Here are the OTL logs:
OTL logfile created on: 3/23/2013 4:47:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Palmer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.60 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 49.89% Memory free
7.20 Gb Paging File | 4.95 Gb Available in Paging File | 68.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 188.94 Gb Total Space | 148.00 Gb Free Space | 78.33% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.15 Gb Free Space | 93.62% Space Free | Partition Type: NTFS
Computer Name: PALMER-PC | User Name: Palmer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ========== PRC - [2013/03/23 16:45:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Palmer\Desktop\OTL.exe
PRC - [2013/03/23 16:38:23 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Palmer\Desktop\tdsskiller.exe
PRC - [2013/03/12 07:08:06 | 002,074,768 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2013/03/12 07:08:06 | 001,788,048 | ---- | M] (Comodo) -- C:\Program Files (x86)\Comodo\Dragon\dragon.exe
PRC - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2011/01/17 19:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 19:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/11/05 14:54:36 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010/11/05 14:54:24 | 000,202,096 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
========== Modules (No Company Name) ========== MOD - [2013/03/12 07:08:06 | 001,155,728 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\ffmpegsumo.dll
MOD - [2013/03/12 07:08:06 | 000,742,544 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\libGLESv2.dll
MOD - [2013/03/12 07:08:06 | 000,136,336 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\libEGL.dll
MOD - [2013/02/08 01:05:44 | 014,586,736 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
MOD - [2012/01/08 09:41:12 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2011/11/10 21:04:21 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011/11/10 21:04:21 | 000,170,496 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
========== Services (SafeList) ========== SRV:
64bit: - [2012/11/07 19:37:39 | 002,828,408 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:
64bit: - [2012/07/18 10:28:14 | 000,080,448 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV:
64bit: - [2011/05/18 23:01:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:
64bit: - [2010/12/17 04:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:
64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/12 07:08:06 | 002,074,768 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2013/02/08 01:10:49 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/18 10:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009/12/02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ========== DRV:
64bit: - [2012/11/07 19:37:57 | 000,022,736 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:
64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:
64bit: - [2012/07/09 13:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:
64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:
64bit: - [2011/07/28 13:54:08 | 000,057,952 | ---- | M] (Lenovo) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fbfmon.sys -- (fbfmon)
DRV:
64bit: - [2011/07/28 13:54:08 | 000,013,408 | ---- | M] (Lenovo) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BPntDrv.sys -- (BPntDrv)
DRV:
64bit: - [2011/07/28 13:51:39 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)
DRV:
64bit: - [2011/07/28 13:51:28 | 000,029,792 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)
DRV:
64bit: - [2011/05/19 01:36:50 | 009,079,296 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:
64bit: - [2011/05/18 22:24:44 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:
64bit: - [2011/04/21 16:43:10 | 000,036,656 | ---- | M] (Egis Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FPSensor.sys -- (FPSensor)
DRV:
64bit: - [2011/03/10 05:01:40 | 001,581,184 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:
64bit: - [2011/03/07 05:55:00 | 001,353,280 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:
64bit: - [2011/03/04 11:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:
64bit: - [2010/12/15 07:56:06 | 001,402,416 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:
64bit: - [2010/11/30 02:40:04 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
DRV:
64bit: - [2010/11/29 04:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:
64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:
64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:
64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:
64bit: - [2010/11/17 08:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:
64bit: - [2010/04/07 01:57:08 | 000,073,784 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:
64bit: - [2010/04/07 01:57:08 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:
64bit: - [2009/12/02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:
64bit: - [2009/12/02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:
64bit: - [2009/12/02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:
64bit: - [2009/12/02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:
64bit: - [2009/07/21 10:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)
DRV:
64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:
64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:
64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:
64bit: - [2009/07/13 20:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:
64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:
64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:
64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:
64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:
64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.lenovo.com/ [binary data]
IE:
64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://lenovo.msn.comIE:
64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:
64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE:
64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.lenovo.com/ [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://lenovo.msn.comIE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" =
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.google.com/ig/redirectdomain ... &bmod=LENNIE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages =
http://www.lenovo.com [binary data]
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com/ig/redirectdomain ... &bmod=LENNIE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&form=LENDF8&pc=MALN&src=IE-SearchBox
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" =
http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
IE - HKU\S-1-5-21-586848840-3213021952-4089556407-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ========== FF:
64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:
64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)
FF:
64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:
64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:
64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:
64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found
O3:
64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:
64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:
64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)
O4:
64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)
O4:
64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4:
64bit: - HKLM..\Run: [Lenovo EE Boot Optimizer] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe (Lenovo)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-20..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun File not found
O4 - HKU\S-1-5-21-586848840-3213021952-4089556407-1000..\Run: [Best Buy pc app] C:\Users\Palmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms File not found
O4 - HKU\S-1-5-21-586848840-3213021952-4089556407-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
O4 - Startup: C:\Users\Palmer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:
64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13
64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9915F6B5-1BB7-4E4A-8E81-998459FA3C76}: DhcpNameServer = 4.2.2.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E3703603-99B8-417C-A789-65E52D052B98}: DhcpNameServer = 24.178.162.3 66.189.0.100 24.217.201.67
O18:
64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:
64bit: - Protocol\Handler\sacore - No CLSID value found
O18:
64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O18:
64bit: - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt - No CLSID value found
O20:
64bit: - AppInit_DLLs: (C:\windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:
64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:
64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:
64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:
64bit: - HKLM\..comfile [open] -- "%1" %*
O35:
64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:
64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:
64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ========== [2013/03/23 16:44:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Palmer\Desktop\OTL.exe
[2013/03/23 16:38:22 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Palmer\Desktop\tdsskiller.exe
[2013/03/17 00:50:17 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Palmer\Desktop\dds.com
[2013/03/12 22:21:49 | 000,000,000 | ---D | C] -- C:\ProgramData\VirtualizedApplications
[2013/03/10 14:53:36 | 000,000,000 | ---D | C] -- C:\Users\Palmer\Desktop\OpenOffice.org 3.4.1 (en-US) Installation Files
[2013/03/10 14:17:04 | 000,000,000 | ---D | C] -- C:\Users\Palmer\AppData\Local\SoftGrid Client
[2013/03/10 14:17:01 | 000,000,000 | ---D | C] -- C:\Users\Palmer\AppData\Roaming\SoftGrid Client
[2013/03/10 14:15:10 | 000,047,368 | ---- | C] (COMODO CA Limited) -- C:\windows\SysWow64\certsentry.dll
[2013/03/10 14:14:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/03/10 14:14:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/10 14:14:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2013/03/10 14:13:01 | 000,000,000 | ---D | C] -- C:\Users\Palmer\AppData\Roaming\TP
[2013/02/24 04:01:23 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/02/24 04:01:23 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/02/24 04:01:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/02/24 04:01:20 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/02/24 04:01:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/02/24 04:01:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/02/24 04:01:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/02/24 04:01:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/02/24 04:01:18 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/02/24 04:01:18 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/02/24 04:01:17 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/02/24 04:01:17 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/02/24 04:01:14 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/02/24 04:01:14 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/02/24 04:01:14 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
========== Files - Modified Within 30 Days ========== [2013/03/23 16:53:31 | 000,836,000 | ---- | M] () -- C:\windows\SysNative\drivers\sfi.dat
[2013/03/23 16:45:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Palmer\Desktop\OTL.exe
[2013/03/23 16:38:23 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Palmer\Desktop\tdsskiller.exe
[2013/03/23 16:35:13 | 000,780,592 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/03/23 16:35:13 | 000,661,232 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/03/23 16:35:13 | 000,121,580 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/03/23 16:33:41 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/23 16:33:30 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/03/22 08:12:02 | 000,603,819 | ---- | M] () -- C:\Users\Palmer\Desktop\c9a0f6bb-609a-4324-8a53-4eee2f86c1f0 (1).pdf
[2013/03/21 22:36:01 | 000,086,449 | ---- | M] () -- C:\windows\SysNative\fastboot.set
[2013/03/20 07:44:23 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/20 07:44:23 | 000,021,280 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/20 07:34:11 | 2898,874,368 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/17 00:50:20 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Palmer\Desktop\dds.com
[2013/03/13 22:46:34 | 000,056,072 | ---- | M] (COMODO CA Limited) -- C:\windows\SysNative\certsentry.dll
[2013/03/13 22:46:34 | 000,047,368 | ---- | M] (COMODO CA Limited) -- C:\windows\SysWow64\certsentry.dll
[2013/03/10 14:15:25 | 000,797,288 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/03/01 22:39:02 | 000,241,602 | ---- | M] () -- C:\Users\Palmer\Documents\emeals-classic-meals-for2-plan.pdf
[2013/03/01 22:36:53 | 000,262,382 | ---- | M] () -- C:\Users\Palmer\Documents\emeals-low-carb-for2-plan.pdf
[2013/03/01 22:35:49 | 000,245,856 | ---- | M] () -- C:\Users\Palmer\Documents\emeals-clean-eating-for2-plan.pdf
[2013/02/27 20:48:30 | 000,073,542 | ---- | M] () -- C:\Users\Palmer\Documents\sales-receipt.ots
[2013/02/25 22:06:46 | 000,306,504 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ========== [2013/03/22 08:12:00 | 000,603,819 | ---- | C] () -- C:\Users\Palmer\Desktop\c9a0f6bb-609a-4324-8a53-4eee2f86c1f0 (1).pdf
[2013/03/01 22:39:01 | 000,241,602 | ---- | C] () -- C:\Users\Palmer\Documents\emeals-classic-meals-for2-plan.pdf
[2013/03/01 22:36:53 | 000,262,382 | ---- | C] () -- C:\Users\Palmer\Documents\emeals-low-carb-for2-plan.pdf
[2013/03/01 22:35:49 | 000,245,856 | ---- | C] () -- C:\Users\Palmer\Documents\emeals-clean-eating-for2-plan.pdf
[2013/02/27 20:48:30 | 000,073,542 | ---- | C] () -- C:\Users\Palmer\Documents\sales-receipt.ots
[2012/09/08 11:31:25 | 000,797,288 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/03/29 09:18:56 | 000,000,262 | ---- | C] () -- C:\windows\wininit.ini
[2011/07/28 13:28:41 | 001,500,512 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll
[2011/07/28 13:28:41 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll
[2011/07/28 13:28:23 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll
[2011/07/28 13:06:54 | 000,014,051 | ---- | C] () -- C:\windows\SysWow64\RaCoInst.dat
[2011/07/28 12:59:20 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011/06/07 03:49:49 | 000,003,883 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
========== ZeroAccess Check ========== [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
Extras log:
OTL Extras logfile created on: 3/23/2013 4:47:57 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Palmer\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.60 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 49.89% Memory free
7.20 Gb Paging File | 4.95 Gb Available in Paging File | 68.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 188.94 Gb Total Space | 148.00 Gb Free Space | 78.33% Space Free | Partition Type: NTFS
Drive D: | 29.00 Gb Total Space | 27.15 Gb Free Space | 93.62% Space Free | Partition Type: NTFS
Computer Name: PALMER-PC | User Name: Palmer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromiumHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OpenAsAWebSite] -- C:\Program Files (x86)\Microsoft WebMatrix\WebMatrix.exe #ExecuteCommand# SiteFromFolder %L (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OpenAsAWebSite] -- C:\Program Files (x86)\Microsoft WebMatrix\WebMatrix.exe #ExecuteCommand# SiteFromFolder %L (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15233B0D-C2B8-439E-86D6-DA9C35248660}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{180B79A7-F198-4851-80AD-3AE964B25709}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1D92C7C3-7975-465E-BB3B-0E47D9B3184B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{255BDC31-6DAA-4B36-BF66-4A6F0B6041CC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{32EED9C3-10CA-4C14-94AC-D647141C8DEB}" = rport=139 | protocol=6 | dir=out | app=system |
"{5C8EF202-C736-403E-AA28-C8B1C5418C03}" = lport=139 | protocol=6 | dir=in | app=system |
"{666004B0-B625-4CE2-8D7D-A4A1BF42DD92}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6EB4C8A4-1310-4D0B-AF0E-F4CB602070D5}" = rport=138 | protocol=17 | dir=out | app=system |
"{7EAA162A-515E-43B2-87F1-E60A93B4B3EF}" = rport=445 | protocol=6 | dir=out | app=system |
"{87216EA7-9323-4B5D-9DF5-CF05CA3A7DAD}" = rport=137 | protocol=17 | dir=out | app=system |
"{89A40204-E842-427E-87EB-EBE5FF18B085}" = lport=445 | protocol=6 | dir=in | app=system |
"{8AA1FBDC-C679-49F7-87C0-792F9A50D093}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8F7C274C-9A8E-4AE4-95B9-6EB2582532EE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{920A638F-1F04-4D14-90C6-06928003B0B5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{940A6B2F-EBB3-4512-B669-FD572847125E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{96F2F81B-F6D4-45DA-9669-8D87D6C629B2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{970E4B4F-EE14-4313-B327-08F0950E2FE4}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{9CB9A640-D4CA-4E29-8092-462330168127}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A9847D38-6C92-4E40-AFB1-BC252CA9A588}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AE3FEEF6-BF27-4E97-BCCD-2C5DBEFD1A81}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C8ABC00F-6BE3-4879-AF34-61EAEB023D09}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{CE74C6E6-5C3D-4CF1-A962-229A3B48179A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D0E12117-19AB-4057-8D73-10AF267B161A}" = lport=138 | protocol=17 | dir=in | app=system |
"{D242A742-6054-4C82-A929-0692355B01BB}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F4ED22E4-5C95-4EB0-9260-211FA25D0528}" = lport=137 | protocol=17 | dir=in | app=system |
"{FC2EA58A-01BC-45C5-93E9-A6617E9762D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1038676C-5523-4EAC-929F-783718797A7D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{137135E8-5DE6-4A3B-91DB-F08229BC82C7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{228ED06F-3952-458E-8D00-C232BE506160}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{24E5F912-716F-4633-9FFD-599943955FC2}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{2520F37C-B984-448F-9B00-8A628B858F36}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2A22233A-5831-40F9-B690-811C7CA497C6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{2AD741A3-3442-4119-A291-F3978704454B}" = protocol=6 | dir=out | app=system |
"{2B105E92-BF2B-4C8D-BCF2-7FB8E7263B3E}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{38095891-A8BA-442D-9B56-AB06307BF7AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{45D7022A-D549-469F-AAE9-E9B0BEFE05A1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{46FB5345-E429-4D40-A071-05110F11E191}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4959C2AA-F6FB-4433-9A55-EEC69312F461}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{4FCFFF5B-A524-4CEB-A529-5B4338FE4E3C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{5294E983-6E88-4C6E-A761-13A31F0FA651}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{533810A7-9C18-4819-842E-D754CB113CD9}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{576EFD53-AA3E-46B5-9853-0AC90CA56CE2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{58B33406-674E-4893-A556-E2B169BE2F5F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{5FA54EAC-A55B-4B8F-8535-64BC24070A8B}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{606624E5-0B03-4D0C-A6BE-341645F67D98}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{673130F8-F876-4058-BB4C-B5D3A28E4ECE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{682FBCD2-3A48-43C8-AC29-FCF3296F7AF8}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{6F93D48C-1EDB-4D54-9BFC-1D172AA7A077}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{7B44F66F-B694-4B55-B59C-BF1DCB46A74C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{7F225D5E-ACE6-4D5A-A346-6CF02FA49A5A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{88330239-55F0-4878-B753-66037875041F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{8F5376CE-DCEB-4C9F-A909-B8A83387C35F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{98315CD9-469B-4E06-BAF8-3C47767C4553}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9B0B8F23-DC19-47BB-87B4-ED63A1EA5069}" = protocol=6 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{A43B8422-EEFF-4BB9-8196-4D0FFD90F918}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A50EA93F-0720-479E-89CF-116188F9AF8B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A920A103-A7F7-442D-B16D-8CBA811EC9E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{AAAE8312-67DD-4069-BCCA-B74752C122E3}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\hpnetworkcommunicator.exe |
"{AACA6F41-627C-4F66-81B3-9675F965F22F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{B11D441B-7A30-4359-AB79-2E1C7FE25855}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B41D8966-60FC-48E2-909E-263C4606E52F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C30AC1E5-C32C-458F-92A6-FB8405E9B983}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CAFDC9BC-9D9B-4790-A365-E87A0CADE59C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{CC4823A0-7E3A-4C1C-B426-AA2D9BD49944}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D6BC6A7B-24A5-411D-AB69-3EC3CD128EE2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCDFA1A2-CE3A-4713-9ECA-173CA5DD07E9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E1F41EEA-DC56-47E8-9A82-5DC0F2F19EA0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E300F569-7D88-4253-8CDF-C90A4F49AAD8}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E73D17AD-1201-4A07-A0C8-915955C3B619}" = protocol=17 | dir=in | app=c:\program files\hp\hp photosmart plus b210 series\bin\devicesetup.exe |
"{F2C20AB4-D939-4722-8FBC-B5A6801C003D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{238F81AA-71FA-9278-9D35-9EC4C8CC6687}" = WMV9/VC-1 Video Playback
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{2AA0764A-4EA1-4C63-8E42-173A015030B3}" = MySQL Server 5.1
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{37B907C1-EA3D-4894-EEBE-275CB0BF5BA2}" = ATI Catalyst Install Manager
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}" = Microsoft SQL Server 2008 R2 Native Client
"{49D665A2-4C2A-476E-9AB8-FCC425F526FC}" = Microsoft SQL Server 2012 Native Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4EAB2511-0135-48CA-A47B-CE1E6836793A}" = COMODO Internet Security
"{68B6C1B8-98CD-E09F-4A29-DC25F16237EE}" = ccc-utility64
"{6D2C6A52-ED31-63B4-B516-AA354F4A150E}" = ATI AVIVO64 Codecs
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}" = Microsoft Web Deploy 3.0
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E2B8249D-895C-4685-8C83-00F3B1A13028}" = Microsoft Web Platform Installer 4.0
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{F4330A8B-3610-4483-975E-69789B70A764}" = HP Photosmart Plus B210 series Basic Device Software
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAF57A91-58B3-490C-9D0C-66337DAD3F11}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU CTP1
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"CNXT_AUDIO_HDA" = Conexant HD Audio
"EA12B1FB53CE4E387C31A85236C41EF559B5E392" = Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1)
"Lenovo EE Boot Optimizer" = Lenovo EE Boot Optimizer
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite
"{027265AA-5ED8-8663-53AA-38619FD9A2BD}" = CCC Help German
"{097E024D-BE30-4D95-B5F3-B6AE9C1568D4}" = PowerXpressHybrid
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{1363F067-AAF4-AFD1-756E-BC2A50A6997C}" = Catalyst Control Center Graphics Previews Common
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1C3D2B0F-856E-2069-D018-BC99511BB7AC}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{212A7CC5-E705-CAA1-9E65-55D8E153FA47}" = CCC Help English
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{3419C87F-43A2-499C-ADF2-B4E240899BCC}" = Catalyst Control Center - Branding
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{35599D6A-B38F-553D-D0D4-58AC398C9EA8}" = CCC Help Polish
"{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}" = IIS 7.5 Express
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{44A03B6A-E353-4FA2-4D12-947165254092}" = CCC Help Danish
"{4A51D3DE-5815-0D92-2231-9F1DC242E9ED}" = CCC Help Swedish
"{544C85C8-505D-ECAC-ECEC-486158756AE9}" = CCC Help Greek
"{56106ADC-CF84-DC5E-408D-FAD9CE29F6C7}" = Catalyst Control Center Profiles Mobile
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{589E9BCA-A8BD-551F-FFAF-8E4F5B75C196}" = CCC Help Norwegian
"{5BD1AE89-E7BE-69F3-6D31-8F90845A9413}" = CCC Help Dutch
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{67DDFF12-91F7-472D-AAB8-1B248A306779}" = Microsoft WebMatrix 2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6D1FE242-58F5-748A-7641-6BED91A0BDAA}" = CCC Help French
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AE842BA-98F7-5729-1B10-ACBBCEEF68AC}" = CCC Help Portuguese
"{7F5FDEA1-D0AC-4D80-9D95-59775FCCFA40}" = HP Photosmart Plus B210 series Help
"{808EC297-30DF-3B2B-E273-13397E9FF69D}" = CCC Help Japanese
"{813FC66D-2482-F5DB-E791-3FCDBE0C7AA2}" = CCC Help Chinese Traditional
"{82284382-30E3-4DED-980B-746278DA6CC2}" = Microsoft SQL Server Compact 4.0 SP1 Scripting Tools ENU CTP1
"{82CF7E86-682C-8BAE-68FB-D9B633D7D8D8}" = CCC Help Italian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}" = Microsoft SQL Server 2008 R2 Management Objects
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89AF337E-DE2C-20ED-1C15-A067726C12D1}" = CCC Help Spanish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}" = Ralink RT2860 Wireless LAN Card
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{92E19B5A-1985-49BF-9022-9CF4AD652C72}" = MySQL Connector Net 6.5.4
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93D00104-E942-D10A-E431-F617518E3736}" = CCC Help Thai
"{984C7AA8-FE38-55FB-AEB6-A42905ECE1E8}" = Catalyst Control Center Localization All
"{A51500FE-6408-4305-B071-B961F691A4CE}" = Microsoft SQL Server Compact 4.0 Web Tools ENU
"{A639DBAA-58B4-FB22-CCB3-BF79406D62A5}" = CCC Help Russian
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)
"{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = ES603 WDM Driver
"{AE9C95EB-24E3-B5CE-83F5-3E903955ED28}" = CCC Help Czech
"{C136A1EA-6B13-9B2B-3BCC-99C455CE5B3D}" = CCC Help Korean
"{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}" = Microsoft SQL Server System CLR Types
"{C9DC3F41-279B-7707-6108-294A8154D421}" = CCC Help Chinese Standard
"{CA64CE92-87F5-9D0C-ADCA-F023614F870A}" = CCC Help Hungarian
"{cb29be6c-39c4-493e-9da7-d585d5353714}" = Microsoft ASP.NET Web Pages 2
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}" = Microsoft SQL Server 2012 Management Objects
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E9733776-4259-55DE-FEA6-575235FC153A}" = CCC Help Turkish
"{EA63C5C1-EBBC-477C-9CC7-41454DDFAFF2}" = Microsoft ASP.NET Web Pages 2 Runtime
"{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F88CBFB4-86E0-44F9-3D94-3A94670EA26C}" = CCC Help Finnish
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FBBC4667-2521-4E78-B1BD-8706F774549B}" = Best Buy pc app
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF32F536-E138-ABBF-D51D-3AC246B9FA8F}" = Catalyst Control Center InstallProxy
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AudibleManager" = AudibleManager
"Comodo Dragon" = Comodo Dragon
"InstallShield_{0034859F-8E01-4C1D-BE77-F891C4786FBC}" = Lenovo Security Suite
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{AE4167B0-F589-4D2A-BF05-E181D543C49F}" = EgisTec ES603 WDM Driver
"InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}" = Energy Management
"InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}" = UserGuide
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-586848840-3213021952-4089556407-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FileZilla Client" = FileZilla Client 3.5.3
========== Last 20 Event Log Errors ========== [ Application Events ]
Error - 3/20/2013 2:13:17 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7305309
Error - 3/20/2013 2:13:17 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7305309
Error - 3/20/2013 2:13:18 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/20/2013 2:13:18 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7306307
Error - 3/20/2013 2:13:18 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7306307
Error - 3/20/2013 2:13:19 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/20/2013 2:13:19 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7307321
Error - 3/20/2013 2:13:19 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7307321
Error - 3/20/2013 2:13:20 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 3/20/2013 2:13:20 AM | Computer Name = Palmer-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7308319
[ System Events ]
Error - 3/22/2013 7:57:46 AM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
Error - 3/22/2013 7:58:16 AM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
Error - 3/22/2013 7:58:46 AM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
Error - 3/22/2013 7:59:16 AM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
Error - 3/22/2013 8:00:21 AM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
Error - 3/22/2013 8:20:05 PM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
Error - 3/23/2013 8:52:04 AM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the Wlansvc service.
Error - 3/23/2013 9:02:37 AM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
Error - 3/23/2013 9:03:06 AM | Computer Name = Palmer-PC | Source = DCOM | ID = 10010
Description =
Error - 3/23/2013 4:43:52 PM | Computer Name = Palmer-PC | Source = Service Control Manager | ID = 7023
Description = The Windows Modules Installer service terminated with the following
error: %%5
< End of report >