions
[2009/06/24 09:32:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\leah\AppData\Roaming\Mozilla\Firefox\Profiles\o64ff3t1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/11/21 22:41:20 | 000,000,000 | ---D | M] (ooVoo Toolbar) -- C:\Users\leah\AppData\Roaming\Mozilla\Firefox\Profiles\o64ff3t1.default\extensions\{59c6f12b-f004-43e5-9997-08f2123119b6}
[2009/07/24 21:50:47 | 000,000,000 | ---D | M] ("AIM Toolbar") -- C:\Users\leah\AppData\Roaming\Mozilla\Firefox\Profiles\o64ff3t1.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2009/01/28 09:53:32 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\leah\AppData\Roaming\Mozilla\Firefox\Profiles\o64ff3t1.default\extensions\
[email protected]
[2014/02/21 22:22:56 | 000,000,000 | ---D | M] (SavingsBull) -- C:\Users\leah\AppData\Roaming\Mozilla\Firefox\Profiles\o64ff3t1.default\extensions\SavingsBull@jetpack
[2009/07/24 21:50:53 | 000,004,207 | ---- | M] () -- C:\Users\leah\AppData\Roaming\Mozilla\Firefox\Profiles\o64ff3t1.default\searchplugins\aim-search.xml
[2012/09/11 16:11:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
========== Chrome ==========
CHR - default_search_provider: Conduit Search (Enabled)
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\leah\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\leah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\leah\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\leah\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\leah\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Google Wallet = C:\Users\leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Internet Download Manager Squared = C:\Users\leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohenffmfbnoidogjgebadealdkecjdal\1.0_0\
O1 HOSTS File: ([2014/04/02 23:00:06 | 000,001,033 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Idmsq Extension) - {3AA4FC9D-FB51-44a2-B09F-0457857CA7C2} - C:\Users\leah\AppData\Roaming\IDMSQ\idmsqext.dll (Or Interactive Ltd)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (AIM Toolbar Loader) - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (ooVoo Toolbar) - {59c6f12b-f004-43e5-9997-08f2123119b6} - C:\Program Files\oovootoolbar\oovootoolbarX.dll File not found
O3 - HKLM\..\Toolbar: (AIM Toolbar) - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AIM Toolbar) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ShStatEXE] C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE (McAfee, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [ares] C:\Program Files\Ares\Ares.exe (Official Ares)
O4 - HKCU..\Run: [IDMSQ] C:\Program Files\IDMSQ\idmsq.exe ()
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll (AOL LLC.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: kent.edu ([]* in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{865BA140-D127-438B-838C-281B914B8531}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE622EBB-F24A-46A5-94A8-E4AF380BB814}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\leah\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\leah\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/04/24 22:23:11 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005/09/11 11:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O32 - AutoRun File - [2012/10/16 08:18:52 | 000,000,000 | ---D | M] - G:\AutoCAD -- [ FAT32 ]
O32 - AutoRun File - [2012/12/05 14:07:00 | 000,392,867 | ---- | M] () - G:\autocad word.docx -- [ FAT32 ]
O32 - AutoRun File - [2008/05/06 08:26:23 | 000,000,309 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{0ec98867-bb6e-11e3-a618-00218674bf08}\Shell - "" = AutoRun
O33 - MountPoints2\{0ec98867-bb6e-11e3-a618-00218674bf08}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -- [2007/10/23 03:45:39 | 001,336,632 | R--- | M] ()
O33 - MountPoints2\{c6083da5-6b4f-11e0-8f90-cb8f8a5381d9}\Shell - "" = AutoRun
O33 - MountPoints2\{c6083da5-6b4f-11e0-8f90-cb8f8a5381d9}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{c6083da7-6b4f-11e0-8f90-cb8f8a5381d9}\Shell - "" = AutoRun
O33 - MountPoints2\{c6083da7-6b4f-11e0-8f90-cb8f8a5381d9}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{cb9309d7-60ef-11e0-ba8b-00218674bf08}\Shell - "" = AutoRun
O33 - MountPoints2\{cb9309d7-60ef-11e0-ba8b-00218674bf08}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cb9309da-60ef-11e0-ba8b-00218674bf08}\Shell - "" = AutoRun
O33 - MountPoints2\{cb9309da-60ef-11e0-ba8b-00218674bf08}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cb9309e6-60ef-11e0-ba8b-00218674bf08}\Shell - "" = AutoRun
O33 - MountPoints2\{cb9309e6-60ef-11e0-ba8b-00218674bf08}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: Aide - hkey= - key= - File not found
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files\HP\HP Software Update\hpwuschd2.exe (Hewlett-Packard)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LightScribe Control Panel - hkey= - key= - C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (Hewlett-Packard Company)
MsConfig - StartUpReg: ooVoo.exe - hkey= - key= - C:\Program Files\ooVoo\oovoo.exe (ooVoo LLC)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Spotify - hkey= - key= - C:\Users\leah\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
MsConfig - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\leah\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig - StartUpReg: SUPERAntiSpyware - hkey= - key= - C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware)
MsConfig - State: "startup" - 2
SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: McAfeeEngineService - C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe (McAfee, Inc.)
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014/04/03 19:44:04 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/03 18:36:34 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/04/03 18:34:43 | 001,038,974 | ---- | C] (Thisisu) -- C:\Users\leah\Desktop\JRT.exe
[2014/04/03 17:44:47 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/03 16:40:25 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2014/04/02 23:07:22 | 000,000,000 | ---D | C] -- C:\Program Files\GenoPro
[2014/04/02 23:00:39 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM Links
[2014/04/02 23:00:35 | 000,000,000 | ---D | C] -- C:\MININT
[2014/04/02 23:00:00 | 000,000,000 | ---D | C] -- C:\Users\leah\AppData\Roaming\IDMSQ
[2014/04/02 22:59:34 | 000,000,000 | ---D | C] -- C:\Users\leah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IDMSQ
[2014/04/02 22:58:29 | 000,000,000 | ---D | C] -- C:\Program Files\IDMSQ
[2014/04/02 22:56:27 | 000,000,000 | ---D | C] -- C:\Users\leah\AppData\Roaming\IDM2
[2014/03/18 14:29:52 | 000,038,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[22 C:\Users\leah\Documents\*.tmp files -> C:\Users\leah\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/04/03 19:39:15 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/03 18:57:42 | 000,604,502 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/04/03 18:57:42 | 000,104,170 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/04/03 18:54:42 | 000,000,258 | ---- | M] () -- C:\Users\Public\Documents\hpqp.ini
[2014/04/03 18:52:53 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.001
[2014/04/03 18:51:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/03 18:51:10 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/03 18:51:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/03 18:50:54 | 3152,891,904 | -HS- | M] () -- C:\hiberfil.sys
[2014/04/03 18:49:46 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2014/04/03 18:34:54 | 001,038,974 | ---- | M] (Thisisu) -- C:\Users\leah\Desktop\JRT.exe
[2014/04/03 15:34:59 | 000,323,512 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/04/03 14:38:30 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2014/04/02 23:07:44 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\GenoPro.lnk
[2014/04/02 23:06:20 | 000,001,754 | ---- | M] () -- C:\Users\leah\Desktop\Sync Folder.lnk
[2014/04/02 23:00:06 | 000,001,033 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/03/11 20:40:49 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2014/03/11 20:40:48 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[22 C:\Users\leah\Documents\*.tmp files -> C:\Users\leah\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/04/02 23:07:44 | 000,000,946 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenoPro.lnk
[2014/04/02 23:07:44 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\GenoPro.lnk
[2014/04/02 23:06:20 | 000,001,754 | ---- | C] () -- C:\Users\leah\Desktop\Sync Folder.lnk
[2014/04/02 23:06:14 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2014/03/18 14:30:56 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2013/10/17 21:35:54 | 000,172,555 | ---- | C] () -- C:\Windows\hpoins36.dat
[2013/10/17 21:35:54 | 000,000,578 | ---- | C] () -- C:\Windows\hpomdl36.dat
[2010/02/20 13:10:53 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009/08/09 23:46:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/04/09 20:02:35 | 000,001,028 | ---- | C] () -- C:\Users\leah\AppData\Roaming\wklnhst.dat
[2009/02/16 07:53:04 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/02/16 07:52:54 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/10/16 10:13:41 | 000,000,480 | ---- | C] () -- C:\Users\leah\Desktop.lnk
[2008/09/10 22:23:56 | 000,000,680 | ---- | C] () -- C:\Users\leah\AppData\Local\d3d9caps.dat
[2008/09/01 19:57:06 | 000,049,664 | ---- | C] () -- C:\Users\leah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/08/28 17:29:47 | 000,027,744 | ---- | C] () -- C:\Users\leah\AppData\Roaming\nvModes.dat
[2008/08/28 17:29:47 | 000,027,744 | ---- | C] () -- C:\Users\leah\AppData\Roaming\nvModes.001
========== ZeroAccess Check ==========
[2006/11/02 08:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011/01/21 11:46:32 | 011,582,464 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/03/03 00:36:24 | 000,615,424 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/01/20 22:24:03 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
========== Drive Information ==========
Physical Drives
---------------
Drive: \\\\.\\PHYSICALDRIVE0 - Fixed hard disk media
Interface type: IDE
Media Type: Fixed hard disk media
Model: ST9200827AS ATA Device
Partitions: 2
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE1 - Removable Media
Interface type:
Media Type: Removable Media
Model: SD Memory Card
Partitions: 1
Status: OK
Status Info: 0
Drive: \\\\.\\PHYSICALDRIVE2 - Removable Media
Interface type: USB
Media Type: Removable Media
Model: SanDisk SanDisk Cruzer USB Device
Partitions: 1
Status: OK
Status Info: 0
Partitions
---------------
DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 174.00GB
Starting Offset: 32256
Hidden sectors: 0
DeviceID: Disk #0, Partition #1
PartitionType: Installable File System
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 12.00GB
Starting Offset: 187338977280
Hidden sectors: 0
DeviceID: Disk #1, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 4.00GB
Starting Offset: 4194304
Hidden sectors: 0
DeviceID: Disk #2, Partition #0
PartitionType: Unknown
Bootable: False
BootPartition: False
PrimaryPartition: True
Size: 4.00GB
Starting Offset: 19456
Hidden sectors: 0
< %SYSTEMDRIVE%\*.exe >
< %systemroot%\assembly\GAC_32\*.ini >
< %systemroot%\assembly\GAC_64\*.ini >
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*.exe >
< %APPDATA%\*. >
[2008/09/01 15:25:05 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\acccore
[2011/04/07 10:00:30 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Adobe
[2012/04/13 09:36:33 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Apple Computer
[2014/02/19 18:07:07 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Audacity
[2011/04/08 01:56:45 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Chinatelecom
[2009/10/16 23:28:53 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\CiscoCAA
[2008/09/04 21:40:04 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\CyberLink
[2010/04/10 09:10:44 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\FrostWire
[2012/08/27 21:19:51 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\GTek
[2008/08/27 16:05:26 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Hewlett-Packard
[2013/10/19 15:53:37 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\HP
[2013/10/26 12:51:22 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\HpUpdate
[2008/08/27 16:03:16 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Identities
[2014/04/03 15:23:53 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\IDM2
[2014/04/03 18:54:19 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\IDMSQ
[2009/11/28 16:10:33 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\IObit
[2008/08/27 15:58:26 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Macromedia
[2009/11/28 16:11:41 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Malwarebytes
[2006/11/02 08:37:34 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Media Center Programs
[2013/04/02 16:00:06 | 000,000,000 | --SD | M] -- C:\Users\leah\AppData\Roaming\Microsoft
[2008/11/04 08:51:02 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Move Networks
[2014/02/11 15:04:59 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Mozilla
[2008/08/27 16:08:41 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\MSNInstaller
[2010/11/22 14:45:08 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\ooVoo Details
[2014/03/01 16:03:04 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Skype
[2012/09/11 15:55:19 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\skypePM
[2014/04/03 15:32:49 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Spotify
[2013/10/05 12:40:08 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\SUPERAntiSpyware.com
[2008/08/27 16:04:02 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Symantec
[2009/04/09 20:03:04 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Template
[2009/10/19 22:24:19 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Ventrilo
[2008/09/02 17:29:06 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\WildTangent
[2013/10/17 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\leah\AppData\Roaming\Yahoo!
< MD5 for: ATAPI.SYS >
[2009/04/11 02:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008/01/20 22:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006/11/02 05:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CSRSS.EXE >
[2008/01/20 22:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\System32\csrss.exe
[2008/01/20 22:24:54 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=ABCA209EBA02CB59233614DB83B4F50D -- C:\Windows\winsxs\x86_microsoft-windows-csrss_31bf3856ad364e35_6.0.6001.18000_none_58e3e3d7e415ae4c\csrss.exe
< MD5 for: EXPLORER.EXE >
[2008/10/29 02:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\explorer.exe
[2008/10/29 02:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 23:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 02:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 22:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 22:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
< MD5 for: MSWSOCK.DLL >
[2009/04/11 02:28:22 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=8617350C9B590B63E620881092751BCB -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[2008/01/20 22:24:02 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\System32\mswsock.dll
[2008/01/20 22:24:02 | 000,223,232 | ---- | M] (Microsoft Corporation) MD5=89FD0595EEA4E505CABEFCF7008F2612 -- C:\Windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
< MD5 for: NAPINSP.DLL >
[2008/01/20 22:24:29 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\System32\NapiNSP.dll
[2008/01/20 22:24:29 | 000,050,176 | ---- | M] (Microsoft Corporation) MD5=FC62A635063B762E1C3C60EA77279378 -- C:\Windows\winsxs\x86_microsoft-windows-n..ider-infrastructure_31bf3856ad364e35_6.0.6001.18000_none_ac1d40c88f30e6c0\NapiNSP.dll
< MD5 for: NLAAPI.DLL >
[2008/01/20 22:23:44 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\System32\nlaapi.dll
[2008/01/20 22:23:44 | 000,048,128 | ---- | M] (Microsoft Corporation) MD5=D1A84F7D4CAFCFE2A32149FF418056E5 -- C:\Windows\winsxs\x86_microsoft-windows-nlasvc_31bf3856ad364e35_6.0.6001.18000_none_6785f5c70aea4565\nlaapi.dll
< MD5 for: PNRPNSP.DLL >
[2008/01/20 22:25:26 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\System32\pnrpnsp.dll
[2008/01/20 22:25:26 | 000,062,464 | ---- | M] (Microsoft Corporation) MD5=690D41DF1D555F96D4898A0F54EBA065 -- C:\Windows\winsxs\x86_microsoft-windows-peertopeerpnrp_31bf3856ad364e35_6.0.6001.18000_none_717f15b322749509\pnrpnsp.dll
< MD5 for: SERVICES.EXE >
[2008/01/20 22:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\System32\services.exe
[2008/01/20 22:24:48 | 000,279,040 | ---- | M] (Microsoft Corporation) MD5=2B336AB6286D6C81FA02CBAB914E3C6C -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2009/04/11 02:27:59 | 000,279,552 | ---- | M] (Microsoft Corporation) MD5=D4E6D91C1349B7BFB3599A6ADA56851B -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
< MD5 for: SVCHOST.EXE >
[2008/01/20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 22:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
< MD5 for: USER32.DLL >
[2009/04/11 02:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008/01/20 22:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\System32\user32.dll
[2008/01/20 22:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 22:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009/04/11 02:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2013/04/04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008/01/20 22:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WINRNR.DLL >
[2009/04/11 02:28:25 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=C411C80F90D6732380352B98B37BBD53 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6002.18005_none_5b39cbfb4d3802b6\winrnr.dll
[2006/11/02 05:46:14 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=FF78B8E67EDCE9FEED651D7858D77A04 -- C:\Windows\System32\winrnr.dll
[2006/11/02 05:46:14 | 000,019,968 | ---- | M] (Microsoft Corporation) MD5=FF78B8E67EDCE9FEED651D7858D77A04 -- C:\Windows\winsxs\x86_microsoft-windows-dns-client-winrnr_31bf3856ad364e35_6.0.6000.16386_none_571790f3532b2696\winrnr.dll
< MD5 for: WSHELPER.DLL >
[2006/11/02 05:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\System32\wshelper.dll
[2006/11/02 05:46:14 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=20614C9F12A3A09A5015C9EBBD4419D2 -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\wshelper.dll
< C:\Windows\assembly\tmp\U\*.* /s >
< %systemroot%\*. /mp /s >
< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/01/07 21:52:32 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/01/07 21:52:32 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/01/07 21:52:32 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/01/07 21:52:22 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/01/07 21:52:22 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/01/07 21:52:22 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/20 22:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/20 22:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/20 22:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/21 11:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation)
< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/01/07 21:52:32 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/01/07 21:52:32 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/01/07 21:52:32 | 000,552,160 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/01/07 21:52:22 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/01/07 21:52:22 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/01/07 21:52:22 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe" [2014/02/01 19:42:39 | 000,866,632 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2008/01/20 22:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2008/01/20 22:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2008/01/20 22:24:17 | 000,070,656 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/04/21 11:02:30 | 000,634,648 | ---- | M] (Microsoft Corporation)
< %systemroot%\system32\*.dll /lockedfiles >
< %systemroot%\Tasks\*.job /lockedfiles >
< %ProgramFiles%\WINDOWS NT\*.* /s >
[2010/06/28 10:31:26 | 000,339,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\wordpad.exe
[2006/11/02 08:41:31 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\Accessories\en-US\wordpad.exe.mui
[2008/01/20 22:24:20 | 000,313,344 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\TableTextService\TableTextService.dll
[2006/09/19 07:43:31 | 000,016,212 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceAmharic.txt
[2008/01/20 22:24:18 | 001,272,748 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceArray.txt
[2006/09/19 07:43:32 | 000,979,800 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceDaYi.txt
[2006/09/26 21:07:34 | 001,665,692 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceSimplifiedQuanPin.txt
[2006/09/26 21:07:35 | 001,445,244 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceSimplifiedShuangPin.txt
[2006/09/26 21:07:35 | 001,810,166 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt
[2006/09/19 07:43:34 | 000,044,968 | ---- | M] () -- C:\Program Files\WINDOWS NT\TableTextService\TableTextServiceYi.txt
[2006/11/02 08:40:56 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Program Files\WINDOWS NT\TableTextService\en-US\TableTextService.dll.mui
< %systemroot%\system32\drivers\*.sys /lockedfiles >
========== Alternate Data Streams ==========
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:1CA73D29
< End of report >
OTL EXTRA LOG:
OTL Extras logfile created on: 4/3/2014 8:11:27 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\leah\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.94 Gb Total Physical Memory | 1.48 Gb Available Physical Memory | 50.41% Memory free
6.08 Gb Paging File | 4.56 Gb Available in Paging File | 74.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 174.47 Gb Total Space | 59.95 Gb Free Space | 34.36% Space Free | Partition Type: NTFS
Drive D: | 11.84 Gb Total Space | 2.00 Gb Free Space | 16.89% Space Free | Partition Type: NTFS
Drive F: | 3.69 Gb Total Space | 3.56 Gb Free Space | 96.70% Space Free | Partition Type: FAT32
Drive G: | 3.74 Gb Total Space | 2.90 Gb Free Space | 77.50% Space Free | Partition Type: FAT32
Drive H: | 6.67 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: LEAH-PC | User Name: leah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (All) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\leah\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\Windows\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
InternetShortcut [print] -- rundll32.exe C:\Windows\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
Unknown [openas] -- C:\Program Files\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{085949E3-B782-43AC-AD08-8044BBFC5A31}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{16529BDC-DFD0-47CC-BA41-A2779FEBDE6D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2104DFD9-DC2A-4B54-8AF3-3CA3DDA1E5AE}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{33A49EB6-9E9C-4312-8CDC-00AFFBB45BCD}" = rport=137 | protocol=17 | dir=out | app=system |
"{37ECA270-3AFC-4299-AF41-C4C6EBDFF14C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{55C4BCCC-EAB5-4E71-AA71-8A8CD91555D0}" = rport=139 | protocol=6 | dir=out | app=system |
"{6D08955E-25C7-4F5A-95F4-637AD9128C3D}" = lport=445 | protocol=6 | dir=in | app=system |
"{8DB5BE0F-F185-4F9F-9CD0-6F4E9708317C}" = lport=138 | protocol=17 | dir=in | app=system |
"{8FB505F1-243D-4099-99CE-0781662167D2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{91D7E598-6056-4A7A-92C0-F931CEB8718D}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{A368FC27-FC13-4EA7-A3BE-31B1A3389DE6}" = lport=137 | protocol=17 | dir=in | app=system |
"{B7741FA7-B817-46B9-B80B-7967BF108EF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C9E8FA60-578F-4339-B7D3-E5DF15E9E26C}" = rport=138 | protocol=17 | dir=out | app=system |
"{C9FE83DF-AAF1-4C8D-A8C1-99C53A1063A0}" = rport=445 | protocol=6 | dir=out | app=system |
"{DC9EF51D-12CF-42ED-B474-BE869A00BBBD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E1C50797-E6B2-4E3B-A180-68E39FF185A2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss |
[email protected],-28539 |
"{F5E17289-CB52-4D46-AF99-84B01BC6406E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FAA5AC9E-7E50-42A9-80A9-467C98EE763F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{FE902A18-8EE0-40D5-A190-14AB84A90422}" = lport=139 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{008165AA-E3B3-4D0F-8ADF-21215F9CBE59}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{076C9D9B-D6BC-44D5-936F-91D97272D63D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{0FB2B9B8-54B8-4680-AA54-AFFFD5985506}" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"{11C8DC70-3736-4C5E-AA43-D49EAA46E75F}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{11CF649A-B94A-4777-BBC2-B29FB89F961F}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{155D4C5D-8E7F-4111-B7A4-8B8A96E51122}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{1B0700B2-3F9E-4722-91E9-45BD23DC7D37}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{1B6438BC-8D56-4125-9EA6-BB7FEBF3F57A}" = protocol=58 | dir=out |
[email protected],-28546 |
"{2579563D-950A-4F3F-8E9E-54C88E3B5D6E}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{278F2E7C-51B0-43D3-9FEC-7FF0F21CA84A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{29ADFF8B-6BF8-4210-B3D8-DB887EB3EA96}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{2BAF27D2-52A0-4F43-B464-C69B78FD4264}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{3589B340-D77A-465A-8B2D-A0AE08C38FFF}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |
"{3770C5CA-D908-4CDA-937F-5481C6D555FC}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{378FA3C9-BF02-4286-8C23-E096853A28E5}" = protocol=1 | dir=out |
[email protected],-28544 |
"{3F37C7C4-274C-498B-B794-856A4D452BBE}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |
"{554DD196-136C-4C8E-BEDA-A577ED5178BC}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe |
"{581D220F-F0BB-4E7E-942A-6CDC15134015}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{5B165944-BE62-40DF-8269-B29C29E9856E}" = protocol=58 | dir=in |
[email protected],-28545 |
"{5CBC5765-B9E9-4F08-8CD8-CBB7B7971F27}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{5F56738C-CDF5-4635-ABF7-CAB732BA6B2D}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{67D2D51C-7D03-44EF-A572-DBD546989733}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{6E21C66D-5692-4716-89A6-7CD9269CC1A0}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{71E69720-498E-4AC0-B143-D5C5E53EA1E4}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{7DAAA77D-D339-4C00-A7D1-42881E692799}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{7EB085B8-344E-41CB-9D92-AB651F064199}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{80411273-F1CF-434A-913F-62E347393E5D}" = protocol=6 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"{866F88FE-05F5-4C39-9662-900A5B13273D}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{8A17E806-5CEA-46E9-9FE2-0EC92397F8D6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{8B4F7968-B742-43ED-9A76-6D616F6D23A6}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{90D6793C-65E5-4BB9-B853-BCC6F5DCA4B0}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{96B9BC54-4A2F-4391-95AD-7722D51A06A6}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{A52833C8-1196-4330-BBB6-79F74FE7DEA7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{AB8D0DF0-C5A3-44E3-B12E-FFD56BFD22A1}" = protocol=17 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{AC1D1CC2-A8AD-4461-9B9F-0721391CE695}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"{AF456039-C0C5-4238-94F6-7D775DC16CB6}" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\wow-3.2.2.10505-to-3.3.0.10958-enus-downloader.exe |
"{AF92B6E9-02ED-485F-8196-528D4296F852}" = protocol=6 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{B0FE0A1B-B7B6-4555-A150-4762E3B0A7E3}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{B45744D4-86A4-4417-A215-719ED5DE9E9A}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{B7872B00-6F95-4F65-9719-CDDDDE0F2267}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{C7EA9674-7720-4062-81B6-317170F75C10}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
"{C911C092-6F3E-4FEB-8B71-7E9B8E15E76F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{CD2FE893-A542-4E54-8758-76B9480725BE}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{CD85A30A-9EAB-4CC4-BC56-CA5B12F14020}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"{CDB5EACC-538B-4ED3-A781-502A52208416}" = protocol=1 | dir=in |
[email protected],-28543 |
"{D1D6E669-9DD7-4B12-8B84-4A3DF994AD90}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{E01492A8-6712-4339-9744-042102BF4905}" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"{F10D1670-C72E-4BD1-B8C9-4ADEE2D76EC4}" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\backgrounddownloader.exe |
"{F58DCE72-7886-4574-B360-6D7E91CE1E09}" = protocol=6 | dir=in | app=c:\program files\frostwire\frostwire.exe |
"{F5FD2F6C-4959-4877-8963-91D77D16EACE}" = protocol=17 | dir=in | app=c:\program files\earthlink totalaccess\taskpanl.exe |
"{F7032941-AE55-4CC7-A7D0-D29CFC06BD46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{F7862D57-C846-4961-9375-771809E19817}" = protocol=17 | dir=in | app=c:\program files\mcafee\common framework\frameworkservice.exe |
"TCP Query User{032CF0B2-58A2-4C46-9442-39B4A112E425}C:\program files\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"TCP Query User{4BC9DB24-2083-47F1-9071-939E3BC9DF9C}C:\users\public\games\world of warcraft\launcher.exe" = protocol=6 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"TCP Query User{6A58A61E-1D07-4D1B-B6E1-D162D3D8DA1B}C:\program files\aim6\aim6.exe" = protocol=6 | dir=in | app=c:\program files\aim6\aim6.exe |
"TCP Query User{6D7BB5EA-CF70-4CEB-B470-1EAA6854099A}C:\users\leah\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\leah\appdata\roaming\spotify\spotify.exe |
"TCP Query User{86007036-57F3-4F5D-A5EC-5E4BFF8B171B}C:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe" = protocol=6 | dir=in | app=c:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe |
"TCP Query User{AC09CB29-EB2C-41FB-B246-DD5602673B27}C:\users\leah\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\leah\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{C2A11647-FA37-4D89-A014-682BE333A542}C:\program files\world of warcraft\patches\wow-1.12.x-to-2.0.1-enus-patch-downloader.exe" = protocol=6 | dir=in | app=c:\program files\world of warcraft\patches\wow-1.12.x-to-2.0.1-enus-patch-downloader.exe |
"TCP Query User{DDD99006-E8DD-4C59-AB09-FD80C2AB4B45}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"TCP Query User{F08EEDC2-DF09-47FC-9EAD-E19A3ABDFCD8}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{3C30CD9C-64DA-4FEE-AB0A-C4C72B521EC9}C:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe" = protocol=17 | dir=in | app=c:\program files\kodak\kodak software updater\7288971\program\kodak software updater.exe |
"UDP Query User{539CC13B-5EA6-4ECE-8991-2F8927977E7C}C:\users\leah\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\leah\appdata\roaming\spotify\spotify.exe |
"UDP Query User{7C97E1E4-89D0-4F0E-9BCC-A357FDBA52DC}C:\program files\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files\oovoo\oovoo.exe |
"UDP Query User{8057826E-015D-45CE-9F03-1EA65281B068}C:\program files\aim6\aim6.exe" = protocol=17 | dir=in | app=c:\program files\aim6\aim6.exe |
"UDP Query User{88695C39-5CF4-476C-A66F-5AC38230080B}C:\users\public\games\world of warcraft\launcher.exe" = protocol=17 | dir=in | app=c:\users\public\games\world of warcraft\launcher.exe |
"UDP Query User{A2E5A572-DB9D-4773-96BF-4B261F12FE54}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{A38D6B61-F4AF-4317-9FBD-3DCB3BB6ADBE}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |
"UDP Query User{A5F1EA85-B345-4829-9FB5-7DCC36884C68}C:\users\leah\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\leah\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{DDC9C6FD-DB62-496A-B816-880EECB1E9B7}C:\program files\world of warcraft\patches\wow-1.12.x-to-2.0.1-enus-patch-downloader.exe" = protocol=17 | dir=in | app=c:\program files\world of warcraft\patches\wow-1.12.x-to-2.0.1-enus-patch-downloader.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = HP Integrated Module with Bluetooth wireless technology 6.0.1.5500
"{04010300-6D72-4D54-8686-91D884A27B5C}" = Cisco Clean Access Agent
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06E74B9B-631F-4378-BF3A-40D868450C05}" = HPPhotoSmartPhotobookHolidayPack1
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{11BB336F-0E58-4977-B866-F24FA334616B}" = HP Active Support Library
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}" = McAfee VirusScan Enterprise
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{172AEB5E-CBB2-4CDD-A4CF-388600825839}" = HPPhotoSmartPhotobookPlayfulPack1
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{185D0A67-E066-44AE-926D-F6305813301C}" = Adobe After Effects CS3 Presets
"{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}" = Adobe Shockwave Player
"{1CA3A991-B03D-4C92-9922-315E5434E87B}" = PS_AIO_05_C4600_Software_Min
"{1E1746EF-F5BF-4677-8F30-04FE399130DA}" = HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 5
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = DVD Suite
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{2284D904-C138-4B58-93EC-5C362AB5130A}" = The Sims™ Life Stories
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{250E9609-E830-43EB-B379-DAB7546A2422}" = muvee autoProducer 6.1
"{254C37AA-6B72-4300-84F6-98A82419187E}" = Hewlett-Packard Active Check
"{268278CF-FB69-4D98-B70E-BFEC1CDCA225}" = iTunes
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}" = HP Help and Support
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.30 E1
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{41101F0C-DBD9-321C-A6B1-E0689B495A4E}" = Google Talk Plugin
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP QuickPlay 3.6
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4D49757C-367A-4333-BDB3-68966162B14E}" = HP User Guides 0087
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}" = SolutionCenter
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = Hewlett-Packard Asset Agent for Health Check
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7DC4A410-9986-4329-9E5D-687B2C42CA39}" = HP QuickTouch 1.00 C4
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{89E052B2-5CA5-4B7A-AF0C-28CA2836B030}" = HPPhotoSmartPhotobookModernPack1
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9885A11E-60E4-417C-B58B-8B31B21C0B8A}" = HP Easy Setup - Frontend
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BA4F9C5-7CB4-492C-9B97-89E36AFA0AB9}" = Adobe Setup
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9E0E1E3B-229C-4CF9-8A39-4455477327E4}" = C4600
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1033-7B44-A81200000003}" = Adobe Reader 8.1.2
"{AC95121F-1576-45B8-82F7-3911D27882E6}" = HPPhotoSmartPhotobookScrapbookPack1
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{b02df929-29a7-4fd2-9a70-81a644b635f7}" = HP Total Care Advisor
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BD0E2B92-3814-46F0-893B-4612EA010C7E}" = HP Customer Experience Enhancements
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}" = HP Wireless Assistant
"{CC4A73BF-938E-4C19-A553-853C035C9BA1}" = LightScribe System Software 1.10.13.1
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"{F636EE9A-F9EC-4606-BCFA-77DD0E210788}" = HPPhotoSmartDiscLabel_Tattoo
"{F63E747C-5B51-4A6E-9413-BF258F4653F3}" = Cisco AnyConnect Secure Mobility Client
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"Adobe Photoshop CS4_is1" = Adobe Photoshop CS4
"Adobe_8bb24e071e5922899698c2105557bd2" = Add or Remove Adobe Creative Suite 3 Master Collection
"AIMTunes" = AIMTunes
"Audacity_is1" = Audacity 2.0.5
"AVG8Uninstall" = AVG Free 8.5
"C+WClient_is1" = ÎÞÏß¿í´ø¿Í»§¶Ë
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"GenoPro" = GenoPro 2.5.4.1
"Hauppauge MCE2005 Software Encoder" = Hauppauge MCE XP/Vista Software Encoder (2.0.25149)
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"IDMSQ" = Internet Download Manager² 1.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}" = EA Link
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mobile Broadband Modem" = Mobile Broadband Modem
"Mozilla Firefox (3.5.6)" = Mozilla Firefox (3.5.6)
"NVIDIA Drivers" = NVIDIA Drivers
"oovootoolbar" = ooVoo Toolbar
"Shop for HP Supplies" = Shop for HP Supplies
"Smart Defrag_is1" = Smart Defrag
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WildTangent hp Master Uninstall" = My HP Games
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108866
Description = Function: COpenSSLCertificate::VerifyKeyUsage File: .\Certificates\OpenSSLCertificate.cpp
Line:
1904 Invoked Function: COpenSSLCertUtils::VerifyKeyUsage Return Code: -31391723 (0xFE210015)
Description:
CERTIFICATE_ERROR_VERIFY_KEYUSAGE_NOT_FOUND:No Key Usages were found in the certificate
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108865
Description = Function: CVerifyExtKeyUsage::compareEKUs File: .\Certificates\VerifyExtKeyUsage.cpp
Line:
330 EKU not found in certificate: 1.3.6.1.5.5.7.3.2
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108866
Description = Function: COpenSSLCertUtils::VerifyExtKeyUsage File: .\Certificates\OpenSSLCertUtils.cpp
Line:
1163 Invoked Function: CVerifyExtKeyUsage::Verify Return Code: -31391722 (0xFE210016)
Description:
CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED:The certificate did not contain the
required Extended Key Usages
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108866
Description = Function: COpenSSLCertificate::VerifyExtKeyUsage File: .\Certificates\OpenSSLCertificate.cpp
Line:
1934 Invoked Function: COpenSSLCertUtils::VerifyExtKeyUsage Return Code: -31391722
(0xFE210016) Description: CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED:The certificate
did not contain the required Extended Key Usages
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108866
Description = Function: COpenSSLCertificate::VerifyKeyUsage File: .\Certificates\OpenSSLCertificate.cpp
Line:
1904 Invoked Function: COpenSSLCertUtils::VerifyKeyUsage Return Code: -31391723 (0xFE210015)
Description:
CERTIFICATE_ERROR_VERIFY_KEYUSAGE_NOT_FOUND:No Key Usages were found in the certificate
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108865
Description = Function: CVerifyExtKeyUsage::compareEKUs File: .\Certificates\VerifyExtKeyUsage.cpp
Line:
330 EKU not found in certificate: 1.3.6.1.5.5.7.3.2
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108866
Description = Function: COpenSSLCertUtils::VerifyExtKeyUsage File: .\Certificates\OpenSSLCertUtils.cpp
Line:
1163 Invoked Function: CVerifyExtKeyUsage::Verify Return Code: -31391722 (0xFE210016)
Description:
CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED:The certificate did not contain the
required Extended Key Usages
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108866
Description = Function: COpenSSLCertificate::VerifyExtKeyUsage File: .\Certificates\OpenSSLCertificate.cpp
Line:
1934 Invoked Function: COpenSSLCertUtils::VerifyExtKeyUsage Return Code: -31391722
(0xFE210016) Description: CERTIFICATE_ERROR_VERIFY_ENHKEYUSAGE_FAILED:The certificate
did not contain the required Extended Key Usages
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108866
Description = Function: COpenSSLCertificate::VerifyKeyUsage File: .\Certificates\OpenSSLCertificate.cpp
Line:
1904 Invoked Function: COpenSSLCertUtils::VerifyKeyUsage Return Code: -31391723 (0xFE210015)
Description:
CERTIFICATE_ERROR_VERIFY_KEYUSAGE_NOT_FOUND:No Key Usages were found in the certificate
Error - 4/1/2014 12:45:46 PM | Computer Name = leah-PC | Source = acvpnui | ID = 67108865
Description = Function: CVerifyExtKeyUsage::compareEKUs File: .\Certificates\VerifyExtKeyUsage.cpp
Line:
330 EKU not found in certificate: 1.3.6.1.5.5.7.3.2
< End of report >
Edited by corn4ahead, 03 April 2014 - 11:25 PM.