Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
[ TimeStamp: 20140127 170512 ]Rootkit Remover v0.8.9.170 [Oct 25 2013 - 15:43:38]
McAfee Labs.
Windows build 6.1.7601 x64 Service Pack 1
Checking for updates ...
Scanning for user-mode threats ...
Scanning for kernel-mode threats ...
Scan Result --> No trojan or viruses found!
Scan Finished
RogueKiller V8.8.3 _x64_ [Jan 24 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/\'>http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/\'>http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com\'>http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Felicia [Admin rights]
Mode : Scan -- Date : 01/27/2014 15:48:20
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 13 ¤¤¤
[RUN][SUSP PATH] HKCU\\[...]\\Run : CmTray (\"C:\\Users\\Felicia\\AppData\\Roaming\\Content Manager\\launchCM.exe\" [-]) -> FOUND
[RUN][SUSP PATH] HKUS\\S-1-5-21-4196725377-3134802578-2320879310-1001\\[...]\\Run : CmTray (\"C:\\Users\\Felicia\\AppData\\Roaming\\Content Manager\\launchCM.exe\" [-]) -> FOUND
[DNS][PUM] HKLM\\[...]\\CCSet\\[...]\\{28C31212-6713-4A47-8872-34C779D8B726} : NameServer (10.124.6.3,10.124.3.2 [(Private Address) (XX) - (Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\\[...]\\CCSet\\[...]\\{47AF739C-9211-470F-8886-1F12156AA75E} : NameServer (10.124.6.3,10.124.3.2 [(Private Address) (XX) - (Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\\[...]\\CS001\\[...]\\{28C31212-6713-4A47-8872-34C779D8B726} : NameServer (10.124.6.3,10.124.3.2 [(Private Address) (XX) - (Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\\[...]\\CS001\\[...]\\{47AF739C-9211-470F-8886-1F12156AA75E} : NameServer (10.124.6.3,10.124.3.2 [(Private Address) (XX) - (Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\\[...]\\CS002\\[...]\\{28C31212-6713-4A47-8872-34C779D8B726} : NameServer (10.124.6.3,10.124.3.2 [(Private Address) (XX) - (Private Address) (XX)]) -> FOUND
[DNS][PUM] HKLM\\[...]\\CS002\\[...]\\{47AF739C-9211-470F-8886-1F12156AA75E} : NameServer (10.124.6.3,10.124.3.2 [(Private Address) (XX) - (Private Address) (XX)]) -> FOUND
[HJ POL][PUM] HKLM\\[...]\\System : DisableRegistryTools (0) -> FOUND
[HJ POL][PUM] HKLM\\[...]\\Wow6432Node\\[...]\\System : DisableRegistryTools (0) -> FOUND
[HJ DESK][PUM] HKCU\\[...]\\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\\[...]\\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\\[...]\\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] {36F70C1E-1BB9-45C8-8A68-795DD7310B8F} : C:\\Users\\Felicia\\Documents\\epson13800.exe
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\\System32\\drivers\\etc\\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\\\.\\PHYSICALDRIVE0 @ IDE) WDC WD6400AAKS-75A7B2 +++++
--- User ---
[MBR] 232f66ac13ae401c9fa75f6d04903bbc
[BSP] b689a285b9fb589571be9d69c096bbe2 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30801920 | Size: 595439 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_01272014_154820.txt >>
OTL Extras logfile created on: 1/27/2014 4:31:20 PM - Run 7
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Felicia\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 0.66 Gb Available Physical Memory | 16.72% Memory free
7.93 Gb Paging File | 3.96 Gb Available in Paging File | 49.93% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 515.34 Gb Free Space | 88.62% Space Free | Partition Type: NTFS
Computer Name: FELICIA-PC | User Name: Felicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]
.html[@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\\Windows\\SysNative\\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<extension>]
.cpl [@ = cplfile] -- C:\\Windows\\SysWow64\\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\\Program Files\\Internet Explorer\\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\\SOFTWARE\\Classes\\<extension>]
.html [@ = FirefoxHTML] -- C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]
batfile [open] -- \"%1\" %*
cmdfile [open] -- \"%1\" %*
comfile [open] -- \"%1\" %*
exefile [open] -- \"%1\" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)
InternetShortcut [open] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\ieframe.dll\",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- \"C:\\Windows\\System32\\rundll32.exe\" \"C:\\Windows\\System32\\mshtml.dll\",PrintHTML \"%1\" (Microsoft Corporation)
piffile [open] -- \"%1\" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- \"%1\"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- \"%1\" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- \"C:\\Program Files (x86)\\FinePixViewer\\FinePixViewer.exe\" \"%1\" (FUJIFILM Corporation)
Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\<key>\\shell\\[command]\\command]
batfile [open] -- \"%1\" %*
cmdfile [open] -- \"%1\" %*
comfile [open] -- \"%1\" %*
cplfile [cplopen] -- %SystemRoot%\\System32\\control.exe \"%1\",%* (Microsoft Corporation)
exefile [open] -- \"%1\" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
htmlfile [opennew] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
http [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
https [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\\System32\\InfDefaultInstall.exe \"%1\" (Microsoft Corporation)
piffile [open] -- \"%1\" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- \"%1\"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- \"%1\" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\\system32\\rundll32.exe %SystemRoot%\\system32\\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd \"%V\" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- \"C:\\Program Files (x86)\\FinePixViewer\\FinePixViewer.exe\" \"%1\" (FUJIFILM Corporation)
Folder [open] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\\Explorer.exe (Microsoft Corporation)
Applications\\iexplore.exe [open] -- \"C:\\Program Files\\Internet Explorer\\iexplore.exe\" %1 (Microsoft Corporation)
CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]
\"cval\" = 1
\"FirewallDisableNotify\" = 0
\"AntiVirusDisableNotify\" = 0
\"UpdatesDisableNotify\" = 0
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]
\"VistaSp1\" = 28 4D B2 76 41 04 CA 01 [binary data]
\"AntiVirusOverride\" = 0
\"AntiSpywareOverride\" = 0
\"FirewallOverride\" = 0
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc\\Vol]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Security Center\\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRestore]
\"DisableSR\" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\StandardProfile]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile]
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\StandardProfile]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile]
\"EnableFirewall\" = 1
\"DisableNotifications\" = 0
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile]
\"EnableFirewall\" = 1
\"DisableNotifications\" = 0
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile\\GloballyOpenPorts\\List]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\PublicProfile]
\"EnableFirewall\" = 1
\"DisableNotifications\" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\DomainProfile\\AuthorizedApplications\\List]
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\StandardProfile\\AuthorizedApplications\\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]
\"{0FC46780-670D-41D2-A84C-D77B00E36264}\" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{1E4DD5DB-DFB8-4578-B0D8-FB9AE8DD37F4}\" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
\"{2129D737-9FC7-4A44-8024-3C012638171D}\" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
\"{38FC54DA-0652-4FA6-BA20-8BE90B44C7A0}\" = lport=2869 | protocol=6 | dir=in | app=system |
\"{45A67D00-7F90-4AD4-A338-A8BEB40666A8}\" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{4ADEA3CD-956E-4D80-81DD-A128E7CFF190}\" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{712F025E-0700-4772-8190-8BD0AF1602DA}\" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\\system32\\svchost.exe |
\"{B9FA8F25-8B53-42E6-95D2-25EF301C5003}\" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{C2989F77-F569-488C-B7B5-11DAB0937BA0}\" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\\system32\\svchost.exe |
\"{CA4A663D-B57C-46FD-A5A6-06199FB971AB}\" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\\system32\\svchost.exe |
\"{DAB1134F-4B99-42EF-BE16-53E0C6E81E08}\" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\\system32\\svchost.exe |
\"{E76CDECB-3C85-430C-8ACD-F8CF572D95CC}\" = rport=10243 | protocol=6 | dir=out | app=system |
\"{EF451AFE-EF64-44C4-AAE7-4BB52EBDF7B7}\" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\SharedAccess\\Parameters\\FirewallPolicy\\FirewallRules]
\"{02520969-B3B2-4ED6-A055-DE9A3948ABF1}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpqkygrp.exe |
\"{02997667-1300-4E34-A9DF-22B3DFF99B3B}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\vmware\\vmware player\\vmware-authd.exe |
\"{05329F07-E4AD-4F61-8860-4A7EE26604FD}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpiscnapp.exe |
\"{056E2BC2-080F-4E29-A6E2-D5321046DE97}\" = protocol=17 | dir=in | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{0BF7296E-DDAC-400F-B9D3-C3934388BBB1}\" = protocol=6 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{12F426AE-00EE-4511-8202-70197CFECB91}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\java\\jre7\\bin\\java.exe |
\"{2A58D922-E6B4-4369-B6DC-E0FD2EC4462B}\" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\\system32\\svchost.exe |
\"{2C154FEA-5764-4A0E-A751-39A4901AA963}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{2C8DC7B5-AAC6-46EE-B7AA-2AFB15C04863}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpofxs08.exe |
\"{3F6DC82A-40D6-4E0B-AE41-1827CC8D14C0}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpofxm08.exe |
\"{422E00A1-CC01-4081-B0B8-F2284E7F3085}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{46E69323-96AA-4A00-83B9-C18549EE1455}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{4A8C0A73-EB74-4D56-9F27-BE8680727034}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{50988375-AFE1-4815-B4AB-BC52479139E6}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpqfxt08.exe |
\"{50B22E8C-67AF-445F-B40F-C8E8BEEC2535}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{51047BC1-0F81-45DD-A7A4-465F2B4EABE2}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpfccopy.exe |
\"{5F83F952-B6EC-4659-B527-718D85BCC070}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmpnetwk.exe |
\"{60929691-42A5-45AF-9F60-2847E27287E5}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe |
\"{66E157BC-E20A-4219-BA75-A6B23AD26EBF}\" = protocol=6 | dir=in | app=c:\\users\\felicia\\appdata\\local\\temp\\7zs7294\\hppiw.exe |
\"{6B04CF39-ED7E-49FE-8430-BDED30D7035B}\" = protocol=17 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{7178F141-0F62-4E9E-8216-1C818E3B34AB}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe |
\"{8EA8541D-1BA6-434F-983D-D9B9FA9A585C}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpqusgm.exe |
\"{92698516-B4D2-4507-8579-66BD448D79F6}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpzwiz01.exe |
\"{93518408-2EFA-4FDF-9B77-398DB55EC99C}\" = dir=in | app=c:\\program files (x86)\\windows live\\contacts\\wlcomm.exe |
\"{9781DCD6-94C1-4D6C-A040-22500D9152E6}\" = protocol=6 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{984857A0-1012-4714-B52F-232FB392324A}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpqtra08.exe |
\"{A496C92B-CA64-4F42-8291-4D87A87D1FBC}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\java\\jre7\\bin\\java.exe |
\"{A7F7CCF5-E2E7-4D94-9BD9-35BA4154F1B2}\" = dir=in | app=c:\\program files (x86)\\hp\\hp software update\\hpwucli.exe |
\"{AC957E4E-F8A0-4DCA-B306-C06558379705}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpqusgh.exe |
\"{B0C610FB-4687-4CD0-AD24-439800CA0A79}\" = protocol=17 | dir=in | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{B422B303-C547-4C44-8E57-E9FD844ADDA6}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe |
\"{BC6900BD-9FEA-47F0-869A-4148F8EC8008}\" = protocol=17 | dir=out | app=%programfiles(x86)%\\windows media player\\wmplayer.exe |
\"{BFDE8DCE-B62A-4518-A735-8C7EE31277F1}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hposfx08.exe |
\"{C48B4CDD-E096-4A80-8238-4834A5F26598}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\vmware\\vmware player\\vmware-authd.exe |
\"{D1BE20F4-ED7E-48B7-A85B-3DD0D913469B}\" = protocol=6 | dir=out | app=%programfiles%\\windows media player\\wmplayer.exe |
\"{D588AD7F-2633-4A5A-8D0D-DB27A78B6B8F}\" = dir=in | app=c:\\program files (x86)\\common files\\apple\\apple application support\\webkit2webprocess.exe |
\"{D669DE8E-2797-4880-89C0-80E5677DA29E}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hposid01.exe |
\"{E1DB8E27-BA41-4B0D-80FC-B9FCDDB260D8}\" = protocol=17 | dir=in | app=c:\\users\\felicia\\appdata\\local\\temp\\7zs7294\\hppiw.exe |
\"{E7F2D758-09BB-4AAD-BB29-475DAC008BB8}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\vmware\\vmware player\\vmware-authd.exe |
\"{E8AB8DD4-1B0B-45B4-822D-384EB96108D4}\" = protocol=6 | dir=out | app=system |
\"{F30F76F4-CE9C-459B-B5DC-789F0B4CD3A6}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpqste08.exe |
\"{F52336C3-F222-4FEB-8C90-CED1FC64AA33}\" = protocol=17 | dir=in | app=c:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe |
\"{FD676ECF-2226-4DAE-A871-192A735C2291}\" = dir=in | app=c:\\program files (x86)\\hp\\digital imaging\\bin\\hpoews01.exe |
\"{FFD879A5-5762-482E-A1E2-C8D624802192}\" = protocol=6 | dir=in | app=c:\\program files (x86)\\vmware\\vmware player\\vmware-authd.exe |
\"TCP Query User{8236640D-8B0D-4A17-8D52-90C7B50E2613}C:\\program files (x86)\\java\\jre7\\bin\\java.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\java\\jre7\\bin\\java.exe |
\"TCP Query User{B99E6F15-B592-44F3-82A4-5204A1871177}C:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe |
\"TCP Query User{DD2FDA32-0549-4BF4-8C56-754F69209E3D}C:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe\" = protocol=6 | dir=in | app=c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe |
\"UDP Query User{8573CFA6-B54F-4446-A774-9078ED4F27A7}C:\\program files (x86)\\java\\jre7\\bin\\java.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\java\\jre7\\bin\\java.exe |
\"UDP Query User{A6D0F0A7-1C1B-42A5-9C3E-D367D4C74E9E}C:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\yahoo!\\messenger\\yahoomessenger.exe |
\"UDP Query User{DC859ADD-B1F9-4842-8686-3DEAF1C05D56}C:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe\" = protocol=17 | dir=in | app=c:\\program files (x86)\\epson software\\event manager\\eeventmanager.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{027E5FAB-1476-4C59-AAB4-32EF28520399}\" = Windows Live Language Selector
\"{071c9b48-7c32-4621-a0ac-3f809523288f}\" = Microsoft Visual C++ 2005 Redistributable (x64)
\"{0C826C5B-B131-423A-A229-C71B3CACCD6A}\" = CDDRV_Installer
\"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}\" = Windows Live ID Sign-in Assistant
\"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}\" = 64 Bit HP CIO Components Installer
\"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}\" = Dell Edoc Viewer
\"{90140000-002A-0000-1000-0000000FF1CE}\" = Microsoft Office Office 64-bit Components 2010
\"{90140000-002A-0409-1000-0000000FF1CE}\" = Microsoft Office Shared 64-bit MUI (English) 2010
\"{90140000-0116-0409-1000-0000000FF1CE}\" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
\"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}\" = Intel® Matrix Storage Manager
\"{95120000-00B9-0409-1000-0000000FF1CE}\" = Microsoft Application Error Reporting
\"{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}\" = Network64
\"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}\" = Microsoft Visual C++ 2005 Redistributable (x64)
\"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}\" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
\"{C73A3942-84C8-4597-9F9B-EE227DCBA758}\" = Dell Dock
\"{DA54F80E-261C-41A2-A855-549A144F2F59}\" = Windows Live MIME IFilter
\"{E102B843-786A-4F58-AF75-6504570E207B}\" = Microsoft Security Client
\"{E5083D57-D93F-404C-A91F-1C50D67C2BEB}\" = HP Officejet 4500 G510g-m
\"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}\" = KhalInstallWrapper
\"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}\" = Microsoft .NET Framework 4 Client Profile
\"CCleaner\" = CCleaner
\"HDMI\" = Intel(R) Graphics Media Accelerator Driver
\"HP Document Manager\" = HP Document Manager 2.0
\"HP Imaging Device Functions\" = HP Imaging Device Functions 13.0
\"HPExtendedCapabilities\" = HP Customer Participation Program 13.0
\"HPOCR\" = OCR Software by I.R.I.S. 13.0
\"Microsoft .NET Framework 4 Client Profile\" = Microsoft .NET Framework 4 Client Profile
\"Microsoft Security Client\" = Microsoft Security Essentials
\"Shop for HP Supplies\" = Shop for HP Supplies
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}\" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
\"{0B0F231F-CE6A-483D-AA23-77B364F75917}\" = Windows Live Installer
\"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}\" = Dell DataSafe Local Backup
\"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}\" = Scan
\"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\" = Windows Installer Clean Up
\"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}\" = Dell DataSafe Online
\"{13A5E785-5197-4EAD-8EE3-D660271E49BC}\" = Feedback Tool
\"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}\" = Microsoft Works
\"{175F0111-2968-4935-8F70-33108C6A4DE3}\" = MarketResearch
\"{19BA08F7-C728-469C-8A35-BFBD3633BE08}\" = Windows Live Movie Maker
\"{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}\" = WN111v2
\"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}\" = Junk Mail filter update
\"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}\" = Windows Live SOXE Definitions
\"{218081EE-C83D-46A6-9382-9AB77B99AAA1}_is1\" = Typing Trainer 8.0
\"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}\" = DeviceDiscovery
\"{24ED4D80-8294-11D5-96CD-0040266301AD}\" = FinePixViewer Ver.5.5
\"{26A24AE4-039D-4CA4-87B4-2F83217025FF}\" = Java 7 Update 51
\"{28379381-B56A-43e1-B505-3098D82B1C30}\" = 4500G510gm_Software_Min
\"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}\" = RealUpgrade 1.1
\"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}\" = BufferChm
\"{3336F667-9049-4D46-98B6-4C743EEBC5B1}\" = Windows Live Photo Gallery
\"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}\" = Windows Live Photo Gallery
\"{35505AE1-27E2-4206-B3BF-58771803B8D0}\" = IncrediMail
\"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\" = RealDownloader
\"{43CDF946-F5D9-4292-B006-BA0D92013021}\" = WebReg
\"{480E1853-1801-491B-BD5E-92F554380574}\" = RAVE Downloader
\"{4A03706F-666A-4037-7777-5F2748764D10}\" = Java Auto Updater
\"{5490882C-6961-11D5-BAE5-00E0188E010B}\" = FUJIFILM USB Driver
\"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}\" = Windows Live UX Platform Language Pack
\"{5A0C892E-FD1C-4203-941E-0956AED20A6A}\" = APC PowerChute Personal Edition
\"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}\" = Apple Application Support
\"{5FDFCCA0-59EC-4162-B0B8-632EEE3DF787}\" = WebIQ Technology Engine
\"{612C34C7-5E90-47D8-9B5C-0F717DD82726}\" = swMSM
\"{65EB09A3-993B-401E-8936-C9708CBFAB26}\" = FinePixViewer YTUPL
\"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\" = PowerDVD DX
\"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}\" = Windows Live SOXE
\"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}\" = HPSSupply
\"{6BBA26E9-AB03-4FE7-831A-3535584CA002}\" = Toolbox
\"{7059BDA7-E1DB-442C-B7A1-6144596720A4}\" = HP Update
\"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}\" = Microsoft Visual C++ 2005 Redistributable
\"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}\" = RealNetworks - Microsoft Visual C++ 2008 Runtime
\"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\" = Apple Software Update
\"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}\" = Dell Getting Started Guide
\"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}\" = Microsoft Visual C++ 2005 Redistributable
\"{83C292B7-38A5-440B-A731-07070E81A64F}\" = Windows Live PIMT Platform
\"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}\" = MSVCRT
\"{90120000-0020-0409-0000-0000000FF1CE}\" = Compatibility Pack for the 2007 Office system
\"{90140000-0015-0409-0000-0000000FF1CE}\" = Microsoft Office Access MUI (English) 2010
\"{90140000-0016-0409-0000-0000000FF1CE}\" = Microsoft Office Excel MUI (English) 2010
\"{90140000-0018-0409-0000-0000000FF1CE}\" = Microsoft Office PowerPoint MUI (English) 2010
\"{90140000-0019-0409-0000-0000000FF1CE}\" = Microsoft Office Publisher MUI (English) 2010
\"{90140000-001A-0409-0000-0000000FF1CE}\" = Microsoft Office Outlook MUI (English) 2010
\"{90140000-001B-0409-0000-0000000FF1CE}\" = Microsoft Office Word MUI (English) 2010
\"{90140000-001F-0409-0000-0000000FF1CE}\" = Microsoft Office Proof (English) 2010
\"{90140000-001F-040C-0000-0000000FF1CE}\" = Microsoft Office Proof (French) 2010
\"{90140000-001F-0C0A-0000-0000000FF1CE}\" = Microsoft Office Proof (Spanish) 2010
\"{90140000-002C-0409-0000-0000000FF1CE}\" = Microsoft Office Proofing (English) 2010
\"{90140000-003D-0000-0000-0000000FF1CE}\" = Microsoft Office Single Image 2010
\"{90140000-006E-0409-0000-0000000FF1CE}\" = Microsoft Office Shared MUI (English) 2010
\"{90140000-00A1-0409-0000-0000000FF1CE}\" = Microsoft Office OneNote MUI (English) 2010
\"{90140000-0115-0409-0000-0000000FF1CE}\" = Microsoft Office Shared Setup Metadata MUI (English) 2010
\"{90140000-0117-0409-0000-0000000FF1CE}\" = Microsoft Office Access Setup Metadata MUI (English) 2010
\"{92A51949-EE4C-466D-AAF0-99E74A49A63F}\" = DocMgr
\"{92EA4134-10D1-418A-91E1-5A0453131A38}\" = Windows Live Movie Maker
\"{9A25302D-30C0-39D9-BD6F-21E6EC160475}\" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
\"{9B362566-EC1B-4700-BB9C-EC661BDE2175}\" = DocProc
\"{9BE518E6-ECC6-35A9-88E4-87755C07200F}\" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
\"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}\" = Internet TV for Windows Media Center
\"{9D56775A-93F3-44A3-8092-840E3826DE30}\" = Windows Live Mail
\"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}\" = Roxio Burn
\"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}\" = erLT
\"{A53A11EA-0095-493F-86FA-A15E8A86A405}\" = VMware Player
\"{A726AE06-AAA3-43D1-87E3-70F510314F04}\" = Windows Live Writer
\"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}\" = Google Update Helper
\"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}\" = Dell DataSafe Local Backup - Support Software
\"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}\" = Windows Live Photo Common
\"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\" = Windows Live Writer
\"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}\" = RealNetworks - Microsoft Visual C++ 2010 Runtime
\"{AAF454FC-82CA-4F29-AB31-6A109485E76E}\" = Windows Live Writer
\"{AC76BA86-7AD7-1033-7B44-AB0000000001}\" = Adobe Reader XI (11.0.06)
\"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}\" = Status
\"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}\" = Roxio Burn
\"{B44529FF-501E-47CD-A06D-223C161BE058}\" = FinePixViewer Resource
\"{B67BAFBA-4C9F-48FA-9496-933E3B255044}\" = QuickTime
\"{BBF08789-06CB-4D2F-9330-CD617AFDE528}\" = Fax
\"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}\" = Destinations
\"{BE0D4271-69C9-4f28-AD9B-BB33D126A30E}\" = 4500G510gm
\"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}\" = Windows Live Mail
\"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\" = SUPERAntiSpyware Free Edition
\"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}\" = Windows Live UX Platform
\"{D0B44725-3666-492D-BEF6-587A14BD9BD9}\" = MSVCRT_amd64
\"{D436F577-1695-4D2F-8B44-AC76C99E0002}\" = Windows Live Photo Common
\"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}\" = Windows Live Communications Platform
\"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}\" = TrayApp
\"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}\" = Windows Live Writer Resources
\"{DF0B357C-5874-47D0-81E7-79AA890B0CE0}\" = 4500_G510gm_Help
\"{E09C4DB7-630C-4F06-A631-8EA7239923AF}\" = D3DX10
\"{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}\" = Windows Media Center Add-in for Flash
\"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\" = Microsoft SQL Server 2005 Compact Edition [ENU]
\"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\" = Realtek High Definition Audio Driver
\"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\" = Logitech SetPoint
\"{F47C37A4-7189-430A-B81D-739FF8A7A554}\" = Consumer In-Home Service Agreement
\"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}\" = Windows Live Essentials
\"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}\" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
\"Adobe Flash Player ActiveX\" = Adobe Flash Player 11 ActiveX
\"Adobe Flash Player Plugin\" = Adobe Flash Player 12 Plugin
\"Adobe Shockwave Player\" = Adobe Shockwave Player 12.0
\"Coupon Printer for Windows5.0.0.3\" = Coupon Printer for Windows
\"Dell Dock\" = Dell Dock
\"Google Chrome\" = Google Chrome
\"IncrediMail\" = IncrediMail 2.0
\"Mozilla Firefox 26.0 (x86 en-US)\" = Mozilla Firefox 26.0 (x86 en-US)
\"MozillaMaintenanceService\" = Mozilla Maintenance Service
\"Office14.SingleImage\" = Microsoft Office Home and Student 2010
\"RealPlayer 16.0\" = RealPlayer
\"WinLiveSuite\" = Windows Live Essentials
\"Yahoo! Companion\" = Yahoo! Toolbar
\"Yahoo! Messenger\" = Yahoo! Messenger
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall]
\"{B64BC516-2406-43AE-A21A-1E387A2343B1}\" = Content Manager
\"f031ef6ac137efc5\" = Dell Driver Download Manager
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 1/22/2014 12:19:30 AM | Computer Name = Felicia-PC | Source = APC UPS Service | ID = 61456
Description = PowerChute not communicating with the battery backup.
Error - 1/22/2014 10:12:30 PM | Computer Name = Felicia-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\\recordingmanager.exe\".
Dependent
Assembly rpshellextension.1.0,language=\"*\",type=\"win32\",version=\"1.0.0.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/23/2014 12:17:10 AM | Computer Name = Felicia-PC | Source = APC UPS Service | ID = 61456
Description = PowerChute not communicating with the battery backup.
Error - 1/24/2014 1:22:14 AM | Computer Name = Felicia-PC | Source = Application Hang | ID = 1002
Description = The program IEXPLORE.EXE version 11.0.9600.16428 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 11b0 Start
Time: 01cf1895c5a819b5 Termination Time: 507 Application Path: C:\\Program Files (x86)\\Internet
Explorer\\IEXPLORE.EXE Report Id:
Error - 1/24/2014 7:57:41 PM | Computer Name = Felicia-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\\recordingmanager.exe\".
Dependent
Assembly rpshellextension.1.0,language=\"*\",type=\"win32\",version=\"1.0.0.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/24/2014 10:02:25 PM | Computer Name = Felicia-PC | Source = APC UPS Service | ID = 61456
Description = PowerChute not communicating with the battery backup.
Error - 1/26/2014 2:03:31 PM | Computer Name = Felicia-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\\recordingmanager.exe\".
Dependent
Assembly rpshellextension.1.0,language=\"*\",type=\"win32\",version=\"1.0.0.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/27/2014 2:07:07 AM | Computer Name = Felicia-PC | Source = APC UPS Service | ID = 61456
Description = PowerChute not communicating with the battery backup.
Error - 1/27/2014 2:44:11 AM | Computer Name = Felicia-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for \"C:\\Windows\\Installer\\{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}\\recordingmanager.exe\".
Dependent
Assembly rpshellextension.1.0,language=\"*\",type=\"win32\",version=\"1.0.0.0\"
could not be found. Please use sxstrace.exe for detailed diagnosis.
Error - 1/27/2014 5:00:35 PM | Computer Name = Felicia-PC | Source = APC UPS Service | ID = 61456
Description = PowerChute not communicating with the battery backup.
[ Dell Events ]
Error - 6/7/2011 1:48:11 AM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/14/2011 1:48:06 AM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/14/2011 1:48:06 AM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/17/2011 8:00:39 PM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 6/17/2011 8:00:40 PM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 7/11/2011 10:45:17 PM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 7/11/2011 10:45:18 PM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/5/2011 12:22:19 AM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/5/2011 12:22:19 AM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
Error - 11/5/2011 12:22:49 AM | Computer Name = Felicia-PC | Source = DataSafe | ID = 17
Description = The process was interrupted before completion.
[ System Events ]
Error - 1/24/2014 7:02:23 PM | Computer Name = Felicia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
Error - 1/25/2014 7:12:34 PM | Computer Name = Felicia-PC | Source = Application Popup | ID = 1060
Description = \\??\\C:\\Program Files (x86)\\SUPERAntiSpyware\\SASKUTIL.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 1/25/2014 7:12:34 PM | Computer Name = Felicia-PC | Source = Application Popup | ID = 1060
Description = \\??\\C:\\Program Files (x86)\\SUPERAntiSpyware\\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 1/25/2014 7:13:04 PM | Computer Name = Felicia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
Error - 1/26/2014 11:06:26 AM | Computer Name = Felicia-PC | Source = Application Popup | ID = 1060
Description = \\??\\C:\\Program Files (x86)\\SUPERAntiSpyware\\SASKUTIL.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 1/26/2014 11:06:26 AM | Computer Name = Felicia-PC | Source = Application Popup | ID = 1060
Description = \\??\\C:\\Program Files (x86)\\SUPERAntiSpyware\\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 1/26/2014 11:06:46 AM | Computer Name = Felicia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
Error - 1/27/2014 11:43:39 AM | Computer Name = Felicia-PC | Source = Application Popup | ID = 1060
Description = \\??\\C:\\Program Files (x86)\\SUPERAntiSpyware\\SASKUTIL.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 1/27/2014 11:43:39 AM | Computer Name = Felicia-PC | Source = Application Popup | ID = 1060
Description = \\??\\C:\\Program Files (x86)\\SUPERAntiSpyware\\SASDIFSV.SYS has been
blocked from loading due to incompatibility with this system. Please contact your
software vendor for a compatible version of the driver.
Error - 1/27/2014 11:43:56 AM | Computer Name = Felicia-PC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SASDIFSV SASKUTIL
< End of report >
OTL logfile created on: 1/16/2014 11:09:23 AM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Felicia\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 29.28% Memory free
7.93 Gb Paging File | 3.74 Gb Available in Paging File | 47.16% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 517.33 Gb Free Space | 88.97% Space Free | Partition Type: NTFS
Computer Name: FELICIA-PC | User Name: Felicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/16 11:08:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
PRC - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe
PRC - [2013/08/06 22:14:57 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe
PRC - [2013/07/02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jucheck.exe
PRC - [2013/04/16 02:07:08 | 000,039,056 | ---- | M] () -- C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\rndlresolversvc.exe
PRC - [2009/08/14 19:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe
PRC - [2009/08/14 19:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnat.exe
PRC - [2009/08/14 19:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe
PRC - [2009/07/20 03:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
PRC - [2009/06/09 08:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe
PRC - [2009/06/04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe
PRC - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe
PRC - [2007/07/19 16:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe
========== Modules (No Company Name) ==========
MOD - [2009/07/20 03:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/11/26 03:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/20 11:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/06/09 08:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe -- (DockLoginService)
SRV - [2013/12/21 19:09:25 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/10 20:57:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/19 05:01:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\\Users\\Felicia\\AppData\\Local\\Temp\\7zS7294\\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2013/04/16 02:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2011/01/13 13:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\\Program Files (x86)\\Dell DataSafe Local Backup\\SftService.exe -- (SftService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/14 19:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/08/14 19:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnat.exe -- (VMware NAT Service)
SRV - [2009/08/14 19:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe -- (VMAuthdService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe -- (IAANTMON)
SRV - [2008/12/01 10:49:02 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-ufad.exe -- (ufad-ws60)
SRV - [2007/07/19 16:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe -- (APC UPS Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/14 19:20:54 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\hcmon.sys -- (hcmon)
DRV:64bit: - [2009/08/14 19:20:48 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009/08/14 19:20:44 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmci.sys -- (vmci)
DRV:64bit: - [2009/08/14 19:20:44 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2009/08/14 19:14:28 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmx86.sys -- (vmx86)
DRV:64bit: - [2009/08/14 12:40:04 | 000,038,960 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009/08/14 12:40:04 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009/07/30 21:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 18:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/17 10:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009/06/17 10:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 10:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 10:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009/06/17 10:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 06:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WimFltr.sys -- (WimFltr)
DRV - [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
DRV - [2008/12/01 10:46:58 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vstor2-ws60.sys -- (vstor2-ws60)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope =
IE:64bit: - HKLM\\..\\SearchScopes\\{5AAEB2D7-D0EB-47E4-94BF-54BC862E9E8F}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
IE - HKLM\\..\\SearchScopes,DefaultScope =
IE - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\..\\SearchScopes\\{A136A9CC-255C-4131-AAB3-7407C8B4C1E5}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://att.my.yahoo.com/\'>http://att.my.yahoo.com/
IE - HKCU\\..\\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\\Program Files (x86)\\Yahoo!\\Companion\\Installs\\cpn\\yt.dll (Yahoo! Inc.)
IE - HKCU\\..\\SearchScopes,DefaultScope = {6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}
IE - HKCU\\..\\SearchScopes\\{03B0EE02-7915-4D0C-BAE9-17A3827F4713}: \"URL\" = http://search.yahoo.com/search?fr=mcafee&p=%7BSearchTerms\'>http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7&rlz=1I7ADSA_en\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_en
IE - HKCU\\..\\SearchScopes\\{6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}: \"URL\" = http://search.yahoo.com/search?fr=chr-atty&p=%7BsearchTerms\'>http://search.yahoo.com/search?fr=chr-atty&p={searchTerms}
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.43
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~1\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_9_900_170.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/ShockwavePlayer: C:\\Windows\\SysWOW64\\Adobe\\Director\\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.45.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.45.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@mcafee.com/MVT: C:\\Program Files (x86)\\McAfee\\Supportability\\MVT\\NPMVTPlugin.dll File not found
FF - HKLM\\Software\\MozillaPlugins\\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\\Program Files (x86)\\Yahoo!\\Shared\\npYState.dll (Yahoo! Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/SharePoint,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3502.0922: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3508.1109: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3555.0308: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@real.com/nppl3260;version=16.0.2.32: C:\\Program Files (x86)\\Real\\RealPlayer\\Netscape6\\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\\ProgramData\\RealNetworks\\RealDownloader\\BrowserPlugins\\MozillaPlugins\\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\\ProgramData\\RealNetworks\\RealDownloader\\BrowserPlugins\\MozillaPlugins\\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\\ProgramData\\RealNetworks\\RealDownloader\\BrowserPlugins\\MozillaPlugins\\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@real.com/nprpplugin;version=16.0.2.32: C:\\Program Files (x86)\\Real\\RealPlayer\\Netscape6\\nprpplugin.dll (RealPlayer)
FF - HKLM\\Software\\MozillaPlugins\\@realnetworks.com/npdlplugin;version=1: C:\\ProgramData\\RealNetworks\\RealDownloader\\BrowserPlugins\\npdlplugin.dll (RealDownloader)
FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Firefox\\Extensions\\\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\\ProgramData\\RealNetworks\\RealDownloader\\BrowserPlugins\\Firefox\\Ext\\ [2013/08/06 22:15:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2013/12/21 19:09:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/01/16 10:08:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Components: C:\\Program Files (x86)\\Mozilla Firefox\\components [2013/12/21 19:09:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\\software\\mozilla\\Mozilla Firefox 26.0\\extensions\\\\Plugins: C:\\Program Files (x86)\\Mozilla Firefox\\plugins [2014/01/16 10:08:45 | 000,000,000 | ---D | M]
[2013/08/06 20:33:46 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Felicia\\AppData\\Roaming\\Mozilla\\Extensions
[2013/12/12 21:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\\Users\\Felicia\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\vy0vsd08.default\\extensions
[2013/12/12 21:52:19 | 000,000,000 | ---D | M] (KeyBar 1.
-- C:\\Users\\Felicia\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\vy0vsd08.default\\extensions\\{9ed31f84-c8b3-4926-b950-dff74047ff79}
[2013/10/24 18:50:03 | 000,000,000 | ---D | M] (Tube Dimmer) -- C:\\Users\\Felicia\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\vy0vsd08.default\\extensions\\[email protected]
[2013/10/24 18:38:10 | 000,000,997 | ---- | M] () -- C:\\Users\\Felicia\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\vy0vsd08.default\\searchplugins\\conduit.xml
[2013/12/21 19:09:01 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions
[2013/12/21 19:09:00 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions
[2013/12/21 19:09:29 | 000,000,000 | ---D | M] (Default) -- C:\\Program Files (x86)\\Mozilla Firefox\\browser\\extensions\\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/08/06 22:15:04 | 000,124,504 | ---- | M] (RealPlayer) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\nprpplugin.dll
[2011/03/24 09:07:32 | 000,002,024 | ---- | M] () -- C:\\Program Files (x86)\\mozilla firefox\\searchplugins\\McSiteAdvisor.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=022313\'>http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=022313
CHR - Extension: Google Docs = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aohghmighlieiainnegkcijnfilokake\\0.5_0\\
CHR - Extension: Google Drive = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf\\6.3_0\\
CHR - Extension: YouTube = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.6_0\\
CHR - Extension: Google Search = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.20_0\\
CHR - Extension: SiteAdvisor = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\fheoggkfdfchfphceeifdbepaooicaho\\3.6.3.1271_0\\
CHR - Extension: RealDownloader = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\idhngdhcfkoamngbedgpaokgjbnpdiji\\1.3.2_0\\
CHR - Extension: Google Wallet = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\nmmhkkegccagdldgiimedpiccmgmieda\\0.0.6.0_1\\
CHR - Extension: Gmail = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia\\7_0\\
O1 HOSTS File: ([2013/07/02 16:42:43 | 000,000,027 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\\Program Files (x86)\\Epson Software\\Easy Photo Print\\EPTBL.dll File not found
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\\Program Files (x86)\\Yahoo!\\Companion\\Installs\\cpn\\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\\ProgramData\\RealNetworks\\RealDownloader\\BrowserPlugins\\IE\\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\\Program Files (x86)\\Yahoo!\\Companion\\Installs\\cpn\\YTSingleInstance.dll (Yahoo! Inc)
O3:64bit: - HKLM\\..\\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\\Program Files (x86)\\Epson Software\\Easy Photo Print\\EPTBL.dll File not found
O3 - HKLM\\..\\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\\Program Files (x86)\\Yahoo!\\Companion\\Installs\\cpn\\yt.dll (Yahoo! Inc.)
O3 - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4:64bit: - HKLM..\\Run: [IAAnotif] C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [Kernel and Hardware Abstraction Layer] C:\\Windows\\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\\Run: [Logitech Download Assistant] C:\\Windows\\SysNative\\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\\Run: [MSC] c:\\Program Files\\Microsoft Security Client\\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\\Run: [APSDaemon] C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\\Run: [TkBellExe] C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\\Run: [CmTray] C:\\Users\\Felicia\\AppData\\Roaming\\Content Manager\\launchCM.exe ()
O4 - HKLM..\\RunOnce: [\"C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"] C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe (Dell)
O4 - Startup: C:\\Users\\Felicia\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock.lnk = File not found
O6 - HKLM\\Software\\Policies\\Microsoft\\Internet Explorer\\Restrictions present
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDrives = 0
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel present
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDrives = 0
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: LogonHoursAction = 2
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - Protocol_Catalog9\\Catalog_Entries64\\000000000011 - C:\\Program Files (x86)\\VMware\\VMware Player\\x64\\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\\Catalog_Entries64\\000000000012 - C:\\Program Files (x86)\\VMware\\VMware Player\\x64\\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000011 - C:\\Program Files (x86)\\VMware\\VMware Player\\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000012 - C:\\Program Files (x86)\\VMware\\VMware Player\\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O15 - HKCU\\..Trusted Domains: alpineaccess.com ([]* in Trusted sites)
O15 - HKCU\\..Trusted Domains: alpineaccess.net ([]* in Trusted sites)
O15 - HKCU\\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKCU\\..Trusted Ranges: Range2 ([http] in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab\'>http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab\'>http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID=%7B896A23A1-5821-4609-A6C6-6D5536C585C9\'>http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9} (WebIQ Engine Application Object)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab\'>http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB\'>http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442\'>http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442 (MUCatalogWebControl Class)
O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} http://treehouse.no-ip.biz/ActiveView.cab\'>http://treehouse.no-ip.biz/ActiveView.cab (ActiveView Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB\'>http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab\'>http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab\'>http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{28C31212-6713-4A47-8872-34C779D8B726}: NameServer = 10.124.6.3,10.124.3.2
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{471273CC-2F13-4283-A8E4-077C3C484F05}: DhcpNameServer = 192.168.1.254
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{47AF739C-9211-470F-8886-1F12156AA75E}: NameServer = 10.124.6.3,10.124.3.2
O18:64bit: - Protocol\\Handler\\ms-help - No CLSID value found
O18:64bit: - Protocol\\Handler\\ms-itss - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysWOW64\\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\\Notify\\GoToAssist: DllName - (C:\\Program Files (x86)\\Citrix\\GoToAssist\\514\\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\\Notify\\LBTWlgn: DllName - (c:\\program files\\common files\\logishrd\\bluetooth\\LBTWlgn.dll) - c:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\\Notify\\!SASWinLogon: DllName - (C:\\Program Files (x86)\\SUPERAntiSpyware\\SASWINLO.dll) - C:\\Program Files (x86)\\SUPERAntiSpyware\\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\\Program Files (x86)\\SUPERAntiSpyware\\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*
O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37:64bit: - HKLM\\...com [@ = ComFile] -- \"%1\" %*
O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O37 - HKLM\\...com [@ = ComFile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/01/16 11:08:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
[2014/01/16 09:17:41 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\McAfee Security Scan Plus
[2014/01/16 09:17:38 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\McAfee Security Scan
[2014/01/16 00:57:50 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\McAfee
[2014/01/14 22:22:27 | 000,000,000 | ---D | C] -- C:\\Program Files\\McAfee.com
[2014/01/14 22:22:27 | 000,000,000 | ---D | C] -- C:\\Program Files\\McAfee
[2014/01/14 22:22:22 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\McAfee
[2014/01/14 21:29:20 | 000,000,000 | ---D | C] -- C:\\Program Files\\Common Files\\McAfee
[2014/01/12 16:44:31 | 000,000,000 | ---D | C] -- C:\\ProgramData\\HPSSUPPLY
[2014/01/11 22:58:16 | 000,000,000 | ---D | C] -- C:\\Program Files\\Microsoft Silverlight
[2014/01/11 22:58:16 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Microsoft Silverlight
[2013/12/30 21:43:03 | 000,000,000 | ---D | C] -- C:\\Users\\Felicia\\AppData\\Roaming\\PCHC
[2013/12/24 21:43:17 | 000,000,000 | ---D | C] -- C:\\Users\\Felicia\\AppData\\Local\\{59D4B796-5903-43EA-8562-2DD263B4CA6A}
[2013/12/21 19:09:00 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Mozilla Firefox
[2 C:\\Users\\Felicia\\AppData\\Local\\*.tmp files -> C:\\Users\\Felicia\\AppData\\Local\\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/01/16 11:08:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
[2014/01/16 10:57:00 | 000,000,830 | ---- | M] () -- C:\\Windows\\tasks\\Adobe Flash Player Updater.job
[2014/01/16 10:12:29 | 000,022,464 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/16 10:12:29 | 000,022,464 | -H-- | M] () -- C:\\Windows\\SysNative\\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/16 10:04:39 | 000,067,584 | --S- | M] () -- C:\\Windows\\bootstat.dat
[2014/01/16 10:04:28 | 3193,688,064 | -HS- | M] () -- C:\\hiberfil.sys
[2014/01/16 10:03:05 | 000,000,000 | -H-- | M] () -- C:\\Windows\\SysNative\\drivers\\Msft_Kernel_LUsbFilt_01005.Wdf
[2 C:\\Users\\Felicia\\AppData\\Local\\*.tmp files -> C:\\Users\\Felicia\\AppData\\Local\\*.tmp -> ]
========== Files Created - No Company Name ==========
[2014/01/16 10:03:05 | 000,000,000 | -H-- | C] () -- C:\\Windows\\SysNative\\drivers\\Msft_Kernel_LUsbFilt_01005.Wdf
[2013/08/29 23:42:10 | 000,203,703 | ---- | C] () -- C:\\Windows\\hpwins26.dat.temp
[2013/08/29 23:42:10 | 000,000,370 | ---- | C] () -- C:\\Windows\\hpwmdl26.dat.temp
[2013/08/29 22:45:56 | 000,204,350 | ---- | C] () -- C:\\Windows\\hpwins26.dat
[2013/08/29 22:45:55 | 000,000,370 | ---- | C] () -- C:\\Windows\\hpwmdl26.dat
[2013/07/02 16:34:16 | 000,256,000 | ---- | C] () -- C:\\Windows\\PEV.exe
[2013/07/02 16:34:16 | 000,208,896 | ---- | C] () -- C:\\Windows\\MBR.exe
[2013/07/02 16:34:16 | 000,098,816 | ---- | C] () -- C:\\Windows\\sed.exe
[2013/07/02 16:34:16 | 000,080,412 | ---- | C] () -- C:\\Windows\\grep.exe
[2013/07/02 16:34:16 | 000,068,096 | ---- | C] () -- C:\\Windows\\zip.exe
[2013/06/27 21:34:47 | 000,000,151 | ---- | C] () -- C:\\Windows\\Reimage.ini
[2011/06/17 00:34:30 | 000,001,246 | -HS- | C] () -- C:\\ProgramData\\2jfc8wwm7ycpfm031iq1747w633v26o7v3ik
[2011/05/14 21:48:19 | 000,000,032 | RH-- | C] () -- C:\\ProgramData\\hash.dat
[2011/04/13 20:33:50 | 000,000,632 | RHS- | C] () -- C:\\Users\\Felicia\\ntuser.pol
[2010/04/11 12:44:39 | 000,001,578 | -H-- | C] () -- C:\\Users\\Felicia\\AppData\\Roaming\\wklnhst.dat
[2010/04/07 12:01:49 | 000,004,608 | ---- | C] () -- C:\\Users\\Felicia\\AppData\\Local\\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/03 11:33:17 | 000,000,056 | -H-- | C] () -- C:\\ProgramData\\ezsidmv.dat
========== ZeroAccess Check ==========
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\\Windows\\assembly\\Desktop.ini
[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64
[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]
[HKEY_CURRENT_USER\\Software\\Classes\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32] /64
[HKEY_CURRENT_USER\\Software\\Classes\\Wow6432node\\clsid\\{fbeb8a05-beee-4442-804e-409d6c4515e9}\\InProcServer32]
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Apartment
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{42aedc87-2188-41fd-b9a3-0c966feabec1}\\InProcServer32]
\"\" = %SystemRoot%\\system32\\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Apartment
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\wbem\\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Free
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\\InProcServer32]
\"\" = %systemroot%\\system32\\wbem\\fastprox.dll -- [2010/11/20 06:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Free
[HKEY_LOCAL_MACHINE\\Software\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32] /64
\"\" = C:\\Windows\\SysNative\\wbem\\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
\"ThreadingModel\" = Both
[HKEY_LOCAL_MACHINE\\Software\\Wow6432Node\\Classes\\clsid\\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 125 bytes -> C:\\ProgramData\\TEMP:DFC5A2B2
@Alternate Data Stream - 123 bytes -> C:\\ProgramData\\TEMP:C46995DA
@Alternate Data Stream - 109 bytes -> C:\\ProgramData\\TEMP:A8ADE5D8
< End of report >
OTL logfile created on: 1/16/2014 11:09:23 AM - Run 6
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Felicia\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.16 Gb Available Physical Memory | 29.28% Memory free
7.93 Gb Paging File | 3.74 Gb Available in Paging File | 47.16% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 517.33 Gb Free Space | 88.97% Space Free | Partition Type: NTFS
Computer Name: FELICIA-PC | User Name: Felicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/01/16 11:08:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
PRC - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe
PRC - [2013/08/06 22:14:57 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\\Program Files (x86)\\Real\\RealPlayer\\Update\\realsched.exe
PRC - [2013/07/02 09:16:32 | 000,507,264 | ---- | M] (Oracle Corporation) -- C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jucheck.exe
PRC - [2013/04/16 02:07:08 | 000,039,056 | ---- | M] () -- C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\rndlresolversvc.exe
PRC - [2009/08/14 19:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe
PRC - [2009/08/14 19:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnat.exe
PRC - [2009/08/14 19:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe
PRC - [2009/07/20 03:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
PRC - [2009/06/09 08:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe
PRC - [2009/06/04 18:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe
PRC - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe
PRC - [2007/07/19 16:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe
========== Modules (No Company Name) ==========
MOD - [2009/07/20 03:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/11/26 03:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Windows\\SysNative\\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/10/23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/20 11:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/06/09 08:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe -- (DockLoginService)
SRV - [2013/12/21 19:09:25 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\\Program Files (x86)\\Mozilla Maintenance Service\\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/10 20:57:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/19 05:01:38 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\\Users\\Felicia\\AppData\\Local\\Temp\\7zS7294\\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2013/04/16 02:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\\Program Files (x86)\\RealNetworks\\RealDownloader\\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2011/01/13 13:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\\Program Files (x86)\\Dell DataSafe Local Backup\\SftService.exe -- (SftService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/14 19:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/08/14 19:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnat.exe -- (VMware NAT Service)
SRV - [2009/08/14 19:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe -- (VMAuthdService)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 18:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe -- (IAANTMON)
SRV - [2008/12/01 10:49:02 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-ufad.exe -- (ufad-ws60)
SRV - [2007/07/19 16:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe -- (APC UPS Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/09/27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 07:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 05:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/25 19:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/14 19:20:54 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\hcmon.sys -- (hcmon)
DRV:64bit: - [2009/08/14 19:20:48 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009/08/14 19:20:44 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmci.sys -- (vmci)
DRV:64bit: - [2009/08/14 19:20:44 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2009/08/14 19:14:28 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmx86.sys -- (vmx86)
DRV:64bit: - [2009/08/14 12:40:04 | 000,038,960 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009/08/14 12:40:04 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009/07/30 21:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 18:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 18:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/17 10:54:46 | 000,040,976 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2009/06/17 10:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 10:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 10:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009/06/17 10:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 20:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 06:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2006/11/01 10:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WimFltr.sys -- (WimFltr)
DRV - [2010/02/17 10:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 10:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 10:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
DRV - [2008/12/01 10:46:58 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vstor2-ws60.sys -- (vstor2-ws60)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope =
IE:64bit: - HKLM\\..\\SearchScopes\\{5AAEB2D7-D0EB-47E4-94BF-54BC862E9E8F}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
IE - HKLM\\..\\SearchScopes,DefaultScope =
IE - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\..\\SearchScopes\\{A136A9CC-255C-4131-AAB3-7407C8B4C1E5}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://att.my.yahoo.com/\'>http://att.my.yahoo.com/
IE - HKCU\\..\\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\\Program Files (x86)\\Yahoo!\\Companion\\Installs\\cpn\\yt.dll (Yahoo! Inc.)
IE - HKCU\\..\\SearchScopes,DefaultScope = {6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}
IE - HKCU\\..\\SearchScopes\\{03B0EE02-7915-4D0C-BAE9-17A3827F4713}: \"URL\" = http://search.yahoo.com/search?fr=mcafee&p=%7BSearchTerms\'>http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7&rlz=1I7ADSA_en\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_en
IE - HKCU\\..\\SearchScopes\\{6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}: \"URL\" = http://search.yahoo.com/search?fr=chr-atty&p=%7BsearchTerms\'>http://search.yahoo.com/search?fr=chr-atty&p={searchTerms}
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: support%40tubedimmerapp.com:2.6.43
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~1\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_9_900_170.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/ShockwavePlayer: C:\\Windows\\SysWOW64\\Adobe\\Director\\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.45.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\dtplugin\\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.45.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@mcafee.com/MVT: C:\\Program Files (x86)\\McAfee\\Supportability\\MVT\\NPMVTPlugin.dll File not found
FF - HKLM\\Software\\MozillaPlugins\\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\\Program Files (x86)\\Yahoo!\\Shared\\npYState.dll (Yahoo! Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/SharePoint,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3502.0922: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3508.1109: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3555.0308: C:\\Program Files (x86)\\
i keep receiving my ISP, AT&T, that they \"have received information that one or more devices using your internet connection may be part of a zombie network (\"botnet\")\" They give the IP address that the the bot traffic was observed on, which is my public IP address. Help!
ComboFix 13-07-02.03 - Felicia 07/02/2013 17:36:48.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4061.2770 [GMT -5:00]
Running from: c:\\users\\Felicia\\Desktop\\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\\programdata\\43638520
c:\\users\\Felicia\\AppData\\Local\\{1FEC78AB-4514-451D-B9D9-D8BDA5037AC6}
c:\\users\\Felicia\\AppData\\Local\\{1FEC78AB-4514-451D-B9D9-D8BDA5037AC6}\\chrome\\content\\overlay.xul
c:\\users\\Felicia\\AppData\\Local\\{1FEC78AB-4514-451D-B9D9-D8BDA5037AC6}\\install.rdf
.
.
((((((((((((((((((((((((( Files Created from 2013-06-02 to 2013-07-02 )))))))))))))))))))))))))))))))
.
.
2013-07-02 21:47 . 2013-07-02 21:47 76232 ----a-w- c:\\programdata\\Microsoft\\Microsoft Antimalware\\Definition Updates\\{CFAC2DB6-E85C-450A-8890-FC6A2C883BAC}\\offreg.dll
2013-07-02 21:45 . 2013-06-12 03:08 9552976 ----a-w- c:\\programdata\\Microsoft\\Microsoft Antimalware\\Definition Updates\\{CFAC2DB6-E85C-450A-8890-FC6A2C883BAC}\\mpengine.dll
2013-07-02 00:29 . 2013-06-12 03:08 9552976 ----a-w- c:\\programdata\\Microsoft\\Microsoft Antimalware\\Definition Updates\\Backup\\mpengine.dll
2013-06-28 03:58 . 2013-06-28 03:58 -------- d-----w- c:\\windows\\ERUNT
2013-06-28 03:57 . 2013-06-28 03:57 -------- d-----w- C:\\JRT
2013-06-28 03:42 . 2013-06-28 03:40 595712 ----a-w- c:\\program files (x86)\\Uninstall Information\\Ib\\79\\3683\\ib_uninstall.exe
2013-06-28 03:42 . 2012-12-19 20:53 19632 ----a-w- c:\\windows\\system32\\roboot64.exe
2013-06-28 03:42 . 2013-06-28 03:42 -------- d-----w- c:\\users\\Felicia\\AppData\\Local\\Programs
2013-06-25 03:55 . 2013-06-25 03:55 -------- d-----w- c:\\users\\Felicia\\AppData\\Roaming\\Oracle
2013-06-25 03:52 . 2013-06-25 03:52 -------- d-----w- c:\\program files (x86)\\Common Files\\Java
2013-06-25 03:52 . 2013-06-25 03:51 867240 ----a-w- c:\\windows\\SysWow64\\npDeployJava1.dll
2013-06-25 03:51 . 2013-06-25 03:51 96168 ----a-w- c:\\windows\\SysWow64\\WindowsAccessBridge-32.dll
2013-06-25 03:51 . 2013-06-25 03:51 -------- d-----w- c:\\program files (x86)\\Java
2013-06-25 03:50 . 2013-06-25 03:50 -------- d-----w- c:\\programdata\\McAfee
2013-06-25 01:30 . 2013-06-25 04:28 -------- d-----w- c:\\program files (x86)\\Belarc
2013-06-24 23:44 . 2013-04-17 07:02 1230336 ----a-w- c:\\windows\\SysWow64\\WindowsCodecs.dll
2013-06-24 23:44 . 2013-04-17 06:24 1424384 ----a-w- c:\\windows\\system32\\WindowsCodecs.dll
2013-06-24 16:55 . 2013-06-24 16:58 -------- d-----w- c:\\programdata\\SecTaskMan
2013-06-24 08:26 . 2013-06-24 08:26 9728 ---ha-w- c:\\windows\\SysWow64\\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-06-24 08:10 . 2012-12-16 17:11 46080 ----a-w- c:\\windows\\system32\\atmlib.dll
2013-06-24 08:10 . 2012-12-16 14:13 34304 ----a-w- c:\\windows\\SysWow64\\atmlib.dll
2013-06-24 08:10 . 2012-12-16 14:45 367616 ----a-w- c:\\windows\\system32\\atmfd.dll
2013-06-24 08:10 . 2012-12-16 14:13 295424 ----a-w- c:\\windows\\SysWow64\\atmfd.dll
2013-06-24 04:16 . 2013-02-27 06:02 111448 ----a-w- c:\\windows\\system32\\consent.exe
2013-06-24 04:15 . 2012-11-02 05:59 478208 ----a-w- c:\\windows\\system32\\dpnet.dll
2013-06-24 04:14 . 2012-11-30 04:53 274944 ----a-w- c:\\windows\\SysWow64\\KernelBase.dll
2013-06-24 04:07 . 2013-04-26 05:51 751104 ----a-w- c:\\windows\\system32\\win32spl.dll
2013-06-24 04:07 . 2013-04-26 04:55 492544 ----a-w- c:\\windows\\SysWow64\\win32spl.dll
2013-06-24 04:06 . 2012-11-23 03:13 68608 ----a-w- c:\\windows\\system32\\taskhost.exe
2013-06-24 04:06 . 2013-05-10 05:49 30720 ----a-w- c:\\windows\\system32\\cryptdlg.dll
2013-06-24 04:06 . 2013-05-10 03:20 24576 ----a-w- c:\\windows\\SysWow64\\cryptdlg.dll
2013-06-24 04:05 . 2013-01-24 06:01 223752 ----a-w- c:\\windows\\system32\\drivers\\fvevol.sys
2013-06-24 04:05 . 2013-05-13 03:43 1192448 ----a-w- c:\\windows\\system32\\certutil.exe
2013-06-24 04:05 . 2013-05-13 03:08 903168 ----a-w- c:\\windows\\SysWow64\\certutil.exe
2013-06-24 04:05 . 2013-05-13 05:51 1464320 ----a-w- c:\\windows\\system32\\crypt32.dll
2013-06-24 04:05 . 2013-05-13 05:51 184320 ----a-w- c:\\windows\\system32\\cryptsvc.dll
2013-06-24 04:05 . 2013-05-13 04:45 1160192 ----a-w- c:\\windows\\SysWow64\\crypt32.dll
2013-06-24 04:05 . 2013-05-13 05:51 139776 ----a-w- c:\\windows\\system32\\cryptnet.dll
2013-06-24 04:05 . 2013-05-13 04:45 103936 ----a-w- c:\\windows\\SysWow64\\cryptnet.dll
2013-06-24 04:05 . 2013-05-13 05:50 52224 ----a-w- c:\\windows\\system32\\certenc.dll
2013-06-24 04:05 . 2013-05-13 04:45 140288 ----a-w- c:\\windows\\SysWow64\\cryptsvc.dll
2013-06-24 04:05 . 2013-05-13 03:08 43008 ----a-w- c:\\windows\\SysWow64\\certenc.dll
2013-06-24 04:03 . 2013-03-19 06:04 5550424 ----a-w- c:\\windows\\system32\\ntoskrnl.exe
2013-06-24 04:03 . 2013-03-19 05:04 3968856 ----a-w- c:\\windows\\SysWow64\\ntkrnlpa.exe
2013-06-24 04:03 . 2013-03-19 05:04 3913560 ----a-w- c:\\windows\\SysWow64\\ntoskrnl.exe
2013-06-24 04:03 . 2013-03-19 03:06 112640 ----a-w- c:\\windows\\system32\\smss.exe
2013-06-24 04:03 . 2013-03-19 05:46 43520 ----a-w- c:\\windows\\system32\\csrsrv.dll
2013-06-24 04:03 . 2013-03-19 04:47 6656 ----a-w- c:\\windows\\SysWow64\\apisetschema.dll
2013-06-24 04:03 . 2013-04-25 23:30 1505280 ----a-w- c:\\windows\\SysWow64\\d3d11.dll
2013-06-24 04:03 . 2013-03-31 22:52 1887232 ----a-w- c:\\windows\\system32\\d3d11.dll
2013-06-24 02:19 . 2013-06-24 02:17 964552 ------w- c:\\programdata\\Microsoft\\Microsoft Antimalware\\Definition Updates\\{75B07C72-6221-4B57-85A1-759B06CAAD2E}\\gapaengine.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-25 03:51 . 2011-07-28 15:15 789416 ----a-w- c:\\windows\\SysWow64\\deployJava1.dll
2013-06-12 16:57 . 2012-04-28 15:23 692104 ----a-w- c:\\windows\\SysWow64\\FlashPlayerApp.exe
2013-06-12 16:57 . 2011-10-15 01:33 71048 ----a-w- c:\\windows\\SysWow64\\FlashPlayerCPLApp.cpl
2013-06-02 22:11 . 2010-04-16 17:57 75825640 ----a-w- c:\\windows\\system32\\MRT.exe
2013-05-21 12:29 . 2011-03-30 22:38 964552 ------w- c:\\programdata\\Microsoft\\Microsoft Antimalware\\Definition Updates\\NISBackup\\gapaengine.dll
2013-05-12 20:59 . 2010-06-24 17:33 22240 ----a-w- c:\\programdata\\Microsoft\\IdentityCRL\\production\\ppcrlconfig600.dll
2013-05-02 15:29 . 2010-09-08 00:57 278800 ------w- c:\\windows\\system32\\MpSigStub.exe
2013-04-13 05:49 . 2013-06-24 04:17 135168 ----a-w- c:\\windows\\apppatch\\AppPatch64\\AcXtrnal.dll
2013-04-13 05:49 . 2013-06-24 04:17 350208 ----a-w- c:\\windows\\apppatch\\AppPatch64\\AcLayers.dll
2013-04-13 05:49 . 2013-06-24 04:17 308736 ----a-w- c:\\windows\\apppatch\\AppPatch64\\AcGenral.dll
2013-04-13 05:49 . 2013-06-24 04:17 111104 ----a-w- c:\\windows\\apppatch\\AppPatch64\\acspecfc.dll
2013-04-13 04:45 . 2013-06-24 04:17 474624 ----a-w- c:\\windows\\apppatch\\AcSpecfc.dll
2013-04-13 04:45 . 2013-06-24 04:17 2176512 ----a-w- c:\\windows\\apppatch\\AcGenral.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run]
\"EEventManager\"=\"c:\\program files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\" [2009-12-03 976320]
\"SunJavaUpdateSched\"=\"c:\\program files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\RunOnce]
\"c:\\program files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"=\"c:\\program files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\" [2010-09-26 560128]
.
c:\\users\\CCP FRNicholson\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\
Dell Dock.lnk - c:\\program files\\Dell\\DellDock\\DellDock.exe [2009-12-15 1324384]
.
c:\\users\\Kenneth\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\
Dell Dock.lnk - c:\\program files\\Dell\\DellDock\\DellDock.exe [2009-12-15 1324384]
.
c:\\users\\Felicia\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\
Dell Dock.lnk - c:\\program files\\Dell\\DellDock\\DellDock.exe [2009-12-15 1324384]
.
c:\\programdata\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\
Logitech SetPoint.lnk - c:\\program files\\Logitech\\SetPoint\\SetPoint.exe [2010-7-1 1207312]
.
c:\\users\\Default User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\
Dell Dock First Run.lnk - c:\\program files\\Dell\\DellDock\\DellDock.exe /firstrun [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows\\currentversion\\policies\\system]
\"ConsentPromptBehaviorAdmin\"= 5 (0x5)
\"ConsentPromptBehaviorUser\"= 3 (0x3)
\"EnableUIADesktopToggle\"= 0 (0x0)
.
[hkey_local_machine\\software\\Wow6432Node\\microsoft\\windows\\currentversion\\explorer\\ShellExecuteHooks]
\"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}\"= \"c:\\program files (x86)\\SUPERAntiSpyware\\SASSEH.DLL\" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\\software\\microsoft\\windows nt\\currentversion\\winlogon\\notify\\!SASWinLogon]
2009-09-03 20:21 548352 ----a-w- c:\\program files (x86)\\SUPERAntiSpyware\\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\\software\\wow6432node\\microsoft\\windows nt\\currentversion\\drivers32]
\"aux4\"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\MCODS]
@=\"\"
.
[HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Control\\SafeBoot\\Minimal\\MsMpSvc]
@=\"Service\"
.
R1 SASDIFSV;SASDIFSV;c:\\program files (x86)\\SUPERAntiSpyware\\SASDIFSV.SYS;c:\\program files (x86)\\SUPERAntiSpyware\\SASDIFSV.SYS
My computer is still running somewhat slow. Especially with my browsers, just waiting for a page to open or navigating to another page.
# AdwCleaner v2.303 - Logfile created 06/27/2013 at 22:49:23
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Felicia - FELICIA-PC
# Boot Mode : Normal
# Running from : C:\\Users\\Felicia\\Desktop\\AdwCleaner.exe
# Option [Delete]
***** [Services] *****
Stopped & Deleted : IBUpdaterService
***** [Files / Folders] *****
Folder Deleted : C:\\Program Files (x86)\\Conduit
Folder Deleted : C:\\Program Files (x86)\\IncrediMail_MediaBar_2
Folder Deleted : C:\\Program Files (x86)\\Upromise
Folder Deleted : C:\\Program Files (x86)\\Zynga
Folder Deleted : C:\\Program Files\\Web Assistant
Folder Deleted : C:\\ProgramData\\IBUpdaterService
Folder Deleted : C:\\Users\\Felicia\\AppData\\Local\\Conduit
Folder Deleted : C:\\Users\\Felicia\\AppData\\LocalLow\\Conduit
Folder Deleted : C:\\Users\\Felicia\\AppData\\LocalLow\\IncrediMail_MediaBar_2
Folder Deleted : C:\\Users\\Felicia\\AppData\\LocalLow\\Zynga
Folder Deleted : C:\\Users\\Felicia\\AppData\\Roaming\\file scout
Folder Deleted : C:\\Users\\Felicia\\AppData\\Roaming\\PerformerSoft
***** [Registry] *****
Key Deleted : HKCU\\Software\\AppDataLow\\Software\\Conduit
Key Deleted : HKCU\\Software\\IM
Key Deleted : HKCU\\Software\\ImInstaller
Key Deleted : HKCU\\Toolbar
Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\\Software\\ImInstaller
Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\ConduitInstaller_RASAPI32
Key Deleted : HKLM\\SOFTWARE\\Microsoft\\Tracing\\ConduitInstaller_RASMANCS
Key Deleted : HKLM\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\SearchScopes\\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Updater Service
Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{06E58E5E-F8CB-4049-991E-A41C03BD419E}]
Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar\\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\\SOFTWARE\\Wow6432Node\\Microsoft\\Internet Explorer\\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
***** [Internet Browsers] *****
-\\\\ Internet Explorer v10.0.9200.16618
[OK] Registry is clean.
-\\\\ Google Chrome v27.0.1453.116
File : C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Preferences
[OK] File is clean.
File : C:\\Users\\CCP FRNicholson\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Preferences
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [2771 octets] - [27/06/2013 22:49:23]
########## EOF - C:\\AdwCleaner[S1].txt - [2831 octets] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Felicia on Thu 06/27/2013 at 22:58:23.43
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] \"C:\\Program Files (x86)\\mozilla firefox\\plugins\\npcouponprinter.dll\"
Successfully deleted: [File] \"C:\\Program Files (x86)\\mozilla firefox\\plugins\\npmozcouponprinter.dll\"
~~~ Folders
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{007B4A63-4BFB-48D2-8A39-1877E281CBF4}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{04DEA222-E934-4D28-87F9-30246D86A7EF}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{0797FD12-16FC-4556-8D6F-C2A59D250107}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{095EE753-F401-4DAD-8D1A-922BAD52FF31}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{0C02AADD-E823-4432-BD84-493D9E752601}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{0FCBD36D-B7EE-4211-A3CE-5653780DC3F0}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{121F23D9-209B-4436-90D5-D075B084F7D3}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{137EF344-5702-4DF3-A820-B29743A3014D}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{142746D7-2335-4232-8027-13A5703751E8}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{16CEBDC8-0531-4A6E-A000-49E85E456E6F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{17F835D3-D574-4F9B-BC31-0ECFEC56165B}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{1EC03301-2AE2-47C4-966E-5241EE3BCEA3}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{1EF4F8CE-FE14-4F2D-8D23-2F0AD3633E1D}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{1FEC78AB-4514-451D-B9D9-D8BDA5037AC6}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{224096EE-EA1D-4C70-9CC3-860C108BB4B4}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{2346BC21-62B0-44F3-9691-54A4FA34CF13}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{26E7D6C8-0C1E-4B81-A1E9-5F4A8DF95A77}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{2864A35A-EFB5-4F83-94AD-6D9F563926DA}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{294E85E7-3BA9-4FDC-A1D3-D46E4B7B7453}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{2A7DB346-5084-49C4-AA76-728AF377A67B}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{2CCF03D9-37EB-49EB-AEDC-0CF0DA2A3CA0}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{2EB4EF3B-0A80-444A-AE3B-EDD18DB125C1}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{345F861C-34EF-4F3B-9803-25A294BBC6E0}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{3DEFB37C-0831-4487-A0FF-945BED1B7A91}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{426067D8-AB4B-46CD-AA33-A9F0C430727A}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{4354E61E-1620-44A8-A8A9-107CE56C31AB}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{43EC51F9-1708-4C8F-9968-C53F16D13F6F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{488C2787-364F-4B72-9341-368374925901}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{4B4383B7-5649-46B5-BE9A-8687387B619E}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{50D3AC70-BA5D-4C22-8D4C-5A3EBE05444F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{524E49B3-E2C8-44B0-BCF9-D11C0DED97D6}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{59BF4595-A967-4CE8-B943-F2213E10F061}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{5CB4D245-6E43-4DD1-89D8-FCB0E96B33A7}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{5D90D28A-FA57-403F-A081-3D52170EA3EC}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{5E14C6D1-3FCA-4E0B-911E-500BAD76799B}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{63671F01-3A85-4C12-9CD6-3E18EA56B4AB}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{666BA7CB-AC1E-4F64-8458-E716EAE56701}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{6752F6EE-1070-4DC9-8357-7099E9B256BC}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{677D7713-2ABB-4EA0-B558-7EBB039A0977}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{69D24A52-1798-479D-B700-195E82DCA74B}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{6A58988F-48FB-4A5F-882A-E5F1F8C9B0A0}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{6A66F37C-9702-4829-851F-A7D7378C265B}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{6AB49C5B-E198-4B1F-A96C-DCEF6B0649FE}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{6F86E205-DC9A-44A6-8B75-D3BB2FD26FFA}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{703D4098-9B76-4866-8273-FCDB9609789A}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{7173C6E4-5F81-4FE9-B35A-4C6B236DA5FC}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{73B57315-2954-4645-A857-718035AF12AE}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{74BB8E19-D566-4B41-94AB-F7509618D280}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{791A2AB0-DF44-4D2D-BE30-9262030F8477}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{7B1DBB3F-D6F2-46AA-AA87-ED38276F9422}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{7D62E1D6-FD0F-4E26-8D0B-C0E845CB9056}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{7D74191F-5EAB-45D9-83F4-1A1FDF4B5C5F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{837A3DA6-D0B6-411D-AC5A-132B59287053}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{83A6F46A-7810-44E9-9860-27FBBA9E3E35}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{83DF250E-92C1-4516-9350-B2C30BD233B1}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{8732D3FA-53A0-4EFF-BD9E-1106C1DDF8A2}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{889D004F-B731-406A-9BC2-D9B1A3CA7834}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{8D994B3D-BA32-4BF0-827A-E2878D51033E}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{91682122-EAA6-40DA-BA0D-C414B15C4E81}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{93516DF7-F9E7-415D-98FA-EA508D3B6034}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{981043B7-7893-473E-82DF-A0DDE79C9A08}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{9ACF45E6-742C-4ED3-B0D7-17F8F47C6236}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A0444E34-D600-4792-A29C-DAD12A360B23}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A1355964-F7AF-40FC-A248-CB768A53A047}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A2F9F69F-1D07-4BF1-9BF5-58D1A94C3F18}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A33B51E3-3E00-4FF9-908B-3920E965EA6C}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A3B2CDC2-DA84-42ED-9CBC-33355E2832CC}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A7ADCED5-28A4-42F4-A9D7-55F5FA2D676F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A7BC3184-1711-4B85-AAFD-97E29B7EA3AD}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{A854D9FF-821A-4FAF-80A3-70B52005D85C}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{AD461E0E-443B-4E19-AF44-37E6AE4DD6DF}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{B0725D7F-0C60-430F-B6EE-5DF770827AC0}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{B1E10334-EFD8-47F6-95F9-65D7A78F1A81}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{B314AF31-3A81-4FB5-A78F-8060C1D9F61D}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{B5FC982A-F29C-4B8A-B843-59A0E17B6CA7}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{B6A5F273-A250-4DA7-93AB-D7FECFE299BC}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{B786E71F-E87F-44AD-AD50-18CBA591FB48}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{B9F8C92C-0E83-48F3-8E0C-8B298351B3C1}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{BCA89C74-3F76-49AC-9CA1-70E47861FDB4}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{C39F7F11-915E-4035-9B93-7291F7D79CEC}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{C3FA4522-EE95-4590-B209-325F87BA0675}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{C4EF65A9-92EA-4DA8-A81E-ECB156EADB47}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{C78C69EB-61DD-45AC-9D1A-A382DF268C86}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{CED9A77A-F618-404C-ADB9-3396CBA1E716}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{CF70CD73-7DE2-449D-B8A5-BCFDD0F88C40}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{D09962F6-2B9D-49D7-B614-9F61475E9C9B}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{D26BA24A-A255-490A-839A-83281D347272}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{D2747B58-DA42-4F2D-841B-95A14E16EFF7}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{D3A30788-0514-4CE0-9EA1-8D2525DDFAD3}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{D5233253-DC80-43D7-90B1-3182CC77ED07}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{D8672C40-18E0-4592-9662-98D574067176}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{D8FD5405-CE04-4622-9C47-7C27C49F7943}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{DAD6652C-1FC7-46B8-96BC-A5FEDD39564A}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{E0913E83-E724-4CCA-976D-F939762BA0C5}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{E1DE23FF-1E8C-477D-9401-7C0BAD90C2D9}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{E313DE4E-FE01-4000-8F15-7CF674C3135B}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{E3D24E40-4444-4230-9361-3FB748D6FEEE}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{E458F6AB-BE58-448A-AF05-ABFC4449542F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{F289278D-0206-4945-B61A-359A8BBFBC22}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{F797F750-51BD-4B15-B948-5C01912D0FDB}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{F872DACF-90E4-405F-975F-B91266C4820F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{F90903FC-6B6E-4441-8CB4-2694491B2E1F}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{FC6B7FA5-4BA6-4B5A-B902-4B7BE89BAB85}
Successfully deleted: [Empty Folder] C:\\Users\\Felicia\\appdata\\local\\{FFCAC86D-7D2A-4462-80AA-36F196735594}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 06/27/2013 at 23:02:00.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
OTL logfile created on: 6/27/2013 11:03:08 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Felicia\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 1.53 Gb Available Physical Memory | 38.55% Memory free
7.93 Gb Paging File | 4.32 Gb Available in Paging File | 54.52% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 521.72 Gb Free Space | 89.72% Space Free | Partition Type: NTFS
Computer Name: FELICIA-PC | User Name: Felicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/26 18:17:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe
PRC - [2009/08/14 20:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe
PRC - [2009/08/14 20:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnat.exe
PRC - [2009/08/14 20:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe
PRC - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe
PRC - [2007/07/19 17:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe
========== Modules (No Company Name) ==========
MOD - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/01/27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe -- (DockLoginService)
SRV - [2013/06/12 11:57:23 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\\Program Files (x86)\\Dell DataSafe Local Backup\\SftService.exe -- (SftService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/14 20:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/08/14 20:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnat.exe -- (VMware NAT Service)
SRV - [2009/08/14 20:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe -- (VMAuthdService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe -- (IAANTMON)
SRV - [2008/12/01 11:49:02 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-ufad.exe -- (ufad-ws60)
SRV - [2007/07/19 17:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe -- (APC UPS Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/14 20:20:54 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\hcmon.sys -- (hcmon)
DRV:64bit: - [2009/08/14 20:20:48 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009/08/14 20:20:44 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmci.sys -- (vmci)
DRV:64bit: - [2009/08/14 20:20:44 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2009/08/14 20:14:28 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmx86.sys -- (vmx86)
DRV:64bit: - [2009/08/14 13:40:04 | 000,038,960 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009/08/14 13:40:04 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009/07/30 22:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009/06/17 11:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 07:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WimFltr.sys -- (WimFltr)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
DRV - [2008/12/01 11:46:58 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vstor2-ws60.sys -- (vstor2-ws60)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope =
IE:64bit: - HKLM\\..\\SearchScopes\\{5AAEB2D7-D0EB-47E4-94BF-54BC862E9E8F}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
IE - HKLM\\..\\SearchScopes,DefaultScope =
IE - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\..\\SearchScopes\\{A136A9CC-255C-4131-AAB3-7407C8B4C1E5}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://g.msn.com/USCON/1\'>http://g.msn.com/USCON/1
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://att.my.yahoo.com/\'>http://att.my.yahoo.com/
IE - HKCU\\..\\SearchScopes,DefaultScope = {6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}
IE - HKCU\\..\\SearchScopes\\{03B0EE02-7915-4D0C-BAE9-17A3827F4713}: \"URL\" = http://search.yahoo.com/search?fr=mcafee&p=%7BSearchTerms\'>http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7&rlz=1I7ADSA_en\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_en
IE - HKCU\\..\\SearchScopes\\{6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}: \"URL\" = http://search.yahoo.com/search?fr=chr-atty&p=%7BsearchTerms\'>http://search.yahoo.com/search?fr=chr-atty&p={searchTerms}
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
========== FireFox ==========
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~1\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_7_700_224.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/ShockwavePlayer: C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.25.2: C:\\Windows\\SysWOW64\\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.25.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@mcafee.com/MVT: C:\\Program Files (x86)\\McAfee\\Supportability\\MVT\\NPMVTPlugin.dll File not found
FF - HKLM\\Software\\MozillaPlugins\\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\\Program Files (x86)\\Yahoo!\\Shared\\npYState.dll (Yahoo! Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/SharePoint,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3502.0922: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3508.1109: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3555.0308: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=3: C:\\Program Files (x86)\\Google\\Update\\1.3.21.145\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=9: C:\\Program Files (x86)\\Google\\Update\\1.3.21.145\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)
[2011/08/25 07:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions
[2011/07/29 12:34:07 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/07/29 12:33:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npdeployJava1.dll
[2011/03/24 10:07:32 | 000,002,024 | ---- | M] () -- C:\\Program Files (x86)\\mozilla firefox\\searchplugins\\McSiteAdvisor.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=022313\'>http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=022313
CHR - plugin: Shockwave Flash (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\27.0.1453.116\\PepperFlash\\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\27.0.1453.116\\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\27.0.1453.116\\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\Browser\\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\\Program Files (x86)\\Google\\Update\\1.3.21.145\\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\\Program Files (x86)\\Java\\jre6\\bin\\plugin2\\npjp2.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_7_700_224.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://att.yahoo.com/\'>http://att.yahoo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\PepperFlash\\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\26.0.1410.64\\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\Browser\\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\plugins\\npMozCouponPrinter.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\\Program Files (x86)\\Google\\Update\\1.3.21.145\\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\\Program Files (x86)\\Java\\jre6\\bin\\plugin2\\npjp2.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll
CHR - plugin: ActiveX hosting plugin for Firefox (Enabled) = C:\\Program Files\\Firefox ActiveX Plugin\\npffax.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_7_700_202.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\\Program Files (x86)\\Microsoft Silverlight\\4.1.10329.0\\npctrl.dll
CHR - Extension: Google Docs = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aohghmighlieiainnegkcijnfilokake\\0.5_0\\
CHR - Extension: Google Drive = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf\\6.3_0\\
CHR - Extension: YouTube = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.6_0\\
CHR - Extension: Google Search = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.20_0\\
CHR - Extension: Gmail = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia\\7_0\\
O1 HOSTS File: ([2013/06/18 14:08:55 | 000,001,307 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts
O1 - Hosts: 64.78.157.110 vof01.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.110 vof01 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.94 a2fp3.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.94 a2fp3 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.93 a2fp2.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.93 a2fp2 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\\Program Files (x86)\\Epson Software\\Easy Photo Print\\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\\..\\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\\Program Files (x86)\\Epson Software\\Easy Photo Print\\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O4:64bit: - HKLM..\\Run: [IAAnotif] C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [Kernel and Hardware Abstraction Layer] C:\\Windows\\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\\Run: [Logitech Download Assistant] C:\\Windows\\SysNative\\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\\Run: [MSC] c:\\Program Files\\Microsoft Security Client\\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\\Run: [EEventManager] C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKCU..\\Run: [EPSON NX420 Series] C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_IATIGCA.EXE /FU \"C:\\Windows\\TEMP\\E_S444.tmp\" /EF \"HKCU\" File not found
O4 - HKLM..\\RunOnce: [\"C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"] C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe (Dell)
O4 - Startup: C:\\Users\\Felicia\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock.lnk = File not found
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: LogonHoursAction = 2
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - Protocol_Catalog9\\Catalog_Entries64\\000000000011 - C:\\Program Files (x86)\\VMware\\VMware Player\\x64\\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\\Catalog_Entries64\\000000000012 - C:\\Program Files (x86)\\VMware\\VMware Player\\x64\\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000011 - C:\\Program Files (x86)\\VMware\\VMware Player\\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000012 - C:\\Program Files (x86)\\VMware\\VMware Player\\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\\..Trusted Domains: alpineaccess.com ([]* in Trusted sites)
O15 - HKCU\\..Trusted Domains: alpineaccess.net ([]* in Trusted sites)
O15 - HKCU\\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKCU\\..Trusted Ranges: Range2 ([http] in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab\'>http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab\'>http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID=%7B896A23A1-5821-4609-A6C6-6D5536C585C9\'>http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9} (WebIQ Engine Application Object)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab\'>http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB\'>http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442\'>http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442 (MUCatalogWebControl Class)
O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} http://treehouse.no-ip.biz/ActiveView.cab\'>http://treehouse.no-ip.biz/ActiveView.cab (ActiveView Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB\'>http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab\'>http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab\'>http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{28C31212-6713-4A47-8872-34C779D8B726}: NameServer = 10.124.6.3,10.124.3.2
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{471273CC-2F13-4283-A8E4-077C3C484F05}: DhcpNameServer = 192.168.1.254
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{47AF739C-9211-470F-8886-1F12156AA75E}: NameServer = 10.124.6.3,10.124.3.2
O18:64bit: - Protocol\\Handler\\ms-help - No CLSID value found
O18:64bit: - Protocol\\Handler\\ms-itss - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\\Notify\\GoToAssist: DllName - (C:\\Program Files (x86)\\Citrix\\GoToAssist\\514\\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\\Notify\\LBTWlgn: DllName - (c:\\program files\\common files\\logishrd\\bluetooth\\LBTWlgn.dll) - c:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\\Notify\\!SASWinLogon: DllName - (C:\\Program Files (x86)\\SUPERAntiSpyware\\SASWINLO.dll) - C:\\Program Files (x86)\\SUPERAntiSpyware\\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\\Program Files (x86)\\SUPERAntiSpyware\\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\\{d6ee6399-344d-11e0-bf24-463500000031}\\Shell\\AutoRun\\command - \"\" = J:\\autorun.exe
O33 - MountPoints2\\{d6ee6399-344d-11e0-bf24-463500000031}\\Shell\\phone\\command - \"\" = J:\\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*
O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/27 22:58:18 | 000,000,000 | ---D | C] -- C:\\Windows\\ERUNT
[2013/06/27 22:57:52 | 000,000,000 | ---D | C] -- C:\\JRT
[2013/06/27 22:46:58 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\\Users\\Felicia\\Desktop\\JRT.exe
[2013/06/27 22:42:16 | 000,019,632 | ---- | C] (PerformerSoft LLC) -- C:\\Windows\\SysNative\\roboot64.exe
[2013/06/27 22:42:10 | 000,000,000 | ---D | C] -- C:\\Users\\Felicia\\AppData\\Local\\Programs
[2013/06/26 18:17:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
[2013/06/24 23:05:00 | 000,000,000 | ---D | C] -- C:\\Users\\Felicia\\Documents\\MyConnection Detail Analysis_files
[2013/06/24 22:55:01 | 000,000,000 | ---D | C] -- C:\\Users\\Felicia\\AppData\\Roaming\\Oracle
[2013/06/24 22:52:35 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\Java
[2013/06/24 22:52:18 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\npDeployJava1.dll
[2013/06/24 22:52:17 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\javaws.exe
[2013/06/24 22:51:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\javaw.exe
[2013/06/24 22:51:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\java.exe
[2013/06/24 22:51:52 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\WindowsAccessBridge-32.dll
[2013/06/24 22:51:23 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Java
[2013/06/24 22:50:00 | 000,000,000 | ---D | C] -- C:\\ProgramData\\McAfee
[2013/06/24 20:30:59 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Belarc
[2013/06/24 18:44:47 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\WindowsCodecs.dll
[2013/06/24 12:10:24 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Google Chrome
[2013/06/24 11:55:00 | 000,000,000 | ---D | C] -- C:\\ProgramData\\SecTaskMan
[2013/06/24 11:54:56 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Security Task Manager
[2013/06/24 03:27:52 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\MsSpellCheckingFacility.exe
[2013/06/24 03:27:52 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\elshyph.dll
[2013/06/24 03:27:52 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\elshyph.dll
[2013/06/24 03:27:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\RegisterIEPKEYs.exe
[2013/06/24 03:27:51 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmlmedia.dll
[2013/06/24 03:27:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\jscript.dll
[2013/06/24 03:27:51 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieui.dll
[2013/06/24 03:27:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msrating.dll
[2013/06/24 03:27:51 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iexpress.exe
[2013/06/24 03:27:51 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\wextract.exe
[2013/06/24 03:27:51 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieUnatt.exe
[2013/06/24 03:27:51 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\occache.dll
[2013/06/24 03:27:51 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iepeers.dll
[2013/06/24 03:27:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\IEAdvpack.dll
[2013/06/24 03:27:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesysprep.dll
[2013/06/24 03:27:51 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inseng.dll
[2013/06/24 03:27:51 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmled.dll
[2013/06/24 03:27:51 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\SetIEInstalledDate.exe
[2013/06/24 03:27:51 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\pngfilt.dll
[2013/06/24 03:27:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmler.dll
[2013/06/24 03:27:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msfeedssync.exe
[2013/06/24 03:27:50 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inetcpl.cpl
[2013/06/24 03:27:50 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dat
[2013/06/24 03:27:50 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dat
[2013/06/24 03:27:50 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dll
[2013/06/24 03:27:50 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dll
[2013/06/24 03:27:50 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtmsft.dll
[2013/06/24 03:27:50 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\html.iec
[2013/06/24 03:27:50 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\html.iec
[2013/06/24 03:27:50 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtrans.dll
[2013/06/24 03:27:50 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\url.dll
[2013/06/24 03:27:50 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msls31.dll
[2013/06/24 03:27:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msrating.dll
[2013/06/24 03:27:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\RegisterIEPKEYs.exe
[2013/06/24 03:27:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\icardie.dll
[2013/06/24 03:27:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\icardie.dll
[2013/06/24 03:27:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesetup.dll
[2013/06/24 03:27:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\tdc.ocx
[2013/06/24 03:27:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesetup.dll
[2013/06/24 03:27:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ie4uinit.exe
[2013/06/24 03:27:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iernonce.dll
[2013/06/24 03:27:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iernonce.dll
[2013/06/24 03:27:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\licmgr10.dll
[2013/06/24 03:27:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9.dll
[2013/06/24 03:27:49 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inetcpl.cpl
[2013/06/24 03:27:49 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmlmedia.dll
[2013/06/24 03:27:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript.dll
[2013/06/24 03:27:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeeds.dll
[2013/06/24 03:27:49 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\vbscript.dll
[2013/06/24 03:27:49 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieui.dll
[2013/06/24 03:27:49 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\url.dll
[2013/06/24 03:27:49 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieUnatt.exe
[2013/06/24 03:27:49 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iexpress.exe
[2013/06/24 03:27:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\occache.dll
[2013/06/24 03:27:49 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wextract.exe
[2013/06/24 03:27:49 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesysprep.dll
[2013/06/24 03:27:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iepeers.dll
[2013/06/24 03:27:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\IEAdvpack.dll
[2013/06/24 03:27:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inseng.dll
[2013/06/24 03:27:49 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmled.dll
[2013/06/24 03:27:49 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\SetIEInstalledDate.exe
[2013/06/24 03:27:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\tdc.ocx
[2013/06/24 03:27:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\pngfilt.dll
[2013/06/24 03:27:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\imgutil.dll
[2013/06/24 03:27:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmler.dll
[2013/06/24 03:27:49 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\licmgr10.dll
[2013/06/24 03:27:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshta.exe
[2013/06/24 03:27:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeedssync.exe
[2013/06/24 03:26:36 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msmpeg2vdec.dll
[2013/06/24 03:26:36 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msmpeg2vdec.dll
[2013/06/24 03:26:36 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\XpsPrint.dll
[2013/06/24 03:26:36 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\XpsPrint.dll
[2013/06/24 03:26:36 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\XpsGdiConverter.dll
[2013/06/24 03:26:36 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\WMPhoto.dll
[2013/06/24 03:26:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\WMPhoto.dll
[2013/06/24 03:26:36 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\XpsGdiConverter.dll
[2013/06/24 03:26:36 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/24 03:26:36 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-ole32-l1-1-0.dll
OTL logfile created on: 6/26/2013 6:18:35 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\\Users\\Felicia\\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16618)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.97 Gb Total Physical Memory | 2.65 Gb Available Physical Memory | 66.76% Memory free
7.93 Gb Paging File | 6.21 Gb Available in Paging File | 78.32% Paging File free
Paging file location(s): ?:\\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\\Windows | %ProgramFiles% = C:\\Program Files (x86)
Drive C: | 581.48 Gb Total Space | 523.88 Gb Free Space | 90.09% Space Free | Partition Type: NTFS
Computer Name: FELICIA-PC | User Name: Felicia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/06/26 18:17:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
PRC - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe
PRC - [2009/12/03 10:12:12 | 000,976,320 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe
PRC - [2009/08/14 20:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe
PRC - [2009/08/14 20:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) -- C:\\Windows\\SysWOW64\\vmnat.exe
PRC - [2009/08/14 20:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe
PRC - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
PRC - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe
PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe
PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe
PRC - [2007/07/19 17:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe
========== Modules (No Company Name) ==========
MOD - [2009/07/20 04:00:00 | 000,077,824 | ---- | M] () -- C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
========== Services (SafeList) ==========
SRV:64bit: - [2013/01/27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\\Program Files\\Microsoft Security Client\\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\\Program Files\\Microsoft Security Client\\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2009/07/20 12:36:14 | 000,160,784 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\\Program Files\\Windows Defender\\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/06/09 09:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\\Program Files\\Dell\\DellDock\\DockLogin.exe -- (DockLoginService)
SRV - [2013/06/12 11:57:23 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/11 05:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/13 14:37:02 | 000,705,856 | ---- | M] (SoftThinks SAS) [Disabled | Stopped] -- C:\\Program Files (x86)\\Dell DataSafe Local Backup\\SftService.exe -- (SftService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/08/14 20:19:44 | 000,326,192 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2009/08/14 20:19:30 | 000,399,920 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Windows\\SysWOW64\\vmnat.exe -- (VMware NAT Service)
SRV - [2009/08/14 20:19:24 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe -- (VMAuthdService)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTmon.exe -- (IAANTMON)
SRV - [2008/12/01 11:49:02 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-ufad.exe -- (ufad-ws60)
SRV - [2007/07/19 17:54:48 | 000,689,408 | ---- | M] (American Power Conversion Corporation) [Auto | Running] -- C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe -- (APC UPS Service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/01/20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\\Windows\\SysNative\\drivers\\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 01:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 01:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/08/25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/14 20:20:54 | 000,038,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\hcmon.sys -- (hcmon)
DRV:64bit: - [2009/08/14 20:20:48 | 000,030,256 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2009/08/14 20:20:44 | 000,065,072 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmci.sys -- (vmci)
DRV:64bit: - [2009/08/14 20:20:44 | 000,029,744 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2009/08/14 20:14:28 | 000,076,336 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmx86.sys -- (vmx86)
DRV:64bit: - [2009/08/14 13:40:04 | 000,038,960 | R--- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2009/08/14 13:40:04 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2009/07/30 22:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/13 19:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/13 19:35:37 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2009/07/09 04:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/06/17 11:54:30 | 000,057,872 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2009/06/17 11:54:22 | 000,055,312 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2009/06/17 11:54:14 | 000,013,328 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2009/06/17 11:54:06 | 000,074,256 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 21:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\\Windows\\SysNative\\drivers\\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/05/26 07:13:10 | 000,138,752 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\\Windows\\SysNative\\drivers\\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2006/11/01 11:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysNative\\drivers\\WimFltr.sys -- (WimFltr)
DRV - [2010/02/17 11:25:50 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\sasdifsv.sys -- (SASDIFSV)
DRV - [2010/02/17 11:15:58 | 000,066,632 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/02/17 11:15:58 | 000,012,872 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\\Program Files (x86)\\SUPERAntiSpyware\\SASENUM.SYS -- (SASENUM)
DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\\Windows\\SysWOW64\\drivers\\wimmount.sys -- (WIMMount)
DRV - [2008/12/01 11:46:58 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\\Program Files (x86)\\VMware\\VMware Player\\vstor2-ws60.sys -- (vstor2-ws60)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\\..\\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\\..\\SearchScopes\\{5AAEB2D7-D0EB-47E4-94BF-54BC862E9E8F}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE:64bit: - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
IE - HKLM\\..\\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\\..\\SearchScopes\\{A136A9CC-255C-4131-AAB3-7407C8B4C1E5}: \"URL\" = http://www.bing.com/search?q=%7BsearchTerms%7D&form=DLCDF8&pc=MDDC&src=IE-SearchBox\'>http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\\..\\SearchScopes\\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: \"URL\" = http://search.conduit.com/ResultsExt.aspx?q=%7BsearchTerms%7D&SearchSource=4&ctid=CT2438727\'>http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://g.msn.com/USCON/1\'>http://g.msn.com/USCON/1
IE - HKCU\\SOFTWARE\\Microsoft\\Internet Explorer\\Main,Start Page = http://att.my.yahoo.com/\'>http://att.my.yahoo.com/
IE - HKCU\\..\\SearchScopes,DefaultScope = {6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}
IE - HKCU\\..\\SearchScopes\\{03B0EE02-7915-4D0C-BAE9-17A3827F4713}: \"URL\" = http://search.yahoo.com/search?fr=mcafee&p=%7BSearchTerms\'>http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\\..\\SearchScopes\\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: \"URL\" = http://www.google.com/search?q=%7BsearchTerms%7D&rls=com.microsoft:%7Blanguage%7D:%7Breferrer:source?%7D&ie=%7BinputEncoding%7D&oe=%7BoutputEncoding%7D&sourceid=ie7&rlz=1I7ADSA_en\'>http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADSA_en
IE - HKCU\\..\\SearchScopes\\{6A50FBDC-5DF4-4c9c-9B3B-2749F6FF4D24}: \"URL\" = http://search.yahoo.com/search?fr=chr-atty&p=%7BsearchTerms\'>http://search.yahoo.com/search?fr=chr-atty&p={searchTerms}
IE - HKCU\\..\\SearchScopes\\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: \"URL\" = http://search.conduit.com/ResultsExt.aspx?q=%7BsearchTerms%7D&SearchSource=4&ctid=CT2438727\'>http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
IE - HKCU\\..\\SearchScopes\\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: \"URL\" = http://mystart.incredimail.com/?search=%7BsearchTerms%7D&loc=search_box_im2_test_v2\'>http://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2
IE - HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings: \"ProxyEnable\" = 0
========== FireFox ==========
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\system32\\Macromed\\Flash\\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~1\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/FlashPlayer: C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_7_700_224.dll ()
FF - HKLM\\Software\\MozillaPlugins\\@adobe.com/ShockwavePlayer: C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/DTPlugin,version=10.25.2: C:\\Windows\\SysWOW64\\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@java.com/JavaPlugin,version=10.25.2: C:\\Program Files (x86)\\Java\\jre7\\bin\\plugin2\\npjp2.dll (Oracle Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@mcafee.com/MVT: C:\\Program Files (x86)\\McAfee\\Supportability\\MVT\\NPMVTPlugin.dll File not found
FF - HKLM\\Software\\MozillaPlugins\\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\\Program Files (x86)\\Yahoo!\\Shared\\npYState.dll (Yahoo! Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/OfficeAuthz,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/SharePoint,version=14.0: C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3502.0922: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3508.1109: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@microsoft.com/WLPG,version=15.4.3555.0308: C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=3: C:\\Program Files (x86)\\Google\\Update\\1.3.21.145\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\\Software\\MozillaPlugins\\@tools.google.com/Google Update;version=9: C:\\Program Files (x86)\\Google\\Update\\1.3.21.145\\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\\Software\\MozillaPlugins\\Adobe Reader: C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\AIR\\nppdf32.dll (Adobe Systems Inc.)
[2011/08/25 07:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions
[2011/07/29 12:34:07 | 000,000,000 | ---D | M] (Java Console) -- C:\\Program Files (x86)\\Mozilla Firefox\\extensions\\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npCouponPrinter.dll
[2011/07/29 12:33:36 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\\Program Files (x86)\\mozilla firefox\\plugins\\npMozCouponPrinter.dll
[2011/03/24 10:07:32 | 000,002,024 | ---- | M] () -- C:\\Program Files (x86)\\mozilla firefox\\searchplugins\\McSiteAdvisor.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=022313\'>http://www.msn.com/?pc=UP21&ocid=UP21DHP&dt=022313
CHR - plugin: Shockwave Flash (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\27.0.1453.116\\PepperFlash\\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\27.0.1453.116\\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\\Program Files (x86)\\Google\\Chrome\\Application\\27.0.1453.116\\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\\Program Files (x86)\\Adobe\\Reader 11.0\\Reader\\Browser\\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~2\\Office14\\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\\PROGRA~2\\MICROS~2\\Office14\\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\\Program Files (x86)\\Google\\Update\\1.3.21.145\\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\\Program Files (x86)\\Java\\jre6\\bin\\plugin2\\npjp2.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\\Windows\\SysWOW64\\Macromed\\Flash\\NPSWF32_11_7_700_224.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\\Windows\\system32\\Adobe\\Director\\np32dsw.dll
CHR - Extension: Google Docs = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\aohghmighlieiainnegkcijnfilokake\\0.5_0\\
CHR - Extension: Google Drive = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\apdfllckaahabafndbhieahigkjlhalf\\6.3_0\\
CHR - Extension: YouTube = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.6_0\\
CHR - Extension: Google Search = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\coobgpohoikkiipiblmjeljniedjpjpf\\0.0.0.20_0\\
CHR - Extension: Gmail = C:\\Users\\Felicia\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Extensions\\pjkljhegncpnkpknbcohdijeoejaedia\\7_0\\
O1 HOSTS File: ([2013/06/18 14:08:55 | 000,001,307 | ---- | M]) - C:\\Windows\\SysNative\\drivers\\etc\\hosts
O1 - Hosts: 64.78.157.110 vof01.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.110 vof01 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.94 a2fp3.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.94 a2fp3 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.93 a2fp2.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.93 a2fp2 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O2:64bit: - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\\Program Files (x86)\\Epson Software\\Easy Photo Print\\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\\..\\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\\Program Files (x86)\\Epson Software\\Easy Photo Print\\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3:64bit: - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\\..\\Toolbar: (no name) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - No CLSID value found.
O3 - HKLM\\..\\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {06E58E5E-F8CB-4049-991E-A41C03BD419E} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - No CLSID value found.
O3 - HKCU\\..\\Toolbar\\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\\Run: [IAAnotif] C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [IgfxTray] C:\\Windows\\SysNative\\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [Kernel and Hardware Abstraction Layer] C:\\Windows\\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\\Run: [Logitech Download Assistant] C:\\Windows\\SysNative\\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\\Run: [MSC] c:\\Program Files\\Microsoft Security Client\\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\\Run: [Persistence] C:\\Windows\\SysNative\\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\\Run: [RtHDVCpl] C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\\Run: [EEventManager] C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKCU..\\Run: [EPSON NX420 Series] C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_IATIGCA.EXE /FU \"C:\\Windows\\TEMP\\E_S444.tmp\" /EF \"HKCU\" File not found
O4 - HKLM..\\RunOnce: [\"C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"] C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe (Dell)
O4 - Startup: C:\\Users\\Felicia\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dell Dock.lnk = File not found
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktop = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\Explorer: NoDriveTypeAutoRun = 157
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: LogonHoursAction = 2
O7 - HKCU\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\policies\\System: DontDisplayLogonHoursWarnings = 1
O10:64bit: - Protocol_Catalog9\\Catalog_Entries64\\000000000011 - C:\\Program Files (x86)\\VMware\\VMware Player\\x64\\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\\Catalog_Entries64\\000000000012 - C:\\Program Files (x86)\\VMware\\VMware Player\\x64\\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000011 - C:\\Program Files (x86)\\VMware\\VMware Player\\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\\Catalog_Entries\\000000000012 - C:\\Program Files (x86)\\VMware\\VMware Player\\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\\..Trusted Domains: alpineaccess.com ([]* in Trusted sites)
O15 - HKCU\\..Trusted Domains: alpineaccess.net ([]* in Trusted sites)
O15 - HKCU\\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKCU\\..Trusted Ranges: Range2 ([http] in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab\'>http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab\'>http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID=%7B896A23A1-5821-4609-A6C6-6D5536C585C9\'>http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9} (WebIQ Engine Application Object)
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab\'>http://i.dell.com/images/global/js/scanner/SysProExe.cab (Scanner.SysScanner)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} http://support.dell.com/systemprofiler/SysProExe.CAB\'>http://support.dell.com/systemprofiler/SysProExe.CAB (WMI Class)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442\'>http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442 (MUCatalogWebControl Class)
O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} http://treehouse.no-ip.biz/ActiveView.cab\'>http://treehouse.no-ip.biz/ActiveView.cab (ActiveView Control)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB\'>http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab\'>http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab\'>http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{28C31212-6713-4A47-8872-34C779D8B726}: NameServer = 10.124.6.3,10.124.3.2
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{471273CC-2F13-4283-A8E4-077C3C484F05}: DhcpNameServer = 192.168.1.254
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters\\Interfaces\\{47AF739C-9211-470F-8886-1F12156AA75E}: NameServer = 10.124.6.3,10.124.3.2
O18:64bit: - Protocol\\Handler\\ms-help - No CLSID value found
O18:64bit: - Protocol\\Handler\\ms-itss - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\\Handler\\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\\Windows\\system32\\userinit.exe) - C:\\Windows\\SysNative\\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\\Windows\\SysWow64\\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\\Windows\\SysWow64\\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\\Notify\\GoToAssist: DllName - (C:\\Program Files (x86)\\Citrix\\GoToAssist\\514\\G2AWinLogon_x64.dll) - File not found
O20:64bit: - Winlogon\\Notify\\igfxcui: DllName - (igfxdev.dll) - C:\\Windows\\SysNative\\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\\Notify\\LBTWlgn: DllName - (c:\\program files\\common files\\logishrd\\bluetooth\\LBTWlgn.dll) - c:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\\Notify\\!SASWinLogon: DllName - (C:\\Program Files (x86)\\SUPERAntiSpyware\\SASWINLO.dll) - C:\\Program Files (x86)\\SUPERAntiSpyware\\SASWINLO.dll (SUPERAntiSpyware.com)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\\Program Files (x86)\\SUPERAntiSpyware\\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\\{d6ee6399-344d-11e0-bf24-463500000031}\\Shell\\AutoRun\\command - \"\" = J:\\autorun.exe
O33 - MountPoints2\\{d6ee6399-344d-11e0-bf24-463500000031}\\Shell\\phone\\command - \"\" = J:\\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\\..comfile [open] -- \"%1\" %*
O35:64bit: - HKLM\\..exefile [open] -- \"%1\" %*
O35 - HKLM\\..comfile [open] -- \"%1\" %*
O35 - HKLM\\..exefile [open] -- \"%1\" %*
O37:64bit: - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37:64bit: - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O37 - HKLM\\...com [@ = comfile] -- \"%1\" %*
O37 - HKLM\\...exe [@ = exefile] -- \"%1\" %*
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/06/26 18:17:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\\Users\\Felicia\\Desktop\\OTL.exe
[2013/06/24 23:05:00 | 000,000,000 | ---D | C] -- C:\\Users\\Felicia\\Documents\\MyConnection Detail Analysis_files
[2013/06/24 22:55:01 | 000,000,000 | ---D | C] -- C:\\Users\\Felicia\\AppData\\Roaming\\Oracle
[2013/06/24 22:52:35 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Common Files\\Java
[2013/06/24 22:52:18 | 000,867,240 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\npDeployJava1.dll
[2013/06/24 22:52:17 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\javaws.exe
[2013/06/24 22:51:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\javaw.exe
[2013/06/24 22:51:52 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\java.exe
[2013/06/24 22:51:52 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\\Windows\\SysWow64\\WindowsAccessBridge-32.dll
[2013/06/24 22:51:23 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Java
[2013/06/24 22:50:00 | 000,000,000 | ---D | C] -- C:\\ProgramData\\McAfee
[2013/06/24 20:30:59 | 000,000,000 | ---D | C] -- C:\\Program Files (x86)\\Belarc
[2013/06/24 18:44:47 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\WindowsCodecs.dll
[2013/06/24 12:10:24 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Google Chrome
[2013/06/24 11:55:00 | 000,000,000 | ---D | C] -- C:\\ProgramData\\SecTaskMan
[2013/06/24 11:54:56 | 000,000,000 | ---D | C] -- C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Security Task Manager
[2013/06/24 03:27:52 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\MsSpellCheckingFacility.exe
[2013/06/24 03:27:52 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\elshyph.dll
[2013/06/24 03:27:52 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\elshyph.dll
[2013/06/24 03:27:52 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\RegisterIEPKEYs.exe
[2013/06/24 03:27:51 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmlmedia.dll
[2013/06/24 03:27:51 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\jscript.dll
[2013/06/24 03:27:51 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieui.dll
[2013/06/24 03:27:51 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msrating.dll
[2013/06/24 03:27:51 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iexpress.exe
[2013/06/24 03:27:51 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\wextract.exe
[2013/06/24 03:27:51 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieUnatt.exe
[2013/06/24 03:27:51 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\occache.dll
[2013/06/24 03:27:51 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iepeers.dll
[2013/06/24 03:27:51 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\IEAdvpack.dll
[2013/06/24 03:27:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesysprep.dll
[2013/06/24 03:27:51 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inseng.dll
[2013/06/24 03:27:51 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmled.dll
[2013/06/24 03:27:51 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\SetIEInstalledDate.exe
[2013/06/24 03:27:51 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\pngfilt.dll
[2013/06/24 03:27:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mshtmler.dll
[2013/06/24 03:27:51 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msfeedssync.exe
[2013/06/24 03:27:50 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\inetcpl.cpl
[2013/06/24 03:27:50 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dat
[2013/06/24 03:27:50 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dat
[2013/06/24 03:27:50 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieapfltr.dll
[2013/06/24 03:27:50 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ieapfltr.dll
[2013/06/24 03:27:50 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtmsft.dll
[2013/06/24 03:27:50 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\html.iec
[2013/06/24 03:27:50 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\html.iec
[2013/06/24 03:27:50 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxtrans.dll
[2013/06/24 03:27:50 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\url.dll
[2013/06/24 03:27:50 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msls31.dll
[2013/06/24 03:27:50 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msrating.dll
[2013/06/24 03:27:50 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\RegisterIEPKEYs.exe
[2013/06/24 03:27:50 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\icardie.dll
[2013/06/24 03:27:50 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\icardie.dll
[2013/06/24 03:27:50 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesetup.dll
[2013/06/24 03:27:50 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\tdc.ocx
[2013/06/24 03:27:50 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iesetup.dll
[2013/06/24 03:27:50 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ie4uinit.exe
[2013/06/24 03:27:50 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iernonce.dll
[2013/06/24 03:27:50 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\iernonce.dll
[2013/06/24 03:27:50 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\licmgr10.dll
[2013/06/24 03:27:49 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript9.dll
[2013/06/24 03:27:49 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inetcpl.cpl
[2013/06/24 03:27:49 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmlmedia.dll
[2013/06/24 03:27:49 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\jscript.dll
[2013/06/24 03:27:49 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeeds.dll
[2013/06/24 03:27:49 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\vbscript.dll
[2013/06/24 03:27:49 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieui.dll
[2013/06/24 03:27:49 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\url.dll
[2013/06/24 03:27:49 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ieUnatt.exe
[2013/06/24 03:27:49 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iexpress.exe
[2013/06/24 03:27:49 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\occache.dll
[2013/06/24 03:27:49 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wextract.exe
[2013/06/24 03:27:49 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iesysprep.dll
[2013/06/24 03:27:49 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\iepeers.dll
[2013/06/24 03:27:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\IEAdvpack.dll
[2013/06/24 03:27:49 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\inseng.dll
[2013/06/24 03:27:49 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmled.dll
[2013/06/24 03:27:49 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\SetIEInstalledDate.exe
[2013/06/24 03:27:49 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\tdc.ocx
[2013/06/24 03:27:49 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\pngfilt.dll
[2013/06/24 03:27:49 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\imgutil.dll
[2013/06/24 03:27:49 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshtmler.dll
[2013/06/24 03:27:49 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\licmgr10.dll
[2013/06/24 03:27:49 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mshta.exe
[2013/06/24 03:27:49 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msfeedssync.exe
[2013/06/24 03:26:36 | 002,776,576 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\msmpeg2vdec.dll
[2013/06/24 03:26:36 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\msmpeg2vdec.dll
[2013/06/24 03:26:36 | 001,682,432 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\XpsPrint.dll
[2013/06/24 03:26:36 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\XpsPrint.dll
[2013/06/24 03:26:36 | 000,522,752 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\XpsGdiConverter.dll
[2013/06/24 03:26:36 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\WMPhoto.dll
[2013/06/24 03:26:36 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\WMPhoto.dll
[2013/06/24 03:26:36 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\XpsGdiConverter.dll
[2013/06/24 03:26:36 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/24 03:26:36 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/24 03:26:36 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/06/24 03:26:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/24 03:26:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-version-l1-1-0.dll
[2013/06/24 03:26:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/06/24 03:26:36 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/24 03:26:36 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/06/24 03:26:35 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\d2d1.dll
[2013/06/24 03:26:35 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\d3d10warp.dll
[2013/06/24 03:26:35 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\DWrite.dll
[2013/06/24 03:26:35 | 001,238,528 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\d3d10.dll
[2013/06/24 03:26:35 | 000,648,192 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\d3d10level9.dll
[2013/06/24 03:26:35 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dxgi.dll
[2013/06/24 03:26:35 | 000,333,312 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\d3d10_1core.dll
[2013/06/24 03:26:35 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\d3d10core.dll
[2013/06/24 03:26:35 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\WindowsCodecsExt.dll
[2013/06/24 03:26:35 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\UIAnimation.dll
[2013/06/24 03:26:35 | 000,194,560 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\d3d10_1.dll
[2013/06/24 03:26:35 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\UIAnimation.dll
[2013/06/24 03:10:30 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\\Windows\\SysNative\\atmlib.dll
[2013/06/24 03:10:30 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\\Windows\\SysWow64\\atmlib.dll
[2013/06/24 03:10:29 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\\Windows\\SysNative\\atmfd.dll
[2013/06/24 03:10:29 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\\Windows\\SysWow64\\atmfd.dll
[2013/06/23 23:17:56 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\dxgmms1.sys
[2013/06/23 23:17:56 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\cdd.dll
[2013/06/23 23:17:41 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\mstscax.dll
[2013/06/23 23:17:40 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\mstscax.dll
[2013/06/23 23:17:39 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\aaclient.dll
[2013/06/23 23:17:39 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\aaclient.dll
[2013/06/23 23:17:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\tsgqec.dll
[2013/06/23 23:17:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\tsgqec.dll
[2013/06/23 23:17:28 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\FWPKCLNT.SYS
[2013/06/23 23:16:59 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\authui.dll
[2013/06/23 23:16:59 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\authui.dll
[2013/06/23 23:16:59 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\shdocvw.dll
[2013/06/23 23:16:59 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\consent.exe
[2013/06/23 23:16:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wwanprotdim.dll
[2013/06/23 23:16:41 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\drivers\\usb8023.sys
[2013/06/23 23:15:53 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\dpnet.dll
[2013/06/23 23:15:52 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\dpnet.dll
[2013/06/23 23:15:51 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ncrypt.dll
[2013/06/23 23:15:49 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\winsrv.dll
[2013/06/23 23:15:48 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\setup16.exe
[2013/06/23 23:15:48 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\ntvdm64.dll
[2013/06/23 23:15:48 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\instnm.exe
[2013/06/23 23:15:46 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\user.exe
[2013/06/23 23:15:42 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\usp10.dll
[2013/06/23 23:15:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\fpb.rs
[2013/06/23 23:15:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\fpb.rs
[2013/06/23 23:15:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\oflc-nz.rs
[2013/06/23 23:15:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\oflc-nz.rs
[2013/06/23 23:15:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\csrr.rs
[2013/06/23 23:15:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\csrr.rs
[2013/06/23 23:15:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\cob-au.rs
[2013/06/23 23:15:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\cob-au.rs
[2013/06/23 23:15:36 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\gameux.dll
[2013/06/23 23:15:36 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\gameux.dll
[2013/06/23 23:15:36 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\Wpc.dll
[2013/06/23 23:15:36 | 000,044,544 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\pegibbfc.rs
[2013/06/23 23:15:36 | 000,044,544 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\pegibbfc.rs
[2013/06/23 23:15:36 | 000,030,720 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\usk.rs
[2013/06/23 23:15:36 | 000,030,720 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\usk.rs
[2013/06/23 23:15:36 | 000,021,504 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\grb.rs
[2013/06/23 23:15:36 | 000,021,504 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\grb.rs
[2013/06/23 23:15:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\pegi-pt.rs
[2013/06/23 23:15:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\pegi-pt.rs
[2013/06/23 23:15:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\pegi.rs
[2013/06/23 23:15:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\pegi.rs
[2013/06/23 23:15:36 | 000,015,360 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\djctq.rs
[2013/06/23 23:15:36 | 000,015,360 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\djctq.rs
[2013/06/23 23:15:35 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\Wpc.dll
[2013/06/23 23:15:34 | 000,055,296 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\cero.rs
[2013/06/23 23:15:34 | 000,055,296 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\cero.rs
[2013/06/23 23:15:34 | 000,051,712 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\esrb.rs
[2013/06/23 23:15:34 | 000,051,712 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\esrb.rs
[2013/06/23 23:15:34 | 000,023,552 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\oflc.rs
[2013/06/23 23:15:34 | 000,023,552 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\oflc.rs
[2013/06/23 23:15:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\\Windows\\SysWow64\\pegi-fi.rs
[2013/06/23 23:15:34 | 000,020,480 | ---- | C] (Microsoft) -- C:\\Windows\\SysNative\\pegi-fi.rs
[2013/06/23 23:15:00 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\KernelBase.dll
[2013/06/23 23:14:58 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\kernel32.dll
[2013/06/23 23:14:56 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wow64win.dll
[2013/06/23 23:14:56 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\conhost.exe
[2013/06/23 23:14:55 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wow64.dll
[2013/06/23 23:14:55 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\ntvdm64.dll
[2013/06/23 23:14:55 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\wow64cpu.dll
[2013/06/23 23:14:54 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-string-l1-1-0.dll
[2013/06/23 23:14:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-file-l1-1-0.dll
[2013/06/23 23:14:52 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-file-l1-1-0.dll
[2013/06/23 23:14:51 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-security-base-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-threadpool-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-processthreads-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-processthreads-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-sysinfo-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-synch-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-synch-l1-1-0.dll
[2013/06/23 23:14:51 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-misc-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-processenvironment-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-namedpipe-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-misc-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-xstate-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-util-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-string-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-profile-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-profile-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-delayload-l1-1-0.dll
[2013/06/23 23:14:51 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-delayload-l1-1-0.dll
[2013/06/23 23:14:50 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-security-base-l1-1-0.dll
[2013/06/23 23:14:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-localregistry-l1-1-0.dll
[2013/06/23 23:14:50 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-localregistry-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-xstate-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-memory-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-memory-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-interlocked-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-heap-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-heap-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-io-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-io-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-interlocked-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-handle-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-handle-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-fibers-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-fibers-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-errorhandling-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-debug-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-debug-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-datetime-l1-1-0.dll
[2013/06/23 23:14:50 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-datetime-l1-1-0.dll
[2013/06/23 23:14:49 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-threadpool-l1-1-0.dll
[2013/06/23 23:14:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-util-l1-1-0.dll
[2013/06/23 23:14:49 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013/06/23 23:14:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-localization-l1-1-0.dll
[2013/06/23 23:14:48 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysNative\\api-ms-win-core-localization-l1-1-0.dll
[2013/06/23 23:14:48 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\\Windows\\SysWow64\\api-ms-win-core-console-l1-1-0.dll
My computer is running really slow. I have posted my Hijack This scan I just completed. Please look over it for me and see what could be wrong.
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 7:35:59 PM, on 6/25/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16618)
Boot mode: Normal
Running processes:
C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAAnotif.exe
C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe
C:\\Program Files\\Logitech\\SetPoint\\x86\\SetPoint32.exe
C:\\Program Files (x86)\\Yahoo!\\Messenger\\ymsgr_tray.exe
C:\\Program Files (x86)\\Internet Explorer\\IEXPLORE.EXE
C:\\Program Files (x86)\\Internet Explorer\\IEXPLORE.EXE
C:\\Users\\Felicia\\Downloads\\HijackThis (1).exe
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://g.msn.com/USCON/1\'>http://g.msn.com/USCON/1
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://att.my.yahoo.com/\'>http://att.my.yahoo.com/
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\'>http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141\'>http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Local Page = C:\\Windows\\SysWOW64\\blank.htm
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 64.78.157.110 vof01.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.110 vof01 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.94 a2fp3.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.94 a2fp3 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.93 a2fp2.alpineaccess.com #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O1 - Hosts: 64.78.157.93 a2fp2 #ADDED BY F5 NETWORKS SSL TUNNEL - ORIGINAL RECORD#
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files (x86)\\Java\\jre7\\bin\\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\\PROGRA~2\\MICROS~2\\Office14\\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\\Program Files (x86)\\Java\\jre7\\bin\\jp2ssv.dll
O3 - Toolbar: (no name) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - (no file)
O4 - HKLM\\..\\Run: [EEventManager] \"C:\\Program Files (x86)\\Epson Software\\Event Manager\\EEventManager.exe\"
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"
O4 - HKLM\\..\\RunOnce: [\"C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"] \"C:\\Program Files (x86)\\Dell DataSafe Local Backup\\Components\\DSUpdate\\DSUpdate.exe\"
O4 - HKCU\\..\\Run: [EPSON NX420 Series] C:\\Windows\\system32\\spool\\DRIVERS\\x64\\3\\E_IATIGCA.EXE /FU \"C:\\Windows\\TEMP\\E_S444.tmp\" /EF \"HKCU\"
O4 - .DEFAULT User Startup: Dell Dock First Run.lnk = C:\\Program Files\\Dell\\DellDock\\DellDock.exe (User \'Default user\')
O4 - Startup: Dell Dock.lnk = C:\\Program Files\\Dell\\DellDock\\DellDock.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O9 - Extra button: @C:\\Program Files (x86)\\Windows Live\\Writer\\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra \'Tools\' menuitem: @C:\\Program Files (x86)\\Windows Live\\Writer\\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\\Program Files (x86)\\Windows Live\\Writer\\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIE.dll
O9 - Extra \'Tools\' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll
O9 - Extra \'Tools\' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\\Program Files (x86)\\Microsoft Office\\Office14\\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\common files\\microsoft shared\\windows live\\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\common files\\microsoft shared\\windows live\\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\vmware\\vmware player\\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\\program files (x86)\\vmware\\vmware player\\vsocklib.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.alpineaccess.com
O15 - Trusted Zone: *.alpineaccess.net
O15 - Trusted IP range: http://205.157.78.29\'>http://205.157.78.29
O15 - Trusted IP range: http://205.157.91.240\'>http://205.157.91.240
O16 - DPF: {315B0BFB-2BD4-481B-80A3-A9B80727C61B} (WebIQ Engine Application Object) - http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID=%7B896A23A1-5821-4609-A6C6-6D5536C585C9\'>http://webiq005.webiqonline.com/WebIQ/DataServer/DataServer.dll?Handler=GetEngineDistribution&EDID={896A23A1-5821-4609-A6C6-6D5536C585C9}
O16 - DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} (Scanner.SysScanner) - http://i.dell.com/images/global/js/scanner/SysProExe.cab\'>http://i.dell.com/images/global/js/scanner/SysProExe.cab
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB\'>http://support.dell.com/systemprofiler/SysProExe.CAB
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442\'>http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1274551454442
O16 - DPF: {66F7F252-3FE1-4650-B1E5-94B2A38271C5} (ActiveView Control) - http://treehouse.no-ip.biz/ActiveView.cab\'>http://treehouse.no-ip.biz/ActiveView.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB\'>http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab\'>http://games.att.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab\'>http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{28C31212-6713-4A47-8872-34C779D8B726}: NameServer = 10.124.6.3,10.124.3.2
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\..\\{47AF739C-9211-470F-8886-1F12156AA75E}: NameServer = 10.124.6.3,10.124.3.2
O17 - HKLM\\System\\CS1\\Services\\Tcpip\\Parameters: SearchList = alpineaccess.com,alpineaccess.net
O17 - HKLM\\System\\CS2\\Services\\Tcpip\\Parameters: SearchList = alpineaccess.com,alpineaccess.net
O17 - HKLM\\System\\CCS\\Services\\Tcpip\\Parameters: SearchList = alpineaccess.com,alpineaccess.net
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\OFFICE14\\MSOXMLMF.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\\Program Files (x86)\\SUPERAntiSpyware\\SASWINLO.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\\system32\\Alg.exe,-112 (ALG) - Unknown owner - C:\\Windows\\System32\\alg.exe (file missing)
O23 - Service: APC UPS Service - American Power Conversion Corporation - C:\\Program Files (x86)\\APC\\APC PowerChute Personal Edition\\mainserv.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\\Program Files\\Dell\\DellDock\\DockLogin.exe
O23 - Service: @%SystemRoot%\\system32\\efssvc.dll,-100 (EFS) - Unknown owner - C:\\Windows\\System32\\lsass.exe (file missing)
O23 - Service: @%systemroot%\\system32\\fxsresm.dll,-118 (Fax) - Unknown owner - C:\\Windows\\system32\\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\\Program Files (x86)\\Intel\\Intel Matrix Storage Manager\\IAANTMon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\\Program Files\\Common Files\\Logishrd\\Bluetooth\\LBTServ.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\\Windows\\System32\\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\\System32\\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%systemroot%\\system32\\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%systemroot%\\system32\\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\\Windows\\system32\\locator.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\samsrv.dll,-1 (SamSs) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\\Windows\\System32\\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\\system32\\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\\Windows\\System32\\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\\Windows\\system32\\sppsvc.exe (file missing)
O23 - Service: VMware Agent Service (ufad-ws60) - VMware, Inc. - C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-ufad.exe
O23 - Service: @%SystemRoot%\\system32\\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\\Windows\\system32\\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\\Windows\\system32\\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\vds.exe,-100 (vds) - Unknown owner - C:\\Windows\\System32\\vds.exe (file missing)
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\\Program Files (x86)\\VMware\\VMware Player\\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\\Windows\\system32\\vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\\Windows\\system32\\vmnat.exe
O23 - Service: @%systemroot%\\system32\\vssvc.exe,-102 (VSS) - Unknown owner - C:\\Windows\\system32\\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\\system32\\Wat\\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\\Windows\\system32\\Wat\\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\\system32\\wbengine.exe,-104 (wbengine) - Unknown owner - C:\\Windows\\system32\\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\\system32\\wbem\\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\\Windows\\system32\\wbem\\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\\Windows Media Player\\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\\Program Files (x86)\\Windows Media Player\\wmpnetwk.exe (file missing)
--
End of file - 12147 bytes
\' />
