Jump to content

Level Quality Watcher Problem


Recommended Posts

I don't know how exactly this happened, but I've got a problem with Level Quality Watcher. 

Hopefully I'm following the forum instructions correctly.

Here goes:

 

DDS.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.45.2
Run by acconneradmin at 21:40:32 on 2013-11-22
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3510.2945 [GMT -5:00]
.
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {D3A6AE5C-4224-4A47-B936-D4C93E10DC21}
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {4CA5B9AB-4295-4D4C-9664-0EBE85AE0525}
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {ABF78705-3D85-4737-ADC0-30DFFA07CEDB}
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {7E1A14A3-0FA6-41CB-8789-7E6E676BF4DF}
AV: Trend Micro OfficeScan Antivirus *Enabled/Updated* {D9C47C87-F214-4181-8037-8E4252446C14}
FW: Trend Micro OfficeScan Intrusion Defense Firewall *Enabled*
.
============== Running Processes ================
.
C:\Program Files\Citrix\ICA Client\ssonsvr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CCleaner\CCleaner.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank


BHO: HelperObject Class: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - c:\program files\trend micro\officescan client\TmIEPlg.dll
BHO: outobox: {30f06672-0e95-41a9-80cb-dee386af99ad} - c:\program files\outobox\outoboxbho.dll
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft lync\OCHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\program files\webex\productivity tools\ptonecli.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Microsoft Web Test Recorder 10.0 Helper: {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\program files\microsoft visual studio 10.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: WebEx Productivity Tools: {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - c:\program files\webex\productivity tools\ptonecli.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
EB: Web Test Recorder 10.0: {5802D092-1784-4908-8CDB-99B6842D353D} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [OfficeScanNT Monitor] "c:\program files\trend micro\officescan client\pccntmon.exe" -HideWindow
mRun: [sysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [AESTFltr] c:\windows\system32\AESTFltr.exe /NoDlg
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Communicator] "c:\program files\microsoft lync\communicator.exe" /fromrunkey
mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "c:\program files\cisco\cisco anyconnect secure mobility client\vpnui.exe" -autolaunched
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [userFaultCheck] c:\windows\system32\dumprep 0 -u
dRun: [Push Client] "c:\windows\system32\config\systemprofile\local settings\application data\att connect\participant\pull.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpphot~1.lnk - c:\program files\hp\digital imaging\bin\hpqthb08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\snagit~1.lnk - c:\program files\techsmith\snagit 8\SnagIt32.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-System: consentpromptbehavioradmin = dword:4
mPolicies-System: consentpromptbehavioruser = dword:3
mPolicies-System: disablecad = dword:1
mPolicies-System: enableinstallerdetection = dword:0
mPolicies-System: enableuiadesktoptoggle = dword:1
mPolicies-System: filteradministratortoken = dword:1
mPolicies-System: promptonsecuredesktop = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - c:\program files\microsoft lync\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe








DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -

TCP: NameServer = 192.168.1.1
TCP: Interfaces\{D71904B9-A7C8-48BD-B477-AB78AC7CCFA8} : DHCPNameServer = 192.168.1.1
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files\citrix\ica client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: qrev - {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - c:\program files\quest software\toad for oracle 10.6\RNetPin.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\program files\trend micro\officescan client\TmIEPlg.dll
Notify: igfxcui - igfxdev.dll
Notify: NavLogon - <no file>
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\31.0.1650.57\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\acconneradmin\application data\mozilla\firefox\profiles\k83crnge.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL -
FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.165\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1205146.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_9_900_117.dll
FF - ExtSQL: 2013-11-12 13:15; firefox@outobox.net; c:\documents and settings\acconneradmin\application data\mozilla\firefox\profiles\k83crnge.default\extensions\firefox@outobox.net.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [2011-4-15 17648]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2011-4-15 43888]
R3 e1kexpress;Intel® PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\drivers\e1k5132.sys [2011-12-29 168616]
R3 NETwNx32;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwNx32.sys [2011-4-15 6650752]
R3 tbimdsa;Trend Micro DSA Filter Driver Service;c:\windows\system32\drivers\tbimdsa.sys [2013-2-26 436272]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2010-4-16 65584]
S2 CipcCdp;Cisco IP Communicator driver for CDP;c:\windows\system32\drivers\CipcCdp.sys [2013-2-26 24064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 DB2MGMTSVC_TACOM27;DB2 Management Service (TACOM27);c:\program files\quest software\toad for data analysts 2.7\sqllib\bin\db2mgmtsvc.exe [2010-5-15 37736]
S2 ds_agent;Intrusion Defense Firewall Client;c:\program files\trend micro\idf client\ds_agent.exe [2013-3-27 1420792]
S2 Level Quality Watcher;Level Quality Watcher;c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=f5d333a8-c748-4686-ae0a-9e008f670c22 --> c:\program files\level quality watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 [?]
S2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;c:\program files\notes\nsd.exe [2010-8-11 3417480]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\drivers\tmevtmgr.sys [2011-4-19 62704]
S2 TmFilter;Trend Micro Filter;c:\program files\trend micro\officescan client\tmxpflt.sys [2010-10-20 267552]
S2 TmPreFilter;Trend Micro PreFilter;c:\program files\trend micro\officescan client\tmpreflt.sys [2010-10-20 36640]
S2 Update outobox;Update outobox;c:\program files\outobox\updateoutobox.exe [2013-11-12 66840]
S2 Util outobox;Util outobox;c:\program files\outobox\bin\utiloutobox.exe [2013-11-20 66840]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\cisco\cisco anyconnect secure mobility client\vpnagent.exe [2012-8-3 537592]
S3 acsint;acsint;c:\windows\system32\drivers\acsint.sys [2013-2-26 38440]
S3 acsmux;acsmux;c:\windows\system32\drivers\acsmux.sys [2013-2-26 57256]
S3 AESTAud;AE Audio Service;c:\windows\system32\drivers\AESTAud.sys [2011-12-29 113664]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2008-9-2 33832]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\drivers\e1y5132.sys --> c:\windows\system32\drivers\e1y5132.sys [?]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2011-12-29 132480]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\drivers\IntcDAud.sys [2011-4-15 251904]
S3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\intchdmi.sys --> c:\windows\system32\drivers\IntcHdmi.sys [?]
S3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2008-11-21 41088]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\o2mdfxp.sys [2011-4-15 60192]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\drivers\OA001Ufd.sys [2008-6-3 144672]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\drivers\OA001Vid.sys [2008-5-12 277504]
S3 TmProxy;OfficeScan NT Proxy Service;c:\program files\trend micro\officescan client\TmProxy.exe [2010-11-3 689712]
S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2011-1-18 54144]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]
S4 RsFx0103;RsFx0103 Driver;c:\windows\system32\drivers\RsFx0103.sys [2009-3-30 239336]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2009-3-30 366936]
.
=============== Created Last 30 ================
.
2013-11-22 22:06:24    --------    d-----w-    c:\documents and settings\acconneradmin\application data\Malwarebytes
2013-11-22 22:06:13    --------    d-----w-    c:\documents and settings\all users\application data\Malwarebytes
2013-11-22 22:06:10    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-11-22 22:06:10    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-11-20 19:44:00    --------    d-----w-    c:\program files\outobox
2013-11-20 19:43:32    --------    d-----w-    c:\program files\Smart-ActiveX
2013-11-05 19:41:06    --------    d-----w-    c:\documents and settings\all users\application data\PreEmptive Solutions
2013-11-05 19:07:50    --------    d-----w-    c:\documents and settings\all users\application data\VS
2013-11-01 00:25:30    --------    d-----w-    c:\windows\system32\cache
2013-10-31 15:10:02    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-10-30 23:02:04    --------    d--h--w-    c:\documents and settings\all users\application data\Common Files
2013-10-30 23:00:53    --------    d-----w-    c:\documents and settings\acconneradmin\application data\Roxio Log Files
2013-10-30 22:55:44    --------    d-----w-    c:\documents and settings\all users\application data\Package Cache
2013-10-30 22:51:26    --------    d-----w-    c:\program files\MyPC Backup
2013-10-30 22:51:06    --------    d-----w-    c:\program files\Elaborate Bytes
2013-10-30 18:05:22    --------    d-----w-    c:\documents and settings\acconneradmin\application data\Macrovision
.
==================== Find3M  ====================
.
2013-10-09 14:41:07    71048    ------w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-10-09 14:41:07    692616    ------w-    c:\windows\system32\FlashPlayerApp.exe
2013-10-08 11:29:36    145408    ----a-w-    c:\windows\system32\javacpl.cpl
.
============= FINISH: 21:41:00.34 ===============
 

 

 

Attach.txt

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/25/2013 9:08:29 AM
System Uptime: 11/22/2013 9:25:52 PM (0 hours ago)
.
Motherboard: Dell Inc. |  |  
Processor: Intel Pentium II processor | CPU 1 | 2394/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 189.472 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
==== System Restore Points ===================
.
RP172: 10/15/2013 9:58:58 AM - System Checkpoint
RP173: 10/15/2013 4:58:27 PM - System Checkpoint
RP174: 10/16/2013 6:52:48 PM - System Checkpoint
RP175: 10/17/2013 6:58:21 PM - System Checkpoint
RP176: 10/19/2013 11:37:52 AM - System Checkpoint
RP177: 10/20/2013 3:42:37 PM - System Checkpoint
RP178: 10/22/2013 10:20:04 AM - System Checkpoint
RP179: 10/23/2013 10:33:54 AM - System Checkpoint
RP180: 10/24/2013 11:47:41 AM - System Checkpoint
RP181: 10/25/2013 3:18:11 PM - System Checkpoint
RP182: 10/29/2013 5:45:39 PM - System Checkpoint
RP183: 10/30/2013 6:55:44 PM - Visual Studio 2012 Update 3 (KB2707250)
RP184: 10/30/2013 7:27:10 PM - Removed Ask Toolbar
RP185: 10/31/2013 11:08:47 AM - Installed Java 7 Update 45
RP186: 11/1/2013 4:25:50 PM - System Checkpoint
RP187: 11/2/2013 11:33:23 PM - System Checkpoint
RP188: 11/4/2013 1:22:17 PM - System Checkpoint
RP189: 11/5/2013 1:42:38 PM - System Checkpoint
RP190: 11/6/2013 7:46:35 PM - System Checkpoint
RP191: 11/7/2013 11:59:36 PM - System Checkpoint
RP192: 11/9/2013 7:05:12 PM - System Checkpoint
RP193: 11/10/2013 7:16:28 PM - System Checkpoint
RP194: 11/11/2013 7:49:40 PM - System Checkpoint
RP195: 11/12/2013 8:03:19 PM - System Checkpoint
RP196: 11/13/2013 9:53:05 PM - System Checkpoint
RP197: 11/15/2013 8:28:46 AM - System Checkpoint
RP198: 11/16/2013 5:26:15 PM - System Checkpoint
RP199: 11/17/2013 6:51:08 PM - System Checkpoint
RP200: 11/18/2013 7:06:26 PM - System Checkpoint
RP201: 11/19/2013 8:11:25 PM - System Checkpoint
RP202: 11/20/2013 10:36:43 PM - System Checkpoint
RP203: 11/22/2013 12:17:49 AM - System Checkpoint
.
==== Installed Programs ======================
.
6300
6300_Help
6300Trb
Adobe Acrobat  9 Standard - English, Français, Deutsch
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
Adobe Shockwave Player
Adobe Shockwave Player 11.5
Adobe Shockwave Player 12.0
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Software Update
AT&T Connect Participant Application v9.0.82
BufferChm
CCleaner
Cisco AnyConnect Secure Mobility Client
Cisco AnyConnect Secure Mobility Client
Cisco IP Communicator
Cisco WebEx Meetings
Citrix Online Launcher
Citrix online plug-in
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (PNA)
Citrix online plug-in (SSON)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
ClearType Tuning Control Panel Applet
CmdHere Powertoy For Windows XP
Configuration Manager Client
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Panorama1Config
cp_PosterPrintConfig
Critical Update for Windows Media Player 11 (KB959772)
Crystal Reports for Visual Studio
CueTour
CustomerResearchQFolder
CutePDF Writer 3.0
CyberLink PowerDVD 9.5
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Touchpad
Destinations
DeviceManagementQFolder
DirectX 9 Runtime
DocProc
DocProcQFolder
DocumentViewer
DocumentViewerQFolder
Dotfuscator Software Services - Community Edition
eSupportQFolder
Fax_CDA
FullDPAppQFolder
Google Chrome
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Team Foundation Server 2010 Object Model - ENU (KB2662296)
Hotfix for Microsoft Visual Studio 2010 Ultimate - ENU (KB2662296)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2280741)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2284668)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2295689)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2420513)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2452649)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2455033)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB2485545)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982517)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB982721)
Hotfix for Visual C++ Standard 2010 Beta 1 - ENU (KB983233)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB958655-v2)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB969084)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevices
InstantShareDevicesMFC
Integrated Webcam Driver (1.02.02.0603)  
Java 7 Update 45
Java Auto Updater
Java 6 Update 30
Lotus Notes 8.5.2
Macromedia Authorware Web Player
Malwarebytes Anti-Malware version 1.75.0.1300
MarketResearch
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft ASP.NET MVC 2
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Help Viewer 1.1
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Lync 2010
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel 2007 Get Started Tab
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Meeting 2007
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint 2007 Get Started Tab
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word 2007 Get Started Tab
Microsoft Office Word MUI (English) 2010
Microsoft Portable Library Multi-Targeting Pack
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft Software Update for Web Folders  (English) 14
Microsoft SQL Server 2008
Microsoft SQL Server 2008 Browser
Microsoft SQL Server 2008 Common Files
Microsoft SQL Server 2008 Database Engine Services
Microsoft SQL Server 2008 Database Engine Shared
Microsoft SQL Server 2008 Native Client
Microsoft SQL Server 2008 R2 Data-Tier Application Framework
Microsoft SQL Server 2008 R2 Data-Tier Application Project
Microsoft SQL Server 2008 R2 Management Objects
Microsoft SQL Server 2008 R2 Transact-SQL Language Service
Microsoft SQL Server 2008 RsFx Driver
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Database Publishing Wizard 1.4
Microsoft SQL Server System CLR Types
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime v1.0 SP1 (x86)
Microsoft Sync Framework SDK v1.0 SP1
Microsoft Sync Framework Services v1.0 SP1 (x86)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
Microsoft Team Foundation Server 2010 Object Model - ENU
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++  Compilers 2010 Standard - enu - x86
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
Microsoft Visual F# 2.0 Runtime
Microsoft Visual SourceSafe 6.0c
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
Microsoft Visual Studio 2010 Office Developer Tools (x86)
Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU
Microsoft Visual Studio 2010 Service Pack 1
Microsoft Visual Studio 2010 SharePoint Developer Tools
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Microsoft Visual Studio 2010 Ultimate - ENU
Microsoft Visual Studio Macro Tools
Mozilla Firefox 19.0.2 (x86 en-US)
Mozilla Firefox 20.0.1 (x86 en-US)
Mozilla Firefox 23.0.1 (x86 en-US)
Mozilla Firefox 25.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB925673)
NewCopy_CDA
OCR Software by I.R.I.S 7.0
OGA Notifier 2.0.0048.0
outobox 2013.11.12.181539
PanoStandAlone
PhotoGallery
ProductContextNPI
Quest Installer
Quest Software Toad Data Modeler
Quest Software Toad for Data Analysts 2.7
Quest SQL Optimizer for Oracle
Quest SQL Optimizer for Oracle Common
QuickTime
RandMap
RDC
Readme
RSA SecurID Software Token
Scan
ScannerCopy
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Security Update for Windows Internet Explorer 7 (KB2497640)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2792100)
Security Update for Windows Internet Explorer 7 (KB2797052)
Security Update for Windows Internet Explorer 7 (KB2829530)
Security Update for Windows Internet Explorer 7 (KB2838727)
Security Update for Windows Internet Explorer 7 (KB2862772)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2483614)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813347)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Service Pack 1 for SQL Server 2008 (KB968369)
SkinsHP1
SlideShow
SnagIt 8
SolutionCenter
Sonic_PrimoSDK
Sql Server Customer Experience Improvement Program
Status
swMSM
Toad for Oracle 10.6
Toolbox
TrayApp
Trend Micro OfficeScan Client
Trend Micro OfficeScan Intrusion Defense Firewall Client
UniPrint Client 3.6.3.1
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2808679)
Update for Windows XP (KB2863058)
Update for Windows XP (KB898461)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951618-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visual Studio 2012 Update 3 (KB2707250)
WCF RIA Services V1.0 SP1
Web Deployment Tool
WebEx Productivity Tools
WebFldrs XP
WebReg
WIMGAPI
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 7 Multilingual User Interface (MUI)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows PowerShell 1.0 MUI pack
Windows Presentation Foundation
Windows Search 4.0
Windows Server 2003 Service Pack 2 Administration Tools Pack
XML Paper Specification Shared Components Pack 1.0
.
==== Event Viewer Messages From Past Week ========
.
11/21/2013 9:09:20 AM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 5 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 8:09:12 AM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 4 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 7:09:05 AM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 6:59:34 AM, error: DCOM [10016]  - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be modified using the Component Services administrative tool.
11/21/2013 6:58:49 AM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 600000 milliseconds: Restart the service.
11/21/2013 6:53:37 AM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 300000 milliseconds: Restart the service.
11/21/2013 6:53:06 AM, error: Service Control Manager [7000]  - The rimmptsk service failed to start due to the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/21/2013 6:51:51 AM, error: NETLOGON [5719]  - No Domain Controller is available for domain CORP due to the following:  There are currently no logon servers available to service the logon request. . Make sure that the computer is connected to the network and try again. If the problem persists, please contact your domain administrator.
11/21/2013 3:11:02 PM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 11 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 2:10:57 PM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 10 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 12:10:32 PM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 8 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 11:09:49 AM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 7 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 10:09:41 AM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 6 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/21/2013 1:10:46 PM, error: Service Control Manager [7031]  - The Level Quality Watcher service terminated unexpectedly.  It has done this 9 time(s).  The following corrective action will be taken in 3600000 milliseconds: Restart the service.
11/20/2013 8:48:17 PM, error: Dhcp [1002]  - The IP address lease 10.128.48.59 for the Network Card with network address 58946B5BE364 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
 

 

Any advice on cleaning Level Quality Watcher from my machine would be greatly appreciated!

Thanks

 

 

Link to post
Share on other sites

Hello aconnerty and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
  • Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

    Step 2

    Download OTL to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
    In your next reply, post the following log files:
    • Malwarebytes' Anti-Malware log
    • OTL with Extras.txt
Link to post
Share on other sites

Thank you, Borislav!

 

Here's my MBAM log:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.22.11

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
acconneradmin :: ACCONNERCINL2 [administrator]

11/23/2013 2:50:56 PM
mbam-log-2013-11-23 (14-50-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 462756
Time elapsed: 12 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

 

Here is OTL:

 

OTL logfile created on: 11/23/2013 2:31:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\acconneradmin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.43 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 67.71% Memory free
5.27 Gb Paging File | 4.30 Gb Available in Paging File | 81.59% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.87 Gb Total Space | 189.46 Gb Free Space | 81.36% Space Free | Partition Type: NTFS
 
Computer Name: ACCONNERCINL2 | User Name: acconneradmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/23 14:29:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\acconneradmin\My Documents\Downloads\OTL.exe
PRC - [2013/11/22 18:55:33 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013/11/20 22:44:25 | 000,066,840 | ---- | M] () -- C:\Program Files\outobox\bin\utiloutobox.exe
PRC - [2013/11/12 13:15:38 | 000,066,840 | ---- | M] () -- C:\Program Files\outobox\updateoutobox.exe
PRC - [2013/10/08 06:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/06/13 11:12:28 | 000,345,112 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2013/04/29 13:24:02 | 001,521,360 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
PRC - [2013/04/26 14:50:56 | 002,082,968 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
PRC - [2013/04/26 14:46:48 | 002,127,000 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
PRC - [2013/03/27 05:36:16 | 001,420,792 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\IDF Client\ds_agent.exe
PRC - [2013/02/21 10:52:48 | 000,555,352 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2013/02/12 19:17:54 | 000,058,160 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2012/12/06 15:27:50 | 000,689,712 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
PRC - [2012/10/01 18:01:08 | 000,458,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
PRC - [2012/08/03 13:52:08 | 000,537,592 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2011/05/12 19:19:46 | 000,495,708 | R--- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2011/05/12 19:19:46 | 000,245,842 | R--- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2011/05/12 19:19:44 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2011/03/23 04:36:12 | 000,058,760 | ---- | M] (IBM Corp) -- C:\Program Files\notes\ntmulti.exe
PRC - [2011/03/23 04:35:40 | 000,062,856 | ---- | M] (IBM Corp) -- C:\Program Files\notes\nslsvice.exe
PRC - [2011/03/23 04:35:22 | 003,417,480 | ---- | M] (IBM) -- C:\Program Files\notes\nsd.exe
PRC - [2011/02/22 20:32:40 | 000,072,296 | ---- | M] (O2Micro International) -- C:\WINDOWS\system32\drivers\o2flash.exe
PRC - [2010/07/07 12:59:22 | 000,054,744 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2010/05/31 13:17:06 | 000,054,640 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/05/15 17:47:16 | 000,037,736 | ---- | M] (International Business Machines Corporation) -- C:\Program Files\Quest Software\Toad for Data Analysts 2.7\SQLLIB\BIN\db2mgmtsvc.exe
PRC - [2010/05/12 16:04:48 | 000,599,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/05/12 16:03:22 | 000,300,472 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2010/05/12 15:47:18 | 000,071,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\ssonsvr.exe
PRC - [2009/09/18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/10 06:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005/12/22 08:00:00 | 005,513,216 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
PRC - [2005/12/22 08:00:00 | 000,026,112 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/11/22 18:55:30 | 003,363,952 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2013/11/20 22:44:25 | 000,066,840 | ---- | M] () -- C:\Program Files\outobox\bin\utiloutobox.exe
MOD - [2013/11/12 13:15:38 | 000,066,840 | ---- | M] () -- C:\Program Files\outobox\updateoutobox.exe
MOD - [2013/10/09 09:41:07 | 016,233,864 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/08/17 06:51:24 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\86cf16cf92da793bb74cacd060279e90\System.Management.ni.dll
MOD - [2013/08/17 06:35:35 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\11002e9c60aab7991c40ce435d578ee6\System.Windows.Forms.ni.dll
MOD - [2013/08/17 06:35:27 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d84f07769a77afd90cece68e609dde75\System.Drawing.ni.dll
MOD - [2013/08/17 06:35:21 | 005,462,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\075c9aede83cadfcf61200db630f36bd\System.Xml.ni.dll
MOD - [2013/08/17 06:35:17 | 000,978,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\0d1d50810369ce69b470f6ecb912b42d\System.Configuration.ni.dll
MOD - [2013/08/17 06:35:16 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\36f27e441d3de670330e3e2f4ebace5c\System.ServiceProcess.ni.dll
MOD - [2013/08/17 06:35:10 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\18e76d5777cc882510481bb678c21a0a\System.ni.dll
MOD - [2013/08/17 06:34:04 | 000,114,688 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2013/08/17 06:34:03 | 000,425,984 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2013/08/17 06:33:29 | 002,052,096 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2013/08/17 06:33:28 | 003,194,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2013/03/27 05:36:12 | 008,571,968 | ---- | M] () -- C:\Program Files\Trend Micro\IDF Client\wxmsw28u_vc_dsa.dll
MOD - [2013/03/27 05:36:00 | 000,158,928 | ---- | M] () -- C:\Program Files\Trend Micro\IDF Client\libexpat.dll
MOD - [2013/03/24 17:51:36 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2013/03/24 17:51:24 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2013/03/24 17:51:24 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2013/03/24 17:51:18 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2013/03/24 17:51:15 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2013/03/24 17:51:15 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2013/03/24 17:51:15 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2013/03/24 17:51:14 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2013/03/24 17:51:14 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2013/03/24 17:51:14 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2013/03/24 17:51:14 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2013/03/24 17:51:13 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2013/03/24 17:51:13 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2013/03/24 17:51:13 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2013/03/24 17:51:12 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2013/03/24 17:51:12 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2013/03/24 17:51:11 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2013/03/24 17:51:10 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2013/03/24 17:51:10 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2013/03/24 17:51:10 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2013/03/24 17:51:10 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2013/03/24 17:51:10 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2013/03/24 17:51:09 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2013/03/24 17:51:09 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2013/03/24 17:51:09 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2013/03/24 17:51:09 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2013/03/24 17:51:09 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2013/03/24 17:51:09 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2013/03/24 17:51:08 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2013/03/24 17:51:08 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2013/03/24 17:51:08 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2013/02/26 15:24:58 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013/02/26 14:05:12 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9e0f5e39\mscorlib.dll
MOD - [2013/02/26 14:05:06 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_29c35107\system.drawing.dll
MOD - [2013/02/26 14:05:01 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_ab2418df\system.xml.dll
MOD - [2013/02/26 14:04:57 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_dc062d78\system.windows.forms.dll
MOD - [2013/02/26 14:04:50 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_02bfbcab\system.dll
MOD - [2013/02/26 14:04:42 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013/02/26 14:04:41 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013/02/26 14:04:40 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012/10/04 18:50:36 | 000,088,688 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2012/08/03 13:53:26 | 000,062,968 | ---- | M] () -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2011/04/01 09:53:28 | 000,499,712 | ---- | M] () -- C:\Program Files\Trend Micro\OfficeScan Client\sqlite3.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2008/09/02 09:43:03 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008/09/02 09:42:15 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2005/10/20 09:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005/10/20 09:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 -- (Level Quality Watcher)
SRV - [2013/11/22 18:55:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/20 22:44:25 | 000,066,840 | ---- | M] () [Auto | Running] -- C:\Program Files\outobox\bin\utiloutobox.exe -- (Util outobox)
SRV - [2013/11/12 13:15:38 | 000,066,840 | ---- | M] () [Auto | Running] -- C:\Program Files\outobox\updateoutobox.exe -- (Update outobox)
SRV - [2013/10/09 09:41:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/08 06:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/13 11:12:28 | 000,345,112 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2013/04/26 14:50:56 | 002,082,968 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe -- (tmlisten)
SRV - [2013/04/26 14:46:48 | 002,127,000 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe -- (ntrtscan)
SRV - [2013/03/27 05:36:16 | 001,420,792 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\IDF Client\ds_agent.exe -- (ds_agent)
SRV - [2013/03/20 14:57:12 | 000,099,592 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINDOWS\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2013/02/28 10:21:58 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/12/06 15:27:50 | 000,689,712 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/08/03 13:52:08 | 000,537,592 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011/05/12 19:19:46 | 000,245,842 | R--- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2011/03/23 04:36:12 | 000,058,760 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Program Files\notes\ntmulti.exe -- (Multi-user Cleanup Service)
SRV - [2011/03/23 04:35:40 | 000,062,856 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Program Files\notes\nslsvice.exe -- (Lotus Notes Single Logon)
SRV - [2011/03/23 04:35:22 | 003,417,480 | ---- | M] (IBM) [Auto | Running] -- C:\Program Files\notes\nsd.exe -- (Lotus Notes Diagnostics)
SRV - [2011/02/22 20:32:40 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\WINDOWS\system32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2010/05/15 17:47:16 | 000,037,736 | ---- | M] (International Business Machines Corporation) [Auto | Running] -- C:\Program Files\Quest Software\Toad for Data Analysts 2.7\SQLLIB\BIN\db2mgmtsvc.exe -- (DB2MGMTSVC_TACOM27)
SRV - [2009/09/18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009/09/18 04:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\CCM\TSManager.exe -- (smstsmgr)
SRV - [2006/03/03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Adapter | Unavailable | Unknown] --  -- (PnSson)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\e1y5132.sys -- (e1yexpress)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\e1e5132.sys -- (e1express)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\e1c5132.sys -- (e1cexpress)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2013/06/27 03:38:06 | 000,262,560 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2013/06/13 11:02:54 | 000,075,600 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2013/06/13 11:02:44 | 000,062,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2013/04/16 10:58:10 | 000,267,552 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmxpflt.sys -- (TmFilter)
DRV - [2013/04/16 10:58:00 | 000,036,640 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2013/04/16 10:39:20 | 001,490,272 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\vsapint.sys -- (VSApiNt)
DRV - [2013/02/26 08:04:54 | 000,436,272 | ---- | M] (Trend Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbimdsa.sys -- (tbimdsa)
DRV - [2013/02/21 13:06:14 | 000,408,368 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2012/08/03 13:38:56 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2012/08/03 13:38:06 | 000,057,256 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsmux.sys -- (acsmux)
DRV - [2012/08/03 13:38:06 | 000,038,440 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsint.sys -- (acsint)
DRV - [2011/05/12 19:20:08 | 000,251,904 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011/05/12 19:20:08 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2011/05/12 19:20:00 | 000,168,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress)
DRV - [2011/05/12 19:19:58 | 006,650,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32)
DRV - [2011/05/12 19:19:54 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2011/05/12 19:19:52 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2011/05/12 19:19:46 | 001,660,691 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2011/05/12 19:19:44 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2011/02/22 20:32:46 | 000,022,736 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btpmw32.sys -- (BCMTPM)
DRV - [2011/02/22 20:32:42 | 000,060,192 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\o2mdfxp.sys -- (O2MDFRDR)
DRV - [2011/02/22 20:32:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI)
DRV - [2011/02/22 20:32:38 | 000,043,888 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelern.sys -- (Acceler)
DRV - [2011/01/24 11:37:08 | 000,024,064 | ---- | M] (Cisco Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CipcCdp.sys -- (CipcCdp)
DRV - [2011/01/18 17:38:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2010/11/08 19:05:38 | 000,090,448 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/08/20 10:04:38 | 000,017,648 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\stdcfltn.sys -- (stdcfltn)
DRV - [2010/04/16 15:22:04 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/09/18 04:00:00 | 000,020,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009/03/30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008/10/20 20:08:06 | 000,012,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smsmdm.sys -- (smsmdd)
DRV - [2008/06/03 08:30:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/21 03:19:00 | 003,630,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2008/05/12 16:01:00 | 000,277,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2007/03/12 23:26:06 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{39C6B15E-82F5-42DC-B7B3-7C9FFE882393}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKLM\..\SearchScopes\{76D372A2-2AD9-4D66-AF06-34C9E2E71071}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{EF8BBACB-120B-44B3-BFD4-D748C5D103DF}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kendle.com/
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kendle.com/
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.kendle.com
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\SearchScopes,DefaultScope = {B77207E9-8648-4F22-8C06-F041D9E55C0F}
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\SearchScopes\{5A709106-2F15-4585-B675-3857CAE0EB23}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\SearchScopes\{A2A3874B-608E-4BBD-9277-87731DF510BE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\SearchScopes\{B77207E9-8648-4F22-8C06-F041D9E55C0F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B22C7F6C6-8D67-4534-92B5-529A0EC09405%7D:5.82.0.1056
FF - prefs.js..extensions.enabledAddons: firefox%40outobox.net:1.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - prefs.js..keyword.URL: ""
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension [2013/03/26 16:31:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/22 18:55:13 | 000,000,000 | ---D | M]
 
[2013/02/27 15:34:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Extensions
[2013/11/20 14:44:08 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\extensions
[2013/11/12 13:15:38 | 000,008,920 | ---- | M] () (No name found) -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\extensions\firefox@outobox.net.xpi
[2013/11/20 14:40:20 | 000,003,746 | ---- | M] () -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\searchplugins\safeguard-secure-search.xml
[2013/11/22 18:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/22 18:55:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/26 16:31:52 | 000,000,000 | ---D | M] (Trend Micro NSC Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\FIREFOXEXTENSION
[2013/06/27 14:41:24 | 000,032,440 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (outobox) - {30f06672-0e95-41a9-80cb-dee386af99ad} - C:\Program Files\outobox\outoboxBHO.dll (outobox)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O3 - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Lync\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\.DEFAULT..\Run: [Push Client] C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\ATT Connect\Participant\pull.exe (AT&T Inc.)
O4 - HKU\S-1-5-18..\Run: [Push Client] C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\ATT Connect\Participant\pull.exe (AT&T Inc.)
O4 - Startup: C:\Documents and Settings\acconner\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: consentpromptbehavioradmin = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: consentpromptbehavioruser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: enableinstallerdetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: filteradministratortoken = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: promptonsecuredesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: amgen.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: amgenpartners.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: gene.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: incresearch.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: kendle.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: mdsol.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: pfizer.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: ventana-crc.com ([]* in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=67633 (Office Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265644833171 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1265644826437 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: B3467D2D-E10C-41A6-B671-2B07A1445DC4 http://conference.kendle.com/Downloads/cmW32client.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Corp.Incresearch.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D71904B9-A7C8-48BD-B477-AB78AC7CCFA8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\qrev {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - C:\Program Files\Quest Software\Toad for Oracle 10.6\RNetPin.dll ()
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/29 16:56:03 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{801df691-23ff-11d7-b1a1-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{801df691-23ff-11d7-b1a1-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{801df691-23ff-11d7-b1a1-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE /AUTORUN
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/23 10:01:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\acconneradmin\Recent
[2013/11/22 18:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/22 17:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Malwarebytes
[2013/11/22 17:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/22 17:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/11/22 17:06:10 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/11/22 17:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/11/20 14:44:00 | 000,000,000 | ---D | C] -- C:\Program Files\outobox
[2013/11/20 14:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Smart-ActiveX
[2013/11/20 14:43:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Start Menu\Programs\Smart-ActiveX
[2013/11/20 14:42:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\acconneradmin\My Documents\My Videos
[2013/11/05 14:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2013/11/05 14:08:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\WCF RIA Services V1.0 SP1
[2013/11/05 14:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight 4 SDK
[2013/11/05 14:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VS
[2013/10/31 19:25:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/10/31 10:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/10/31 10:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/10/30 18:02:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/10/30 18:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Roxio Log Files
[2013/10/30 17:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Expression
[2013/10/30 17:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/10/30 17:51:26 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
[2013/10/30 17:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2013/10/30 13:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Roxio
[2013/10/30 13:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Macrovision
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/23 14:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/23 14:24:04 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/23 14:24:03 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/23 14:24:02 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/23 13:06:15 | 000,000,496 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2013/11/23 13:00:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/22 21:31:52 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/11/22 17:06:15 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/22 09:52:10 | 000,010,078 | ---- | M] () -- C:\WINDOWS\cfgall.ini
[2013/11/22 08:11:30 | 000,087,998 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/11/20 14:43:07 | 000,000,009 | ---- | M] () -- C:\END
[2013/11/03 10:12:23 | 000,604,126 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/03 10:12:22 | 000,125,778 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/30 18:35:56 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/11/22 17:06:15 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/20 14:43:07 | 000,000,009 | ---- | C] () -- C:\END
[2013/10/10 12:59:55 | 000,360,584 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/06/28 13:03:11 | 000,088,688 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2013/06/07 10:53:15 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\acconneradmin\Local Settings\Application Data\fusioncache.dat
[2013/04/22 09:13:42 | 000,004,049 | ---- | C] () -- C:\WINDOWS\cfgwtp.ini
[2013/03/24 17:41:03 | 000,117,364 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2013/03/24 17:40:55 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2013/03/08 09:54:55 | 000,181,808 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2013/02/27 16:20:15 | 001,914,774 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-957651104-916166795-1467990369-74702-0.dat
[2013/02/27 15:50:29 | 000,694,370 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-957651104-916166795-1467990369-82427-0.dat
[2013/02/27 15:50:28 | 000,302,038 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/02/26 13:29:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/02/26 10:53:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/26 08:28:04 | 000,087,998 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/03/20 19:02:12 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2011/12/29 17:20:58 | 000,127,868 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng575.bin
[2011/12/29 17:20:57 | 000,870,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng575.bin
[2011/12/29 17:04:47 | 000,004,764 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
 
========== ZeroAccess Check ==========
 
[2008/09/02 09:42:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/03/02 18:04:03 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/02/26 08:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abairadmin\Application Data\Windows Desktop Search
[2013/10/30 18:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\AVG SafeGuard toolbar
[2013/11/22 11:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Cisco
[2013/11/23 13:06:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Dropbox
[2013/02/27 14:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\EurekaLog
[2013/07/11 13:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\ICAClient
[2013/02/28 08:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Quest Software
[2013/11/12 15:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\webex
[2013/02/26 08:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Windows Desktop Search
[2013/03/04 14:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Windows Search
[2013/03/12 12:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\Dropbox
[2013/07/18 21:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\ICAClient
[2013/02/27 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\Quest Software
[2013/02/27 10:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\Windows Desktop Search
[2011/04/20 11:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ATT Connect
[2011/04/19 15:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICAClient
[2008/10/23 14:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Interwise
[2011/09/22 10:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2013/06/28 13:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\APN
[2013/02/26 09:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco
[2011/04/19 15:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2013/10/30 18:02:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/02/26 08:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy
[2013/02/27 14:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2013/10/30 18:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/11/05 14:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2013/02/27 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quest Software
[2013/02/26 11:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RSA
[2011/09/23 04:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Softdisk LLC
[2013/02/28 10:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2011/04/20 14:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/11/05 14:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VS
[2013/02/27 13:46:14 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{08439167-4CA5-48E9-A810-A3A7C0B80B06}
[2013/03/12 13:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mrivettadmin\Application Data\Dropbox
 
========== Purity Check ==========
 


< End of report >
 

Link to post
Share on other sites

And here is Extras:

 

OTL Extras logfile created on: 11/23/2013 2:31:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\acconneradmin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.43 Gb Total Physical Memory | 2.32 Gb Available Physical Memory | 67.71% Memory free
5.27 Gb Paging File | 4.30 Gb Available in Paging File | 81.59% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.87 Gb Total Space | 189.46 Gb Free Space | 81.36% Space Free | Partition Type: NTFS
 
Computer Name: ACCONNERCINL2 | User Name: acconneradmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[HKEY_USERS\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /k "cd %L" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1
"Enabled" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List]
"%ProgramFiles%\Internet Explorer\iexplore.exe" = %ProgramFiles%\Internet Explorer\iexplore.exe -- (Microsoft Corporation)
"%ProgramFiles%\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe:*:Enabled:Symantec AntiVirus" = %ProgramFiles%\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe:*:Enabled:Symantec AntiVirus
"%systemroot%\PCHEALTH\HELPCTR\Binaries\helpsvc.exe:*:enabled:helpsvc.exe" = %systemroot%\PCHEALTH\HELPCTR\Binaries\helpsvc.exe:*:enabled:helpsvc.exe -- (Microsoft Corporation)
"%systemroot%\system32\sessmgr.exe:*:enabled:sessmgr.exe" = %systemroot%\system32\sessmgr.exe:*:enabled:sessmgr.exe -- (Microsoft Corporation)
"%windir%\network diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostics for Windows XP" = %windir%\network diagnostic\xpnetdiag.exe:*:Enabled:Network Diagnostics for Windows XP -- (Microsoft Corporation)
"%windir%\system32\wbem\unsecapp.exe:*:Enabled:RPC Traffic" = %windir%\system32\wbem\unsecapp.exe:*:Enabled:RPC Traffic -- (Microsoft Corporation)
"C:\Program Files (x86)\Java\jre6\bin\javaw.exe:*:Enabled:Java 6 for 64bit OS" = C:\Program Files (x86)\Java\jre6\bin\javaw.exe:*:Enabled:Java 6 for 64bit OS
"c:\program files (x86)\microsoft lync\communicator.exe" = c:\program files (x86)\microsoft lync\communicator.exe
"c:\Program Files\1Cv77\BIN\1cv7.exe:*:Enabled: 1C Program in Moscow" = c:\Program Files\1Cv77\BIN\1cv7.exe:*:Enabled: 1C Program in Moscow
"c:\program files\1cv81\bin\1cv8.exe:*:Enabled: new 1c program in Moscow" = c:\program files\1cv81\bin\1cv8.exe:*:Enabled: new 1c program in Moscow
"C:\Program Files\AT&T\Communication Manager\attcm.exe" = C:\Program Files\AT&T\Communication Manager\attcm.exe
"C:\Program Files\Attachmate\Reflection\Rx.exe" = C:\Program Files\Attachmate\Reflection\Rx.exe
"C:\Program Files\Canon\Network ScanGear\SgTool.exe" = C:\Program Files\Canon\Network ScanGear\SgTool.exe
"C:\Program Files\Cisco Systems\Cisco IP Communicator\Communicator.exe" = C:\Program Files\Cisco Systems\Cisco IP Communicator\Communicator.exe
"C:\Program Files\Cisco Systems\Cisco IP Communicator\communicatork9.exe" = C:\Program Files\Cisco Systems\Cisco IP Communicator\communicatork9.exe -- (Cisco Systems, Inc.)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe -- (Sun Microsystems, Inc.)
"C:\Program Files\Microsoft Lync\communicator.exe" = C:\Program Files\Microsoft Lync\communicator.exe -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office11\Outlook.exe" = C:\Program Files\Microsoft Office\Office11\Outlook.exe
"C:\Program Files\Microsoft Office\Office12\Outlook.exe" = C:\Program Files\Microsoft Office\Office12\Outlook.exe
"C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe" = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
"C:\Program Files\Riverbed\Steelhead Mobile\shmobile.exe" = C:\Program Files\Riverbed\Steelhead Mobile\shmobile.exe
"C:\Program Files\Sprint\Sprint Smartview\sprintsv.exe" = C:\Program Files\Sprint\Sprint Smartview\sprintsv.exe
"C:\program files\vmware\vmware vdm\client\bin\wswc.exe" = C:\program files\vmware\vmware vdm\client\bin\wswc.exe
"C:\Program Files\VMware\VMware View\Client\bin\wswc.exe" = C:\Program Files\VMware\VMware View\Client\bin\wswc.exe
"C:\Program Files (x86)\Cisco Systems\Cisco IP Communicator\communicatork9.exe:*:enabled:Cisco IP Communicator" = C:\Program Files (x86)\Cisco Systems\Cisco IP Communicator\communicatork9.exe:*:enabled:Cisco IP Communicator
"C:\Program Files (x86)\Cisco Systems\Cisco IP Communicator\audiotuningwizard.exe:*:enabled:Cisco IP Communicator Audio Tuning Wizard" = C:\Program Files (x86)\Cisco Systems\Cisco IP Communicator\audiotuningwizard.exe:*:enabled:Cisco IP Communicator Audio Tuning Wizard
"C:\Program Files (x86)\Java\jre6\bin\java.exe:*:Enabled:Java 6 for 64bit OS" = C:\Program Files (x86)\Java\jre6\bin\java.exe:*:Enabled:Java 6 for 64bit OS
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1
"Enabled" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List]
"1038:TCP:*:Enabled:Riverbed_Client" = 1038:TCP:*:Enabled:Riverbed_Client
"135:TCP:*:enabled:Port 135" = 135:TCP:*:enabled:Port 135
"139:TCP:*:Enabled:DNS" = 139:TCP:*:Enabled:DNS
"139:UDP:*:Enabled:DNS" = 139:UDP:*:Enabled:DNS
"1500:TCP:*:Enabled:RDU-Badge" = 1500:TCP:*:Enabled:RDU-Badge
"1581:TCP:*:Enabled:RDU-Badge" = 1581:TCP:*:Enabled:RDU-Badge
"161:TCP:*:Enabled:SNMP01" = 161:TCP:*:Enabled:SNMP01
"162:TCP:*:Enabled:SNMP02" = 162:TCP:*:Enabled:SNMP02
"1837:TCP:*:Enabled:TSM-Backups" = 1837:TCP:*:Enabled:TSM-Backups
"2701:TCP:*:Enabled:SMS-Contact-remote-ping" = 2701:TCP:*:Enabled:SMS-Contact-remote-ping
"2702:TCP:*:Enabled:SMS-Remote_control" = 2702:TCP:*:Enabled:SMS-Remote_control
"2703:TCP:*:Enabled:SMS-Chat" = 2703:TCP:*:Enabled:SMS-Chat
"2704:TCP:*:Enabled:SMS-File_Transfer" = 2704:TCP:*:Enabled:SMS-File_Transfer
"2967:TCP:*:Enabled:Symantec System Center Management - Permit" = 2967:TCP:*:Enabled:Symantec System Center Management - Permit
"4118:TCP:*:Enabled:Trend Micro" = 4118:TCP:*:Enabled:Trend Micro
"43900:TCP:*:Enabled:TSM-Backups" = 43900:TCP:*:Enabled:TSM-Backups
"445:TCP:*:Enabled:DNS" = 445:TCP:*:Enabled:DNS
"445:UDP:*:Enabled:DNS" = 445:UDP:*:Enabled:DNS
"53:TCP:*:Enabled:DNS" = 53:TCP:*:Enabled:DNS
"53:UDP:*:Enabled:DNS" = 53:UDP:*:Enabled:DNS
"6000:TCP:*:Enabled:ReflectionsX" = 6000:TCP:*:Enabled:ReflectionsX
"69:UDP:*:Enabled:TFTP" = 69:UDP:*:Enabled:TFTP
"7800:TCP:*:Enabled:Riverbed Mobility Client" = 7800:TCP:*:Enabled:Riverbed Mobility Client
"7801:TCP:*:Enabled:Riverbed_Client" = 7801:TCP:*:Enabled:Riverbed_Client
"7801:UDP:*:Enabled:Riverbed_Mobility_Client" = 7801:UDP:*:Enabled:Riverbed_Mobility_Client
"8090:TCP:*:Enabled:Impact_Mysites" = 8090:TCP:*:Enabled:Impact_Mysites
"8090:UDP:*:Enabled:Impact_Mysites" = 8090:UDP:*:Enabled:Impact_Mysites
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 1
"AllowOutboundSourceQuench" = 1
"AllowRedirect" = 1
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 1
"AllowOutboundTimeExceeded" = 1
"AllowOutboundParameterProblem" = 1
"AllowInboundTimestampRequest" = 1
"AllowInboundMaskRequest" = 1
"AllowOutboundPacketTooBig" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging]
"LogDroppedPackets" = 1
"LogSuccessfulConnections" = 0
"LogFilePath" = C:\%computername%-DomainFW.LOG
"LogFileSize" = 4096
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = *
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" = *
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" = *
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\UPnPFramework]
"Enabled" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 0
"Enabled" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\%username%\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe" = C:\Documents and Settings\%username%\Application Data\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe
"C:\Program Files\AT&T\Communication Manager\attcm.exe" = C:\Program Files\AT&T\Communication Manager\attcm.exe
"C:\Program Files\Attachmate\Reflection\Rx.exe" = C:\Program Files\Attachmate\Reflection\Rx.exe
"C:\Program Files\Cisco Systems\Cisco IP Communicator\Communicator.exe" = C:\Program Files\Cisco Systems\Cisco IP Communicator\Communicator.exe
"C:\Program Files\Cisco Systems\Cisco IP Communicator\communicatork9.exe" = C:\Program Files\Cisco Systems\Cisco IP Communicator\communicatork9.exe -- (Cisco Systems, Inc.)
"C:\program files\Linksys Wireless-G Print Server\PSDiagnosticM.exe" = C:\program files\Linksys Wireless-G Print Server\PSDiagnosticM.exe
"C:\Program Files\Linksys Wireless-G Printer Server\PSDiagnosticM.exe" = C:\Program Files\Linksys Wireless-G Printer Server\PSDiagnosticM.exe
"C:\Program Files\Microsoft Office\Office11\Outlook.exe" = C:\Program Files\Microsoft Office\Office11\Outlook.exe
"C:\Program Files\Microsoft Office\Office12\Outlook.exe" = C:\Program Files\Microsoft Office\Office12\Outlook.exe
"C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe" = C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
"C:\Program Files\Sprint\Sprint Smartview\sprintsv.exe" = C:\Program Files\Sprint\Sprint Smartview\sprintsv.exe
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 0
"Enabled" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts\List]
"34447:UDP*:Cisco_Wireless_G_PrintServer" = 34447:UDP*:Cisco_Wireless_G_PrintServer
"7800:TCP:*:Enabled:Riverbed Mobility Client" = 7800:TCP:*:Enabled:Riverbed Mobility Client
"7801:TCP:*:Enabled:Riverbed_Client" = 7801:TCP:*:Enabled:Riverbed_Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\IcmpSettings]
"AllowOutboundDestinationUnreachable" = 0
"AllowOutboundSourceQuench" = 0
"AllowRedirect" = 0
"AllowInboundEchoRequest" = 1
"AllowInboundRouterRequest" = 0
"AllowOutboundTimeExceeded" = 0
"AllowOutboundParameterProblem" = 0
"AllowInboundTimestampRequest" = 0
"AllowInboundMaskRequest" = 0
"AllowOutboundPacketTooBig" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Logging]
"LogDroppedPackets" = 1
"LogSuccessfulConnections" = 0
"LogFilePath" = C:\%computername%-StandardFW.LOG
"LogFileSize" = 4096
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings]
"Enabled" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\FileAndPrint]
"Enabled" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\RemoteDesktop]
"Enabled" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\Services\UPnPFramework]
"Enabled" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"46241:TCP" = 46241:TCP:*:Enabled:Trend Micro OfficeScan Listener
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009
"5985:TCP" = 5985:TCP:*:Disabled:Windows Remote Management
"80:TCP" = 80:TCP:*:Disabled:Windows Remote Management - Compatibility Mode (HTTP-In)
"46241:TCP" = 46241:TCP:*:Enabled:Trend Micro OfficeScan Listener
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe" = C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0 -- (CyberLink Corp.)
"C:\Documents and Settings\acconner\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\acconner\Application Data\Dropbox\bin\Dropbox.exe:*:Enabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Trend Micro\IDF Client\ds_agent.exe" = C:\Program Files\Trend Micro\IDF Client\ds_agent.exe:*:Enabled:Trend Micro OfficeScan Intrusion Defense Firewall Client -- (Trend Micro Inc.)
"C:\Program Files\Microsoft Lync\communicator.exe" = C:\Program Files\Microsoft Lync\communicator.exe:*:Enabled:Lync -- (Microsoft Corporation)
"C:\Program Files\Microsoft Lync\UcMapi.exe" = C:\Program Files\Microsoft Lync\UcMapi.exe:*:Enabled:UcMapi -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe" = C:\Program Files\Microsoft Office\Live Meeting 8\Console\PWConsole.exe:*:Enabled:Microsoft Office Live Meeting 2007 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" = C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE" = C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote -- (Microsoft Corporation)
"C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe" = C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.exe:*:Enabled:CyberLink PowerDVD 9.0 -- (CyberLink Corp.)
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe" = C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe -- ()
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe" = C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe -- ( )
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe -- (Hewlett-Packard Development Company, L.P.)
"C:\Documents and Settings\acconner\Application Data\Dropbox\bin\Dropbox.exe" = C:\Documents and Settings\acconner\Application Data\Dropbox\bin\Dropbox.exe:*:Disabled:Dropbox -- (Dropbox, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Microsoft Lync\communicator.exe" = C:\Program Files\Microsoft Lync\communicator.exe:*:Enabled:Microsoft Lync 2010 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Lync\UcMapi.exe" = C:\Program Files\Microsoft Lync\UcMapi.exe:*:Enabled:UcMapi -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05855322-BE43-41FE-B583-D3AE0C326D58}" = Microsoft Silverlight 4 SDK
"{06D03042-304A-4C1D-88A9-6E446B6A3D02}" = Cisco IP Communicator
"{07C69B3A-62B3-41BF-82EE-B3A87BD6EA0C}" = Lotus Notes 8.5.2
"{07E15A70-04CB-46D5-8C7D-8BEA6DADBBF0}" = Toad for Oracle 10.6
"{09C52940-A4D1-4409-A7CC-1AAE630CF578}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{0BE273CD-AAB9-361B-8C32-D955EAC929E3}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{112C23F2-C036-4D40-BED4-0CB47BF5555C}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
"{11849FBC-C416-4742-8279-17C3A2C85F72}" = Microsoft Lync 2010
"{14DD7530-CCD2-3798-B37D-3839ED6A441C}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{170DE2A7-4768-370C-9671-D8D17826EFBF}" = Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F3A6960-8470-4C84-820C-EBFFAF4DA580}" = AT&T Connect Participant Application v9.0.82
"{2012098D-EEE9-4769-8DD3-B038050854D4}" = Microsoft Silverlight 3 SDK
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{24C4AC5A-67A4-4E1D-B30C-8C7A01712607}" = RSA SecurID Software Token
"{2609EDF1-34C4-4B03-B634-55F3B3BC4931}" = Configuration Manager Client
"{26A24AE4-039D-4CA4-87B4-2F83216027FF}" = Java 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{27B3563C-561C-4924-8C0E-EA102264873F}" = Windows Server 2003 Service Pack 2 Administration Tools Pack
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++  Compilers 2010 Standard - enu - x86
"{33AE9E89-47C9-4A0D-9E9D-BDD6966A3804}" = Microsoft SQL Server 2008 RsFx Driver
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{363790D2-DA98-41DD-9C9F-69FA36B169DE}" = PanoStandAlone
"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{4462265B-3DC7-44AD-B56D-D09BA67BA422}" = 6300
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{4757D8ED-C630-4B95-BAE5-2D17560B6BB5}" = Quest Software Toad Data Modeler
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{48E3B002-74C0-48A6-A463-85C0F96E2D7E}" = WebEx Productivity Tools
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4EA684E9-5C81-4033-A696-3019EC57AC3A}" = HPProductAssistant
"{4F44B5AE-82A6-4A8A-A3E3-E24D489728E3}" = Microsoft SQL Server 2008 Native Client
"{50ACF4F1-D38A-4DCE-8147-0F574CDEF45B}" = Citrix online plug-in (USB)
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5AE5DB70-5CE6-4876-A83E-8246CC36FC28}" = Microsoft Office PowerPoint 2007 Get Started Tab
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{628ED0F8-590B-49CF-A525-A1696BD79304}" = Cisco AnyConnect Secure Mobility Client
"{66910000-8B30-4973-A159-6371345AFFA5}" = WebReg
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6855CCDD-BDF9-48E4-B80A-80DFB96FE36C}" = CmdHere Powertoy For Windows XP
"{68763C27-235D-4165-A961-FDEA228CE504}" = AiOSoftwareNPI
"{68B52EFD-86CC-486E-A8D0-A3A1554CB5BC}" = Microsoft Office Word 2007 Get Started Tab
"{6909F917-5499-482e-9AA1-FAD06A99F231}" = Toolbox
"{6C44519A-497D-382C-8596-E972C77057C2}" = Microsoft Portable Library Multi-Targeting Pack
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6ED37A91-7710-3183-BE50-AB043FF6689E}" = Microsoft Team Foundation Server 2010 Object Model - ENU
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{721ABC3B-5F12-4332-9C0C-C11424EF666C}" = WIMGAPI
"{736C803C-DD3B-4015-BC51-AFB9E67B9076}" = Readme
"{73868DD9-CC9A-4F7F-B708-99F096DEAB6D}" = Adobe Shockwave Player 11.5
"{7681A1A9-D865-4DC0-A319-41A49F5E78DB}" = Citrix online plug-in (PNA)
"{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}" = Microsoft SQL Server 2008 R2 Management Objects
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A56D81D-6406-40E7-9184-8AC1769C4D69}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{7C03270C-4FAB-4F5C-B10D-52FEDA190790}" = DocumentViewerQFolder
"{7E7B7865-6C80-4373-8BC1-C2EB9431F9DE}" = ProductContextNPI
"{827990C7-4D30-3627-A2D1-5FFA09198BB2}" = Microsoft Visual Studio 2010 Office Developer Tools (x86)
"{8331C3EA-0C91-43AA-A4D4-27221C631139}" = Status
"{8389D54C-79C9-4F80-97A6-A8C4D6B99B0D}" = Trend Micro OfficeScan Intrusion Defense Firewall Client
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{877B76B2-F83F-4F5A-B28D-3F398641ADB6}" = Microsoft SQL Server System CLR Types
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A4CE7FD-9657-4B06-9943-E1819F3D5D67}" = DocProc
"{8BA10381-763C-443B-A200-21B9149B472D}" = Cisco IP Communicator
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{90140000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (English) 14
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{668A43DC-79DD-424A-9D96-54E2EF0B35D6}" =
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PRJSTD_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJSTD_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PRJSTD_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97CE8B73-AA5A-4987-A1BE-50DD1A187478}" = Microsoft Sync Framework SDK v1.0 SP1
"{996512CF-F35B-48DE-9291-557FA5316967}" = ScannerCopy
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A900E37C-AAE3-44FB-8EE7-7E61F7087CE7}" = SnagIt 8
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB706D91-2242-4E1D-B4D0-1ED35387F5A7}" = Microsoft Office Excel 2007 Get Started Tab
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}" = Adobe Acrobat  9 Standard - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.03)
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime
"{B124E6D3-91B4-4E3C-AD03-BA959B223537}" = Citrix online plug-in (Web)
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3D1CFF9-C5DA-3590-894B-40821DDB67C5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{B7E38540-E355-3503-AFD7-635B2F2F76E1}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BAC520D7-CE81-411D-A3A2-8D9C7F2DA3EF}" = Citrix online plug-in (SSON)
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BB7DEA41-298E-450B-9C3A-E7B48D9D021B}" = 6300_Help
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{BC0464FA-A0BA-3E38-85BF-DC5B3A401F48}" = Microsoft Visual Studio 2010 Ultimate - ENU
"{BC537AE0-88AF-47ED-B762-33B0D62B5188}" = Microsoft SQL Server 2008 R2 Data-Tier Application Framework
"{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}" = HP Photosmart, Officejet and Deskjet 7.0.A
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C6DD625F-4B61-4561-8286-87CA0275CEA1}" = Microsoft Sync Framework Runtime v1.0 SP1 (x86)
"{C7F54CF8-D6FB-4E0A-93A3-E68AE0D6C476}" = SolutionCenter
"{C8753E28-2680-49BF-BD48-DD38FD086EFE}" = AiO_Scan_CDA
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}" = ClearType Tuning Control Panel Applet
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D441BD04-E548-4F8E-97A4-1B66135BAAA8}" = Microsoft SQL Server 2008 Setup Support Files
"{D899C197-F8C1-4773-9EC4-6C1FBADB9B29}" = Citrix online plug-in (HDX)
"{D8D4ED7E-954C-449D-B21D-6F97036DF0E9}" = Citrix online plug-in (DV)
"{D96FE6E2-6AF1-4533-B670-54670E2CC3F9}" = Microsoft Visual SourceSafe 6.0c
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DBC20735-34E6-4E97-A9E5-2066B66B243D}" = TrayApp
"{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x86)
"{DD14C745-AC15-4B5C-9820-8F874FA0B328}" = Quest SQL Optimizer for Oracle Common
"{E09A6ECD-0A10-4E72-AB8C-60FD4CCB5E54}" = Quest SQL Optimizer for Oracle
"{E1B40232-F73B-4BF9-A819-E352CCC1EDEF}" = Citrix Online Launcher
"{E1B80DEE-A795-4258-8445-074C06AE3AB8}" = MarketResearch
"{E3CD4EA8-68BB-46E8-9E79-20A417A82C53}" = Microsoft Office Live Meeting 2007
"{E91821D7-B23F-43E6-A8C1-A6BE20B4BE53}" = Quest Software Toad for Data Analysts 2.7
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{ED780CA9-0687-3C12-B439-3369F224941F}" = Microsoft Visual Studio 2010 Service Pack 1
"{F157460F-720E-482f-8625-AD7843891E5F}" = InstantShareDevicesMFC
"{F2AB49F2-D632-446C-9A6E-5B4A98DFF13B}" = 6300Trb
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F3760724-B29D-465B-BC53-E5D72095BCC4}" = Scan
"{F6076EF9-08E1-442F-B6A2-BFB61B295A14}" = Fax_CDA
"{F990B526-8F7C-46E0-B1F1-6C893A8B478F}" = Microsoft Sync Framework Services v1.0 SP1 (x86)
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FBB980B0-63F8-4B48-8D65-90F1D9F81D9F}" = NewCopy_CDA
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FE7E1DD7-EBCE-4696-ADE2-22BDBF2372DA}" = DocumentViewer
"ActiveTouchMeetingClient" = Cisco WebEx Meetings
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CCleaner" = CCleaner
"Cisco AnyConnect Secure Mobility Client" = Cisco AnyConnect Secure Mobility Client
"CitrixOnlinePluginFull" = Citrix online plug-in
"Creative OA001" = Integrated Webcam Driver (1.02.02.0603)  
"CutePDF Writer Installation" = CutePDF Writer 3.0
"Google Chrome" = Google Chrome
"HP Document Viewer" = HP Document Viewer 7.0
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 7.0
"HPExtendedCapabilities" = HP Customer Participation Program 7.0
"HPOCR" = OCR Software by I.R.I.S 7.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"IE7-MUI" = Windows Internet Explorer 7 Multilingual User Interface (MUI)
"ie8" = Windows Internet Explorer 8
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"Macromedia Authorware Web Player" = Macromedia Authorware Web Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Team Foundation Server 2010 Object Model - ENU" = Microsoft Team Foundation Server 2010 Object Model - ENU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Ultimate - ENU" = Microsoft Visual Studio 2010 Ultimate - ENU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"Mozilla Firefox 20.0.1 (x86 en-US)" = Mozilla Firefox 20.0.1 (x86 en-US)
"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)
"Mozilla Firefox 25.0.1 (x86 en-US)" = Mozilla Firefox 25.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OfficeScanNT" = Trend Micro OfficeScan Client
"outobox" = outobox 2013.11.12.181539
"Quest Installer" = Quest Installer
"RDC" = RDC
"UniPrint Client 3.6.3.1" = UniPrint Client 3.6.3.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 11/23/2013 10:31:40 AM | Computer Name = ACCONNERCINL2 | Source = UserInit | ID = 1000
Description = Could not execute the following script \\Corp.INCResearch.com\NETLOGON\SCCMClientUpgrade.vbs.
 No network provider accepted the given network path.  .
 
Error - 11/23/2013 10:31:59 AM | Computer Name = ACCONNERCINL2 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
 network. (The specified domain either does not exist or could not be contacted.
 ). Group Policy processing aborted.
 
Error - 11/23/2013 10:32:45 AM | Computer Name = ACCONNERCINL2 | Source = Application Error | ID = 1004
Description = Faulting application levelqualitywatcher32.exe, version 0.0.0.0, faulting
 module levelqualitywatcher32.exe, version 0.0.0.0, fault address 0x0001d97c.
 
Error - 11/23/2013 10:34:01 AM | Computer Name = ACCONNERCINL2 | Source = Application Error | ID = 1004
Description = Faulting application levelqualitywatcher32.exe, version 0.0.0.0, faulting
 module levelqualitywatcher32.exe, version 0.0.0.0, fault address 0x0001d97c.
 
Error - 11/23/2013 10:34:29 AM | Computer Name = ACCONNERCINL2 | Source = Application Error | ID = 1004
Description = Faulting application levelqualitywatcher32.exe, version 0.0.0.0, faulting
 module levelqualitywatcher32.exe, version 0.0.0.0, fault address 0x0001d97c.
 
Error - 11/23/2013 10:34:37 AM | Computer Name = ACCONNERCINL2 | Source = Application Error | ID = 1004
Description = Faulting application levelqualitywatcher32.exe, version 0.0.0.0, faulting
 module levelqualitywatcher32.exe, version 0.0.0.0, fault address 0x0001d97c.
 
Error - 11/23/2013 2:01:18 PM | Computer Name = ACCONNERCINL2 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
 network. (The specified domain either does not exist or could not be contacted.
 ). Group Policy processing aborted.
 
Error - 11/23/2013 2:01:24 PM | Computer Name = ACCONNERCINL2 | Source = UserInit | ID = 1000
Description = Could not execute the following script \\Corp.INCResearch.com\NETLOGON\SCCMClientUpgrade.vbs.
 No network provider accepted the given network path.  .
 
Error - 11/23/2013 2:01:51 PM | Computer Name = ACCONNERCINL2 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
 network. (The specified domain either does not exist or could not be contacted.
 ). Group Policy processing aborted.
 
Error - 11/23/2013 3:23:59 PM | Computer Name = ACCONNERCINL2 | Source = Userenv | ID = 1054
Description = Windows cannot obtain the domain controller name for your computer
 network. (The specified domain either does not exist or could not be contacted.
 ). Group Policy processing aborted.
 
[ Cisco AnyConnect Secure Mobility Client Events ]
Error - 11/23/2013 2:06:04 PM | Computer Name = ACCONNERCINL2 | Source = acvpnagent | ID = 67108865
Description = Function: CServicePluginMgr::GetSettings File: .\ServicePluginMgr.cpp
Line:
 274 m_pIServicePlugin is NULL
 
Error - 11/23/2013 2:06:04 PM | Computer Name = ACCONNERCINL2 | Source = acvpnagent | ID = 67108865
Description = Function: CTelemetryPluginMgr::GetSettings File: .\TelemetryPluginMgr.cpp
Line:
 311 m_pITelemetryPlugin is NULL
 
Error - 11/23/2013 2:06:05 PM | Computer Name = ACCONNERCINL2 | Source = acvpnagent | ID = 67108866
Description = Function: CHttpSessionWinInet::HandleError File: .\Utility\HttpSession_wininet.cpp
Line:
 1050 Invoked Function: CHttpSessionWinInet::HandleError Return Code: 12007 (0x00002EE7)
Description:
 The server name or address could not be resolved   
 
Error - 11/23/2013 2:06:05 PM | Computer Name = ACCONNERCINL2 | Source = acvpnagent | ID = 67108866
Description = Function: CFileUploader::PostDataGetResponse File: ..\FileUploader.cpp
Line:
 407 Invoked Function: CFileUploader::SendHttpRequest Return Code: -29032423 (0xFE450019)
Description:
 HTTP_SESSION_ERROR_DNS_RESOLUTION
 
Error - 11/23/2013 2:06:05 PM | Computer Name = ACCONNERCINL2 | Source = acvpnagent | ID = 67108866
Description = Function: CPhoneHomeAgent::PostDataFile File: ..\PhoneHomeAgent.cpp
Line:
 1649 Invoked Function: CFileUploader::PostDataGetResponse Return Code: -29032423
(0xFE450019) Description: HTTP_SESSION_ERROR_DNS_RESOLUTION Failed to post customer
 experence feedback data (C:\Documents and Settings\All Users\Application Data\Cisco\Cisco
 AnyConnect Secure Mobility Client\CustomerExperienceFeedback\outbound\feedback_data1.cef)
 
Error - 11/23/2013 3:24:32 PM | Computer Name = ACCONNERCINL2 | Source = acvpnui | ID = 67108866
Description = Function: PreferenceMgr::loadPreferences File: .\PreferenceMgr.cpp Line:
 967 Invoked Function: PreferenceInfo::getPreference Return Code: 0 (0x00000000) Description:
 EnableAutomaticServerSelection
 
Error - 11/23/2013 3:24:52 PM | Computer Name = ACCONNERCINL2 | Source = acvpnui | ID = 67108866
Description = Function: CRSASecurIDSDI::CRSASecurIDSDI File: .\SDI\RSASecurIDSDI.cpp
Line:
 111 Invoked Function: CRSASecurIDSDI::StartDLL Return Code: -30605293 (0xFE2D0013)
Description:
 RSASECURIDSDI_ERROR_NO_TOKENS
 
Error - 11/23/2013 3:24:56 PM | Computer Name = ACCONNERCINL2 | Source = acvpnui | ID = 67108866
Description = Function: MFDartBox::getDARTInstallDir File: .\MFDartBox.cpp Line: 328
Invoked
 Function: MsiEnumProductsExW Return Code: 259 (0x00000103) Description: No more data
 is available.   
 
Error - 11/23/2013 3:24:58 PM | Computer Name = ACCONNERCINL2 | Source = acvpnui | ID = 67108865
Description = Function: ConnectMgr::activateConnectEvent File: .\ConnectMgr.cpp Line:
 1421 NULL object. Cannot establish a connection at this time.
 
Error - 11/23/2013 3:24:58 PM | Computer Name = ACCONNERCINL2 | Source = acvpnui | ID = 67108866
Description = Function: PreferenceMgr::loadPreferences File: .\PreferenceMgr.cpp Line:
 967 Invoked Function: PreferenceInfo::getPreference Return Code: 0 (0x00000000) Description:
 EnableAutomaticServerSelection
 
[ System Events ]
Error - 11/23/2013 10:47:20 AM | Computer Name = ACCONNERCINL2 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
 or more  time sources, however none of the sources are currently accessible.   No attempt
 to contact a source will be made for 29 minutes.  NtpClient has no source of accurate
 time.
 
Error - 11/23/2013 2:01:18 PM | Computer Name = ACCONNERCINL2 | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain CORP due to the following:
   %%1311.    Make sure that the computer is connected to the network and try  again. If
 the problem persists, please contact your domain administrator.
 
Error - 11/23/2013 2:01:50 PM | Computer Name = ACCONNERCINL2 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
 or more  time sources, however none of the sources are currently accessible.   No attempt
 to contact a source will be made for 15 minutes.  NtpClient has no source of accurate
 time.
 
Error - 11/23/2013 2:01:50 PM | Computer Name = ACCONNERCINL2 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
 or more  time sources, however none of the sources are currently accessible.   No attempt
 to contact a source will be made for 14 minutes.  NtpClient has no source of accurate
 time.
 
Error - 11/23/2013 2:02:37 PM | Computer Name = ACCONNERCINL2 | Source = Service Control Manager | ID = 7000
Description = The Level Quality Watcher service failed to start due to the following
 error:   %%2
 
Error - 11/23/2013 2:02:37 PM | Computer Name = ACCONNERCINL2 | Source = Service Control Manager | ID = 7000
Description = The rimmptsk service failed to start due to the following error:   %%1058
 
Error - 11/23/2013 2:07:27 PM | Computer Name = ACCONNERCINL2 | Source = DCOM | ID = 10016
Description = The application-specific permission settings do not grant Local Launch
 permission for the COM Server application with CLSID   {24FF4FDC-1D9F-4195-8C79-0DA39248FF48}

 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18).  This security permission can be
 modified using the Component Services administrative tool.
 
Error - 11/23/2013 2:16:52 PM | Computer Name = ACCONNERCINL2 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
 or more  time sources, however none of the sources are currently accessible.   No attempt
 to contact a source will be made for 29 minutes.  NtpClient has no source of accurate
 time.
 
Error - 11/23/2013 2:46:52 PM | Computer Name = ACCONNERCINL2 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
 or more  time sources, however none of the sources are currently accessible.   No attempt
 to contact a source will be made for 59 minutes.  NtpClient has no source of accurate
 time.
 
Error - 11/23/2013 3:46:54 PM | Computer Name = ACCONNERCINL2 | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
 or more  time sources, however none of the sources are currently accessible.   No attempt
 to contact a source will be made for 119 minutes.  NtpClient has no source of accurate
 time.
 
 
< End of report >
 

Thanks!

Link to post
Share on other sites

Step 1

Please uninstall this application: outobox 2013.11.12.181539

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    FF - prefs.js..extensions.enabledAddons: firefox%40outobox.net:1.0.0

    [2013/11/12 13:15:38 | 000,008,920 | ---- | M] () (No name found) -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\extensions\firefox@outobox.net.xpi

    O2 - BHO: (outobox) - {30f06672-0e95-41a9-80cb-dee386af99ad} - C:\Program Files\outobox\outoboxBHO.dll (outobox)

    [2013/10/30 18:39:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\AVG SafeGuard toolbar

    :files

    C:\Program Files\outobox

    ipconfig /flushdns /c

    :Commands

    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.
  • Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles

    In your next reply, post the following log files:

    • Junkware Removal Tool log
    • AdwCleaner log
    • OTL Fix log
Link to post
Share on other sites

Thanks, Maniac!

Here is the first one - the JRT file:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by acconneradmin on Sat 11/23/2013 at 16:21:19.29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [service] backupstack
Successfully deleted: [service] backupstack



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-957651104-916166795-1467990369-82427\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\mypc backup
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\mypc backup"



~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\acconneradmin\Application Data\mozilla\firefox\profiles\k83crnge.default\prefs.js

user_pref("browser.search.defaultenginename", "Conduit Search");
user_pref("browser.search.selectedEngine", "Conduit Search");





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 11/23/2013 at 16:25:41.96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites

Here's the AdwCleaner log.

 

 

# AdwCleaner v3.012 - Report created 23/11/2013 at 16:28:26
# Updated 11/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : acconneradmin - ACCONNERCINL2
# Running from : C:\Documents and Settings\acconneradmin\My Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\acconner\Local Settings\Application Data\WordLayers
[!] Folder Deleted : C:\Documents and Settings\acconner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gjkpcnacdgdlpfejlgflolpaigoicibh
File Deleted : C:\DOCUME~1\ACCONN~1\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\searchplugins\conduit-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Documents and Settings\acconner\Application Data\Mozilla\Firefox\Profiles\4adwyuwi.default\prefs.js ]


[ File : C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ File : C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\acconner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url

*************************

AdwCleaner[R0].txt - [2952 octets] - [23/11/2013 16:27:35]
AdwCleaner[s0].txt - [1928 octets] - [23/11/2013 16:28:26]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1988 octets] ##########
 

Link to post
Share on other sites

The OTL log file is here:

 

 

 

All processes killed
========== OTL ==========
Prefs.js: firefox%40outobox.net:1.0.0 removed from extensions.enabledAddons
File C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\extensions\firefox@outobox.net.xpi not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30f06672-0e95-41a9-80cb-dee386af99ad}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30f06672-0e95-41a9-80cb-dee386af99ad}\ not found.
File C:\Program Files\outobox\outoboxBHO.dll not found.
C:\Documents and Settings\acconner\Application Data\AVG SafeGuard toolbar\cache\tmp folder moved successfully.
C:\Documents and Settings\acconner\Application Data\AVG SafeGuard toolbar\cache folder moved successfully.
C:\Documents and Settings\acconner\Application Data\AVG SafeGuard toolbar folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files\outobox not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\acconneradmin\My Documents\Downloads\cmd.bat deleted successfully.
C:\Documents and Settings\acconneradmin\My Documents\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: abairadmin
->Temp folder emptied: 66179 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: acconner
->Temp folder emptied: 36514903 bytes
->Temporary Internet Files folder emptied: 852102 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 4641768 bytes
->Flash cache emptied: 56974 bytes
 
User: acconneradmin
->Temp folder emptied: 70799377 bytes
->Temporary Internet Files folder emptied: 213394 bytes
->FireFox cache emptied: 22943371 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 56974 bytes
 
User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 557190 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 456 bytes
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: jclayadmin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Google Chrome cache emptied: 6381300 bytes
 
User: mrivettadmin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 114255 bytes
 
User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: TEMP.CORP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: TEMP.CORP.000
->Temp folder emptied: 643 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: TEMP.CORP.001
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: wderooijadmin
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 466370 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 197571 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 335488717 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 458.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 11232013_163650

Files\Folders moved on Reboot...
C:\WINDOWS\temp\Perflib_Perfdata_328.dat moved successfully.
File\Folder C:\WINDOWS\temp\Perflib_Perfdata_d1c.dat not found!
File\Folder C:\WINDOWS\temp\tm_icrcL_A606D985_38CA_41ab_BCD9_60F771CF800D not found!

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 

Link to post
Share on other sites

Borislav,

 

Here's the latest OTL log file:

 

OTL logfile created on: 11/24/2013 9:25:07 AM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\acconneradmin\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.43 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 72.53% Memory free
5.27 Gb Paging File | 4.59 Gb Available in Paging File | 87.25% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.87 Gb Total Space | 189.60 Gb Free Space | 81.42% Space Free | Partition Type: NTFS
 
Computer Name: ACCONNERCINL2 | User Name: acconneradmin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/11/23 16:17:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\acconneradmin\My Documents\Downloads\OTL.exe
PRC - [2013/10/08 06:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/06/13 11:12:28 | 000,345,112 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe
PRC - [2013/04/29 13:24:02 | 001,521,360 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\PccNTMon.exe
PRC - [2013/04/26 14:50:56 | 002,082,968 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe
PRC - [2013/04/26 14:46:48 | 002,127,000 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe
PRC - [2013/03/27 05:36:16 | 001,420,792 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\IDF Client\ds_agent.exe
PRC - [2013/02/21 10:52:48 | 000,555,352 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2013/02/12 19:17:54 | 000,058,160 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2012/12/06 15:27:50 | 000,689,712 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe
PRC - [2012/10/01 18:01:08 | 000,458,936 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
PRC - [2012/08/03 13:52:08 | 000,537,592 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
PRC - [2011/05/12 19:19:46 | 000,495,708 | R--- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
PRC - [2011/05/12 19:19:46 | 000,245,842 | R--- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\stacsv.exe
PRC - [2011/05/12 19:19:44 | 000,737,280 | ---- | M] (Andrea Electronics Corporation) -- C:\WINDOWS\system32\AESTFltr.exe
PRC - [2011/03/23 04:36:12 | 000,058,760 | ---- | M] (IBM Corp) -- C:\Program Files\notes\ntmulti.exe
PRC - [2011/03/23 04:35:40 | 000,062,856 | ---- | M] (IBM Corp) -- C:\Program Files\notes\nslsvice.exe
PRC - [2011/03/23 04:35:22 | 003,417,480 | ---- | M] (IBM) -- C:\Program Files\notes\nsd.exe
PRC - [2011/02/22 20:32:40 | 000,072,296 | ---- | M] (O2Micro International) -- C:\WINDOWS\system32\drivers\o2flash.exe
PRC - [2010/07/07 12:59:22 | 000,054,744 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2010/05/31 13:17:06 | 000,054,640 | R--- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2010/05/15 17:47:16 | 000,037,736 | ---- | M] (International Business Machines Corporation) -- C:\Program Files\Quest Software\Toad for Data Analysts 2.7\SQLLIB\BIN\db2mgmtsvc.exe
PRC - [2010/05/12 16:04:48 | 000,599,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\wfcrun32.exe
PRC - [2010/05/12 16:03:22 | 000,300,472 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\concentr.exe
PRC - [2010/05/12 15:47:18 | 000,071,096 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\Citrix\ICA Client\ssonsvr.exe
PRC - [2009/09/18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\CCM\CcmExec.exe
PRC - [2008/06/11 22:43:26 | 000,640,376 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/02/10 06:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2005/12/22 08:00:00 | 005,513,216 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe
PRC - [2005/12/22 08:00:00 | 000,026,112 | ---- | M] (TechSmith Corporation) -- C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/03/27 05:36:12 | 008,571,968 | ---- | M] () -- C:\Program Files\Trend Micro\IDF Client\wxmsw28u_vc_dsa.dll
MOD - [2013/03/27 05:36:00 | 000,158,928 | ---- | M] () -- C:\Program Files\Trend Micro\IDF Client\libexpat.dll
MOD - [2013/03/24 17:51:36 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2013/03/24 17:51:24 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2013/03/24 17:51:24 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2013/03/24 17:51:18 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2013/03/24 17:51:15 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2013/03/24 17:51:15 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2013/03/24 17:51:15 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2013/03/24 17:51:14 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2013/03/24 17:51:14 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2013/03/24 17:51:14 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2013/03/24 17:51:14 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2013/03/24 17:51:13 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2013/03/24 17:51:13 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2013/03/24 17:51:13 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2013/03/24 17:51:12 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2013/03/24 17:51:12 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2013/03/24 17:51:11 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2013/03/24 17:51:10 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2013/03/24 17:51:10 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2013/03/24 17:51:10 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2013/03/24 17:51:10 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2013/03/24 17:51:10 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2013/03/24 17:51:09 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2013/03/24 17:51:09 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2013/03/24 17:51:09 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2013/03/24 17:51:09 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2013/03/24 17:51:09 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2013/03/24 17:51:09 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2013/03/24 17:51:08 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2013/03/24 17:51:08 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2013/03/24 17:51:08 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2013/02/26 14:05:12 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_9e0f5e39\mscorlib.dll
MOD - [2013/02/26 14:05:06 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_29c35107\system.drawing.dll
MOD - [2013/02/26 14:05:01 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_ab2418df\system.xml.dll
MOD - [2013/02/26 14:04:57 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_dc062d78\system.windows.forms.dll
MOD - [2013/02/26 14:04:50 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_02bfbcab\system.dll
MOD - [2013/02/26 14:04:42 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013/02/26 14:04:41 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013/02/26 14:04:40 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012/10/04 18:50:36 | 000,088,688 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2012/08/03 13:53:26 | 000,062,968 | ---- | M] () -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
MOD - [2011/04/01 09:53:28 | 000,499,712 | ---- | M] () -- C:\Program Files\Trend Micro\OfficeScan Client\sqlite3.dll
MOD - [2011/03/16 23:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 14:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2008/09/02 09:43:03 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2008/09/02 09:42:15 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2005/10/20 09:36:08 | 000,077,824 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005/10/20 09:36:08 | 000,065,536 | R--- | M] () -- C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 -- (Level Quality Watcher)
SRV - [2013/11/22 18:55:31 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/10/09 09:41:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/08 06:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/13 11:12:28 | 000,345,112 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV - [2013/04/26 14:50:56 | 002,082,968 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\TmListen.exe -- (tmlisten)
SRV - [2013/04/26 14:46:48 | 002,127,000 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\NTRtScan.exe -- (ntrtscan)
SRV - [2013/03/27 05:36:16 | 001,420,792 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\IDF Client\ds_agent.exe -- (ds_agent)
SRV - [2013/03/20 14:57:12 | 000,099,592 | ---- | M] (Sysinternals) [On_Demand | Stopped] -- C:\WINDOWS\PSEXESVC.EXE -- (PSEXESVC)
SRV - [2013/02/28 10:21:58 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/12/06 15:27:50 | 000,689,712 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\TmProxy.exe -- (TmProxy)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/08/03 13:52:08 | 000,537,592 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe -- (vpnagent)
SRV - [2011/05/12 19:19:46 | 000,245,842 | R--- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv.exe -- (STacSV)
SRV - [2011/03/23 04:36:12 | 000,058,760 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Program Files\notes\ntmulti.exe -- (Multi-user Cleanup Service)
SRV - [2011/03/23 04:35:40 | 000,062,856 | ---- | M] (IBM Corp) [Auto | Running] -- C:\Program Files\notes\nslsvice.exe -- (Lotus Notes Single Logon)
SRV - [2011/03/23 04:35:22 | 003,417,480 | ---- | M] (IBM) [Auto | Running] -- C:\Program Files\notes\nsd.exe -- (Lotus Notes Diagnostics)
SRV - [2011/02/22 20:32:40 | 000,072,296 | ---- | M] (O2Micro International) [Auto | Running] -- C:\WINDOWS\system32\drivers\o2flash.exe -- (O2FLASH)
SRV - [2010/05/15 17:47:16 | 000,037,736 | ---- | M] (International Business Machines Corporation) [Auto | Running] -- C:\Program Files\Quest Software\Toad for Data Analysts 2.7\SQLLIB\BIN\db2mgmtsvc.exe -- (DB2MGMTSVC_TACOM27)
SRV - [2009/09/18 04:00:00 | 000,764,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\CCM\CcmExec.exe -- (CcmExec)
SRV - [2009/09/18 04:00:00 | 000,246,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\CCM\TSManager.exe -- (smstsmgr)
SRV - [2006/03/03 20:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Adapter | Unavailable | Unknown] --  -- (PnSson)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\mdmxsdk.sys -- (mdmxsdk)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSFHWAZL.sys -- (HSFHWAZL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\HSF_DPV.sys -- (HSF_DPV)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\e1y5132.sys -- (e1yexpress)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\e1e5132.sys -- (e1express)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\e1c5132.sys -- (e1cexpress)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2013/06/27 03:38:06 | 000,262,560 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmcomm.sys -- (tmcomm)
DRV - [2013/06/13 11:02:54 | 000,075,600 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmactmon.sys -- (tmactmon)
DRV - [2013/06/13 11:02:44 | 000,062,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV - [2013/04/16 10:58:10 | 000,267,552 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmxpflt.sys -- (TmFilter)
DRV - [2013/04/16 10:58:00 | 000,036,640 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\tmpreflt.sys -- (TmPreFilter)
DRV - [2013/04/16 10:39:20 | 001,490,272 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Trend Micro\OfficeScan Client\vsapint.sys -- (VSApiNt)
DRV - [2013/02/26 08:04:54 | 000,436,272 | ---- | M] (Trend Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbimdsa.sys -- (tbimdsa)
DRV - [2013/02/21 13:06:14 | 000,408,368 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2012/08/03 13:38:56 | 000,023,976 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\vpnva.sys -- (vpnva)
DRV - [2012/08/03 13:38:06 | 000,057,256 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsmux.sys -- (acsmux)
DRV - [2012/08/03 13:38:06 | 000,038,440 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\acsint.sys -- (acsint)
DRV - [2011/05/12 19:20:08 | 000,251,904 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011/05/12 19:20:08 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Impcd.sys -- (Impcd)
DRV - [2011/05/12 19:20:00 | 000,168,616 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\e1k5132.sys -- (e1kexpress)
DRV - [2011/05/12 19:19:58 | 006,650,752 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETwNx32.sys -- (NETwNx32)
DRV - [2011/05/12 19:19:54 | 000,033,832 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cvusbdrv.sys -- (cvusbdrv)
DRV - [2011/05/12 19:19:52 | 000,028,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccid.sys -- (USBCCID)
DRV - [2011/05/12 19:19:46 | 001,660,691 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2011/05/12 19:19:44 | 000,113,664 | ---- | M] (Andrea Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AESTAud.sys -- (AESTAud)
DRV - [2011/02/22 20:32:46 | 000,022,736 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\btpmw32.sys -- (BCMTPM)
DRV - [2011/02/22 20:32:42 | 000,060,192 | ---- | M] (O2Micro ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\o2mdfxp.sys -- (O2MDFRDR)
DRV - [2011/02/22 20:32:40 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HECI.sys -- (MEI)
DRV - [2011/02/22 20:32:38 | 000,043,888 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Accelern.sys -- (Acceler)
DRV - [2011/01/24 11:37:08 | 000,024,064 | ---- | M] (Cisco Systems) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CipcCdp.sys -- (CipcCdp)
DRV - [2011/01/18 17:38:38 | 000,054,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- c:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys -- (VSPerfDrv100)
DRV - [2010/11/08 19:05:38 | 000,090,448 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tmtdi.sys -- (tmtdi)
DRV - [2010/08/20 10:04:38 | 000,017,648 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\stdcfltn.sys -- (stdcfltn)
DRV - [2010/04/16 15:22:04 | 000,065,584 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ctxusbm.sys -- (ctxusbm)
DRV - [2009/09/18 04:00:00 | 000,020,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\CCM\PrepDrv.sys -- (prepdrvr)
DRV - [2009/03/30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008/10/20 20:08:06 | 000,012,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\smsmdm.sys -- (smsmdd)
DRV - [2008/06/03 08:30:22 | 000,144,672 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008/05/21 03:19:00 | 003,630,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32)
DRV - [2008/05/12 16:01:00 | 000,277,504 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2007/03/12 23:26:06 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/02/24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2006/03/17 17:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{39C6B15E-82F5-42DC-B7B3-7C9FFE882393}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKLM\..\SearchScopes\{76D372A2-2AD9-4D66-AF06-34C9E2E71071}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.kendle.com
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\SearchScopes\{A2A3874B-608E-4BBD-9277-87731DF510BE}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\SearchScopes\{B77207E9-8648-4F22-8C06-F041D9E55C0F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=IE8SRC&src=IE-SearchBox
IE - HKU\S-1-5-21-957651104-916166795-1467990369-82427\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B22C7F6C6-8D67-4534-92B5-529A0EC09405%7D:5.82.0.1056
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\OfficeScan Client\FirefoxExtension [2013/03/26 16:31:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/11/22 18:55:13 | 000,000,000 | ---D | M]
 
[2013/02/27 15:34:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Extensions
[2013/11/23 16:06:58 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\extensions
[2013/11/20 14:40:20 | 000,003,746 | ---- | M] () -- C:\Documents and Settings\acconneradmin\Application Data\Mozilla\Firefox\Profiles\k83crnge.default\searchplugins\safeguard-secure-search.xml
[2013/11/22 18:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/11/22 18:55:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/26 16:31:52 | 000,000,000 | ---D | M] (Trend Micro NSC Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\OFFICESCAN CLIENT\FIREFOXEXTENSION
[2013/06/27 14:41:24 | 000,032,440 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
 
========== Chrome  ==========
 
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: No name found = C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2008/04/14 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (HelperObject Class) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll (TechSmith Corporation)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (SnagIt) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (WebEx Productivity Tools) - {90E2BA2E-DD1B-4cde-9134-7A8B86D33CA7} - C:\Program Files\WebEx\Productivity Tools\ptonecli.dll ()
O3 - HKU\S-1-5-21-957651104-916166795-1467990369-82427\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AESTFltr] C:\WINDOWS\System32\AESTFltr.exe (Andrea Electronics Corporation)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Communicator] C:\Program Files\Microsoft Lync\communicator.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [OfficeScanNT Monitor] C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKU\.DEFAULT..\Run: [Push Client] C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\ATT Connect\Participant\pull.exe (AT&T Inc.)
O4 - HKU\S-1-5-18..\Run: [Push Client] C:\WINDOWS\System32\config\systemprofile\Local Settings\Application Data\ATT Connect\Participant\pull.exe (AT&T Inc.)
O4 - Startup: C:\Documents and Settings\acconner\Start Menu\Programs\Startup\Dropbox.lnk =  File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\SnagIt 8.lnk = C:\Program Files\TechSmith\SnagIt 8\SnagIt32.exe (TechSmith Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\New Windows present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: consentpromptbehavioradmin = 4
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: consentpromptbehavioruser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disablecad = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: enableinstallerdetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: filteradministratortoken = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: promptonsecuredesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-957651104-916166795-1467990369-82427\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Lync\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O15 - HKLM\..Trusted Domains: amgen.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: amgenpartners.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: gene.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: incresearch.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: kendle.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: mdsol.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: pfizer.com ([]* in Local intranet)
O15 - HKLM\..Trusted Domains: ventana-crc.com ([]* in Local intranet)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=67633 (Office Genuine Advantage Validation Tool)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265644833171 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1265644826437 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}  (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: B3467D2D-E10C-41A6-B671-2B07A1445DC4 http://conference.kendle.com/Downloads/cmW32client.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Corp.Incresearch.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D71904B9-A7C8-48BD-B477-AB78AC7CCFA8}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\qrev {9DE24BAC-FC3C-42c4-9FC4-76B3FAFDBD90} - C:\Program Files\Quest Software\Toad for Oracle 10.6\RNetPin.dll ()
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\OfficeScan Client\TmIEPlg.dll (Trend Micro Inc.)
O18 - Protocol\Filter\application/x-ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O18 - Protocol\Filter\ica {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\NavLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/12/29 16:56:03 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{801df691-23ff-11d7-b1a1-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{801df691-23ff-11d7-b1a1-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{801df691-23ff-11d7-b1a1-806d6172696f}\Shell\AutoRun\command - "" = D:\SETUP.EXE /AUTORUN
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/11/24 07:52:23 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\acconneradmin\Recent
[2013/11/23 16:36:50 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/11/23 16:27:06 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/11/23 16:19:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\acconneradmin\PrivacIE
[2013/11/23 16:00:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\.android
[2013/11/23 16:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Local Settings\Application Data\cache
[2013/11/23 16:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\newnext.me
[2013/11/23 16:00:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Local Settings\Application Data\genienext
[2013/11/23 16:00:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Local Settings\Application Data\Mobogenie
[2013/11/23 15:50:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/11/22 18:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/11/22 17:06:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Malwarebytes
[2013/11/22 17:06:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/11/22 17:06:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/11/22 17:06:10 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/11/22 17:06:10 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/11/20 14:43:32 | 000,000,000 | ---D | C] -- C:\Program Files\Smart-ActiveX
[2013/11/20 14:42:44 | 000,000,000 | R--D | C] -- C:\Documents and Settings\acconneradmin\My Documents\My Videos
[2013/11/05 14:41:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2013/11/05 14:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight 4 SDK
[2013/11/05 14:07:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\VS
[2013/10/31 19:25:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2013/10/31 10:10:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/10/31 10:09:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
[2013/10/30 18:02:04 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/10/30 18:00:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Roxio Log Files
[2013/10/30 17:56:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Expression
[2013/10/30 17:55:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/10/30 17:51:06 | 000,000,000 | ---D | C] -- C:\Program Files\Elaborate Bytes
[2013/10/30 13:05:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Roxio
[2013/10/30 13:05:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\acconneradmin\Application Data\Macrovision
 
========== Files - Modified Within 30 Days ==========
 
[2013/11/24 09:24:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/11/24 08:41:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/11/24 06:53:09 | 000,000,496 | ---- | M] () -- C:\WINDOWS\smscfg.ini
[2013/11/24 06:48:40 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/11/24 06:48:28 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/11/24 06:47:30 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/11/22 21:31:52 | 000,000,682 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
[2013/11/22 17:06:15 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/11/22 09:52:10 | 000,010,078 | ---- | M] () -- C:\WINDOWS\cfgall.ini
[2013/11/22 08:11:30 | 000,087,998 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2013/11/03 10:12:23 | 000,604,126 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/11/03 10:12:22 | 000,125,778 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/10/30 18:35:56 | 000,280,536 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013/11/22 17:06:15 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/10/10 12:59:55 | 000,360,584 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2013/06/28 13:03:11 | 000,088,688 | ---- | C] () -- C:\WINDOWS\System32\cpwmon2k.dll
[2013/06/07 10:53:15 | 000,000,136 | ---- | C] () -- C:\Documents and Settings\acconneradmin\Local Settings\Application Data\fusioncache.dat
[2013/04/22 09:13:42 | 000,004,049 | ---- | C] () -- C:\WINDOWS\cfgwtp.ini
[2013/03/24 17:41:03 | 000,117,364 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2013/03/24 17:40:55 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\HPZIDS01.dll
[2013/03/08 09:54:55 | 000,181,808 | ---- | C] () -- C:\WINDOWS\RegBootClean.exe
[2013/02/27 16:20:15 | 001,914,774 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-957651104-916166795-1467990369-74702-0.dat
[2013/02/27 15:50:29 | 000,694,370 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-957651104-916166795-1467990369-82427-0.dat
[2013/02/27 15:50:28 | 000,302,038 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/02/26 13:29:31 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2013/02/26 10:53:48 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/02/26 08:28:04 | 000,087,998 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2012/03/20 19:02:12 | 000,051,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\atnt40k.sys
[2011/12/29 17:20:58 | 000,127,868 | ---- | C] () -- C:\WINDOWS\System32\igcompkrng575.bin
[2011/12/29 17:20:57 | 000,870,560 | ---- | C] () -- C:\WINDOWS\System32\igkrng575.bin
[2011/12/29 17:04:47 | 000,004,764 | ---- | C] () -- C:\WINDOWS\System32\CcmFramework.ini
 
========== ZeroAccess Check ==========
 
[2008/09/02 09:42:20 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/03/02 18:04:03 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 07:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/02/26 08:30:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\abairadmin\Application Data\Windows Desktop Search
[2013/11/22 11:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Cisco
[2013/11/23 15:27:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Dropbox
[2013/02/27 14:03:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\EurekaLog
[2013/07/11 13:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\ICAClient
[2013/02/28 08:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Quest Software
[2013/11/12 15:06:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\webex
[2013/02/26 08:42:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Windows Desktop Search
[2013/03/04 14:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconner\Application Data\Windows Search
[2013/03/12 12:49:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\Dropbox
[2013/07/18 21:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\ICAClient
[2013/11/23 16:00:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\newnext.me
[2013/02/27 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\Quest Software
[2013/02/27 10:59:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\acconneradmin\Application Data\Windows Desktop Search
[2011/04/20 11:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ATT Connect
[2011/04/19 15:48:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ICAClient
[2008/10/23 14:42:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Interwise
[2011/09/22 10:33:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Windows Desktop Search
[2013/02/26 09:08:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Cisco
[2011/04/19 15:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2013/10/30 18:02:04 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/02/26 08:42:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GroupPolicy
[2013/02/27 14:08:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IBM
[2013/10/30 18:35:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
[2013/11/05 14:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PreEmptive Solutions
[2013/02/27 14:10:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Quest Software
[2013/02/26 11:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RSA
[2011/09/23 04:46:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Softdisk LLC
[2013/02/28 10:31:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
[2011/04/20 14:50:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Temp
[2013/11/05 14:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VS
[2013/02/27 13:46:14 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{08439167-4CA5-48E9-A810-A3A7C0B80B06}
[2013/03/12 13:05:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\mrivettadmin\Application Data\Dropbox
 
========== Purity Check ==========
 
 

< End of report >
 

 

Thanks!

Link to post
Share on other sites

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    SRV - File not found [Auto | Stopped] -- C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe run options=01110010000000000000000000000000 sourceguid=F5D333A8-C748-4686-AE0A-9E008F670C22 -- (Level Quality Watcher)

    :files

    C:\Program Files\Level Quality Watcher

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Please post the OTL fix log in your next reply.
Note: A copy of an OTL fix log is saved in a text file at C:\_OTL\MovedFiles
Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.