Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 28

Thread: Help Needed - several problems

  1. #11
    Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    Internet re-direct is gone, working fine now. I am having trouble with Explorer, so have to use Safari. Explorer says running without add-ons, thing maybe my son my have done something trying to fix internet

    I had some issues with anti-virus programs that i was not able to disable, hopefully this did not interfere with the scan

    Thanks!


    ComboFix 12-01-06.03 - Connor Appleby 01/06/2012 19:32:21.3.8 - x64
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.8182.6112 [GMT -5:00]
    Running from: c:\users\Connor Appleby\Desktop\ComboFix.exe
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    AV: McAfee VirusScan *Enabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    AV: Spyware Doctor with AntiVirus *Enabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
    FW: McAfee Personal Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: McAfee VirusScan *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-12-07 to 2012-01-07 )))))))))))))))))))))))))))))))
    .
    .
    2012-01-07 00:56 . 2012-01-07 01:00 -------- d-----w- c:\users\Connor Appleby\AppData\Local\temp
    2012-01-07 00:56 . 2012-01-07 00:56 -------- d-----w- c:\users\Sarah\AppData\Local\temp
    2012-01-07 00:56 . 2012-01-07 00:56 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
    2012-01-07 00:56 . 2012-01-07 00:56 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-12-30 14:27 . 2011-12-30 14:27 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\AVG2012
    2011-12-28 22:42 . 2011-12-28 22:42 -------- d-----w- c:\users\Sarah\AppData\Roaming\Wacom
    2011-12-28 22:41 . 2011-12-28 22:41 -------- d-----w- c:\users\Sarah\AppData\Roaming\WTablet
    2011-12-26 21:07 . 2011-12-26 21:07 -------- d-----w- c:\program files (x86)\ERUNT
    2011-12-26 19:02 . 2011-12-26 19:02 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\Autodesk
    2011-12-26 18:55 . 2011-12-26 18:55 -------- d-----w- c:\programdata\Alias
    2011-12-26 18:53 . 2011-12-26 18:53 -------- d-----w- c:\program files (x86)\Autodesk
    2011-12-26 18:48 . 2011-12-26 18:48 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
    2011-12-26 18:47 . 2011-12-26 18:47 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\Wacom
    2011-12-26 18:47 . 2011-12-27 14:52 -------- d-----w- c:\programdata\Wacom
    2011-12-26 18:46 . 2011-12-26 18:47 -------- d-----w- c:\program files (x86)\Bamboo Dock
    2011-12-26 18:45 . 2011-12-26 18:45 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\WTablet
    2011-12-26 18:32 . 2012-01-06 19:46 -------- d-----w- C:\ComboFix-1
    2011-12-26 02:42 . 2011-12-26 02:42 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    2011-12-26 01:25 . 2011-12-26 01:25 -------- d-----w- c:\programdata\ALM
    2011-12-26 00:59 . 2011-12-26 00:59 -------- d-----w- c:\program files (x86)\Adobe Story
    2011-12-26 00:56 . 2011-12-26 00:56 -------- d-----w- c:\program files (x86)\My Company Name
    2011-12-24 07:50 . 2011-12-24 11:10 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\Wyga
    2011-12-24 07:50 . 2011-12-24 07:50 -------- d-----w- c:\users\Connor Appleby\AppData\Roaming\Unefti
    2011-12-15 02:49 . 2011-10-25 16:09 85504 ----a-w- c:\windows\system32\csrsrv.dll
    2011-12-15 02:49 . 2011-11-08 14:58 2048 ----a-w- c:\windows\system32\tzres.dll
    2011-12-15 02:49 . 2011-11-08 14:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2011-12-15 02:49 . 2011-10-14 17:30 559616 ----a-w- c:\windows\system32\EncDec.dll
    2011-12-15 02:49 . 2011-10-14 16:02 429056 ----a-w- c:\windows\SysWow64\EncDec.dll
    2011-12-15 02:49 . 2011-11-23 13:57 2764800 ----a-w- c:\windows\system32\win32k.sys
    2011-12-15 02:49 . 2011-11-08 12:10 2409784 ----a-w- c:\program files\Windows Mail\OESpamFilter.dat
    2011-12-15 02:49 . 2011-11-08 12:10 2409784 ----a-w- c:\program files (x86)\Windows Mail\OESpamFilter.dat
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-01 00:08 . 2011-05-18 00:27 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2011-10-24 18:29 . 2011-10-24 18:29 94208 ----a-w- c:\windows\SysWow64\QuickTimeVR.qtx
    2011-10-24 18:29 . 2011-10-24 18:29 69632 ----a-w- c:\windows\SysWow64\QuickTime.qts
    2011-10-18 06:27 . 2011-11-11 07:00 8570192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A82C839B-8539-4680-989B-B2FCC8B07A95}\mpengine.dll
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2012-01-06_20.59.05 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-01-21 02:23 . 2012-01-07 01:00 62592 c:\windows\system64\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2006-11-02 15:45 . 2012-01-07 01:00 85398 c:\windows\system64\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2009-10-02 22:21 . 2012-01-07 01:00 12112 c:\windows\system64\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1554704811-4091891495-1094212442-1000_UserData.bin
    + 2011-12-26 19:52 . 2012-01-07 00:58 55983 c:\windows\system64\config\systemprofile\AppData\Roaming\WTablet\Pen_Tablet.dat
    - 2011-12-26 19:52 . 2012-01-06 20:56 55983 c:\windows\system64\config\systemprofile\AppData\Roaming\WTablet\Pen_Tablet.dat
    - 2009-10-02 22:17 . 2012-01-06 20:59 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-10-02 22:17 . 2012-01-07 01:01 16384 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-10-02 22:17 . 2012-01-07 01:01 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-10-02 22:17 . 2012-01-06 20:59 32768 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-10-02 22:17 . 2012-01-06 20:59 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-10-02 22:17 . 2012-01-07 01:01 16384 c:\windows\system64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-01-21 02:23 . 2012-01-07 01:00 62592 c:\windows\system32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2006-11-02 15:45 . 2012-01-07 01:00 85398 c:\windows\system32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2009-10-02 22:21 . 2012-01-07 01:00 12112 c:\windows\system32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1554704811-4091891495-1094212442-1000_UserData.bin
    - 2011-12-26 19:52 . 2012-01-06 20:56 55983 c:\windows\system32\config\systemprofile\AppData\Roaming\WTablet\Pen_Tablet.dat
    + 2011-12-26 19:52 . 2012-01-07 00:58 55983 c:\windows\system32\config\systemprofile\AppData\Roaming\WTablet\Pen_Tablet.dat
    + 2009-10-02 22:17 . 2012-01-07 01:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-10-02 22:17 . 2012-01-06 20:59 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-10-02 22:17 . 2012-01-06 20:59 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-10-02 22:17 . 2012-01-07 01:01 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-10-02 22:17 . 2012-01-07 01:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-10-02 22:17 . 2012-01-06 20:59 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-12-06 15:51 . 2012-01-07 00:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-12-06 15:51 . 2012-01-06 20:56 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2011-10-17 17:06 . 2011-12-26 18:32 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
    + 2011-10-17 17:06 . 2012-01-06 21:29 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat
    + 2011-10-17 17:06 . 2012-01-06 21:29 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
    - 2011-10-17 17:06 . 2011-12-26 18:32 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\History\History.IE5\index.dat
    + 2011-10-17 17:06 . 2012-01-06 21:29 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
    - 2011-10-17 17:06 . 2011-12-26 18:32 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Temp\Cookies\index.dat
    + 2009-12-06 15:51 . 2012-01-07 00:10 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2009-12-06 15:51 . 2012-01-06 20:56 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2009-12-06 15:51 . 2012-01-07 00:10 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-12-06 15:51 . 2012-01-06 20:56 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2009-10-03 01:11 . 2012-01-06 23:36 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2009-10-03 01:11 . 2012-01-02 14:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2009-10-03 01:11 . 2012-01-06 23:36 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2009-10-03 01:11 . 2012-01-02 14:06 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2012-01-06 19:39 . 2012-01-06 23:09 1740 c:\windows\SoftwareDistribution\EventCache\{97D814BB-C395-4388-85E4-0026D7BD9996}.bin
    + 2012-01-07 00:57 . 2012-01-07 00:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-01-06 20:56 . 2012-01-06 20:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-01-06 20:56 . 2012-01-06 20:56 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2012-01-07 00:57 . 2012-01-07 00:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2010-03-05 20:18 . 2012-01-07 01:01 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    - 2010-03-05 20:18 . 2012-01-06 20:59 262144 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    - 2008-01-21 03:20 . 2012-01-06 20:59 212992 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-01-21 03:20 . 2012-01-07 01:01 212992 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-01-21 03:20 . 2012-01-06 20:59 671744 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-01-21 03:20 . 2012-01-07 01:01 671744 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2006-11-02 12:46 . 2012-01-06 23:42 604264 c:\windows\system64\perfh009.dat
    - 2006-11-02 12:46 . 2012-01-06 19:45 604264 c:\windows\system64\perfh009.dat
    - 2006-11-02 12:46 . 2012-01-06 19:45 103964 c:\windows\system64\perfc009.dat
    + 2006-11-02 12:46 . 2012-01-06 23:42 103964 c:\windows\system64\perfc009.dat
    - 2009-11-28 15:28 . 2011-12-26 00:31 245760 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2009-11-28 15:28 . 2012-01-07 00:34 245760 c:\windows\system64\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2006-11-02 12:46 . 2012-01-06 23:42 604264 c:\windows\system32\perfh009.dat
    - 2006-11-02 12:46 . 2012-01-06 19:45 604264 c:\windows\system32\perfh009.dat
    + 2006-11-02 12:46 . 2012-01-06 23:42 103964 c:\windows\system32\perfc009.dat
    - 2006-11-02 12:46 . 2012-01-06 19:45 103964 c:\windows\system32\perfc009.dat
    - 2009-11-28 15:28 . 2011-12-26 00:31 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    + 2009-11-28 15:28 . 2012-01-07 00:34 245760 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\IETldCache\index.dat
    - 2011-02-14 00:02 . 2012-01-06 20:52 360168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2011-02-14 00:02 . 2012-01-07 00:56 360168 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2008-01-21 03:20 . 2012-01-07 01:01 3948544 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-01-21 03:20 . 2012-01-06 20:59 3948544 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
    "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
    "ooVoo.exe"="c:\program files (x86)\ooVoo\oovoo.exe" [2011-05-18 22631608]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-09-30 148888]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
    "Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]
    "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
    "Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
    "mcagent_exe"="c:\program files (x86)\McAfee.com\Agent\mcagent.exe" [2009-07-10 645328]
    "DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
    "AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
    "5-Day Forecast"="c:\program files (x86)\5-Day Forecast\5-Day Forecast\5-Day Forecast.exe" [2010-06-15 876544]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-10-09 421736]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
    "AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-12-03 2415456]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
    "BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2011-06-24 629848]
    "ISTray"="c:\program files (x86)\Spyware Doctor\pctsTray.exe" [2010-01-18 1286608]
    .
    c:\users\Connor Appleby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
    .
    c:\users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Remote Access.lnk - c:\windows\Installer\{F66A31D9-7831-4FBA-BA02-C411C0047CC5}\NewShortcut4_F66A31D978314FBABA02C411C0047CC5.exe [2009-9-30 53248]
    McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
    .
    c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-02-24 88576]
    .
    .
    --- Other Services/Drivers In Memory ---
    .
    *Deregistered* - PCTSDInjDriver64
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 20:35]
    .
    2012-01-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-11-13 20:35]
    .
    2012-01-06 c:\windows\Tasks\Norton Security Scan for Connor Appleby.job
    - c:\progra~2\NORTON~2\Engine\313~1.7\Nss.exe [2011-06-26 04:47]
    .
    2012-01-07 c:\windows\Tasks\User_Feed_Synchronization-{53F3B42F-94F6-43E8-8F18-C7EF3438945E}.job
    - c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
    .
    2012-01-06 c:\windows\Tasks\User_Feed_Synchronization-{F18474AD-0958-4E2A-ABFC-5E8E3C831E2D}.job
    - c:\windows\system32\msfeedssync.exe [2011-06-15 04:32]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-02-24 6975520]
    "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [BU]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-05-17 16308768]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-30 499608]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = hxxp://www.google.com/
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <local>;*.local
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
    DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} - hxxp://www1.snapfish.com/SnapfishActivia3.cab
    CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
    "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
    00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Dell\DellDock\DockLogin.exe
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe
    c:\program files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
    c:\progra~2\COMMON~1\McAfee\McProxy\McProxy.exe
    c:\program files (x86)\McAfee\MPF\MPFSrv.exe
    c:\program files (x86)\McAfee\MSK\MskSrver.exe
    c:\program files (x86)\Spyware Doctor\pctsAuxs.exe
    c:\program files (x86)\Spyware Doctor\pctsSvc.exe
    c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe
    c:\progra~2\McAfee\MSC\mcmscsvc.exe
    c:\progra~2\mcafee.com\agent\mcagent.exe
    c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    c:\program files (x86)\Dell Remote Access\ezi_ra.exe
    c:\program files (x86)\Common Files\mcafee\mna\mcnasvc.exe
    c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
    c:\program files (x86)\Safari\Safari.exe
    c:\program files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
    .
    **************************************************************************
    .
    Completion time: 2012-01-06 20:10:53 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-01-07 01:10
    ComboFix2.txt 2012-01-06 21:25
    .
    Pre-Run: 334,196,748,288 bytes free
    Post-Run: 333,992,267,776 bytes free
    .
    - - End Of File - - 80B8325F9D9C6730D52EE5170D5E507C

  2. #12
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    This is what you want to do, you have 3 anti virus programs running, Spyware Doctor with AV, McAfee and AVG, more than one is overkill and will severely hamper system performance, all you need is one, keep it updated and run regular scans. Your call but you need to uninstall two of them via Programs and Features in the Control Panel. My self, I would get rid of Spyware Doctor and AVG, but its up to you.

    The second run of Combofix found nothing which is great, sometimes things respawn but it looks fine.


    Open IE and go to Tools > Internet Options > Advanced Tab > Reset Internet Explorer Setting > Reset....will take a few seconds ...then close IE and reopen it and see if it made a difference

    Please download Malwarebytes from Here or Here

    • Double-click mbam-setup.exe and follow the prompts to install the program.
    • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected .
    • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
    • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
    Post the report please
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  3. #13
    Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    uninstalled Ppyware Dr & AVG

    IE working fine now - Thanks

    scan came back clean

    Malwarebytes Anti-Malware 1.60.0.1800
    www.malwarebytes.org

    Database version: v2012.01.06.06

    Windows Vista Service Pack 2 x64 NTFS
    Internet Explorer 8.0.6001.19088
    Connor Appleby :: CONNORAPPLEB-PC [administrator]

    1/6/2012 8:46:04 PM
    mbam-log-2012-01-06 (20-46-04).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 221040
    Time elapsed: 5 minute(s), 1 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

  4. #14
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Great, we always like to run a free online virus scanner to check for anything we have missed.

    ESET Online Scanner
    I'd like us to scan your machine with ESET OnlineScan

    *Note
    It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
    Please don't go surfing while your resident protection is disabled!
    Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Make sure that the option "Remove found threats" is Unchecked
    9. Push the Start button.
    10. ESET will then download updates for itself, install itself, and begin
      scanning your computer. Please be patient as this can take some time.
    11. When the scan completes, push
    12. Push , and save the file to your desktop using a unique name, such as
      ESETScan. Include the contents of this report in your next reply.
    13. Push the button.
    14. Push
    Please make sure you include the following items in your next post:
    The log that was produced after running ESET Online Scanner.




    Then let me take one final look

    OTL by OldTimer
    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Click the "Scan All Users" checkbox.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
        Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  5. #15
    Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    FYI - one microsoft update continues to fail: Cumulative Security Update for Internet Explorer 8 for Windows Vista for x64-based Systems (KB2618444)


    I ran the ESET scanner and it found no issues. The default was set to scan files in last 30 days. No log was produced (maybe becuase nothing was fouind)?

    OTL Text

    OTL logfile created on: 1/7/2012 7:09:51 AM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Connor Appleby\Desktop
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19088)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    7.99 Gb Total Physical Memory | 5.22 Gb Available Physical Memory | 65.28% Memory free
    16.13 Gb Paging File | 13.54 Gb Available in Paging File | 83.97% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 683.57 Gb Total Space | 307.64 Gb Free Space | 45.00% Space Free | Partition Type: NTFS
    Drive D: | 15.00 Gb Total Space | 7.84 Gb Free Space | 52.24% Space Free | Partition Type: NTFS
    Drive E: | 7.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive F: | 14.92 Gb Total Space | 7.58 Gb Free Space | 50.80% Space Free | Partition Type: FAT32

    Computer Name: CONNORAPPLEB-PC | User Name: Connor Appleby | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Connor Appleby\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
    PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
    PRC - c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
    PRC - C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
    PRC - C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
    PRC - c:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
    PRC - C:\Program Files (x86)\McAfee\MSK\msksrver.exe (McAfee, Inc.)
    PRC - C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
    PRC - C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
    PRC - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
    PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
    PRC - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    PRC - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
    PRC - C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll ()
    MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
    MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll ()
    MOD - C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - (TabletServicePen) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
    SRV:64bit: - (TouchServicePen) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
    SRV:64bit: - (McODS) -- C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
    SRV:64bit: - (McShield) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
    SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
    SRV:64bit: - (DockLoginService) -- C:\Program Files\Dell\DellDock\DockLogin.exe (Stardock Corporation)
    SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
    SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
    SRV - (GoToAssist) -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe (Citrix Online, a division of Citrix Systems, Inc.)
    SRV - (hnmsvc) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe (Dell Inc.)
    SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe (McAfee, Inc.)
    SRV - (mcmscsvc) -- C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
    SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
    SRV - (McSysmon) -- C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.)
    SRV - (McProxy) -- C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.)
    SRV - (McNASvc) -- C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe (McAfee, Inc.)
    SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\DRIVERS\wacommousefilter.sys (Wacom Technology)
    DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\DRIVERS\wacomvhid.sys (Wacom Technology)
    DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
    DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
    DRV:64bit: - (TIEHDUSB) -- C:\Windows\SysNative\DRIVERS\tiehdusb.sys (Texas Instruments)
    DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
    DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
    DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
    DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
    DRV:64bit: - (mfebopk) -- C:\Windows\SysNative\drivers\mfebopk.sys (McAfee, Inc.)
    DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
    DRV:64bit: - (Packet) -- C:\Windows\SysNative\DRIVERS\packet.sys (SingleClick Systems)
    DRV:64bit: - (Tpkd) -- C:\Windows\SysNative\drivers\Tpkd.sys (PACE Anti-Piracy, Inc.)
    DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (MPFP) -- C:\Windows\SysNative\Drivers\Mpfp.sys (McAfee, Inc.)
    DRV:64bit: - (e1yexpress) Intel(R) -- C:\Windows\SysNative\DRIVERS\e1y60x64.sys (Intel Corporation)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iastor.sys (Intel Corporation)
    DRV:64bit: - (OA002Vid) -- C:\Windows\SysNative\DRIVERS\OA002Vid.sys (Creative Technology Ltd.)
    DRV:64bit: - (OA002Ufd) -- C:\Windows\SysNative\DRIVERS\OA002Ufd.sys (Creative Technology Ltd.)
    DRV:64bit: - (Avc) -- C:\Windows\SysNative\DRIVERS\avc.sys (Microsoft Corporation)
    DRV:64bit: - (61883) -- C:\Windows\SysNative\DRIVERS\61883.sys (Microsoft Corporation)
    DRV:64bit: - (e1express) Intel(R) -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys (Intel Corporation)
    DRV:64bit: - (MSDV) -- C:\Windows\SysNative\DRIVERS\msdv.sys (Microsoft Corporation)
    DRV:64bit: - (OA002Afx) -- C:\Windows\SysNative\Drivers\OA002Afx.sys (Creative Technology Ltd.)
    DRV:64bit: - (R300) -- C:\Windows\SysNative\DRIVERS\atikmdag.sys (ATI Technologies Inc.)
    DRV - (Packet) -- C:\Windows\SysWOW64\drivers\packet.sys (SingleClick Systems)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 68 A7 A1 11 56 6B 1D 46 A4 33 9E 4F 64 B4 06 A6 [binary data]
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 68 A7 A1 11 56 6B 1D 46 A4 33 9E 4F 64 B4 06 A6 [binary data]
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

    IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 68 A7 A1 11 56 6B 1D 46 A4 33 9E 4F 64 B4 06 A6 [binary data]

    IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = 68 A7 A1 11 56 6B 1D 46 A4 33 9E 4F 64 B4 06 A6 [binary data]

    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A3 93 38 9F DD CC CC 01 [binary data]
    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
    FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2011/12/23 09:03:19 | 000,000,000 | ---D | M]


    ========== Chrome ==========

    CHR - default_search_provider: ()
    CHR - default_search_provider: search_url =
    CHR - default_search_provider: suggest_url =
    CHR - Extension: No name found = C:\Users\Connor Appleby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.1.1_0\
    CHR - Extension: No name found = C:\Users\Connor Appleby\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

    O1 HOSTS File: ([2012/01/06 19:58:48 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll ()
    O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
    O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
    O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\Program Files (x86)\McAfee\MSK\mskapbho.dll ()
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
    O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
    O3 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
    O3 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe File not found
    O4 - HKLM..\Run: [5-Day Forecast] C:\Program Files (x86)\5-Day Forecast\5-Day Forecast\5-Day Forecast.exe ()
    O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
    O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
    O4 - HKLM..\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
    O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
    O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000..\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe (ooVoo LLC)
    O4 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
    O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - Startup: C:\Users\Connor Appleby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Mcx1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
    O4 - Startup: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowLegacyWebView = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: AllowUnhashedWebView = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
    O7 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_13)
    O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab (Windows Genuine Advantage Validation Tool)
    O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/s...irector/sw.cab (Shockwave ActiveX Control)
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www1.snapfish.com/SnapfishActivia.cab (Snapfish Activia)
    O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanage...ex-2.2.5.0.cab (DLM Control)
    O16 - DPF: {4ECE056F-E50F-4F9D-B069-EB342D21F26A} http://www1.snapfish.com/SnapfishActivia3.cab (Snapfish Activia3)
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/...Uploader55.cab (Facebook Photo Uploader 5 Control)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_30)
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F6C1251-DE0E-4DF2-9EB9-7943A8261CD9}: DhcpNameServer = 75.75.75.75 75.75.76.76
    O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found
    O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
    O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Desert Landscape.jpg
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2008/04/11 19:21:22 | 000,000,055 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O35 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/01/07 07:08:03 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Connor Appleby\Desktop\OTL.exe
    [2012/01/07 06:47:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
    [2012/01/06 21:17:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
    [2012/01/06 21:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
    [2012/01/06 21:17:22 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
    [2012/01/06 21:17:22 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
    [2012/01/06 21:17:22 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
    [2012/01/06 21:17:22 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
    [2012/01/06 20:10:58 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Local\temp
    [2012/01/06 19:59:27 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2012/01/06 14:45:13 | 004,373,779 | R--- | C] (Swearware) -- C:\Users\Connor Appleby\Desktop\ComboFix.exe
    [2012/01/04 17:02:40 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\Desktop\x
    [2011/12/30 09:27:14 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\AVG2012
    [2011/12/26 16:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    [2011/12/26 16:07:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
    [2011/12/26 14:02:42 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\Autodesk
    [2011/12/26 13:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Alias
    [2011/12/26 13:55:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
    [2011/12/26 13:53:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Autodesk
    [2011/12/26 13:48:12 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
    [2011/12/26 13:47:55 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\Wacom
    [2011/12/26 13:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Wacom
    [2011/12/26 13:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo Dock
    [2011/12/26 13:46:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bamboo Dock
    [2011/12/26 13:45:16 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\WTablet
    [2011/12/26 13:45:15 | 001,107,832 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Touch_Tablet.dll
    [2011/12/26 13:45:14 | 001,326,456 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Touch_Tablet.dll
    [2011/12/26 13:45:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AppData
    [2011/12/26 13:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TabletPlugins
    [2011/12/26 13:44:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bamboo
    [2011/12/26 13:42:43 | 000,012,848 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacommousefilter.sys
    [2011/12/26 13:41:28 | 000,016,168 | ---- | C] (Wacom Technology) -- C:\Windows\SysNative\drivers\wacomvhid.sys
    [2011/12/26 13:41:25 | 001,401,208 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Wintab32.dll
    [2011/12/26 13:41:25 | 001,392,504 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\WacomMT.dll
    [2011/12/26 13:41:25 | 001,369,464 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Pen_Tablet.dll
    [2011/12/26 13:41:25 | 001,156,472 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\Wintab32.dll
    [2011/12/26 13:41:25 | 001,152,888 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysWow64\WacomMT.dll
    [2011/12/26 13:41:24 | 001,665,400 | ---- | C] (Wacom Technology, Corp.) -- C:\Windows\SysNative\Pen_Tablet.dll
    [2011/12/26 13:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Tablet
    [2011/12/26 13:33:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2011/12/26 13:33:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2011/12/26 13:33:44 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2011/12/26 13:32:16 | 000,000,000 | ---D | C] -- C:\ComboFix-1
    [2011/12/26 13:28:20 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2011/12/26 13:23:00 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2011/12/25 21:42:08 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2011/12/25 21:30:56 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\Desktop\Adobe
    [2011/12/25 20:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
    [2011/12/25 19:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Story
    [2011/12/25 19:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\My Company Name
    [2011/12/25 19:54:10 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
    [2011/12/25 19:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Production Premium CS5.5
    [2011/12/24 02:50:22 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\Wyga
    [2011/12/24 02:50:22 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\AppData\Roaming\Unefti
    [2011/12/15 14:48:36 | 000,000,000 | -H-D | C] -- C:\Users\Connor Appleby\Documents\.picasaoriginals
    [2011/12/14 21:49:47 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2011/12/14 21:49:29 | 000,559,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
    [2011/12/14 21:49:29 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
    [2011/12/10 23:09:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
    [2011/12/09 20:29:47 | 000,000,000 | ---D | C] -- C:\Users\Connor Appleby\Documents\Audio
    [2010/03/05 13:10:24 | 008,656,832 | ---- | C] (Dell, Inc. ) -- C:\Users\Connor Appleby\AppData\Roaming\DataSafeDotNet.exe

    ========== Files - Modified Within 30 Days ==========

    [2012/01/07 07:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{53F3B42F-94F6-43E8-8F18-C7EF3438945E}.job
    [2012/01/07 07:12:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/01/07 07:08:13 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Connor Appleby\Desktop\OTL.exe
    [2012/01/07 06:41:59 | 000,060,939 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
    [2012/01/07 06:37:09 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/01/07 06:37:09 | 000,003,744 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/01/07 04:42:51 | 000,000,452 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{F18474AD-0958-4E2A-ABFC-5E8E3C831E2D}.job
    [2012/01/06 23:12:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/01/06 20:45:34 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/01/06 20:43:26 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2012/01/06 20:43:26 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2012/01/06 20:43:26 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2012/01/06 20:37:42 | 000,339,840 | ---- | M] () -- C:\ProgramData\nvModes.001
    [2012/01/06 20:37:10 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
    [2012/01/06 20:37:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/01/06 20:37:03 | 4285,718,527 | -HS- | M] () -- C:\hiberfil.sys
    [2012/01/06 19:58:48 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2012/01/06 19:22:45 | 004,373,779 | R--- | M] (Swearware) -- C:\Users\Connor Appleby\Desktop\ComboFix.exe
    [2012/01/06 14:39:27 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Connor Appleby.job
    [2012/01/02 08:58:00 | 000,008,484 | ---- | M] () -- C:\Users\Connor Appleby\AppData\Local\d3d9caps.dat
    [2011/12/28 17:56:39 | 000,002,475 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
    [2011/12/28 17:12:34 | 1051,717,811 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2011/12/26 17:24:21 | 000,002,301 | ---- | M] () -- C:\Users\Connor Appleby\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
    [2011/12/26 16:07:34 | 000,000,725 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\NTREGOPT.lnk
    [2011/12/26 16:07:34 | 000,000,706 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\ERUNT.lnk
    [2011/12/26 15:49:16 | 002,102,650 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\malware.diagcab
    [2011/12/26 13:55:41 | 000,002,037 | ---- | M] () -- C:\Users\Connor Appleby\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk SketchBookExpress 2011.lnk
    [2011/12/26 13:55:41 | 000,002,013 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk SketchBookExpress 2011.lnk
    [2011/12/26 13:47:44 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
    [2011/12/26 12:39:13 | 000,000,134 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Internet Explorer Troubleshooting.url
    [2011/12/26 09:24:42 | 085,260,637 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
    [2011/12/25 21:25:51 | 000,001,045 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk
    [2011/12/25 21:25:38 | 000,001,457 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe Illustrator CS5.1.lnk
    [2011/12/25 20:47:45 | 004,843,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2011/12/25 20:38:08 | 000,001,046 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe Premiere Pro CS5.5.lnk
    [2011/12/25 20:32:35 | 000,000,974 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe Flash Professional CS5.5.lnk
    [2011/12/25 20:28:40 | 000,001,158 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe After Effects CS5.5.lnk
    [2011/12/25 20:23:41 | 000,001,116 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe Flash Catalyst CS5.5.lnk
    [2011/12/25 20:17:59 | 000,001,044 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe Audition CS5.5.lnk
    [2011/12/25 20:12:36 | 000,001,184 | -HS- | M] () -- C:\Users\Connor Appleby\AppData\Local\48286118k4k7
    [2011/12/25 19:59:03 | 000,000,104 | ---- | M] () -- C:\Users\Connor Appleby\Network - Shortcut.lnk
    [2011/12/25 19:56:53 | 000,000,988 | ---- | M] () -- C:\Users\Connor Appleby\Desktop\Adobe Bridge CS5.1.lnk
    [2011/12/15 18:25:28 | 000,094,162 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
    [2011/12/15 15:26:48 | 000,001,414 | -HS- | M] () -- C:\Users\Connor Appleby\AppData\Local\054452l2d078j880h735m5rji6p4
    [2011/12/15 14:49:34 | 000,000,913 | ---- | M] () -- C:\Users\Connor Appleby\Documents\.picasa.ini
    [2011/12/15 14:48:36 | 002,320,538 | ---- | M] () -- C:\Users\Connor Appleby\Documents\ME AND MY BOO!.jpg
    [2011/12/10 23:09:30 | 000,001,773 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
    [2011/12/10 23:09:30 | 000,001,771 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
    [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2011/12/09 20:43:19 | 000,053,194 | ---- | M] () -- C:\Users\Connor Appleby\Documents\sewer man improv.cwp
    [2011/12/09 20:36:24 | 003,362,480 | ---- | M] () -- C:\Users\Connor Appleby\sewer mann.mp3
    [2011/12/09 10:17:25 | 000,078,336 | ---- | M] () -- C:\Users\Connor Appleby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

    ========== Files Created - No Company Name ==========

    [2012/01/06 20:45:34 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2012/01/02 08:59:16 | 4285,718,527 | -HS- | C] () -- C:\hiberfil.sys
    [2011/12/28 14:01:10 | 000,000,452 | -H-- | C] () -- C:\Windows\tasks\User_Feed_Synchronization-{F18474AD-0958-4E2A-ABFC-5E8E3C831E2D}.job
    [2011/12/26 16:07:34 | 000,000,725 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\NTREGOPT.lnk
    [2011/12/26 16:07:34 | 000,000,706 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\ERUNT.lnk
    [2011/12/26 15:49:15 | 002,102,650 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\malware.diagcab
    [2011/12/26 13:55:41 | 000,002,037 | ---- | C] () -- C:\Users\Connor Appleby\Application Data\Microsoft\Internet Explorer\Quick Launch\Autodesk SketchBookExpress 2011.lnk
    [2011/12/26 13:55:41 | 000,002,013 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk SketchBookExpress 2011.lnk
    [2011/12/26 13:47:44 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\Bamboo Dock.lnk
    [2011/12/26 13:42:35 | 000,001,738 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Journal.lnk
    [2011/12/26 13:42:35 | 000,001,638 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes.lnk
    [2011/12/26 13:41:19 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTouchTabletUserDefaults.xml
    [2011/12/26 13:41:19 | 000,000,488 | ---- | C] () -- C:\Windows\SysNative\PenTabletUserDefaults.xml
    [2011/12/26 13:33:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2011/12/26 13:33:44 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2011/12/26 13:33:44 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2011/12/26 13:33:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2011/12/26 13:33:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2011/12/26 12:39:13 | 000,000,134 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Internet Explorer Troubleshooting.url
    [2011/12/25 21:25:51 | 000,001,045 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe Photoshop CS5.1 (64 Bit).lnk
    [2011/12/25 21:25:38 | 000,001,457 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe Illustrator CS5.1.lnk
    [2011/12/25 20:38:08 | 000,001,046 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe Premiere Pro CS5.5.lnk
    [2011/12/25 20:32:35 | 000,000,974 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe Flash Professional CS5.5.lnk
    [2011/12/25 20:28:40 | 000,001,158 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe After Effects CS5.5.lnk
    [2011/12/25 20:23:41 | 000,001,116 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe Flash Catalyst CS5.5.lnk
    [2011/12/25 20:17:59 | 000,001,044 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe Audition CS5.5.lnk
    [2011/12/25 20:12:24 | 000,001,184 | -HS- | C] () -- C:\Users\Connor Appleby\AppData\Local\48286118k4k7
    [2011/12/25 19:59:03 | 000,000,104 | ---- | C] () -- C:\Users\Connor Appleby\Network - Shortcut.lnk
    [2011/12/25 19:56:53 | 000,000,988 | ---- | C] () -- C:\Users\Connor Appleby\Desktop\Adobe Bridge CS5.1.lnk
    [2011/12/15 15:25:57 | 000,001,414 | -HS- | C] () -- C:\Users\Connor Appleby\AppData\Local\054452l2d078j880h735m5rji6p4
    [2011/12/15 14:48:36 | 002,320,538 | ---- | C] () -- C:\Users\Connor Appleby\Documents\ME AND MY BOO!.jpg
    [2011/12/09 20:34:50 | 003,362,480 | ---- | C] () -- C:\Users\Connor Appleby\sewer mann.mp3
    [2011/12/09 20:30:04 | 000,053,194 | ---- | C] () -- C:\Users\Connor Appleby\Documents\sewer man improv.cwp
    [2011/11/29 03:19:49 | 000,012,508 | -HS- | C] () -- C:\Users\Connor Appleby\AppData\Local\uf36os4qiys384hl57ab3al78b64o855v08872ix020cgq
    [2011/11/29 03:19:49 | 000,012,508 | -HS- | C] () -- C:\ProgramData\uf36os4qiys384hl57ab3al78b64o855v08872ix020cgq
    [2011/11/28 04:02:19 | 000,001,296 | -HS- | C] () -- C:\Users\Connor Appleby\AppData\Local\121518b2t827b281r656r4vbi8m1
    [2011/11/26 13:58:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\312yOTHH.exe.b
    [2011/11/26 13:55:53 | 000,000,112 | ---- | C] () -- C:\ProgramData\rU4PWC.dat
    [2011/11/25 14:59:59 | 000,012,084 | -HS- | C] () -- C:\Users\Connor Appleby\AppData\Local\q54qp10egtn1b47yak1cxuws82656ekrq
    [2011/11/25 14:59:59 | 000,012,084 | -HS- | C] () -- C:\ProgramData\q54qp10egtn1b47yak1cxuws82656ekrq
    [2011/10/15 07:53:02 | 000,000,296 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
    [2011/10/15 07:53:02 | 000,000,224 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
    [2011/10/15 07:52:54 | 000,000,440 | ---- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP
    [2011/05/26 12:36:33 | 000,012,114 | -HS- | C] () -- C:\Users\Connor Appleby\AppData\Local\n8ph4jrwihupnmj32kp3qhs85iiqqew
    [2011/05/26 12:36:33 | 000,012,114 | -HS- | C] () -- C:\ProgramData\n8ph4jrwihupnmj32kp3qhs85iiqqew
    [2011/05/11 12:05:36 | 000,000,160 | ---- | C] () -- C:\ProgramData\~48619256r
    [2011/05/11 12:05:36 | 000,000,152 | ---- | C] () -- C:\ProgramData\~48619256
    [2011/05/11 12:05:14 | 000,000,328 | ---- | C] () -- C:\ProgramData\48619256
    [2011/05/09 17:57:29 | 000,000,000 | ---- | C] () -- C:\Users\Connor Appleby\AppData\Local\{93F58D26-DC2D-441C-B29E-11FAAE8C6512}
    [2011/02/20 10:18:30 | 000,000,732 | ---- | C] () -- C:\Users\Connor Appleby\AppData\Local\d3d9caps64.dat
    [2010/08/10 21:42:04 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
    [2010/03/05 14:11:04 | 000,763,832 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
    [2009/10/19 16:37:25 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
    [2009/10/19 16:37:10 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
    [2009/10/19 16:36:55 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/10/03 07:51:33 | 000,008,484 | ---- | C] () -- C:\Users\Connor Appleby\AppData\Local\d3d9caps.dat
    [2009/10/02 17:25:26 | 000,078,336 | ---- | C] () -- C:\Users\Connor Appleby\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2009/09/30 10:20:21 | 000,339,840 | ---- | C] () -- C:\ProgramData\nvModes.dat
    [2009/09/30 10:20:21 | 000,339,840 | ---- | C] () -- C:\ProgramData\nvModes.001
    [2009/09/30 06:10:56 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
    [2009/09/30 06:10:56 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
    [2009/07/21 05:57:10 | 000,233,472 | ---- | C] () -- C:\Windows\SysWow64\DSPlayer.dll
    [2009/04/24 22:58:05 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
    [2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
    [2007/03/15 14:48:04 | 000,450,560 | ---- | C] () -- C:\Windows\SysWow64\mcs_cor1.dll
    [2006/11/02 10:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2006/11/02 07:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2006/11/02 07:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2006/11/02 07:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [2006/11/02 04:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

    ========== LOP Check ==========

    [2011/11/26 12:34:00 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\5CB13
    [2009/11/13 18:09:22 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\acccore
    [2009/12/06 11:15:48 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Antares
    [2011/10/23 14:18:15 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\asssQQJ6dEK8R
    [2011/02/17 19:57:36 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Audacity
    [2011/12/26 14:02:42 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Autodesk
    [2011/12/30 09:27:14 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\AVG2012
    [2011/11/25 12:30:55 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Cakewalk
    [2010/10/19 20:55:25 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Canon
    [2011/12/25 21:42:08 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    [2011/10/14 21:20:37 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2011/10/18 17:06:33 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\EVVVellIBtzPy
    [2011/10/18 17:06:39 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\fJJ66dWWK8fL9
    [2011/11/26 09:42:11 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\hNtxP0ucSiDoGaH
    [2011/11/26 09:42:20 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\JjYCwkIVrOtPuSi
    [2011/10/18 17:06:38 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\lAAA1uuvS2ob3pG
    [2011/01/28 12:26:28 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\MAXON
    [2011/11/26 09:42:27 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\nBtzP0ycAiDoFpH
    [2011/10/18 17:06:34 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\OFFF3ppnG5aQ6dK
    [2011/02/08 22:45:29 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\ooVoo Details
    [2009/12/06 11:24:44 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\PACE Anti-Piracy
    [2011/11/26 09:42:19 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\pobF3pmG5Q6W8R9
    [2010/09/26 17:45:42 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Publish Providers
    [2011/11/26 10:05:13 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\pxA0uvS2iFpGaHd
    [2010/06/10 15:25:57 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Sony
    [2011/10/23 14:18:15 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\tJJ77dEEK8RZ9YX
    [2011/11/26 09:42:13 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\UJ7dEK8gR9Y
    [2011/12/24 02:50:22 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Unefti
    [2011/12/26 13:47:55 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Wacom
    [2011/12/26 13:48:12 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
    [2011/12/24 06:10:20 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Wyga
    [2011/11/26 09:42:26 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\Z8gRZqhYXkVl
    [2011/10/23 14:13:06 | 000,000,000 | ---D | M] -- C:\Users\Connor Appleby\AppData\Roaming\ZcAA11ivD2on4pH
    [2009/11/19 18:37:09 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\acccore
    [2010/02/28 10:48:05 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Facebook
    [2009/10/25 16:58:00 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Publish Providers
    [2009/10/25 17:00:11 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Sony
    [2011/12/28 17:42:03 | 000,000,000 | ---D | M] -- C:\Users\Sarah\AppData\Roaming\Wacom
    [2012/01/06 20:36:06 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
    [2012/01/07 07:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{53F3B42F-94F6-43E8-8F18-C7EF3438945E}.job
    [2012/01/07 04:42:51 | 000,000,452 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{F18474AD-0958-4E2A-ABFC-5E8E3C831E2D}.job

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A8ADE5D8
    @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
    @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84

    < End of report >

    >

  6. #16
    Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    OTL Extras logfile created on: 1/7/2012 7:09:51 AM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Connor Appleby\Desktop
    64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.6001.19088)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    7.99 Gb Total Physical Memory | 5.22 Gb Available Physical Memory | 65.28% Memory free
    16.13 Gb Paging File | 13.54 Gb Available in Paging File | 83.97% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 683.57 Gb Total Space | 307.64 Gb Free Space | 45.00% Space Free | Partition Type: NTFS
    Drive D: | 15.00 Gb Total Space | 7.84 Gb Free Space | 52.24% Space Free | Partition Type: NTFS
    Drive E: | 7.14 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
    Drive F: | 14.92 Gb Total Space | 7.58 Gb Free Space | 50.80% Space Free | Partition Type: FAT32

    Computer Name: CONNORAPPLEB-PC | User Name: Connor Appleby | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 0
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
    "VistaSp2" = 0A DB D1 1E 8A 8D CA 01 [binary data]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "oobe_av" = 1

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{01AC044D-3F41-498A-9950-B1EAC348175A}" = rport=10244 | protocol=6 | dir=out | app=system |
    "{02D00BB0-86F6-4B58-9EE3-A1E6319F2FB2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{0ED157E0-745F-44C5-8769-A9D96458BE09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{292C7578-CE34-4661-87BB-4D271C670054}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{2AC3CAC7-7052-4AD9-AA9B-F449AAB55892}" = lport=2869 | protocol=6 | dir=in | app=system |
    "{33CA2E30-92B3-453F-B071-3A8A08467200}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{37626C89-19A0-425B-8667-DCAB1AA3E588}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{41C49750-BAFD-4C90-BD26-A0F6501F915E}" = lport=10244 | protocol=6 | dir=in | app=system |
    "{50BBA6F5-5A86-447D-9C90-31D224966BB7}" = lport=7777 | protocol=17 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{53500DAD-9121-4FF0-AF07-C0EC38AE7FF9}" = lport=37676 | protocol=6 | dir=in | name=oovoo tcp port 37676 |
    "{5E8ACE34-9EE4-44BA-9771-7D7B61DD5211}" = lport=3390 | protocol=6 | dir=in | app=system |
    "{62C87CD0-8096-440A-A1A2-98F1A8670AC3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{785F0DF6-E028-45F5-BFA3-E6C812E74CF9}" = rport=10244 | protocol=6 | dir=out | app=system |
    "{8311FA23-A112-4455-816D-177F7B137A7D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{849A9E97-997F-448D-B9A4-40544B34F9D1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{8549D967-3C62-42BF-8677-6D6172A8C98C}" = lport=37676 | protocol=17 | dir=in | name=oovoo udp port 37676 |
    "{9CF89842-D882-4767-A046-7228733D626C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{A2B7DB6F-869F-48AB-8702-F492547017C2}" = lport=10244 | protocol=6 | dir=in | app=system |
    "{A31E8ABC-284C-4B4E-BA49-0E0C0477602B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{AA91B5C5-A825-434B-BCA5-8B07F5490CC3}" = lport=554 | protocol=6 | dir=in | app=%systemroot%\ehome\ehshell.exe |
    "{B1E774DC-2ADA-4C0A-95AA-AFCDA808C1FD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{CD7A5D4E-2308-488A-8E8B-5F6BE8EC9DC1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{D332F22D-FF08-4BFA-ADBE-4AC469FB19F8}" = lport=37677 | protocol=17 | dir=in | name=oovoo udp port 37677 |
    "{D592E0E6-D074-4769-9A24-800025C4DB8B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{E54E3A88-5516-4F61-9DC8-02C78566798D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
    "{E5645046-464D-42AD-BE63-2101214AA0FB}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
    "{F0DFB439-E0A3-464F-B8D9-588C1DB1E4A6}" = lport=3390 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{0492E873-9797-481F-A3B3-3B29C45D56FF}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe |
    "{0F1A2FF7-5D9E-4EF3-B889-46AC129B04F5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{10DBB04F-08A6-4B8C-898E-5891D6EEC73C}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{13210A2A-6257-4ACD-B936-0B10FF8903C3}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
    "{244D598B-E958-4D38-8A7F-2210CEFB2D12}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{34E71F22-D02A-42FD-9DE1-743D7EFFB3F6}" = protocol=6 | dir=in | app=c:\program files (x86)\dell remote access\ezi_ra.exe |
    "{376EB22D-B36A-45E9-912C-3164FA234E06}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
    "{5174BBC5-384B-480B-B52B-109BFAA115C4}" = protocol=6 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
    "{548C34AA-1B87-42FD-BBEE-B72A7F9965B9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{5F749502-11E5-48CB-A867-531C2BD1EE36}" = protocol=17 | dir=in | app=c:\program files (x86)\dell remote access\ezi_ra.exe |
    "{60FDD5A9-7D61-49AA-802D-FD1AEF18DC9E}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
    "{6FBD141D-A6CB-4766-A759-174C8873B7C0}" = protocol=17 | dir=in | app=c:\program files (x86)\dell video chat\dellvideochat.exe |
    "{740B2B85-2009-4D1F-990F-F62C9413A45E}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\advanced networking service\hnm_svc.exe |
    "{75A45C0E-7623-437B-9FBA-C321DDE9C08A}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
    "{75CF915E-BC16-419B-A4FB-D4927F4BA56A}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
    "{77855F75-F401-4D57-9CEC-52731EBEBAA8}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\dell\vlc\vlc.exe |
    "{781FB803-CEEE-4F02-9856-DB7CE01F64FD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{83A5D4D9-9E4C-4BFC-9290-99834A557E14}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
    "{8485C968-8B8C-48C9-B386-1382797DB470}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
    "{8E1A41C2-24B1-4FCE-B963-836304F9C230}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{9017D0C7-35F1-4423-8448-BB25EEFDA919}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{95F107B4-0A25-48B3-8A86-F89ECEC4AC9F}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "{9C96BA63-A22E-4030-AA56-382260E50F43}" = protocol=6 | dir=out | svc=mcx2svc | app=%systemroot%\system32\svchost.exe |
    "{A4B12264-BE16-4988-ABDA-FBF05E1E92D5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
    "{AC206B2F-5404-4F71-AAD0-7A7DA3A348D8}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{ACF23CC8-E4CC-4B1F-AA60-A884DF52A034}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
    "{AD897A7E-C3F2-44E5-A435-B720ABADC6C4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{B5694ECF-F16D-4037-974B-B2E1D47ECB6E}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
    "{BCBCD6F7-8530-48E4-9A96-B340253BE0AA}" = protocol=6 | dir=out | app=%systemroot%\ehome\mcx2prov.exe |
    "{C7EE6CB2-5D02-43CD-A07D-3FA91D49432D}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{C9804864-C809-4A29-96D8-2FA0AAA6C0B2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
    "{D2B2EF87-2E5E-48BB-8C8B-C543B441D2BA}" = protocol=6 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{D3C55C8A-D9D7-41B6-86AE-3FC705040605}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{D6C27649-4056-4566-9CF9-B2B9DC224DB4}" = protocol=6 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{E337A98D-EDE1-4755-B0B3-DCF054539C43}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
    "{E43EA2E1-8FD6-45B9-8F06-77D20D0EA22D}" = protocol=17 | dir=out | app=%systemroot%\ehome\ehshell.exe |
    "{E4D97E37-D484-4402-AAF2-3E1309D81653}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E4F310C3-545C-46E2-96EE-01963FDADB90}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
    "{E5AE3DE6-7AF2-4F7A-8042-AB3D4996638A}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
    "{E607344E-870F-41CA-8942-D47FFF919E2A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "{E99B0D43-A068-48FF-8DCF-65E526E3525C}" = protocol=17 | dir=in | app=c:\program files (x86)\aim\aim.exe |
    "{F2994172-CEED-48BE-BD04-C1E77D436FF9}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
    "{F36A1404-1B0A-420D-A2C0-09C16D69F1DE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
    "{FC11FDA9-D2A0-44DA-B4B0-0A72E26D245B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
    "{FF19AA82-A6BB-46DF-9CB8-4551913141CC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
    "TCP Query User{2382F535-83A7-4FC0-886E-4680517CB655}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "TCP Query User{2DAEBA29-21D0-4773-9E0C-7345113B1126}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
    "TCP Query User{F04BF68F-7D69-4E0A-A5D3-25593F661714}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{6130A414-DAAB-49C0-8395-21AF2AA7A1F7}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
    "UDP Query User{F3DA9A82-F427-4B67-8A08-6A875EAE3729}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
    "{25613C10-27D2-410B-942B-D922D5C3A7BE}" = Interlok driver setup x64
    "{26A24AE4-039D-4CA4-87B4-2F86416013FF}" = Java(TM) 6 Update 13 (64-bit)
    "{3C5E60F1-0821-4B07-97EA-84EB5A927CF6}" = MobileMe Control Panel
    "{42B40185-E134-43FD-9381-69F92B317417}" = AVG 2012
    "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
    "{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
    "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
    "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
    "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
    "{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
    "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
    "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
    "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
    "{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
    "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
    "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
    "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
    "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
    "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{DDD076BF-C5C3-468C-AA1B-F9A7E47446FE}" = Intel(R) Network Connections 13.1.33.0
    "{E60B7350-EA5F-41E0-9D6F-E508781E36D2}" = Dell Dock
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "7511B29C86C398B4D11A0B0E4176CAD68D1B7057" = Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1)
    "Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
    "AVG" = AVG 2012
    "Creative OA002" = Monitor Webcam Driver (1.01.02.0804)
    "EC3E466026556D3EB760B01C4772277614354E11" = Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0)
    "MAXONFD3BFAC6" = CINEMA 4D Demo 12.032
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "NVIDIA Drivers" = NVIDIA Drivers
    "Pen Tablet Driver" = Bamboo
    "PROSetDX" = Intel(R) Network Connections 13.1.33.0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    "{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}" = Windows Live Call
    "{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
    "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
    "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
    "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
    "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
    "{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
    "{095B1DCF-5E8B-47EC-9B18-481918A731DB}" = Microsoft Default Manager
    "{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
    "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
    "{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
    "{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
    "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
    "{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
    "{20207CCE-A8FA-44A7-AA3D-1E43EB307B27}" = Sony Sound Forge Audio Studio 9.0
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 30
    "{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
    "{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
    "{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
    "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
    "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
    "{3E8F136A-E573-44AB-860D-ABF7B03C1434}" = 5-Day Forecast
    "{411F3ABA-2AB5-4799-AA19-6ADF0A8F7424}" = Adobe Setup
    "{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
    "{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
    "{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
    "{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
    "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
    "{5B0D20D7-AA12-4FC8-9A4A-AF722F430738}_is1" = EOS Camera Movie Record 0.3.1 Beta
    "{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
    "{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
    "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
    "{63C1109E-D977-49ED-BCE3-D00D0BF187D6}" = Windows Live Mail
    "{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
    "{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
    "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
    "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
    "{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}" = Windows Live Writer
    "{6D62518F-F86F-C57D-8599-F90C2CA99A6F}" = Bamboo Dock
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
    "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79F41FC6-07F9-47C2-BBAC-37C7C70EE703}" = MCEBrowser
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
    "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
    "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8EB8E60B-315D-44EB-A896-10D88602EE46}" = Adobe Setup
    "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
    "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
    "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
    "{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
    "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
    "{97E038E1-41AD-4C93-BCDC-6A2394AEE352}" = Vegas Movie Studio Platinum 9.0
    "{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
    "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
    "{A8B94669-8654-4126-BD28-D0D2412CDED6}" = TI Connect 1.6
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-A90000000001}" = Adobe Reader 9
    "{AF322EC1-3499-45FD-9EDD-DCC7FD5C18DF}" = Autodesk SketchBookExpress 2011
    "{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
    "{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
    "{B2E447CB-2950-46A6-A403-0E4F7EED564B}" = SAMSUNG Video Codec 1.2.5009
    "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
    "{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
    "{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
    "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
    "{B7C7A59F-CF70-481E-A94F-7C2563AA5ADD}" = Sony DVD Architect Studio 4.5
    "{B7DE81A4-71D5-4F22-9D72-84AC8A266F43}" = Sony Vegas Movie Studio 6.0
    "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
    "{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
    "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims™ 3
    "{C28DD992-5B7B-D195-6841-4EC57DF512BD}" = Adobe Story
    "{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
    "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
    "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
    "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
    "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
    "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
    "{D9D754A1-EAC5-406C-A28B-C49B1E846711}" = Windows Live Essentials
    "{DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}" = Adobe Download Assistant
    "{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
    "{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
    "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
    "{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
    "{F3E41C2A-3A29-476D-9685-3F8055AF696A}" = Adobe Creative Suite 5.5 Production Premium
    "{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access
    "{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
    "{F73A5B18-EB75-4B2C-B32D-9457576E2417}" = Windows Live Photo Gallery
    "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
    "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
    "{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo
    "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
    "{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
    "{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}" = Windows Live Sync
    "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
    "{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}" = Antares Auto-Tune Evo VST
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
    "Adobe_3dcb365ab9e01871fb8c6f27b0ea079" = Adobe After Effects CS4
    "Adobe_5aab5a491a3a52ae624fd639f6aaa95" = Adobe After Effects CS4 Third Party Content
    "AIM_7" = AIM 7
    "Aleks 3.12" = Aleks 3.12
    "Bamboo Dock" = Bamboo Dock
    "Cakewalk Sound Center_is1" = Cakewalk Sound Center 1.1.0
    "CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    "CameraWindowLauncher" = Canon Utilities CameraWindow
    "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
    "com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Story
    "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
    "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
    "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
    "DPP" = Canon Utilities Digital Photo Professional 3.4
    "EOS Utility" = Canon Utilities EOS Utility
    "ERUNT_is1" = ERUNT 1.1j
    "Google Chrome" = Google Chrome
    "GoToAssist" = GoToAssist 8.0.0.514
    "HOMESTUDENTR" = Microsoft Office Home and Student 2007
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
    "McAfee Security Scan" = McAfee Security Scan Plus
    "MSC" = McAfee SecurityCenter
    "Music Creator LE_is1" = Music Creator LE 5.0.6
    "MyCamera" = Canon Utilities MyCamera
    "NewBlue Cartoonr for Vegas" = NewBlue Cartoonr for Vegas
    "NewBlue VideoFX MSPP" = NewBlue VideoFX MSPP
    "NSS" = Norton Security Scan
    "PhotoStitch" = Canon Utilities PhotoStitch
    "Picasa 3" = Picasa 3
    "Picture Style Editor" = Canon Utilities Picture Style Editor
    "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
    "RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
    "SoftwareUpdUtility" = Download Updater (AOL LLC)
    "Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
    "Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
    "Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
    "wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
    "WFTK" = Canon Utilities WFT-E1/E2/E3 Utility
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
    "ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 12/26/2011 5:47:35 PM | Computer Name = ConnorAppleb-PC | Source = EventSystem | ID = 4609
    Description =

    Error - 12/26/2011 5:47:49 PM | Computer Name = ConnorAppleb-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 12/26/2011 6:08:07 PM | Computer Name = ConnorAppleb-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 12/28/2011 12:41:08 AM | Computer Name = ConnorAppleb-PC | Source = Application Hang | ID = 1002
    Description = The program SpybotSD.exe version 1.6.2.46 stopped interacting with
    Windows and was closed. To see if more information about the problem is available,
    check the problem history in the Problem Reports and Solutions control panel. Process
    ID: 724 Start Time: 01ccc51ae0149ace Termination Time: 9

    Error - 12/28/2011 3:30:00 PM | Computer Name = ConnorAppleb-PC | Source = Application Error | ID = 1000
    Description = Faulting application Bamboo Dock.exe, version 0.0.0.0, time stamp
    0x4da506f6, faulting module Pen_Tablet.dll, version 5.2.5.5, time stamp 0x4e694dd7,
    exception code 0x40000015, fault offset 0x000bc484, process id 0x1954, application
    start time 0x01ccc4a7294ac44e.

    Error - 12/28/2011 6:04:50 PM | Computer Name = ConnorAppleb-PC | Source = RasClient | ID = 20227
    Description =

    Error - 12/28/2011 6:17:15 PM | Computer Name = ConnorAppleb-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 12/30/2011 9:49:24 AM | Computer Name = ConnorAppleb-PC | Source = EventSystem | ID = 4621
    Description =

    Error - 12/30/2011 9:55:46 AM | Computer Name = ConnorAppleb-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 1/1/2012 9:49:27 AM | Computer Name = ConnorAppleb-PC | Source = WinMgmt | ID = 10
    Description =

    [ Media Center Events ]
    Error - 11/20/2009 6:56:52 AM | Computer Name = ConnorAppleb-PC | Source = MCUpdate | ID = 0
    Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

    Error - 1/21/2011 10:39:26 AM | Computer Name = ConnorAppleb-PC | Source = McrMgr | ID = 107
    Description =

    Error - 1/21/2011 10:51:42 AM | Computer Name = ConnorAppleb-PC | Source = McrMgr | ID = 107
    Description =

    Error - 1/21/2011 10:57:05 AM | Computer Name = ConnorAppleb-PC | Source = McrMgr | ID = 109
    Description =

    Error - 1/21/2011 11:13:35 AM | Computer Name = ConnorAppleb-PC | Source = McrMgr | ID = 107
    Description =

    Error - 1/21/2011 11:13:36 AM | Computer Name = ConnorAppleb-PC | Source = McrMgr | ID = 109
    Description =

    Error - 6/29/2011 4:34:16 AM | Computer Name = ConnorAppleb-PC | Source = McrMgr | ID = 109
    Description =

    [ System Events ]
    Error - 1/7/2012 7:28:33 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "ELIZABETH-PC :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.109 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 7:30:52 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "PAPPLEBY-LT2 :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.100 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 7:38:56 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "ELIZABETH-PC :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.109 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 7:41:16 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "PAPPLEBY-LT2 :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.100 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 7:50:22 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "ELIZABETH-PC :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.109 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 7:52:39 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "PAPPLEBY-LT2 :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.100 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 8:01:15 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "ELIZABETH-PC :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.109 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 8:03:32 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "PAPPLEBY-LT2 :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.100 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 8:12:12 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "ELIZABETH-PC :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.109 did
    not allow the name to be claimed by this computer.

    Error - 1/7/2012 8:14:29 AM | Computer Name = ConnorAppleb-PC | Source = netbt | ID = 4321
    Description = The name "PAPPLEBY-LT2 :0" could not be registered on the interface
    with IP address 192.168.1.118. The computer with the IP address 192.168.1.100 did
    not allow the name to be claimed by this computer.


    < End of report

  7. #17
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    A bit more to do

    • Close all programs so that you are at your desktop.
    • Open the Control Panel switch to classic view, then click Folder Options.
    • After the new window appears select the View tab.
    • Put a checkmark in the checkbox labeled Display the contents of system folders.
    • Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
    • Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
    • Remove the checkmark from the checkbox labeled Hide protected operating system files.
    • Press the Apply button and then the OK button and exit My Computer.
    • Now your computer is configured to show all hidden files.





    You need to enable windows to show all files and folders, instructions Here

    Go to VirusTotal and submit this file for analysis, just use the browse feature and then Send File, you will get a report back, post the report into this thread for me to see. If the site says this file has been checked before, have them check it again

    C:\ProgramData\312yOTHH.exe <--This file

    If the site is busy you can try this one
    http://virusscan.jotti.org/en





    Open OTL.exe
    • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL

      Code:
      :processes
      killallprocesses
      
      :OTL
      PRC - C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
      PRC - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
      SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
      O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
      O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
      O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
      O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
      O3 - HKU\S-1-5-21-1554704811-4091891495-1094212442-1000\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
      @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:A8ADE5D8
      @Alternate Data Stream - 121 bytes -> C:\ProgramData\TEMP:DFC5A2B2
      @Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:430C6D84
      
      
      :Services
      
      :Reg
      
      :Files
      ipconfig /flushdns /c
      
      
      :Commands
      [purity]
      [resethosts]
      [emptytemp]
      [start explorer]
      [Reboot]
    • Then click the Run Fix button at the top. <--Not run Scan
    • Let the program run unhindered, reboot when it is done
    • Then post the results of the log it produces
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  8. #18
    Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    I apologize, but I am not sure what file I submit to virustotal when you say submit this file?

    I did comlete the task of showing all hidden files

    Thanks

  9. #19
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    C:\ProgramData\312yOTHH.exe <--This file

    Go to Computer
    Click on your C: drive
    Then ProgramData
    Then 312yOTHH.exe
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.

  10. #20
    Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    312yOTHH.exe.b

    the file on my system has a "b" at the end?

    I tried sending the file on both sites, but got a file is empty reply back (looked at size and it is 0)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •