Solved Google won't open correct links

I ran farbar recovery tool and that came up with the message " subscript used with non-array available" again and I tried to run combo fix again and it still doesn't finish scanning
 
oh... haha sorry, I thought you were talking about something else. No, it doesn't appear to be redirecting. Woo!!
 
Good news :)

Delete your Combofix file, download fresh one and see if it'll run now.
 
Download OTL to your Desktop.

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Under the Custom Scan box paste this in:


netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
%systemroot%\system32\winlog\*.*
%systemroot%\system32\Language\*.*
%systemroot%\system32\Settings\*.*
%systemroot%\system32\*.quo
%SYSTEMROOT%\AppPatch\*.exe
%SYSTEMROOT%\inf\*.exe
%SYSTEMROOT%\Installer\*.exe
%systemroot%\system32\config\*.bak2
%systemroot%\system32\Computers\*.*
%SystemRoot%\system32\Sound\*.*
%SystemRoot%\system32\SpecialImg\*.*
%SystemRoot%\system32\code\*.*
%SystemRoot%\system32\draft\*.*
%SystemRoot%\system32\MSSSys\*.*
%ProgramFiles%\Javascript\*.*
%systemroot%\pchealth\helpctr\System\*.exe /s
%systemroot%\Web\*.exe
%systemroot%\system32\msn\*.*
%systemroot%\system32\*.tro
%AppData%\Microsoft\Installer\msupdates\*.*
%ProgramFiles%\Messenger\*.*
%systemroot%\system32\systhem32\*.*
%systemroot%\system\*.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
/md5start
/md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
OTL Extras logfile created on: 30/12/2011 3:26:26 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Leah\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 68.18% Memory free
4.22 Gb Paging File | 3.41 Gb Available in Paging File | 80.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 203.99 Gb Free Space | 71.08% Space Free | Partition Type: NTFS
Drive D: | 11.10 Gb Total Space | 1.85 Gb Free Space | 16.64% Space Free | Partition Type: NTFS

Computer Name: KEN-THE-KOALA | User Name: Leah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F26CE8-2E37-400E-A558-3121955BB71A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe |
"{136DA23F-18B5-4E81-83DB-69CD877E43ED}" = lport=138 | protocol=17 | dir=in | app=system |
"{1B5C7376-F3A8-4962-B444-4A9947749026}" = lport=137 | protocol=17 | dir=in | app=system |
"{1EA2307C-D48C-423B-AF18-DAB988B8AF5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{3B2F143C-5D1D-499D-9B51-D22D7C81174E}" = lport=445 | protocol=6 | dir=in | app=system |
"{3DF24BB4-B326-49B7-B6D8-B97E20565E2D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{4E3ABF17-5E23-4CE5-A5FF-0D7D27B358FD}" = rport=139 | protocol=6 | dir=out | app=system |
"{4ECE9CD7-0763-4BA2-A683-9AA9A2340546}" = rport=137 | protocol=17 | dir=out | app=system |
"{5192721A-5647-40D7-8E7C-08A4F3EF831F}" = lport=139 | protocol=6 | dir=in | app=system |
"{51A5DEB1-7966-4AB4-9FCF-1DABEBC9E6F7}" = lport=49167 | protocol=6 | dir=in | name=akamai netsession interface |
"{71E3AB1D-C608-4F0A-AFF7-B117F1BD2D29}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{78F1A98E-9918-485B-9117-94BAD8876B85}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{99B8AE81-594A-4F66-9173-5F8569114EEA}" = rport=138 | protocol=17 | dir=out | app=system |
"{AF22C08F-C28E-47B2-95AF-C5828173E86E}" = rport=445 | protocol=6 | dir=out | app=system |
"{B6973A98-C3A4-41FE-AD25-AD0414AFA95D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{BA89D806-D983-43AB-8550-009DA851EB15}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{D3DCF814-BF43-4A53-904D-802F033D2112}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{DDE41F9D-516D-4A83-AF0F-16321B9FAF3E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E2927B72-209F-44B8-9F62-3DC69BD93B2F}" = lport=49739 | protocol=6 | dir=in | name=akamai netsession interface |
"{E5E31E34-2A04-41F7-B72A-ECB7BD8E3C39}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04859D56-22A8-4EF0-97FF-135816FC8DF0}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqscnvw.exe |
"{0A96D21A-A26F-44FA-97E7-F74A986EEBB3}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hposid01.exe |
"{0F607887-1C4E-4EB9-A9EF-498B91471CEE}" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{1010FBD6-8AE4-4EF5-A91B-F413A491A6DE}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpiscnapp.exe |
"{16A94896-8555-44CE-8500-074DEDB3496D}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgplgtupl.exe |
"{19D99810-E96F-45ED-A2CF-E866A4C31F12}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{1A54764B-81E0-4D5B-9008-A1462F3172E9}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe |
"{20FD6DAC-8D08-4AB6-9FC1-4400C9324D59}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqkygrp.exe |
"{2EB2C934-3DA1-4027-8244-ADC5AA8B7308}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{33EC31F5-3103-44D4-8987-1E8DD86EBFE4}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{36167BE3-8C71-4F46-9DB6-2A62535DFE7A}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpfccopy.exe |
"{370C159C-8FA5-4744-BAA6-CD4C1A52C65B}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqgpc01.exe |
"{37EC3A0B-386E-45FC-9AF2-01BFE9FC575E}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"{382F2220-14AD-40F5-91BB-ED64972641E4}" = dir=in | app=c:\program files\hp\quickplay\qp.exe |
"{3B1127E2-98BD-46C1-B421-D30EDC190E55}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{444BD7B5-2CD0-4C55-82FC-036E26021908}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4582CDD7-91B1-4A98-9EFD-4F5E0AB2BF31}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{46DF0DDF-CD6B-4031-819B-4A43EBBB90B6}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqpse.exe |
"{5ED9A179-9997-4CDC-A4CB-18FE03CCF0C1}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr.exe |
"{647D22E9-C100-47C6-9855-D6579B291E5E}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgm.exe |
"{64F6F80F-BBC8-49AE-8A0B-02C354FFC040}" = protocol=58 | dir=out | [email protected],-28546 |
"{6A41CBA1-98C1-4E7D-83F2-230B219B738D}" = protocol=1 | dir=in | [email protected],-28543 |
"{8091B494-B652-478E-B875-563221ABEE3A}" = dir=in | app=c:\program files\windows live\mesh\moe.exe |
"{830740DB-70DC-43E9-8B7E-220C1E7834F3}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqpsapp.exe |
"{85952428-716C-42D5-8736-FEBC3FCBDFBB}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqcopy2.exe |
"{88DC0B0C-86E5-4B5E-9827-A18A270E7A33}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\unload\hpqphunl.exe |
"{9CA5FE2A-4BAF-4A37-A75A-907C9B831F95}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A0AC4852-3392-4D99-8F11-943C975A3059}" = dir=in | app=e:\setup\hpznui01.exe |
"{A1615A09-9277-4BFE-B424-6147281EEFEF}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"{A815BCE4-A533-40E4-AAD2-C1D44B00D4E7}" = protocol=1 | dir=out | [email protected],-28544 |
"{B6983AB7-5792-412C-B0F1-6499362B8252}" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"{BA9628E3-F254-48D4-B740-5FA585D1243A}" = protocol=58 | dir=in | [email protected],-28545 |
"{BA9CA736-D8DA-424D-A155-8324F14681DA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BCF91D8E-0790-497E-A477-A9E1BB19D434}" = protocol=6 | dir=in | app=c:\program files\dna\btdna.exe |
"{C6E89C62-6A45-449A-BF02-7D40C5901309}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C7B9F8AD-F374-4C16-B2E6-13E98CF3579C}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{D04FF241-AF68-4AFA-964D-7776973682BF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D2C4D8DD-8693-43D4-A2AC-0176CE721C83}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\smart web printing\smartwebprintexe.exe |
"{D66F6AB3-2E17-42C3-B6B2-D2F71BA0AB30}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpoews01.exe |
"{D75E9CA3-3817-425D-8F41-8F76DEC1F432}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{DA9E5CF7-033B-49D0-8723-A86C9A67BDE6}" = protocol=17 | dir=in | app=c:\program files\dna\btdna.exe |
"{DAB324AA-E085-46DA-9457-1347641CCCF8}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqste08.exe |
"{DE429F6F-4340-4EF3-AA37-606298713ED9}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqusgh.exe |
"{F7B4B9F4-BF03-421E-A4CC-297B659D3920}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{FD196F45-AC04-4915-8451-BCB9B63B3C75}" = dir=in | app=c:\program files\hewlett-packard\digital imaging\bin\hpqsudi.exe |
"{FDA714D5-CB72-4B3D-994E-245C192E96ED}" = dir=in | app=c:\program files\hp\quickplay\qpservice.exe |
"TCP Query User{21764E9F-1594-492B-83B4-B1DA00D67C0E}C:\program files\amsn\bin\wish.exe" = protocol=6 | dir=in | app=c:\program files\amsn\bin\wish.exe |
"TCP Query User{43728779-7FCC-48B5-B8C8-F7BF7661C0AF}C:\users\leah\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\leah\program files\dna\btdna.exe |
"TCP Query User{50F779F1-7FE2-400C-8A6C-8C8B8E3B6FAC}C:\windows\system32\taskeng.exe" = protocol=6 | dir=in | app=c:\windows\system32\taskeng.exe |
"TCP Query User{6A86E8E2-BD56-4C3E-9B9F-812417EE4745}C:\users\leah\desktop\skype.exe" = protocol=6 | dir=in | app=c:\users\leah\desktop\skype.exe |
"TCP Query User{724BC86C-4BF6-4675-9A1C-02433CF48AD9}C:\program files\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"TCP Query User{8272A293-24D6-4C77-A85B-6CCF76251D86}C:\program files\bitcomet\bitcomet.exe" = protocol=6 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"TCP Query User{8BA03215-0293-4D7F-BD20-797184D831A7}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |
"TCP Query User{8C408397-40E3-4E11-9EA2-F9FEFF0331E5}C:\users\leah\program files\dna\btdna.exe" = protocol=6 | dir=in | app=c:\users\leah\program files\dna\btdna.exe |
"TCP Query User{B4A1E3E8-8E3A-4BE4-96E1-A2C997C88092}C:\users\leah\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\leah\appdata\local\akamai\netsession_win.exe |
"TCP Query User{EC2E9611-EF8D-4980-9B08-97117C70E497}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{2B6A1856-C19B-4965-9E6E-FD823BFCE77C}C:\program files\amsn\bin\wish.exe" = protocol=17 | dir=in | app=c:\program files\amsn\bin\wish.exe |
"UDP Query User{493B5B66-86D4-4452-AD08-059DEEC19B2E}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |
"UDP Query User{55DDCE2A-A741-4A22-8860-5EDB63D44603}C:\program files\bitcomet\bitcomet.exe" = protocol=17 | dir=in | app=c:\program files\bitcomet\bitcomet.exe |
"UDP Query User{5654BC7B-2C37-4866-BD41-BA1589F66024}C:\users\leah\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\leah\appdata\local\akamai\netsession_win.exe |
"UDP Query User{6BBA9641-E80C-49EE-8526-A8F232E32762}C:\users\leah\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\leah\program files\dna\btdna.exe |
"UDP Query User{9E96624B-3EE3-4F5F-BED6-47689B47D186}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{B7912556-E7CC-4E6B-8A86-19CB258FA187}C:\users\leah\program files\dna\btdna.exe" = protocol=17 | dir=in | app=c:\users\leah\program files\dna\btdna.exe |
"UDP Query User{C77DC1A3-3AF3-40ED-B8A5-3721F2D72C79}C:\program files\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\program files\bittorrent\bittorrent.exe |
"UDP Query User{D43C94BD-3151-4717-839D-CD6F78F4EAFC}C:\windows\system32\taskeng.exe" = protocol=17 | dir=in | app=c:\windows\system32\taskeng.exe |
"UDP Query User{DB390952-BE7B-4389-87FA-12B647F2265B}C:\users\leah\desktop\skype.exe" = protocol=17 | dir=in | app=c:\users\leah\desktop\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{11964613-805F-432D-A12B-169554B793E7}" = Nokia Connectivity Cable Driver
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{17504ED4-DB08-40A8-81C2-27D8C01581DA}" = Windows Live Remote Service Resources
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{228C6B46-64E2-404E-898A-EF0830603EF4}" = HPNetworkAssistant
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{294BF709-D758-4363-8D75-01479AD20927}" = Windows Live Family Safety
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3127F76D-5335-4AC7-BD1E-2F5247A23C24}" = iTunes
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E0E6066-A687-448D-BFC4-D58BE3399C3B}" = SoftStylus
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{42E2EEB2-D48E-4A47-B181-32ECA031D93B}" = DJ_AIO_06_F2400_SW_Min
"{43C0C354-A185-4D2D-A057-67C9160460E1}" = PS_AIO_04_C4580_Software_Min
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{464B3406-A4D0-4914-910F-7CA4380DCC13}" = Windows Live Remote Client Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BAA71B6-8F43-4C72-931A-3354ABB0258A}" = F2400
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7641710F-A4AD-4EAE-889C-4958BE3F169C}" = C4580
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{79872596-B887-E700-8D56-CADBC78BA5DE}" = Adobe Download Assistant
"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{846DDADA-0239-4B67-A6B1-33658863793B}" = HPTCSSetup
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}" = MobileMe Control Panel
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}" = HP Wireless Assistant
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A6A195F5-BCAB-4F38-8459-DF693303CD8D}" = PS_AIO_04_C4580_ProductContext
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}" = Nokia PC Suite
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}" = HP User Guides 0118
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}" = HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
"{C182D467-6F0A-418A-8B38-788F376F7502}" = Windows Migration Assistant
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CDBF8C2D-04B0-4F9B-9AE1-7422F7F0EC94}" = HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D23E2520-0EAA-4AC3-A47E-A551C70D4FED}" = C4580_Help
"{D4278897-1541-493E-9D39-59CC6AB0FC09}" = PS_AIO_04_C4580_Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2AF3E5D-9697-485C-A5AC-E2B9468C446A}" = Safari
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F95F178B-56AD-4fab-87F8-FA81E66C7D68}" = Network
"{FAF26102-09D7-4C58-AB01-0D59A2E517CA}" = Copy
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FDB5E0F3-86EA-4379-8A2F-1BC2436543E9}" = iCloud
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"0C5EDC3653FED5B121F464339EAC12534D253B25" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"AOL Toolbar" = AOL Toolbar 5.0
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.13 (Unicode)
"Avira AntiVir Desktop" = Avira Free Antivirus
"B726756F5B5A5AA9D798B399386FC6205A45F19E" = Windows Driver Package - Nokia Modem (02/15/2007 3.1)
"BitComet" = BitComet 1.12
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CD8424B9400BFF7D34AA18F816C71322AC4BDAA7" = Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1)
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_HERMOSA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"doPDF 7 printer_is1" = doPDF 7.2 printer
"EPSON Printer and Utilities" = EPSON Printer Software
"Google Chrome" = Google Chrome
"Graboid Video" = Graboid Video 2.3
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
"NIS" = Norton Internet Security
"Nokia PC Suite" = Nokia PC Suite
"Norton Utilities_is1" = Norton Utilities
"NVIDIA Drivers" = NVIDIA Drivers
"PROHYBRIDR" = 2007 Microsoft Office system
"Quick Search Box" = Google Quick Search Box
"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Virgin Mobile" = Virgin Mobile
"VLC media player" = VLC media player 1.0.1
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 22/11/2010 5:29:09 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 17067

Error - 22/11/2010 5:29:09 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 17067

Error - 22/11/2010 5:29:10 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 22/11/2010 5:29:10 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 18315

Error - 22/11/2010 5:29:10 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 18315

Error - 22/11/2010 6:37:09 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 22/11/2010 6:37:09 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1107

Error - 22/11/2010 6:37:09 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1107

Error - 22/11/2010 6:37:10 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 22/11/2010 6:37:10 PM | Computer Name = Ken-the-Koala | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2246

[ OSession Events ]
Error - 3/11/2009 6:22:27 AM | Computer Name = Ken-the-Koala | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1651
seconds with 60 seconds of active time. This session ended with a crash.

Error - 14/06/2010 6:54:52 PM | Computer Name = Ken-the-Koala | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15
seconds with 0 seconds of active time. This session ended with a crash.

Error - 28/10/2010 4:14:53 AM | Computer Name = Ken-the-Koala | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 56
seconds with 0 seconds of active time. This session ended with a crash.

Error - 4/11/2010 5:33:14 PM | Computer Name = Ken-the-Koala | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/02/2011 7:41:02 PM | Computer Name = Ken-the-Koala | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 39
seconds with 0 seconds of active time. This session ended with a crash.

Error - 4/11/2011 3:48:10 PM | Computer Name = Ken-the-Koala | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 52
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 29/12/2011 9:09:44 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7000
Description =

Error - 29/12/2011 9:09:44 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7003
Description =

Error - 29/12/2011 9:09:44 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7000
Description =

Error - 29/12/2011 9:09:44 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7003
Description =

Error - 29/12/2011 9:09:50 PM | Computer Name = Ken-the-Koala | Source = DCOM | ID = 10005
Description =

Error - 29/12/2011 9:09:50 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7009
Description =

Error - 29/12/2011 9:09:50 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7000
Description =

Error - 29/12/2011 9:10:14 PM | Computer Name = Ken-the-Koala | Source = WMPNetworkSvc | ID = 866293
Description =

Error - 29/12/2011 9:11:34 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7009
Description =

Error - 29/12/2011 9:11:34 PM | Computer Name = Ken-the-Koala | Source = Service Control Manager | ID = 7000
Description =


< End of report >
 
extras.txt

OTL logfile created on: 30/12/2011 3:26:26 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Leah\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy

2.00 Gb Total Physical Memory | 1.36 Gb Available Physical Memory | 68.18% Memory free
4.22 Gb Paging File | 3.41 Gb Available in Paging File | 80.60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 286.99 Gb Total Space | 203.99 Gb Free Space | 71.08% Space Free | Partition Type: NTFS
Drive D: | 11.10 Gb Total Space | 1.85 Gb Free Space | 16.64% Space Free | Partition Type: NTFS

Computer Name: KEN-THE-KOALA | User Name: Leah | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/30 11:31:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Leah\Desktop\OTL.exe
PRC - [2011/12/15 15:00:12 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/12/12 23:20:56 | 003,305,760 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Leah\AppData\Local\Akamai\netsession_win.exe
PRC - [2011/10/25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
PRC - [2011/10/25 13:44:42 | 000,103,896 | ---- | M] (PC Tools) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2009/09/14 10:53:32 | 000,279,912 | ---- | M] (Symantec Corporation) -- C:\Program Files\Norton Utilities 14\RMTray.exe
PRC - [2009/05/28 20:35:57 | 000,068,592 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
PRC - [2009/04/11 16:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/10/07 02:54:52 | 000,365,952 | ---- | M] () -- C:\Program Files\SMINST\BLService.exe
PRC - [2008/03/13 09:34:28 | 000,081,920 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqSRmon.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2006/11/02 19:45:35 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\regsvr32.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/16 18:35:01 | 000,103,424 | ---- | M] () -- C:\Program Files\Google\Quick Search Box\bin\1.2.1151.245\rlz.dll
MOD - [2009/01/12 16:49:44 | 000,066,856 | ---- | M] () -- C:\Program Files\HP\QuickPlay\Kernel\common\MCEMediaStatus.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/12/15 15:00:23 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/12/15 15:00:12 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/12/15 08:22:01 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_b427739.dll -- (Akamai)
SRV - [2011/10/25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Running] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011/09/22 10:35:57 | 000,117,648 | R--- | M] (Symantec Corporation) [Auto | Stopped] -- C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe -- (Norton Internet Security)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/05/21 22:13:36 | 000,248,832 | ---- | M] (Hewlett-Packard Co.) [On_Demand | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqcxs08.dll -- (hpqcxs08)
SRV - [2009/05/21 22:03:06 | 000,133,120 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqddsvc.dll -- (hpqddsvc)
SRV - [2008/10/07 02:54:52 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2008/04/07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/03/25 21:25:50 | 000,630,784 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HPSLPSVC32.DLL -- (HPSLPSVC)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/12/15 15:00:35 | 000,134,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/12/15 15:00:35 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/12/15 15:00:35 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/10/11 17:24:05 | 000,467,592 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008030.006\ccHPx86.sys -- (ccHP)
DRV - [2011/09/22 10:35:58 | 000,217,464 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008030.006\SYMTDI.SYS -- (SYMTDI)
DRV - [2011/07/28 18:00:00 | 000,374,392 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2011/07/08 16:35:42 | 000,367,736 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20110801.030\IDSvix86.sys -- (IDSVix86)
DRV - [2010/09/26 20:13:10 | 001,882,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2010/06/22 12:51:14 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/10/20 18:47:56 | 000,112,640 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009/09/11 16:30:01 | 000,124,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2009/09/10 14:55:58 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009/08/22 17:28:17 | 000,310,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\system32\drivers\NIS\1008030.006\SYMEFA.SYS -- (SymEFA)
DRV - [2009/08/22 17:28:17 | 000,308,272 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\Drivers\NIS\1008030.006\SRTSP.SYS -- (SRTSP)
DRV - [2009/08/22 17:28:17 | 000,259,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\Drivers\NIS\1008030.006\BHDrvx86.sys -- (BHDrvx86)
DRV - [2009/08/22 17:28:17 | 000,043,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\system32\drivers\NIS\1008030.006\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2009/08/22 17:28:07 | 000,025,648 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\SymIMV.sys -- (SymIM)
DRV - [2009/03/31 09:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/06/11 04:54:36 | 000,123,904 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/06/10 08:23:00 | 007,522,624 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/06/10 08:23:00 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008/06/06 02:58:42 | 000,222,208 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDRT32.sys -- (CnxtHdAudService)
DRV - [2008/01/21 12:23:20 | 002,225,664 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel(R)
DRV - [2007/10/18 09:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007/09/17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/06/19 10:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV - [2007/02/22 11:15:56 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007/02/22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcm.sys -- (nmwcdcm)
DRV - [2007/02/22 11:15:14 | 000,012,288 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdcj.sys -- (nmwcdcj)
DRV - [2007/02/22 11:15:14 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdc.sys -- (nmwcdc)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_au&c=91&bd=Presario&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://autoproxy.utas.edu.au/cgi-bin/proxy

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"
FF - prefs.js..network.proxy.autoconfig_url: "http://autoproxy.utas.edu.au/cgi-bin/proxy"
FF - prefs.js..network.proxy.http: "206.210.225.240"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 1
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "http://www.google.com.au/"


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\ [2011/10/16 11:35:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/24 14:53:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/11 17:12:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/02/24 14:53:55 | 000,000,000 | ---D | M]

[2009/05/10 13:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leah\AppData\Roaming\mozilla\Extensions
[2009/05/10 13:20:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Leah\AppData\Roaming\mozilla\Extensions\[email protected]
[2011/12/13 09:21:04 | 000,003,969 | ---- | M] () -- C:\Users\Leah\AppData\Roaming\Mozilla\Firefox\Profiles\us8cy4us.default\searchplugins\sweetim.xml
[2011/12/18 15:07:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/21 14:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/11/21 11:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/11/21 11:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.63\pdf.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Entanglement = C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\2.7.9_0\
CHR - Extension: Poppit = C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\

O1 HOSTS File: ([2006/09/19 07:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\IPSBHO.dll (Symantec Corporation)
O2 - BHO: (AOL Toolbar BHO) - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\HpqSRmon.exe (Hewlett-Packard)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Yahoo Messenger] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Leah\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [NortonUtilities] C:\Program Files\Norton Utilities 14\RMTray.exe (Symantec Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8 - Extra context menu item: &AOL Toolbar Search - C:\ProgramData\AOL\ieToolbar\resources\en-AU\local\search.html ()
O8 - Extra context menu item: &D&ownload &with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all video with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O8 - Extra context menu item: &D&ownload all with BitComet - C:\Program Files\BitComet\BitComet.exe (www.BitComet.com)
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.3.2.dll (BitComet)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx2.hotmail.com/mail/w3/resources/VistaMSNPUplden-au.cab (MSN Photo Upload Tool)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://fb.familylink.com/we_are_related/stream/core/lib/AurigmaImageUploader/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} http://www.warwick.ac.uk/newwebcam/AxisCamControl.ocx (CamImage Class)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUplden-au.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07866014-B361-449E-B9D3-18691E21F589}: DhcpNameServer = 123.200.191.17 123.200.191.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7500193E-71FE-4BF8-B24A-C02C79F7EF0B}: DhcpNameServer = 123.200.191.17 123.200.191.18
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C7E7665-25E1-45F8-827D-BD2B4630227D}: DhcpNameServer = 10.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F6AA36DF-35CE-4EA1-AA2F-56D979241D5D}: DhcpNameServer = 10.0.0.1
O18 - Protocol\Handler\symres {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.8.3.6\CoIEPlg.dll (Symantec Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Leah\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Leah\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 07:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\Shell - "" = AutoRun
O33 - MountPoints2\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\Shell - "" = AutoRun
O33 - MountPoints2\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{180f4b21-2f27-11e0-820d-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{180f4b21-2f27-11e0-820d-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{263e77d9-4e90-11e0-b00c-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{263e77d9-4e90-11e0-b00c-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{263e77eb-4e90-11e0-b00c-001e101f2500}\Shell - "" = AutoRun
O33 - MountPoints2\{263e77eb-4e90-11e0-b00c-001e101f2500}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3463a70e-2e97-11e0-89e5-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{3463a70e-2e97-11e0-89e5-001f1665c865}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3463a711-2e97-11e0-89e5-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{3463a711-2e97-11e0-89e5-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d365ac4-34f1-11e0-a828-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{6d365ac4-34f1-11e0-a828-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d365ad0-34f1-11e0-a828-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{6d365ad0-34f1-11e0-a828-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9196200f-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{9196200f-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{91962011-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{91962011-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91962039-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{91962039-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9196203b-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{9196203b-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cab4a617-385f-11e0-a6a7-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{cab4a617-385f-11e0-a6a7-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cab4a619-385f-11e0-a6a7-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{cab4a619-385f-11e0-a6a7-001f1665c865}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\Windows\System32\drivers\
File not found -- C:\Windows\System32\
[2011/12/30 11:29:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Leah\Desktop\OTL.exe
[2011/12/30 09:12:15 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011/12/30 07:52:21 | 004,356,196 | R--- | C] (Swearware) -- C:\Users\Leah\Desktop\ComboFix.exe
[2011/12/29 09:02:50 | 001,578,288 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Leah\Desktop\tdsskiller.exe
[2011/12/29 06:58:40 | 000,000,000 | ---D | C] -- C:\FRST
[2011/12/28 16:51:05 | 000,000,000 | ---D | C] -- C:\Users\Leah\Desktop\NTBR_CD
[2011/12/28 11:16:10 | 000,000,000 | --SD | C] -- C:\Leah10567L
[2011/12/28 10:10:58 | 000,000,000 | --SD | C] -- C:\Leah
[2011/12/27 23:44:44 | 000,000,000 | ---D | C] -- C:\Users\Leah\Documents\bootkit_remover
[2011/12/27 14:50:01 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/12/27 14:50:01 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/12/27 14:50:01 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/12/27 14:49:52 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/12/27 14:49:51 | 000,000,000 | --SD | C] -- C:\ComboFix-1
[2011/12/27 14:49:45 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/27 14:38:50 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Leah\Desktop\aswMBR.exe
[2011/12/26 11:13:04 | 000,021,632 | ---- | C] (Nokia) -- C:\Windows\System32\drivers\pccsmcfd.sys
[2011/12/26 11:11:18 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers
[2011/12/26 11:11:03 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
[2011/12/26 11:11:00 | 000,000,000 | ---D | C] -- C:\Users\Leah\Documents\My NPS Files
[2011/12/26 11:10:40 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\Samsung
[2011/12/24 23:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/12/23 21:42:31 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Users\Leah\AppData\Local\lha.exe
[2011/12/23 09:58:45 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\Avira
[2011/12/23 09:21:44 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\Malwarebytes
[2011/12/23 09:21:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/12/23 09:21:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/12/23 09:21:23 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/12/23 09:21:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/12/23 09:15:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/12/23 09:15:29 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/12/23 09:15:24 | 000,134,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/12/23 09:15:24 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/12/23 09:15:24 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011/12/23 09:15:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/12/23 09:15:18 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/12/21 12:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Registry Mechanic
[2011/12/21 12:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2011/12/21 12:39:27 | 000,000,000 | ---D | C] -- C:\Program Files\PC Tools Registry Mechanic
[2011/12/21 09:40:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[2011/12/21 09:26:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2011/12/18 17:50:05 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011/12/18 17:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011/12/18 16:06:30 | 000,000,000 | ---D | C] -- C:\Program Files\Safari
[2011/12/18 12:52:13 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2011/12/18 12:46:21 | 000,000,000 | -HSD | C] -- C:\Users\Leah\AppData\Local\1cf6efbe
[2011/12/18 06:58:24 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\MediaWmplay
[2011/12/11 17:12:42 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Local\Mozilla
[2011/12/11 09:27:22 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\Uckul
[2011/12/11 09:27:22 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\Doizwaq
[2011/12/04 17:38:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows
[2010/05/29 19:45:33 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2010/05/29 19:45:32 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2010/05/29 19:45:32 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2010/05/29 19:45:32 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2010/05/29 19:45:31 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
part 2 of the last reply

========== Files - Modified Within 30 Days ==========

File not found -- C:\Windows\System32\drivers\
File not found -- C:\Windows\System32\
[2011/12/30 15:08:43 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/12/30 15:08:43 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/12/30 15:08:01 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/30 11:31:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Leah\Desktop\OTL.exe
[2011/12/30 11:11:09 | 000,002,265 | ---- | M] () -- C:\Users\Leah\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/30 11:09:56 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/12/30 11:08:56 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2011/12/30 11:08:56 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/30 11:08:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/12/30 11:08:33 | 2144,542,720 | -HS- | M] () -- C:\hiberfil.sys
[2011/12/30 11:08:30 | 284,312,681 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/30 07:53:35 | 004,356,196 | R--- | M] (Swearware) -- C:\Users\Leah\Desktop\ComboFix.exe
[2011/12/29 09:02:59 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Leah\Desktop\tdsskiller.exe
[2011/12/29 08:50:57 | 000,046,592 | ---- | M] () -- C:\Users\Leah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/29 06:57:09 | 000,858,370 | ---- | M] () -- C:\Users\Leah\Desktop\FRST.exe
[2011/12/28 16:50:15 | 002,565,464 | ---- | M] () -- C:\Users\Leah\Desktop\NTBR_CD.exe
[2011/12/28 10:52:26 | 000,008,268 | ---- | M] () -- C:\Users\Leah\AppData\Local\d3d9caps.dat
[2011/12/28 10:52:15 | 000,002,241 | ---- | M] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/12/27 14:39:12 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Leah\Desktop\aswMBR.exe
[2011/12/26 11:52:06 | 000,656,350 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/12/26 11:52:06 | 000,126,640 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/12/26 11:04:25 | 000,069,632 | ---- | M] () -- C:\Users\Leah\Desktop\2057.MST
[2011/12/26 11:04:23 | 000,013,752 | ---- | M] () -- C:\Users\Leah\Desktop\0x0809.ini
[2011/12/26 10:15:39 | 000,002,611 | ---- | M] () -- C:\Users\Leah\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2011/12/24 23:14:27 | 000,512,992 | ---- | M] () -- C:\Users\Leah\Desktop\sdasetup_revwire207.exe
[2011/12/23 21:42:32 | 000,001,258 | -HS- | M] () -- C:\Users\Leah\AppData\Local\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70
[2011/12/23 21:42:32 | 000,001,258 | -HS- | M] () -- C:\ProgramData\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70
[2011/12/23 09:21:28 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/23 09:15:54 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011/12/21 15:33:50 | 000,000,970 | -HS- | M] () -- C:\Users\Leah\AppData\Local\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx
[2011/12/21 15:33:50 | 000,000,970 | -HS- | M] () -- C:\ProgramData\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx
[2011/12/21 12:39:36 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2011/12/21 09:41:00 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/12/18 12:38:24 | 000,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/12/18 06:56:04 | 003,739,920 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/12/18 06:55:31 | 000,000,318 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForLeah.job
[2011/12/17 08:24:49 | 000,000,127 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2011/12/15 15:00:35 | 000,134,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/12/15 15:00:35 | 000,074,640 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/12/15 15:00:35 | 000,036,000 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2011/12/11 17:12:27 | 000,000,830 | ---- | M] () -- C:\Users\Leah\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/11 17:12:27 | 000,000,806 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/30 10:00:27 | 2144,542,720 | -HS- | C] () -- C:\hiberfil.sys
[2011/12/29 06:56:00 | 000,858,370 | ---- | C] () -- C:\Users\Leah\Desktop\FRST.exe
[2011/12/28 16:50:14 | 002,565,464 | ---- | C] () -- C:\Users\Leah\Desktop\NTBR_CD.exe
[2011/12/27 14:50:01 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011/12/27 14:50:01 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/12/27 14:50:01 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/12/27 14:50:01 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/12/27 14:50:01 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/12/26 11:11:03 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/12/26 11:11:03 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2011/12/26 11:06:48 | 000,069,632 | ---- | C] () -- C:\Users\Leah\Desktop\2057.MST
[2011/12/26 11:06:48 | 000,013,752 | ---- | C] () -- C:\Users\Leah\Desktop\0x0809.ini
[2011/12/25 08:49:22 | 000,002,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Migration Assistant.lnk
[2011/12/24 23:15:18 | 000,512,992 | ---- | C] () -- C:\Users\Leah\Desktop\sdasetup_revwire207.exe
[2011/12/23 21:42:32 | 000,001,258 | -HS- | C] () -- C:\Users\Leah\AppData\Local\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70
[2011/12/23 21:42:32 | 000,001,258 | -HS- | C] () -- C:\ProgramData\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70
[2011/12/23 09:21:28 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/12/23 09:15:54 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011/12/21 15:33:50 | 000,000,970 | -HS- | C] () -- C:\Users\Leah\AppData\Local\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx
[2011/12/21 15:33:50 | 000,000,970 | -HS- | C] () -- C:\ProgramData\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx
[2011/12/21 12:39:36 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\PC Tools Registry Mechanic.lnk
[2011/12/21 12:39:34 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2011/12/21 09:41:00 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Converter.lnk
[2011/12/18 16:06:58 | 000,002,265 | ---- | C] () -- C:\Users\Leah\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/12/18 16:06:58 | 000,002,241 | ---- | C] () -- C:\Users\Public\Desktop\Safari.lnk
[2011/12/18 16:06:58 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
[2011/12/17 08:24:49 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/12/14 10:30:52 | 000,000,318 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForLeah.job
[2011/12/11 17:12:27 | 000,000,830 | ---- | C] () -- C:\Users\Leah\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/12/11 17:12:27 | 000,000,818 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011/12/11 17:12:27 | 000,000,806 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/01/04 09:19:44 | 000,166,182 | ---- | C] () -- C:\Windows\hpoins30.dat
[2010/04/23 15:39:55 | 000,165,741 | ---- | C] () -- C:\Windows\hpoins44.dat
[2010/03/19 17:54:01 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010/03/19 17:54:01 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010/03/19 17:54:01 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010/03/19 17:54:01 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010/03/19 17:54:01 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010/03/19 17:54:01 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010/03/19 17:54:01 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010/03/19 17:54:01 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010/03/19 17:54:01 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010/03/19 17:54:01 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010/03/19 17:54:00 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010/03/19 17:54:00 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010/03/19 17:54:00 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010/03/19 17:54:00 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010/03/19 17:54:00 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010/03/19 17:54:00 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010/03/19 17:54:00 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010/03/19 17:54:00 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010/03/19 17:54:00 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010/03/02 16:55:20 | 000,000,182 | ---- | C] () -- C:\Windows\System32\EBPPORT4.DAT
[2010/03/02 16:53:52 | 000,000,025 | ---- | C] () -- C:\Windows\CDEC65ASIA.ini
[2010/02/24 14:53:20 | 000,023,163 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/01/11 09:42:31 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/08/20 17:48:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/08/20 17:48:27 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/06/11 19:30:02 | 000,000,586 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2009/05/19 22:45:13 | 000,008,268 | ---- | C] () -- C:\Users\Leah\AppData\Local\d3d9caps.dat
[2009/04/14 14:24:14 | 000,046,592 | ---- | C] () -- C:\Users\Leah\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/11 21:03:40 | 000,000,249 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/02/11 21:00:08 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/02/11 21:00:06 | 000,027,744 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008/10/27 21:32:27 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/18 16:22:38 | 000,000,844 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/03/29 23:00:40 | 000,203,264 | R--- | C] () -- C:\Windows\System32\CddbCdda.dll
[2006/11/02 22:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 22:47:37 | 003,739,920 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 22:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 20:33:01 | 000,656,350 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 20:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 20:33:01 | 000,126,640 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 20:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 20:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 18:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 18:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 17:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 17:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/03/09 19:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll

========== LOP Check ==========

[2011/07/31 21:02:46 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Audacity
[2011/08/06 11:03:00 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010/09/24 18:04:44 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/12/23 10:09:13 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Doizwaq
[2011/12/15 10:09:14 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Evfyw
[2011/12/18 06:53:39 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Ikbiby
[2010/11/07 17:42:11 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\LimeWire
[2011/12/22 09:50:24 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\MediaWmplay
[2010/01/31 09:10:05 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Motorola
[2009/08/01 08:24:12 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Nokia
[2009/08/01 08:24:48 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\PC Suite
[2011/12/28 09:27:34 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Samsung
[2010/12/21 13:18:00 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Skinux
[2011/05/18 18:34:08 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Softland
[2011/12/23 10:13:56 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Uckul
[2009/04/15 16:41:19 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\WildTangent
[2011/12/29 10:44:40 | 000,032,616 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.* >
[2006/09/19 07:43:36 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
[2009/04/11 16:36:36 | 000,333,257 | RHS- | M] () -- C:\bootmgr
[2006/09/19 07:43:37 | 000,000,010 | ---- | M] () -- C:\config.sys
[2011/12/30 11:08:33 | 2144,542,720 | -HS- | M] () -- C:\hiberfil.sys
[2009/04/18 08:53:54 | 000,000,000 | ---- | M] () -- C:\hpfr3420.xml
[2009/04/18 08:53:56 | 000,000,286 | ---- | M] () -- C:\hpfr3425.log
[2010/02/07 14:48:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010/02/07 14:48:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2008/09/04 10:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\npbittorrent.dll
[2004/03/01 01:44:34 | 000,052,576 | ---- | M] () -- C:\orange.bmp
[2011/12/30 11:08:30 | 2458,329,088 | -HS- | M] () -- C:\pagefile.sys
[2011/12/28 12:01:46 | 000,000,537 | ---- | M] () -- C:\rkill.log
[2010/05/26 14:50:39 | 000,000,184 | ---- | M] () -- C:\setup.log
[2011/12/24 15:50:55 | 000,079,648 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_24.12.2011_15.47.01_log.txt
[2011/12/24 15:58:43 | 000,001,824 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_24.12.2011_15.58.23_log.txt
[2011/12/29 09:26:23 | 000,079,164 | ---- | M] () -- C:\TDSSKiller.2.6.25.0_29.12.2011_09.03.09_log.txt

< %systemroot%\Fonts\*.com >
[2006/11/02 22:37:12 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
[2006/11/02 22:37:12 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
[2006/11/02 22:37:12 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
[2009/08/29 09:04:56 | 000,037,665 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2006/09/19 07:37:34 | 000,000,065 | -H-- | M] () -- C:\Windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2006/11/02 19:46:04 | 000,032,768 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\system32\spool\prtprocs\w32x86\EP0NPP01.DLL
[2009/04/16 14:08:20 | 000,312,832 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpfpp70v.dll
[2008/06/06 20:49:18 | 000,302,592 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\hpzpp692.dll
[2008/01/21 12:23:14 | 000,089,600 | ---- | M] (Hewlett-Packard Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL
[2006/11/02 22:35:48 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\msonpppr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2010/11/10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2008/01/21 12:43:21 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >
[2008/01/21 13:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008/01/21 13:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008/01/21 13:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006/11/02 20:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006/11/02 20:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >
[2010/10/08 14:36:34 | 000,003,072 | ---- | M] () -- C:\Windows\system32\Cache.db

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/07/05 23:10:43 | 000,000,574 | -HS- | M] () -- C:\Users\Leah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/12/27 14:39:12 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Leah\Desktop\aswMBR.exe
[2011/12/30 07:53:35 | 004,356,196 | R--- | M] (Swearware) -- C:\Users\Leah\Desktop\ComboFix.exe
[2011/12/29 06:57:09 | 000,858,370 | ---- | M] () -- C:\Users\Leah\Desktop\FRST.exe
[2011/12/28 16:50:15 | 002,565,464 | ---- | M] () -- C:\Users\Leah\Desktop\NTBR_CD.exe
[2011/12/30 11:31:33 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Leah\Desktop\OTL.exe
[2011/12/24 23:14:27 | 000,512,992 | ---- | M] () -- C:\Users\Leah\Desktop\sdasetup_revwire207.exe
[2011/12/29 09:02:59 | 001,578,288 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Leah\Desktop\tdsskiller.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2011/01/28 11:14:13 | 000,000,402 | -HS- | M] () -- C:\Users\Leah\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/12/23 21:42:32 | 000,001,258 | -HS- | M] () -- C:\ProgramData\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70
[2010/05/29 19:45:33 | 002,989,660 | ---- | M] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2010/05/29 19:45:31 | 002,231,606 | ---- | M] (Macromedia, Inc.) -- C:\ProgramData\Games.exe
[2010/12/24 12:44:12 | 000,000,249 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2011/11/02 14:59:03 | 000,000,021 | ---- | M] () -- C:\ProgramData\hpqp.txt
[2011/01/04 09:38:31 | 000,010,779 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2010/05/29 19:45:32 | 002,331,174 | ---- | M] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2010/05/29 19:45:33 | 003,063,561 | ---- | M] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2010/05/29 19:45:32 | 002,864,396 | ---- | M] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2011/12/30 11:09:56 | 000,027,744 | ---- | M] () -- C:\ProgramData\nvModes.001
[2011/12/21 15:33:50 | 000,000,970 | -HS- | M] () -- C:\ProgramData\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx
[2009/02/11 21:06:50 | 000,000,032 | ---- | M] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2008/10/27 22:57:21 | 000,000,109 | ---- | M] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2009/02/11 21:05:57 | 000,000,032 | ---- | M] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2008/10/27 22:50:59 | 000,000,105 | ---- | M] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2009/02/11 21:04:10 | 000,000,032 | ---- | M] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2009/02/11 21:06:28 | 000,000,032 | ---- | M] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2008/10/27 22:49:07 | 000,000,107 | ---- | M] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/10/27 22:56:51 | 000,000,110 | ---- | M] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2009/02/11 21:06:59 | 000,000,105 | ---- | M] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< %systemroot%\system32\winlog\*.* >

< %systemroot%\system32\Language\*.* >

< %systemroot%\system32\Settings\*.* >

< %systemroot%\system32\*.quo >

< %SYSTEMROOT%\AppPatch\*.exe >

< %SYSTEMROOT%\inf\*.exe >

< %SYSTEMROOT%\Installer\*.exe >

< %systemroot%\system32\config\*.bak2 >

< %systemroot%\system32\Computers\*.* >

< %SystemRoot%\system32\Sound\*.* >

< %SystemRoot%\system32\SpecialImg\*.* >

< %SystemRoot%\system32\code\*.* >

< %SystemRoot%\system32\draft\*.* >

< %SystemRoot%\system32\MSSSys\*.* >

< %ProgramFiles%\Javascript\*.* >

< %systemroot%\pchealth\helpctr\System\*.exe /s >

< %systemroot%\Web\*.exe >

< %systemroot%\system32\msn\*.* >

< %systemroot%\system32\*.tro >

< %AppData%\Microsoft\Installer\msupdates\*.* >

< %ProgramFiles%\Messenger\*.* >

< %systemroot%\system32\systhem32\*.* >

< %systemroot%\system\*.exe >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\ Auto Update\Results\Install|LastSuccessTime /rs >


========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB3255$] -> -> Unknown point type

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:D287FACF

< End of report >
 
You're running two AV programs, Norton and Avira.
One of them has to go.
If Norton make sure you use this tool to uninstall it: https://www-secure.symantec.com/nor...&version=1&pvid=f-home&entsrc=redirect_pubweb

=============================================================

Uninstall PC Tools Registry Mechanic 11.0.
Registry cleaners/optimizers are not recommended for several reasons:

  • Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

    The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.
  • Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.
  • Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.
  • Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.
  • The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".
Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.


==============================================================

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [Yahoo Messenger] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get.../ultrashim.cab (Reg Error: Key error.)
O33 - MountPoints2\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\Shell - "" = AutoRun
O33 - MountPoints2\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\Shell - "" = AutoRun
O33 - MountPoints2\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{180f4b21-2f27-11e0-820d-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{180f4b21-2f27-11e0-820d-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{263e77d9-4e90-11e0-b00c-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{263e77d9-4e90-11e0-b00c-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{263e77eb-4e90-11e0-b00c-001e101f2500}\Shell - "" = AutoRun
O33 - MountPoints2\{263e77eb-4e90-11e0-b00c-001e101f2500}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3463a70e-2e97-11e0-89e5-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{3463a70e-2e97-11e0-89e5-001f1665c865}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3463a711-2e97-11e0-89e5-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{3463a711-2e97-11e0-89e5-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d365ac4-34f1-11e0-a828-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{6d365ac4-34f1-11e0-a828-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6d365ad0-34f1-11e0-a828-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{6d365ad0-34f1-11e0-a828-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9196200f-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{9196200f-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{91962011-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{91962011-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{91962039-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{91962039-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9196203b-42ba-11e0-93f2-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{9196203b-42ba-11e0-93f2-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cab4a617-385f-11e0-a6a7-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{cab4a617-385f-11e0-a6a7-001f1665c865}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{cab4a619-385f-11e0-a6a7-001f1665c865}\Shell - "" = AutoRun
O33 - MountPoints2\{cab4a619-385f-11e0-a6a7-001f1665c865}\Shell\AutoRun\command - "" = G:\AutoRun.exe
[2011/12/18 12:46:21 | 000,000,000 | -HSD | C] -- C:\Users\Leah\AppData\Local\1cf6efbe
[2011/12/11 09:27:22 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\Uckul
[2011/12/11 09:27:22 | 000,000,000 | ---D | C] -- C:\Users\Leah\AppData\Roaming\Doizwaq
[2011/12/23 21:42:32 | 000,001,258 | -HS- | M] () -- C:\Users\Leah\AppData\Local\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70
[2011/12/23 21:42:32 | 000,001,258 | -HS- | M] () -- C:\ProgramData\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70
[2011/12/21 15:33:50 | 000,000,970 | -HS- | M] () -- C:\Users\Leah\AppData\Local\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx
[2011/12/21 15:33:50 | 000,000,970 | -HS- | M] () -- C:\ProgramData\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx
[2011/12/15 10:09:14 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Evfyw
[2011/12/18 06:53:39 | 000,000,000 | ---D | M] -- C:\Users\Leah\AppData\Roaming\Ikbiby
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:D287FACF

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply. Only one log will be created.
 
The program just freezes now. I've tried approximately 6 or 7 times and it just stops responding almost straight after pressing scan.
 
Happy new year

========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Yahoo Messenger not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range1\\http not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01f1bf3c-5079-11e0-b1dc-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01f1bf40-5079-11e0-b1dc-001e101f4e71}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{180f4b1e-2f27-11e0-820d-eda2d115b10a}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{180f4b21-2f27-11e0-820d-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{180f4b21-2f27-11e0-820d-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{180f4b21-2f27-11e0-820d-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{180f4b21-2f27-11e0-820d-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{263e77d9-4e90-11e0-b00c-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{263e77d9-4e90-11e0-b00c-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{263e77d9-4e90-11e0-b00c-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{263e77d9-4e90-11e0-b00c-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{263e77eb-4e90-11e0-b00c-001e101f2500}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{263e77eb-4e90-11e0-b00c-001e101f2500}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{263e77eb-4e90-11e0-b00c-001e101f2500}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{263e77eb-4e90-11e0-b00c-001e101f2500}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3463a70e-2e97-11e0-89e5-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3463a70e-2e97-11e0-89e5-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3463a70e-2e97-11e0-89e5-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3463a70e-2e97-11e0-89e5-001f1665c865}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3463a711-2e97-11e0-89e5-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3463a711-2e97-11e0-89e5-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3463a711-2e97-11e0-89e5-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3463a711-2e97-11e0-89e5-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d365ac4-34f1-11e0-a828-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d365ac4-34f1-11e0-a828-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d365ac4-34f1-11e0-a828-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d365ac4-34f1-11e0-a828-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d365ad0-34f1-11e0-a828-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d365ad0-34f1-11e0-a828-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6d365ad0-34f1-11e0-a828-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6d365ad0-34f1-11e0-a828-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9196200f-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9196200f-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9196200f-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9196200f-42ba-11e0-93f2-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91962011-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91962011-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91962011-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91962011-42ba-11e0-93f2-001f1665c865}\ not found.
File G:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91962039-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91962039-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{91962039-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{91962039-42ba-11e0-93f2-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9196203b-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9196203b-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9196203b-42ba-11e0-93f2-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9196203b-42ba-11e0-93f2-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cab4a617-385f-11e0-a6a7-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cab4a617-385f-11e0-a6a7-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cab4a617-385f-11e0-a6a7-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cab4a617-385f-11e0-a6a7-001f1665c865}\ not found.
File F:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cab4a619-385f-11e0-a6a7-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cab4a619-385f-11e0-a6a7-001f1665c865}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cab4a619-385f-11e0-a6a7-001f1665c865}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cab4a619-385f-11e0-a6a7-001f1665c865}\ not found.
File G:\AutoRun.exe not found.
Folder C:\Users\Leah\AppData\Local\1cf6efbe\ not found.
Folder C:\Users\Leah\AppData\Roaming\Uckul\ not found.
Folder C:\Users\Leah\AppData\Roaming\Doizwaq\ not found.
File C:\Users\Leah\AppData\Local\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70 not found.
File C:\ProgramData\105d251p1hp0i446mlk1bj0cm5406a2105edrv62m70 not found.
File C:\Users\Leah\AppData\Local\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx not found.
File C:\ProgramData\yaj3fhr5e43q8fpr147o65u74amqt5yytx0160sd8mx not found.
Folder C:\Users\Leah\AppData\Roaming\Evfyw\ not found.
Folder C:\Users\Leah\AppData\Roaming\Ikbiby\ not found.
ADS C:\ProgramData\Temp:D1B5B4F1 deleted successfully.
Unable to delete ADS C:\ProgramData\Temp:D287FACF .
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========

OTL by OldTimer - Version 3.2.31.0 log created on 01012012_121650
 
Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.


2. Download Temp File Cleaner (TFC)
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.


3. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
Results of screen317's Security Check version 0.99.24
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Norton Internet Security
[size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size]
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
Java(TM) 6 Update 26
Java(TM) 6 Update 7
Out of date Java installed!
Adobe Flash Player 11.1.102.55
Adobe Reader X (10.1.1)
Mozilla Firefox (x86 en-US..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Microsoft Small Business Business Contact Manager BcmSqlStartupSvc.exe
``````````End of Log````````````
 
C:\Documents and Settings\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe Win32/Patched.HN trojan
C:\Documents and Settings\All Users\Application Data\Windows\msdr.dll a variant of Win32/Kryptik.GFN trojan
C:\Documents and Settings\All Users\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe Win32/Patched.HN trojan
C:\Documents and Settings\All Users\Windows\msdr.dll a variant of Win32/Kryptik.GFN trojan
C:\Documents and Settings\Leah\AppData\Local\lha.exe a variant of Win32/Kryptik.XXV trojan
C:\Documents and Settings\Leah\AppData\Roaming\MediaWmplay\FlashPlugin\FlashUtil118_ActiveX.exe Win32/Agent.TIR trojan
C:\Documents and Settings\Leah\AppData\Roaming\MediaWmplay\FlashPlugin\FlashUtil38_ActiveX.exe Win32/TrojanClicker.Agent.NPA trojan
C:\Program Files\Bonjour\mDNSResponder.exe Win32/Patched.HN trojan
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe Win32/Patched.HN trojan
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe Win32/Patched.HN trojan
C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE Win32/Patched.HN trojan
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe Win32/Patched.HN trojan
C:\Program Files\CyberLink\Shared files\RichVideo.exe Win32/Patched.HN trojan
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe Win32/Patched.HN trojan
C:\Program Files\Google\Update\GoogleUpdate.exe Win32/Patched.HN trojan
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe Win32/Patched.HN trojan
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe Win32/Patched.HN trojan
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe Win32/Patched.HN trojan
C:\Program Files\iPod\bin\iPodService.exe Win32/Patched.HN trojan
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe Win32/Patched.HN trojan
C:\Program Files\Norton Internet Security\Engine\16.8.3.6\ccSvcHst.exe Win32/Patched.HN trojan
C:\Program Files\SMINST\BLService.exe Win32/Patched.HN trojan
C:\ProgramData\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe Win32/Patched.HN trojan
C:\ProgramData\Application Data\Windows\msdr.dll a variant of Win32/Kryptik.GFN trojan
C:\ProgramData\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe Win32/Patched.HN trojan
C:\ProgramData\Windows\msdr.dll a variant of Win32/Kryptik.GFN trojan
C:\Users\All Users\Application Data\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe Win32/Patched.HN trojan
C:\Users\All Users\Application Data\Windows\msdr.dll a variant of Win32/Kryptik.GFN trojan
C:\Users\All Users\Google\Google Toolbar\Update\GoogleToolbarInstaller_updater_signed.exe Win32/Patched.HN trojan
C:\Users\All Users\Windows\msdr.dll a variant of Win32/Kryptik.GFN trojan
C:\Users\Leah\AppData\Local\lha.exe a variant of Win32/Kryptik.XXV trojan
C:\Users\Leah\AppData\Roaming\MediaWmplay\FlashPlugin\FlashUtil118_ActiveX.exe Win32/Agent.TIR trojan
C:\Users\Leah\AppData\Roaming\MediaWmplay\FlashPlugin\FlashUtil38_ActiveX.exe Win32/TrojanClicker.Agent.NPA trojan
C:\Windows\System32\nvvsvc.exe Win32/Patched.HN trojan
C:\Windows\System32\drivers\XAudio.exe Win32/Patched.HN trojan
C:\_OTL\MovedFiles\12312011_081613\C_Users\Leah\AppData\Local\1cf6efbe\X a variant of Win32/Kryptik.XPH trojan
C:\_OTL\MovedFiles\12312011_081613\C_Users\Leah\AppData\Local\1cf6efbe\U\00000001.@ a variant of Win32/Sirefef.CR trojan
C:\_OTL\MovedFiles\12312011_081613\C_Users\Leah\AppData\Local\1cf6efbe\U\80000000.@ a variant of Win32/Sirefef.DV trojan
C:\_OTL\MovedFiles\12312011_081613\C_Users\Leah\AppData\Local\1cf6efbe\U\800000c0.@ a variant of Win32/Sirefef.CH trojan
C:\_OTL\MovedFiles\12312011_081613\C_Users\Leah\AppData\Local\1cf6efbe\U\800000cb.@ a variant of Win32/Agent.TEO trojan
C:\_OTL\MovedFiles\12312011_081613\C_Users\Leah\AppData\Local\1cf6efbe\U\800000cf.@ a variant of Win32/Sirefef.DV trojan
 
1. Update your Java version here: http://www.java.com/en/download/installed.jsp

Note 1: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Note 2: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. If you don't want to run another extra service, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and restart your computer.

2. Now, we need to remove old Java version and its remnants...

Download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe (Vista users! Right click on JavaRa.exe, click Run As Administrator), pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.

===========================================================

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any Trojan was listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

6. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

7. Run Temporary File Cleaner (TFC) weekly.

8. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

9. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

10. (Windows XP only) Run defrag at your convenience.

11. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

12. Read How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html

13. Please, let me know, how your computer is doing.
 
All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Leah
->Temp folder emptied: 3376281 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 2040 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 37610496 bytes
->Flash cache emptied: 853 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12563 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 160350 bytes

Total Files Cleaned = 39.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Leah
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 01062012_100118

Files\Folders moved on Reboot...
C:\Users\Leah\AppData\Local\Temp\ehmsas.txt moved successfully.
File\Folder C:\Windows\temp\SEPE855.tmp not found!

Registry entries deleted on Reboot...
 
You must log in or register to reply here.

Similar threads

A
Google accidentally published a four-year-old Chromium security bug, then tried to hide it again
Replies
3
Views
33
RaXelliX
R
Daniel Sims
Wikipedia may remove nearly 700,000 links after Archive.today DDoS fallout
Replies
5
Views
140
Plutoisaplanet
Plutoisaplanet
A
Google will start shipping a new Chrome version every two weeks
Replies
14
Views
274
JSabin
JSabin

Latest posts

Back