OTL logfile created on: 10/1/2012 8:16:08 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DeAnna-I\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.87 Gb Total Physical Memory | 1.72 Gb Available Physical Memory | 59.87% Memory free
5.95 Gb Paging File | 4.79 Gb Available in Paging File | 80.50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.80 Gb Total Space | 217.08 Gb Free Space | 75.69% Space Free | Partition Type: NTFS
Drive D: | 11.28 Gb Total Space | 1.55 Gb Free Space | 13.78% Space Free | Partition Type: NTFS
Computer Name: DMAIN | User Name: DeAnna-I | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/10/01 20:15:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DeAnna-I\Desktop\OTL (1).exe
PRC - [2012/09/25 10:36:45 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/08/29 14:17:48 | 000,143,928 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton Internet Security\Engine\20.1.1.2\ccSvcHst.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2010/11/25 06:05:00 | 000,150,928 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
PRC - [2010/08/09 16:29:24 | 000,043,912 | ---- | M] (Cisco WebEx LLC) -- C:\Windows\System32\atashost.exe
PRC - [2010/02/11 21:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/20 21:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Mail\WinMail.exe
========== Modules (No Company Name) ==========
MOD - [2012/06/18 13:50:36 | 000,082,944 | ---- | M] () -- C:\Program Files\NCH Software\ExpressZip\ezcm.dll
MOD - [2012/05/30 09:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files\Norton Internet Security\Engine\20.1.1.2\wincfi39.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/09/25 10:36:45 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/08/29 14:17:48 | 000,143,928 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton Internet Security\Engine\20.1.1.2\ccSvcHst.exe -- (NIS)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/12/01 22:11:59 | 000,136,784 | ---- | M] (Samsung Electronics) [On_Demand | Stopped] -- C:\Windows\System32\SUPDSvc2.exe -- (Samsung UPD Service2)
SRV - [2011/01/16 21:57:01 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\MT6Licensing.exe -- (Creative Media Toolbox 6 Licensing Service)
SRV - [2011/01/16 21:42:01 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011/01/16 21:41:47 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010/11/25 06:05:00 | 000,150,928 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe -- (uagqecsvc)
SRV - [2010/08/09 16:29:24 | 000,043,912 | ---- | M] (Cisco WebEx LLC) [Auto | Running] -- C:\Windows\System32\atashost.exe -- (atashost)
SRV - [2010/02/11 21:23:12 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008/12/08 21:51:08 | 000,242,424 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\DeAnna-I\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/09/30 14:59:11 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20121001.020\NAVEX15.SYS -- (NAVEX15)
DRV - [2012/09/30 14:59:11 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20121001.020\NAVENG.SYS -- (NAVENG)
DRV - [2012/09/30 14:32:23 | 000,142,496 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012/09/28 12:32:14 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20120928.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012/09/13 20:07:12 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20120928.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/08/18 04:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/08/18 04:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012/08/10 20:26:42 | 000,585,888 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\NIS\1401010.002\srtsp.sys -- (SRTSP)
DRV - [2012/08/08 00:18:19 | 000,926,880 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\NIS\1401010.002\SymEFA.sys -- (SymEFA)
DRV - [2012/08/07 13:42:43 | 000,134,304 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1401010.002\ccSetx86.sys -- (ccSet_NIS)
DRV - [2012/07/27 22:25:32 | 000,368,288 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\NIS\1401010.002\SymDS.sys -- (SymDS)
DRV - [2012/07/27 22:05:21 | 000,175,264 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1401010.002\Ironx86.sys -- (SymIRON)
DRV - [2012/07/22 20:34:24 | 000,350,368 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1401010.002\symtdiv.sys -- (SYMTDIv)
DRV - [2012/07/05 13:53:52 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012/07/05 13:53:50 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys -- (RegFilter)
DRV - [2012/05/25 00:36:55 | 000,032,888 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\NIS\1401010.002\srtspx.sys -- (SRTSPX)
DRV - [2012/01/05 18:07:28 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/08/11 09:50:00 | 001,254,400 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ksaud.sys -- (ksaud)
DRV - [2010/06/09 06:02:43 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV - [2009/12/17 17:17:11 | 000,083,288 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV - [2009/04/10 23:46:08 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2009/03/08 17:51:00 | 007,764,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009/02/02 13:59:28 | 000,020,848 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\Program Files\PC-Doctor for Windows\pcdsrvc.pkms -- (PCDSRVC{4F253FFC-7957E8FC-06000000}_0)
DRV - [2008/11/12 12:02:46 | 000,133,152 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvrd32.sys -- (nvrd32)
DRV - [2008/11/12 12:02:18 | 000,146,464 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2008/09/10 07:48:32 | 000,205,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWBS3.sys -- (HSXHWBS3)
DRV - [2008/09/10 07:46:22 | 000,980,992 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DP.sys -- (HSF_DP)
DRV - [2008/09/04 06:34:34 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/08/28 17:17:38 | 000,131,856 | ---- | M] (Deterministic Networks, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\dne2000.sys -- (DNE)
DRV - [2008/08/11 12:41:00 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV - [2008/08/01 07:51:14 | 001,052,704 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmfdx32.sys -- (NVENETFD)
DRV - [2008/05/22 04:39:34 | 000,015,360 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2007/06/28 07:18:10 | 001,310,720 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CM108.sys -- (USBPNPA)
DRV - [2007/01/18 19:28:02 | 000,005,275 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CVirtA.sys -- (CVirtA)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=93&bd=Presario&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch =
http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr9/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\..\SearchScopes,DefaultScope = {7EC8BA1B-2B50-420B-90C1-2D326F4F9A57}
IE - HKLM\..\SearchScopes\{368D14BD-39A3-4856-8B05-85CBD1891B7D}: "URL" =
http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKLM\..\SearchScopes\{7EC8BA1B-2B50-420B-90C1-2D326F4F9A57}: "URL" =
http://search.live.com/results.aspx?q={searchTerms}&FORM=HPDTDF
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\DeAnna-I\Desktop
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.com/
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes,DefaultScope = {7EC8BA1B-2B50-420B-90C1-2D326F4F9A57}
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" =
http://websearch.ask.com/redirect?c...pn_sauid=7A67B7E9-F472-41D8-AEEA-933B96ED20E0
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes\{368D14BD-39A3-4856-8B05-85CBD1891B7D}: "URL" =
http://www.ask.com/web?q={searchTerms}&l=dis&o=uscqd
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes\{453811AD-473F-4188-BE00-3E0629930261}: "URL" =
http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes\{7EC8BA1B-2B50-420B-90C1-2D326F4F9A57}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" =
http://www.ask.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=US&ver=18
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes\{C65BCF16-F746-4A01-BE97-17BE0093C342}: "URL" =
http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3244149
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" =
http://search.yahoo.com/search?p={searchTerms}
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Oracle)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\
yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2012/09/30 14:32:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2012/10/01 19:59:58 | 000,000,000 | ---D | M]
[2011/04/20 15:46:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DeAnna-I\AppData\Roaming\mozilla\Extensions
O1 HOSTS File: ([2012/10/01 19:45:27 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\20.1.1.2\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\20.1.1.2\IPS\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (SelectionLinks) - {F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF} - C:\Program Files\OApps\bho.dll (SelectionLinks)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\20.1.1.2\CoIEPlg.dll (Symantec Corporation)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..Trusted Domains: alexian.net ([meditech] https in Trusted sites)
O15 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..Trusted Domains: mojohelpdesk.com ([keystrokes] https in Trusted sites)
O15 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..Trusted Domains: samsungsetup.com ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..Trusted Domains: speechmachines.org ([mq1webc2] https in Trusted sites)
O15 - HKU\S-1-5-21-1958714084-3576785742-3840764162-1000\..Trusted Domains: speechmachines.org ([www] * in Trusted sites)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A}
http://quickscan.bitdefender.com/qsax/qsax.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0773300-E819-4DD5-ABBB-5315D224DF8D}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\x-owacid2 {5B290518-830E-4C57-A66B-E4F748900C27} - C:\Program Files\Microsoft\SMIME Client (2010)\mimectl.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\DeAnna-I\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\DeAnna-I\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/10/01 20:15:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\DeAnna-I\Desktop\OTL (1).exe
[2012/10/01 20:12:32 | 000,600,576 | ---- | C] (OldTimer Tools) -- C:\Users\DeAnna-I\Desktop\OTL.exe
[2012/10/01 19:46:44 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/10/01 19:23:14 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/01 19:23:14 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/01 19:23:14 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/01 19:20:00 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/01 19:18:53 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/01 19:16:06 | 004,759,381 | R--- | C] (Swearware) -- C:\Users\DeAnna-I\Desktop\ComboFix.exe
[2012/10/01 18:41:28 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\DeAnna-I\Desktop\aswMBR.exe
[2012/10/01 18:36:04 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\Desktop\RK_Quarantine
[2012/10/01 14:52:08 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/10/01 12:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2012/10/01 12:57:50 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Roaming\IObit
[2012/10/01 12:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\IObit
[2012/09/30 14:36:21 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Local\NPE
[2012/09/30 14:32:23 | 000,142,496 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/09/30 14:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012/09/30 14:32:23 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012/09/30 14:31:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2012/09/30 14:31:34 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Internet Security
[2012/09/30 14:31:25 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012/09/30 14:22:43 | 145,979,176 | ---- | C] (Symantec Corporation) -- C:\Users\DeAnna-I\Desktop\NIS-ESD-20-1-1-2-EN.exe
[2012/09/30 14:08:02 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Local\LogMeIn Rescue Applet
[2012/09/30 11:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/09/30 11:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/09/30 11:17:33 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012/09/30 11:17:33 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Local\MFAData
[2012/09/30 11:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2012/09/30 11:17:33 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Local\Avg2013
[2012/09/30 08:35:15 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Roaming\Auslogics
[2012/09/29 13:34:26 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012/09/29 13:32:57 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Roaming\RegGenie
[2012/09/26 06:27:53 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2012/09/18 20:58:21 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Local\Zoom_Downloader
[2012/09/18 20:57:49 | 000,000,000 | ---D | C] -- C:\Program Files\OApps
[2012/09/18 20:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012/09/18 20:57:27 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Local\Conduit
[2012/09/18 18:05:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2012/09/18 13:07:45 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Roaming\QuickScan
[2012/09/02 10:51:21 | 000,000,000 | ---D | C] -- C:\Users\DeAnna-I\AppData\Roaming\SUPERAntiSpyware.com
[2012/09/02 10:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/09/02 10:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/09/02 10:50:59 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/10/01 20:15:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DeAnna-I\Desktop\OTL (1).exe
[2012/10/01 20:12:48 | 000,600,576 | ---- | M] (OldTimer Tools) -- C:\Users\DeAnna-I\Desktop\OTL.exe
[2012/10/01 20:04:00 | 000,651,210 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/01 20:04:00 | 000,121,604 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/01 19:58:27 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012/10/01 19:57:13 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/01 19:57:08 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 19:57:08 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/01 19:57:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/01 19:45:27 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/10/01 19:16:16 | 004,759,381 | R--- | M] (Swearware) -- C:\Users\DeAnna-I\Desktop\ComboFix.exe
[2012/10/01 18:54:22 | 000,000,512 | ---- | M] () -- C:\Users\DeAnna-I\Desktop\MBR.dat
[2012/10/01 18:41:57 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\DeAnna-I\Desktop\aswMBR.exe
[2012/10/01 18:38:44 | 001,412,096 | ---- | M] () -- C:\Users\DeAnna-I\Desktop\roguekiller (1).exe
[2012/10/01 18:27:31 | 002,193,278 | ---- | M] () -- C:\Users\DeAnna-I\Desktop\tdsskiller.zip
[2012/10/01 14:52:09 | 000,005,101 | ---- | M] () -- C:\Windows\InstText.ini
[2012/10/01 12:57:55 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2012/09/30 19:39:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 14:59:06 | 000,008,888 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1401010.002\VT20120921.034
[2012/09/30 14:36:20 | 145,979,176 | ---- | M] (Symantec Corporation) -- C:\Users\DeAnna-I\Desktop\NIS-ESD-20-1-1-2-EN.exe
[2012/09/30 14:33:21 | 002,334,451 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1401010.002\Cat.DB
[2012/09/30 14:32:23 | 000,142,496 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012/09/30 14:32:23 | 000,007,446 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/09/30 14:32:23 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/09/30 14:15:15 | 000,001,356 | ---- | M] () -- C:\Users\DeAnna-I\AppData\Local\d3d9caps.dat
[2012/09/30 12:09:58 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/09/30 11:14:51 | 000,000,830 | ---- | M] () -- C:\Users\DeAnna-I\Desktop\Norton Installation Files.lnk
[2012/09/30 11:11:52 | 000,322,080 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/29 22:54:12 | 000,000,912 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/09/25 14:17:52 | 000,008,888 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1308000.00E\VT20120921.034
[2012/09/25 10:09:30 | 000,000,810 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/09/22 09:53:37 | 002,334,451 | ---- | M] () -- C:\Windows\System32\drivers\NIS\1308000.00E\Cat.DB
[2012/09/18 18:05:01 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2012/09/18 12:56:20 | 000,000,259 | ---- | M] () -- C:\Windows\Brownie.ini
[2012/09/18 12:56:20 | 000,000,012 | ---- | M] () -- C:\Windows\BRVIDEO.INI
[2012/09/15 09:12:29 | 000,000,010 | ---- | M] () -- C:\Windows\SCAR.bkm
[2012/09/12 16:56:50 | 000,000,010 | ---- | M] () -- C:\Windows\SPTH.bkm
[2012/09/11 12:21:32 | 000,000,010 | ---- | M] () -- C:\Windows\SPSW.bkm
[2012/09/11 12:20:43 | 000,000,010 | ---- | M] () -- C:\Windows\SEQU.bkm
[2012/09/10 08:00:06 | 000,000,010 | ---- | M] () -- C:\Windows\SORW.bkm
[2012/09/07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/09/02 10:51:02 | 000,001,806 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/10/01 19:23:14 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/01 19:23:14 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/01 19:23:14 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/01 19:23:14 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/01 19:23:14 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/01 18:54:22 | 000,000,512 | ---- | C] () -- C:\Users\DeAnna-I\Desktop\MBR.dat
[2012/10/01 18:38:44 | 001,412,096 | ---- | C] () -- C:\Users\DeAnna-I\Desktop\roguekiller (1).exe
[2012/10/01 18:27:31 | 002,193,278 | ---- | C] () -- C:\Users\DeAnna-I\Desktop\tdsskiller.zip
[2012/10/01 12:57:55 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2012/09/30 14:32:23 | 000,007,446 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012/09/30 14:32:23 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012/09/30 11:29:04 | 000,000,890 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/30 11:29:03 | 000,000,886 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/30 11:10:19 | 000,322,080 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/09/29 14:27:46 | 000,000,404 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012/09/29 13:30:19 | 000,299,544 | ---- | C] () -- C:\Windows\RegGenieOnUninstall.exe
[2012/09/18 18:05:01 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2012/09/02 10:51:02 | 000,001,806 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/06/05 21:16:29 | 000,493,432 | ---- | C] () -- C:\Windows\ssndii.exe
[2012/06/05 21:04:14 | 000,349,264 | ---- | C] () -- C:\Windows\System32\UPDIO2.dll
[2012/06/05 21:04:14 | 000,024,064 | ---- | C] () -- C:\Windows\System32\spd__l.dll
[2012/06/05 21:04:13 | 000,261,712 | ---- | C] () -- C:\Windows\SUPDRun.exe
[2012/06/05 21:04:13 | 000,151,552 | ---- | C] () -- C:\Windows\System32\spd__ci.exe
[2012/05/07 07:19:30 | 000,000,008 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Roaming\usb.dat.bin
[2011/06/17 07:49:14 | 000,024,064 | ---- | C] () -- C:\Windows\System32\ssp8ml3.dll
[2011/04/24 09:04:42 | 000,324,784 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Local\census.cache
[2011/04/24 09:04:26 | 000,191,320 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Local\ars.cache
[2011/01/27 20:40:32 | 000,000,272 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Local\custom_colors.cfg
[2011/01/19 17:52:06 | 000,000,061 | ---- | C] () -- C:\Windows\sbwin.ini
[2011/01/16 21:47:00 | 000,181,760 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2011/01/16 21:47:00 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2011/01/16 21:46:39 | 000,044,795 | R--- | C] () -- C:\Windows\System32\kschimp.ini
[2011/01/16 21:44:10 | 000,034,637 | ---- | C] () -- C:\Windows\System32\ksaud.ini
[2011/01/16 21:44:10 | 000,003,077 | ---- | C] () -- C:\ProgramData\cfSB1290.ini
[2010/12/12 10:05:37 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2010/04/26 09:36:38 | 000,012,190 | -HS- | C] () -- C:\Users\DeAnna-I\AppData\Local\6yB3PQs2
[2010/04/26 09:36:38 | 000,012,190 | -HS- | C] () -- C:\ProgramData\6yB3PQs2
[2009/12/15 13:54:53 | 000,000,036 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Local\housecall.guid.cache
[2009/11/25 01:00:00 | 000,000,029 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Local\htpdp.dil
[2009/09/19 10:47:19 | 000,039,936 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/09/05 17:48:24 | 000,001,356 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Local\d3d9caps.dat
[2009/09/05 17:14:54 | 000,031,007 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Roaming\UserTile.png
[2009/09/05 17:07:31 | 000,000,000 | ---- | C] () -- C:\Users\DeAnna-I\AppData\Roaming\wklnhst.dat
========== ZeroAccess Check ==========
[2006/11/02 07:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 12:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 01:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 01:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010/08/17 09:37:22 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\acccore
[2010/10/05 18:27:04 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\ActiveWords
[2010/06/14 10:09:57 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Acusis
[2010/08/17 09:36:56 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\AIM
[2010/08/17 09:39:17 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\AIMPro
[2010/04/29 08:43:15 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\AnyModalEdit
[2010/01/26 18:47:42 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\AstoundStereoExpander
[2012/09/30 08:35:15 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Auslogics
[2011/06/10 19:05:43 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\chartnet
[2012/06/14 11:20:52 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Dextronet
[2009/09/09 17:24:51 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Dictaphone
[2010/08/13 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Dropbox
[2012/01/22 18:35:34 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\DVDVideoSoft
[2012/01/22 18:34:46 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/03/04 13:15:35 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\eScription
[2010/06/15 16:49:05 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\FileZilla
[2012/03/19 09:31:23 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\FrostWire
[2010/04/18 13:34:47 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\ICAClient
[2012/10/01 16:54:48 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\IObit
[2012/08/28 16:41:35 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\MP3Rocket
[2011/09/01 16:04:04 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\NCH Swift Sound
[2009/09/05 17:14:54 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\PeerNetworking
[2009/09/04 13:24:16 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\PictureMover
[2012/09/18 13:07:48 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\QuickScan
[2012/09/29 13:32:57 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\RegGenie
[2010/08/25 21:26:42 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\TeamViewer
[2010/01/07 08:13:58 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Typing Assistant (English) 5.1
[2010/09/13 10:47:36 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Typing Assistant (English) 5.3
[2009/09/05 14:01:52 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\WinBatch
[2009/09/05 17:49:48 | 000,000,000 | ---D | M] -- C:\Users\DeAnna-I\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 181 bytes -> C:\ProgramData\Temp:C7461AB9
@Alternate Data Stream - 1043 bytes -> C:\ProgramData\Temp:CFAFAA98
< End of report >