Jump to content

gy18

Honorary Members
  • Posts

    26
  • Joined

  • Last visited

Reputation

0 Neutral
  1. # AdwCleaner v3.012 - Report created 21/11/2013 at 19:58:55 # Updated 11/11/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Gerry - GERRY-HP # Running from : C:\Users\Gerry\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\Yontoo Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search Folder Deleted : C:\Users\Gerry\AppData\Local\apn Folder Deleted : C:\Users\Gerry\AppData\Roaming\Search Protection Folder Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage File Deleted : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc Key Deleted : HKCU\Software\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1 Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_vlc-media-player_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D43B3890-80C7-4010-A95D-1E77B5924DC3} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\StartSearch Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\Software\Uniblue Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16736 -\\ Google Chrome v [ File : C:\Users\Gerry\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [10474 octets] - [21/11/2013 19:57:26] AdwCleaner[s0].txt - [9990 octets] - [21/11/2013 19:58:55] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10050 octets] ########## Results of screen317's Security Check version 0.99.77 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` MVPS Hosts File Spybot - Search & Destroy Malwarebytes Anti-Malware version 1.75.0.1300 Java 7 Update 11 Java version out of Date! Adobe Flash Player 10 Flash Player out of Date! Adobe Reader 10.1.0 Adobe Reader out of Date! Google Chrome 30.0.1599.101 Google Chrome 31.0.1650.57 ````````Process Check: objlist.exe by Laurent```````` Spybot Teatimer.exe is disabled! `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  2. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.11.20.14 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16736 Gerry :: GERRY-HP [administrator] 11/21/2013 12:13:55 AM mbam-log-2013-11-21 (00-13-55).txt Scan type: Full scan (C:\|D:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 397782 Time elapsed: 55 minute(s), 40 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) C:\Documents and Settings\Gerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5XF8UUV\wajam_download[1].exe Win32/Wajam.C application C:\Documents and Settings\Gerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFXTAIJD\SpeedUpMyPC-standalone-setup[1].exe multiple threats C:\Documents and Settings\Gerry\AppData\Roaming\Search Protection\SearchProtection.exe a variant of Win32/Toolbar.Widgi application C:\Documents and Settings\Gerry\AppData\Roaming\Search Protection\Uninstall.exe probably a variant of Win32/Toolbar.Widgi application C:\Users\Gerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B5XF8UUV\wajam_download[1].exe Win32/Wajam.C application C:\Users\Gerry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LFXTAIJD\SpeedUpMyPC-standalone-setup[1].exe multiple threats C:\Users\Gerry\AppData\Roaming\Search Protection\SearchProtection.exe a variant of Win32/Toolbar.Widgi application C:\Users\Gerry\AppData\Roaming\Search Protection\Uninstall.exe probably a variant of Win32/Toolbar.Widgi application
  3. RogueKiller V8.7.8 _x64_ [Nov 14 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Gerry [Admin rights] Mode : Scan -- Date : 11/18/2013 23:07:40 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST640LM0 00 HM641JI SATA Disk Device +++++ --- User --- [MBR] a9170f2a98bd823d599c96af3f4682c7 [bSP] 64b910be8d7ee242f93cd740d0858b6a : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 590425 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 1209600000 | Size: 19751 Mo 3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 1250050048 | Size: 103 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_11182013_230740.txt >>
  4. DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16736 BrowserJavaVersion: 10.11.2Run by Gerry at 18:39:12 on 2013-11-15Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5609.3574 [GMT -5:00].SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Program Files (x86)\HP SimplePass\TrueSuiteService.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\system32\atiesrxx.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files\IDT\WDM\STacSV64.exeC:\Windows\system32\Hpservice.exeC:\Windows\System32\WUDFHost.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k WbioSvcGroupC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exeC:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exeC:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\valWBFPolicyService.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\atieclxx.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files (x86)\HP SimplePass\TouchControl.exeC:\Windows\system32\taskhost.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\IDT\WDM\sttray64.exeC:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exeC:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exeC:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exeC:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exeC:\Windows\system32\wbem\wmiprvse.exeC:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXEC:\Program Files\iPod\bin\iPodService.exeC:\Windows\System32\svchost.exe -k LocalServicePeerNetC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exeC:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\loggingserver.exeC:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exeC:\Windows\System32\svchost.exe -k secsvcsC:\Windows\system32\wbem\unsecapp.exeC:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Windows\system32\wuauclt.exeC:\Program Files (x86)\HP SimplePass\DownloadAD.exeC:\Users\Gerry\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gerry\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gerry\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gerry\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gerry\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gerry\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gerry\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - <orphaned>BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllBHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dllBHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dllBHO: Privacy Safeguard BHO: {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.1.2.1\AVG SafeGuard toolbar_toolbar.dlluRun: [Google Update] "C:\Users\Gerry\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exeuRun: [steam] "C:\Program Files (x86)\Steam\Steam.exe" -silentuRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRunuRun: [bitTorrent] "C:\Users\Gerry\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZEDmRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunmRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exemRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkeymRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exemRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"uPolicies-Explorer: NoDriveTypeAutoRun = dword:145mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll.INFO: HKCU has more than 50 listed domains.If you wish to scan all of them, select the 'Force scan all domains' option...INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..TCP: NameServer = 192.168.2.1TCP: Interfaces\{C6B5DCDE-0D0C-48E7-B028-14CE425B373D} : DHCPNameServer = 192.168.2.1TCP: Interfaces\{C6B5DCDE-0D0C-48E7-B028-14CE425B373D}\368696E61647F677E6 : DHCPNameServer = 172.16.0.1TCP: Interfaces\{E018E128-C296-40DF-B3AE-C19C3E726B3C} : DHCPNameServer = 192.168.2.1Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dllFilter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.1.2\ViProtocol.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>mASetup: {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} - msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qnx64-BHO: Privacy Safeguard BHO: {1036AD63-AEAC-460B-9060-C96005D4DC86} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard-x64.dllx64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [setDefault] C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exex64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exex64-RunOnce: [NCPluginUpdater] "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update.INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option..x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dllx64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dllx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-SSODL: WebCheck - <orphaned>x64-mASetup: {6032497A-4479-462B-ADB8-A0A372BB9A23} - msiexec /fu {6032497A-4479-462B-ADB8-A0A372BB9A23} /qnHosts: 127.0.0.1 www.spywareinfo.com.============= SERVICES / DRIVERS ===============.R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-13 82048]R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-13 42624]R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\Windows\System32\drivers\amdkmpfd.sys [2012-1-18 31360]R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-11-15 46368]R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-1-27 235520]R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-1-26 361984]R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2011-11-13 55936]R2 APXACC;AppEx Networks Accelerator LWF;C:\Windows\System32\drivers\appexDrv.sys [2012-6-26 189760]R2 FPLService;TrueSuiteService;C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [2013-2-7 1641768]R2 Freemake Improver;Freemake Improver;C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-3-28 101888]R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-8-2 9216]R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-9-24 31040]R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-9-10 1153368]R2 valWBFPolicyService;Validity WBF Policy Service;C:\Windows\System32\valWBFPolicyService.exe [2012-9-6 28160]R2 vToolbarUpdater17.1.2;vToolbarUpdater17.1.2;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.1.2\ToolbarUpdater.exe [2013-11-15 1734680]R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-10-26 102528]R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-6-26 46136]R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-10-26 219776]R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-12-6 95248]R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\drivers\RtsP2Stor.sys [2012-10-26 266896]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-6-26 646248]R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-6-26 56448]R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-23 418376]S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-23 701512]S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-10-23 25928]S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2011-10-13 20016]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 TrueService;TrueAPI Service component;C:\Program Files\Common Files\AuthenTec\TrueService.exe [2013-1-7 401856]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-19 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-11-15 22:36:05 10280728 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB919C91-15B9-429C-B7FE-7C8C70564084}\mpengine.dll2013-11-15 22:32:20 -------- d-----w- C:\Users\Gerry\AppData\Local\AVG SafeGuard toolbar2013-11-15 22:32:03 46368 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys2013-11-15 22:31:56 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar2013-11-15 22:31:56 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search2013-11-15 22:31:54 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar2013-11-15 01:15:57 -------- d-----w- C:\Users\Gerry\AppData\Roaming\Uniblue.==================== Find3M ====================.2013-10-12 08:45:20 2241536 ----a-w- C:\Windows\System32\wininet.dll2013-10-12 08:43:37 3959808 ----a-w- C:\Windows\System32\jscript9.dll2013-10-12 08:43:32 67072 ----a-w- C:\Windows\System32\iesetup.dll2013-10-12 08:43:32 136704 ----a-w- C:\Windows\System32\iesysprep.dll2013-10-12 07:03:50 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll2013-10-12 07:02:33 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-10-12 07:02:29 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll2013-10-12 07:02:29 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll2013-10-12 06:35:26 2706432 ----a-w- C:\Windows\System32\mshtml.tlb2013-10-12 06:08:58 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-10-12 05:44:38 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe2013-10-12 05:15:39 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 02:24:49 1930752 ----a-w- C:\Windows\System32\authui.dll2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-10-03 02:23:48 404480 ----a-w- C:\Windows\System32\gdi32.dll2013-10-03 02:00:44 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe2013-09-08 02:30:37 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys2013-09-08 02:27:14 327168 ----a-w- C:\Windows\System32\mswsock.dll2013-09-08 02:03:58 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll2013-09-04 12:12:11 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys2013-09-04 12:11:51 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys2013-09-04 12:11:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys2013-09-04 12:11:43 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys2013-09-04 12:11:43 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys2013-09-04 12:11:42 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys2013-09-04 12:11:40 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys2013-09-03 18:35:10 278800 ------w- C:\Windows\System32\MpSigStub.exe2013-08-29 02:17:48 5549504 ----a-w- C:\Windows\System32\ntoskrnl.exe2013-08-29 02:16:35 1732032 ----a-w- C:\Windows\System32\ntdll.dll2013-08-29 02:16:28 243712 ----a-w- C:\Windows\System32\wow64.dll2013-08-29 02:16:14 859648 ----a-w- C:\Windows\System32\tdh.dll2013-08-29 02:13:28 878080 ----a-w- C:\Windows\System32\advapi32.dll2013-08-29 01:51:45 3969472 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe2013-08-29 01:51:45 3914176 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe2013-08-29 01:50:31 5120 ----a-w- C:\Windows\SysWow64\wow32.dll2013-08-29 01:50:30 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll2013-08-29 01:50:16 619520 ----a-w- C:\Windows\SysWow64\tdh.dll2013-08-29 01:48:17 640512 ----a-w- C:\Windows\SysWow64\advapi32.dll2013-08-29 01:48:15 44032 ----a-w- C:\Windows\apppatch\acwow64.dll2013-08-29 00:49:53 25600 ----a-w- C:\Windows\SysWow64\setup16.exe2013-08-29 00:49:52 7680 ----a-w- C:\Windows\SysWow64\instnm.exe2013-08-29 00:49:52 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll2013-08-29 00:49:49 2048 ----a-w- C:\Windows\SysWow64\user.exe2013-08-28 01:21:06 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-08-28 01:12:33 461312 ----a-w- C:\Windows\System32\scavengeui.dll.============= FINISH: 18:39:37.85 =============== GMER 2.1.19163 - http://www.gmer.netRootkit scan 2013-11-15 18:49:51Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\0000005d ST640LM0 rev.2AJ1 596.17GBRunning: myxq8vl8.exe; Driver: C:\Users\Gerry\AppData\Local\Temp\fgtiqpob.sys ---- Threads - GMER 2.1 ---- Thread C:\Windows\System32\svchost.exe [4244:1040] 000007fee6639688 ---- EOF - GMER 2.1 ---- attach.txt
  5. I noticed that lately, my laptop started running a bit more slowly than usual. So I checked my task manager. I found a program that I haven't seen before. It's called csrss.exe. I can't end the program like normal through task manager so I googled the program name. This program is supposedly a registered trojan. Is there any possibility of removing it?
  6. I re-installed the flash player and it seems to work now.
  7. I was able to watch videos online. But it was only after I went to settings on the flash player and disable hardware acceleration. If I were to enable it again, I wouldn't be able to watch videos online. Is there a way to fix this?
  8. I updated to the latest version of firefox but i am still having the same problem.
  9. I used Mozilla Firefox and internet explorer 7
  10. Results of screen317's Security Check version 0.99.31 Windows XP Service Pack 2 x86 Out of date service pack!! Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! AVG 2012 AVG PC Tuneup AVG 2012 ESET Online Scanner v3 Antivirus up to date! ``````````````````````````````` Anti-malware/Other Utilities Check: Spybot - Search & Destroy AVG PC Tuneup Java DB 10.2.2.0 Java 6 Update 14 Java 6 Update 2 Java 6 Update 3 Java 6 Update 5 Java 6 Update 7 Java SE Development Kit 6 Update 3 Java version out of date! Adobe Flash Player 11.1.102.55 Adobe Reader 8 Adobe Reader out of date! Mozilla Firefox (4.0.1) ```````````````````````````````` Process Check: objlist.exe by Laurent Malwarebytes' Anti-Malware mbamservice.exe Malwarebytes' Anti-Malware mbamgui.exe AVG avgwdsvc.exe AVG avgtray.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe ``````````End of Log````````````
  11. I still cannot watch videos online. It still freezes my computer when the video tries loading and I would have to force shut down the computer and restart it.
  12. All processes killed ========== OTL ========== Error: No service named ymdwqbuwixvpepmk was found to stop! Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ymdwqbuwixvpepmk deleted successfully. Service mferkdk stopped successfully! Service mferkdk deleted successfully! Error: No service named adbm0aq2 was found to stop! Service\Driver key adbm0aq2 not found. Prefs.js: vshare@toolbar:1.0.0 removed from extensions.enabledItems Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA\ deleted successfully. C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar\modules folder moved successfully. C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar\locale\en-US folder moved successfully. C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar\locale folder moved successfully. C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar\components\FF4 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar\components folder moved successfully. C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar\chrome folder moved successfully. C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar folder moved successfully. C:\Documents and Settings\Glenn\Local Settings\Application Data\604866v5f616x168a661d1ner1a5 moved successfully. C:\Documents and Settings\All Users\Application Data\604866v5f616x168a661d1ner1a5 moved successfully. C:\Documents and Settings\Glenn\Local Settings\Application Data\kqxjax25212syk721811b172n8n71yg66c moved successfully. C:\Documents and Settings\All Users\Application Data\kqxjax25212syk721811b172n8n71yg66c moved successfully. Folder C:\Documents and Settings\All Users\Application Data\pOlFiHc05200\ not found. C:\Documents and Settings\All Users\Application Data\Viewpoint folder moved successfully. C:\Documents and Settings\Glenn\Application Data\DNA folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\xml\data folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\xml folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\themes\frostwirePro_theme folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\themes folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\overlays folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\static.frostwire.com\images\banners folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\static.frostwire.com\images folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\static.frostwire.com folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm6.static.flickr.com\5128 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm6.static.flickr.com\5047 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm6.static.flickr.com folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm5.static.flickr.com\4147 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm5.static.flickr.com\4089 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm5.static.flickr.com\4084 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm5.static.flickr.com\4055 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm5.static.flickr.com\4047 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm5.static.flickr.com\4028 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm5.static.flickr.com folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm2.static.flickr.com\1218 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm2.static.flickr.com\1207 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache\farm2.static.flickr.com folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\image_cache folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\torrents folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\tmp folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\plugins folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\net folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\logs\save folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\logs folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\dht folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus\active folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\azureus folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\.NetworkShare\Incomplete folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\.NetworkShare folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire\.AppSpecialShare folder moved successfully. C:\Documents and Settings\Glenn\Application Data\FrostWire folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\xml\schemas folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\xml\misc folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\xml\data folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\xml folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\themes\windows_theme folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\themes folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\promotion folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\mozilla-profile\updates\0 folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\mozilla-profile\updates folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\mozilla-profile\extensions folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\mozilla-profile\Cache folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\mozilla-profile folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\certificate folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\res\html folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\res\fonts folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\res\entityTables folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\res\dtd folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\res folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\plugins folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\modules folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\greprefs folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\dictionaries folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\defaults\profile\US\chrome folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\defaults\profile\US folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\defaults\profile\chrome folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\defaults\profile folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\defaults\pref folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\defaults\autoconfig folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\defaults folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\components folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner\chrome folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser\xulrunner folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\browser folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\.NetworkShare folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire\.AppSpecialShare folder moved successfully. C:\Documents and Settings\Glenn\Application Data\LimeWire folder moved successfully. C:\Documents and Settings\Glenn\Application Data\uTorrent folder moved successfully. Folder C:\Documents and Settings\Glenn\Application Data\Viewpoint\ not found. Folder C:\Documents and Settings\Glenn\Application Data\vShare\ not found. ========== FILES ========== File\Folder C:\Program Files\DNA not found. ========== COMMANDS ========== [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 78991 bytes ->FireFox cache emptied: 2130409 bytes ->Flash cache emptied: 519 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 70113 bytes ->FireFox cache emptied: 3593665 bytes User: Glenn ->Temp folder emptied: 51863588 bytes ->Temporary Internet Files folder emptied: 20329499 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 217457946 bytes ->Google Chrome cache emptied: 6472928 bytes ->Flash cache emptied: 3915 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 71070586 bytes ->Java cache emptied: 15156 bytes ->Flash cache emptied: 10324 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1119073 bytes %systemroot%\System32 .tmp files removed: 2577 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 878625 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 3896324 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 39762 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 362.00 mb Restore points cleared and new OTL Restore Point set! OTL by OldTimer - Version 3.2.35.1 log created on 03092012_205207 Files\Folders moved on Reboot... Registry entries deleted on Reboot...
  13. What is supposed to happen when I run the scan? I tried running it a couple of times. When I start the scan, the program, windows.exe stops running. This prevents me from opening the start menu. I let it scan for 4 hours today and nothing happened. When I checked on it, it ends up saying that OTL isn't responding so I have to force shut down my computer.
  14. OTL: OTL logfile created on: 3/4/2012 11:17:28 PM - Run 1 OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\Glenn\My Documents\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 65.21% Memory free 3.85 Gb Paging File | 3.25 Gb Available in Paging File | 84.49% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 63.48 Gb Free Space | 49.60% Space Free | Partition Type: NTFS Drive F: | 170.10 Gb Total Space | 51.70 Gb Free Space | 30.40% Space Free | Partition Type: NTFS Computer Name: GLENN-XO7NI61RK | User Name: Glenn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/03/04 22:25:29 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Glenn\My Documents\Downloads\OTL.exe PRC - [2012/01/24 17:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/11/28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe PRC - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe PRC - [2007/07/11 15:31:14 | 000,569,344 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe PRC - [2007/06/13 05:23:07 | 001,033,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe PRC - [2006/12/23 18:05:20 | 000,143,360 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe PRC - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe PRC - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe PRC - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe PRC - [2006/04/13 16:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe PRC - [2004/10/25 16:01:52 | 000,421,888 | ---- | M] (Dell) -- C:\WINDOWS\system32\dlbtcoms.exe ========== Modules (No Company Name) ========== MOD - [2011/03/21 16:30:20 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2008/03/29 10:42:20 | 000,159,744 | ---- | M] () -- C:\WINDOWS\system32\mmfinfo.dll MOD - [2008/03/29 10:41:52 | 000,023,552 | ---- | M] () -- C:\WINDOWS\system32\mkunicode.dll MOD - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe MOD - [2006/04/13 16:14:26 | 000,876,544 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\libeay32.dll MOD - [2006/04/13 16:14:26 | 000,159,744 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\ssleay32.dll MOD - [2006/04/13 16:14:26 | 000,024,691 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\modules\mod_auth.so MOD - [2005/06/28 13:59:48 | 000,053,248 | ---- | M] () -- C:\Program Files\ArcSoft\PhotoImpression 5\Share\PIHook.dll MOD - [2004/11/10 14:35:12 | 000,007,680 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\dlbtmcro.dll MOD - [2004/11/10 14:32:52 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetScan.dll MOD - [2004/11/10 14:31:24 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetImage.dll MOD - [2004/11/10 14:30:56 | 000,028,672 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetPDF.dll MOD - [2004/11/10 14:30:28 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\JetFunc.dll MOD - [2004/10/08 13:50:56 | 000,287,232 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTSTRN.DLL MOD - [2004/10/08 13:49:08 | 000,004,096 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTPCFG.DLL MOD - [2004/10/08 13:49:02 | 000,075,264 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBTPP5C.DLL MOD - [2004/10/08 13:48:36 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTUI5C.DLL MOD - [2004/10/08 13:48:08 | 000,096,768 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBTDR5C.DLL MOD - [2004/03/10 10:36:24 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 922\ConvDIB.dll ========== Win32 Services (SafeList) ========== SRV - File not found [Auto | Stopped] -- -- (SessionLauncher) SRV - File not found [Auto | Stopped] -- -- (RoxLiveShare10) SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/10/12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd) SRV - [2009/10/29 01:02:00 | 003,407,292 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2008/12/09 23:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe -- (wampapache) SRV - [2008/11/15 04:53:14 | 006,447,744 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.1.30\bin\mysqld.exe -- (wampmysqld) SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service) SRV - [2006/09/11 19:59:28 | 000,172,032 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) SRV - [2006/09/11 19:56:02 | 000,135,227 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe -- (nSvcIp) SRV - [2006/09/11 19:55:42 | 000,065,599 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe -- (nSvcLog) SRV - [2006/04/13 16:14:26 | 000,020,543 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe -- (ForcewareWebInterface) SRV - [2004/10/25 16:01:52 | 000,421,888 | ---- | M] (Dell) [On_Demand | Running] -- C:\WINDOWS\System32\dlbtcoms.exe -- (dlbt_device) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | System | Unknown] -- -- (ymdwqbuwixvpepmk) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) DRV - File not found [Kernel | System | Stopped] -- -- (mferkdk) DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) DRV - File not found [Kernel | System | Stopped] -- -- (Changer) DRV - File not found [Kernel | On_Demand | Stopped] -- -- (catchme) DRV - File not found [Kernel | On_Demand | Unknown] -- -- (adbm0aq2) DRV - [2011/12/10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector) DRV - [2011/10/07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86) DRV - [2011/10/04 06:21:42 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim) DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86) DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86) DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix) DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter) DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver) DRV - [2010/02/11 07:01:43 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6) DRV - [2009/08/04 15:29:51 | 000,721,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - [2008/07/07 02:40:49 | 000,056,108 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu) DRV - [2007/08/22 19:51:28 | 009,611,520 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC) DRV - [2007/07/27 22:30:26 | 002,371,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) DRV - [2007/07/20 18:40:10 | 000,084,992 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV - [2006/12/06 06:41:16 | 000,044,416 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\jraid.sys -- (JRAID) DRV - [2006/10/18 14:12:16 | 000,012,664 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO) DRV - [2006/09/11 06:45:38 | 000,019,968 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus) DRV - [2006/09/11 06:45:36 | 000,057,856 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD) DRV - [2006/09/11 06:45:26 | 000,110,592 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\nvtcp.sys -- (NVTCP) DRV - [2006/08/21 05:24:28 | 000,105,344 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\nvata.sys -- (nvata) DRV - [2006/06/18 23:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8) DRV - [2006/03/17 04:18:58 | 000,392,960 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService) DRV - [2006/02/07 06:52:58 | 000,006,912 | ---- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\JGOGO.sys -- (JGOGO) DRV - [2005/02/23 14:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc) DRV - [2004/08/12 21:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes] IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D9 FC CD 03 E8 D6 F5 41 BE FD B3 06 76 3B 9A 1C [binary data] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D9 FC CD 03 E8 D6 F5 41 BE FD B3 06 76 3B 9A 1C [binary data] IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D9 FC CD 03 E8 D6 F5 41 BE FD B3 06 76 3B 9A 1C [binary data] IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D9 FC CD 03 E8 D6 F5 41 BE FD B3 06 76 3B 9A 1C [binary data] IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes] IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default = D9 FC CD 03 E8 D6 F5 41 BE FD B3 06 76 3B 9A 1C [binary data] IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\..\SearchScopes\{388ABC47-34A4-405F-8384-3AB0FAEF5157}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7 IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1645522239-261478967-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "http://www.yahoo.com/" FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1209 FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll File not found FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@idsoftware.com/quakelive: C:\Documents and Settings\All Users\Application Data\id Software\QuakeLive\npquakezero.dll (id Software Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpf,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Glenn\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.15: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.15: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Media Player\npViewpoint.dll () FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll () FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Glenn\Application Data\Move Networks\plugins\npqmp071701000002.dll (Move Networks) FF - HKCU\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine: File not found FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/02/26 18:23:02 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/05/20 12:40:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/23 21:19:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Glenn\Application Data\Move Networks [2012/01/17 23:47:51 | 000,000,000 | ---D | M] [2010/04/18 07:54:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Extensions [2009/04/10 01:35:11 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Extensions\mozswing@mozswing.org [2012/02/22 13:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions [2011/03/17 20:12:11 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/02/18 20:31:37 | 000,000,000 | ---D | M] (vShare) -- C:\Documents and Settings\Glenn\Application Data\Mozilla\Firefox\Profiles\pf04h0gi.default\extensions\vshare@toolbar [2011/05/20 12:25:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2011/05/20 12:25:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions [2011/05/20 12:25:10 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2012/01/17 23:47:51 | 000,000,000 | ---D | M] (Move Media Player) -- C:\DOCUMENTS AND SETTINGS\GLENN\APPLICATION DATA\MOVE NETWORKS [2012/02/26 18:23:02 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4 [2008/12/14 13:49:11 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF [2011/04/14 11:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2005/12/05 21:31:00 | 000,114,688 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npmozax.dll [2008/04/12 16:28:26 | 000,151,552 | ---- | M] (PopCap Games) -- C:\Program Files\mozilla firefox\plugins\nppopcaploader.dll [2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll [2011/03/11 19:49:09 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml [2010/01/01 03:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Documents and Settings\Glenn\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1374_0\ O1 HOSTS File: ([2012/02/24 02:45:56 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [36X Raid Configurer] C:\WINDOWS\System32\JMRaidSetup.exe (JMicron Technology Corp.) O4 - HKLM..\Run: [AsusStartupHelp] C:\Program Files\ASUS\AASP\1.00.15\AsRunHelp.exe () O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [DLBTCATS] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.DLL () O4 - HKLM..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe () O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.) O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix) O4 - HKU\S-1-5-21-1645522239-261478967-839522115-1003..\Run: [Aim] C:\Program Files\AIM\aim.exe -cnetwait.odl File not found O4 - HKU\S-1-5-21-1645522239-261478967-839522115-1003..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG) O4 - HKU\S-1-5-21-1645522239-261478967-839522115-1003..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd) O4 - HKU\S-1-5-21-1645522239-261478967-839522115-1003..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe () O4 - HKU\.DEFAULT..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [RunNarrator] C:\WINDOWS\System32\narrator.exe (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1645522239-261478967-839522115-1003\Software\Policies\Microsoft\Internet Explorer\control panel present O7 - HKU\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe (America Online, Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\nvappfilter.dll (NVIDIA) O16 - DPF: {5ed80217-570b-4da9-bf44-be107c0ec166} http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab (Windows Live Safety Center Base Module) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1271014203546 (WUWebControl Class) O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.systemrequirementslab.com/sysreqlab2.cab (System Requirements Lab Class) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271015953046 (MUWebControl Class) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.) O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1AF64B4D-F8E2-4E6D-ACCC-7C06B6C6B884}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\Glenn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Glenn\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007/12/15 12:19:02 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O35 - HKU\S-1-5-21-1645522239-261478967-839522115-1003..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/02/26 18:36:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\AVG [2012/02/26 18:35:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP [2012/02/26 18:35:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG PC Tuneup 2011 [2012/02/26 18:23:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012 [2012/02/24 15:27:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET [2012/02/24 02:57:55 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine [2012/02/24 02:29:57 | 000,000,000 | ---D | C] -- C:\ComboFix [2012/02/22 14:06:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Glenn\Application Data\AVG2012 [2012/02/22 14:05:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012 [2012/02/22 12:58:33 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2012/02/22 12:58:33 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2012/02/22 12:58:33 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2012/02/22 12:27:42 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2012/02/11 01:41:51 | 000,000,000 | ---D | C] -- C:\Qoobox [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/03/04 23:15:54 | 000,000,630 | ---- | M] () -- C:\WINDOWS\dellstat.ini [2012/03/04 23:09:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2012/03/04 20:23:53 | 090,795,267 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm [2012/03/04 20:23:14 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\Glenn\Application Data\Microsoft\Internet Explorer\Quick Launch\Steam.lnk [2012/03/04 20:09:01 | 000,000,880 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2012/03/04 18:37:34 | 000,000,368 | ---- | M] () -- C:\WINDOWS\tasks\AVG PC Tuneup Integrator Start On Glenn Logon.job [2012/03/04 18:35:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2012/03/04 18:35:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2012/03/04 15:58:05 | 000,030,445 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm [2012/02/26 18:23:02 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk [2012/02/26 04:54:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2012/02/24 14:49:29 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/02/24 02:45:56 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2012/02/24 02:06:27 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/02/26 18:35:58 | 000,000,368 | ---- | C] () -- C:\WINDOWS\tasks\AVG PC Tuneup Integrator Start On Glenn Logon.job [2012/02/26 18:23:02 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk [2012/02/24 14:49:29 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk [2012/02/22 12:58:33 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe [2012/02/22 12:58:33 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe [2012/02/22 12:58:33 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2012/02/22 12:58:33 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2012/02/22 12:58:33 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2011/12/24 18:23:57 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll [2011/12/24 18:20:50 | 000,107,520 | RHS- | C] () -- C:\WINDOWS\System32\TAKDSDecoder.dll [2011/12/17 17:24:46 | 000,001,310 | -HS- | C] () -- C:\Documents and Settings\Glenn\Local Settings\Application Data\604866v5f616x168a661d1ner1a5 [2011/12/17 17:24:46 | 000,001,310 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\604866v5f616x168a661d1ner1a5 [2011/05/15 14:28:52 | 000,001,444 | -HS- | C] () -- C:\Documents and Settings\Glenn\Local Settings\Application Data\kqxjax25212syk721811b172n8n71yg66c [2011/05/15 14:28:52 | 000,001,444 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\kqxjax25212syk721811b172n8n71yg66c [2011/03/08 18:00:16 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2010/07/23 20:38:40 | 000,000,371 | ---- | C] () -- C:\WINDOWS\cdplayer.ini ========== LOP Check ========== [2010/04/11 13:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\ooVoo Details [2009/01/09 16:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\2DBoy [2008/11/18 17:28:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore [2010/06/22 16:20:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AIM [2012/02/22 12:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10 [2012/02/26 18:29:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012 [2011/03/16 21:55:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files [2009/08/04 15:32:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2008/03/29 16:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET [2009/03/31 17:56:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\id Software [2007/12/22 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JCreator [2011/05/12 18:26:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Juniper Networks [2007/12/17 22:20:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\LightScribe [2012/03/04 20:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData [2008/12/08 22:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\National Instruments [2012/03/04 22:24:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files [2011/02/06 23:04:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pOlFiHc05200 [2008/04/12 16:28:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap [2011/06/16 09:34:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\RegistryCleanerFree [2008/03/20 22:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard [2008/07/09 13:33:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc [2008/03/21 00:16:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla! [2012/03/04 18:37:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010/06/22 16:31:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint [2008/10/22 20:24:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip [2009/03/26 00:22:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3} [2011/05/20 12:42:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} [2007/12/19 15:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\acccore [2008/03/04 22:04:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Aim [2008/04/19 09:56:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Any Video Converter [2012/02/26 18:38:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\AVG [2011/03/16 21:58:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\AVG10 [2012/02/22 14:06:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\AVG2012 [2009/08/04 15:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\DAEMON Tools [2009/08/04 15:33:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\DAEMON Tools Lite [2009/10/01 21:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Dev-Cpp [2012/02/24 02:40:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\DNA [2011/10/18 20:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Dropbox [2011/03/05 14:33:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\FrostWire [2009/04/05 11:13:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\GARMIN [2009/03/31 17:57:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\id Software [2009/11/15 13:34:24 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\Glenn\Application Data\ijjigame [2007/12/22 17:53:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\JCreator [2011/05/12 18:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Juniper Networks [2010/12/12 21:31:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\LimeWire [2011/07/04 21:12:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\LolClient [2008/12/08 22:40:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\National Instruments [2010/01/04 16:41:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\ooVoo Details [2011/06/12 11:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\PhotoScape [2010/10/24 20:01:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Processing [2011/06/16 09:34:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\RegistryCleanerFree [2011/08/20 10:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\SystemRequirementsLab [2008/09/16 18:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\uTorrent [2007/12/19 20:22:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Viewpoint [2011/02/18 20:31:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\vShare [2008/01/03 06:38:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\Vso [2008/03/05 00:08:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Glenn\Application Data\WeGame [2012/03/04 18:37:34 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Tasks\AVG PC Tuneup Integrator Start On Glenn Logon.job ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 < End of report > Extras: OTL Extras logfile created on: 3/4/2012 11:17:28 PM - Run 1 OTL by OldTimer - Version 3.2.35.1 Folder = C:\Documents and Settings\Glenn\My Documents\Downloads Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.00 Gb Total Physical Memory | 1.30 Gb Available Physical Memory | 65.21% Memory free 3.85 Gb Paging File | 3.25 Gb Available in Paging File | 84.49% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 127.99 Gb Total Space | 63.48 Gb Free Space | 49.60% Space Free | Partition Type: NTFS Drive F: | 170.10 Gb Total Space | 51.70 Gb Free Space | 30.40% Space Free | Partition Type: NTFS Computer Name: GLENN-XO7NI61RK | User Name: Glenn | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l [HKEY_USERS\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Documents and Settings\Glenn\My Documents\gerry\Microsoft Expression Web\Microsoft Expression Web\Office12\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Documents and Settings\Glenn\My Documents\gerry\Microsoft Expression Web\Microsoft Expression Web\Office12\msohtmed.exe" /p %1 (Microsoft Corporation) InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UpdatesDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr] "Start" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService] "Start" = 2 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "57025:TCP" = 57025:TCP:*:Enabled:Pando Media Booster "57025:UDP" = 57025:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 0 "DisableNotifications" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 "443:UDP" = 443:UDP:*:Disabled:ooVoo UDP port 443 "37674:TCP" = 37674:TCP:*:Disabled:ooVoo TCP port 37674 "37674:UDP" = 37674:UDP:*:Disabled:ooVoo UDP port 37674 "37675:UDP" = 37675:UDP:*:Disabled:ooVoo UDP port 37675 "3389:TCP" = 3389:TCP:*:Enabled:@xpsp2res.dll,-22009 "57025:TCP" = 57025:TCP:*:Enabled:Pando Media Booster "57025:UDP" = 57025:UDP:*:Enabled:Pando Media Booster ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC) "C:\Program Files\Steam\steamapps\mercviper\day of defeat source\hl2.exe" = C:\Program Files\Steam\steamapps\mercviper\day of defeat source\hl2.exe:*:Enabled:hl2 -- () "C:\Program Files\Guild Wars\Gw.exe" = C:\Program Files\Guild Wars\Gw.exe:*:Enabled:Guild Wars -- (ArenaNet) "C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe" = C:\wamp\bin\apache\Apache2.2.11\bin\httpd.exe:*:Enabled:Apache HTTP Server -- (Apache Software Foundation) "C:\Program Files\Mozilla Firefox\firefox.exe" = C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox -- (Mozilla Corporation) "C:\Program Files\Starcraft\StarCraft.exe" = C:\Program Files\Starcraft\StarCraft.exe:*:Enabled:Starcraft -- (Blizzard Entertainment) "C:\Program Files\ooVoo\ooVoo.exe" = C:\Program Files\ooVoo\ooVoo.exe:*:Enabled:ooVoo -- (ooVoo LLC) "C:\Program Files\AIM7\aim.exe" = C:\Program Files\AIM7\aim.exe:*:Enabled:AIM -- (AOL Inc.) "C:\Program Files\AIM\aim.exe" = C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger -- (America Online, Inc.) "C:\Program Files\Steam\steamapps\yellow0neinyci\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\yellow0neinyci\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Program Files\Steam\steamapps\yellow0neinyci\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\yellow0neinyci\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve) "C:\Program Files\Steam\steamapps\xchooloo8x\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\xchooloo8x\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "C:\Program Files\AVG\AVG2012\avgnsx.exe" = C:\Program Files\AVG\AVG2012\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgdiagex.exe" = C:\Program Files\AVG\AVG2012\avgdiagex.exe:*:Enabled:AVG Diagnostics 2012 -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgmfapx.exe" = C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG2012\avgemcx.exe" = C:\Program Files\AVG\AVG2012\avgemcx.exe:*:Enabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\Steam\steamapps\xchooloo8x\condition zero\hl.exe" = C:\Program Files\Steam\steamapps\xchooloo8x\condition zero\hl.exe:*:Enabled:Counter-Strike: Condition Zero -- (Valve) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{009E545F-4846-0CDD-0560-A9DFC8598134}" = CCC Help Czech "{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{098122AB-C605-4853-B441-C0A4EB359B75}" = DirectXInstallService "{0AA97D42-3BBB-EB76-F572-D422806CF158}" = Catalyst Control Center Localization Portuguese "{0ECB59D5-A3FC-4D61-AD3B-6CE679B3F852}" = Java DB 10.2.2.0 "{13632239-7686-8D1E-F0B9-123AA2902E43}" = Catalyst Control Center Localization German "{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}" = Primo "{18652404-4857-3ED3-7F09-A29E6F68FAFD}" = Catalyst Control Center Core Implementation "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI "{232230B8-65D9-29D1-356E-FCBFC18498F2}" = CCC Help Polish "{23e5c72c-cc08-4ee0-9cc2-d925b232b331}" = Microsoft MSDN 2005 Express Edition - ENU "{244E21B9-164C-4EC1-AED8-9BD64161E66D}" = ArcSoft VideoImpression 2 "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 14 "{292D65EA-6113-0329-78FF-D66728D04FA6}" = CCC Help Swedish "{294BC355-2869-F9BD-A1C7-1AA054E8526D}" = Catalyst Control Center Localization Hungarian "{29F1D86D-D16C-9BEE-8757-35D7189363AD}" = Catalyst Control Center Localization Finnish "{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine "{3248F0A8-6813-11D6-A77B-00B0D0160020}" = Java 6 Update 2 "{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java 6 Update 3 "{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java 6 Update 5 "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{32A3A4F4-B792-11D6-A78A-00B0D0160030}" = Java SE Development Kit 6 Update 3 "{342d4ad7-ec4c-4ec8-aea6-e70f5905a490}" = SQL Server System CLR Types "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{36CDA33B-909B-4719-97D1-C4B99309BDC7}" = ATI Parental Control & Encoder "{38A11DAC-1B93-B697-BEB5-0F37767F6347}" = Catalyst Control Center Graphics Light "{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMB36X Raid Configurer "{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{3E908702-AF35-4611-9518-955DA24B7E07}" = Microsoft XML Parser and SDK "{4193C526-031D-1C21-4B2C-E2980B8654A3}" = CCC Help Danish "{4210F550-BCA8-903D-3A65-0FD1254B109D}" = CCC Help Norwegian "{49F11AEE-DF90-B606-0E3E-50C60F8FDB36}" = CCC Help French "{4A5A5AFD-A449-593C-474A-53CC63F6E568}" = Catalyst Control Center Graphics Full Existing "{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "{4C4F84FF-FB61-5A5C-D2D2-31E8F29FD0B6}" = Catalyst Control Center Localization Thai "{4CBF6D2C-64B2-ED99-C643-8DB643856225}" = CCC Help German "{4EFC72DA-2314-4E5D-AC8E-1C954CDB8BBF}" = AVG 2012 "{4F0D2C92-826B-611B-0842-D26655BEA966}" = Skins "{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup "{53351EFD-67E1-4603-A7B9-5C8560AAF38F}" = Catalyst Control Center Localization Dutch "{53428412-84F4-1C3B-3D3C-C7E7A8C48C24}" = Catalyst Control Center Localization Swedish "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5A41C8CE-5F2D-61C8-D01B-40548008BA70}" = Catalyst Control Center Localization Danish "{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu "{5C55B074-2958-CBCC-5A1B-FC3A7ABFAB5A}" = Catalyst Control Center Graphics Previews Common "{5F6FBBE5-E20E-11B1-895A-119079D3008E}" = Catalyst Control Center Localization Chinese Traditional "{6B5E3C84-1829-8A7D-AC5A-5F08BE0973BE}" = CCC Help Thai "{6FFDD43F-271E-B953-0105-CA7EEA2DD017}" = CCC Help Chinese Traditional "{700FEDE4-BAB6-FB0E-36AE-35B7C2B3ECAF}" = CCC Help Japanese "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762 "{76B0CBC3-9482-F745-B940-1F3B48320E95}" = Catalyst Control Center Localization Czech "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77564D1B-9492-B85E-122E-78A845E7F9F2}" = Catalyst Control Center Localization Japanese "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client "{791C39B5-DB24-E611-6B10-CCC2B25B0F06}" = Catalyst Control Center Localization Norwegian "{7ADE3A47-B425-45E9-8FF6-11BE2B775645}" = Corel Snapfire Plus "{7C5B4583-7CBF-4289-B195-03B553959DEA}" = VoiceOver Kit "{7F31A962-5484-6CE6-1A84-554226E3A43E}" = Catalyst Control Center Localization Italian "{81538B19-7E55-E0D9-8AC9-AE9494BB3D55}" = CCC Help Dutch "{842FAF7C-50EF-4463-9B8F-6222E1384D7D}" = Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries "{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support "{86B879A5-927E-4536-B5FC-17CA96B60078}" = Garmin Communicator Plugin "{88743E08-4332-15F1-DB8A-72AED7D069FA}" = ccc-core-preinstall "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AAD21E3-3561-9C61-F416-B7648993C0EC}" = Catalyst Control Center Localization Spanish "{8B1B5F0A-5BD2-8DBA-8256-1787961D0F34}" = ccc-core-static "{8cadd3f6-e808-4d48-893d-797b4849de72}" = Quake Live Mozilla Plugin "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_WebDesigner_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_WebDesigner_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_WebDesigner_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-0021-0000-0000-0000000ff1ce}" = Microsoft Office Visual Web Developer 2007 "{90120000-0021-0000-0000-0000000FF1CE}_visualwebdeveloper_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0021-0409-0000-0000000ff1ce}" = Microsoft Office Visual Web Developer MUI (English) 2007 "{90120000-0021-0409-0000-0000000FF1CE}_visualwebdeveloper_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-0026-0000-0000-0000000FF1CE}" = Microsoft Expression Web "{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}" = Microsoft Expression Web Service Pack 1 (SP1) "{90120000-0026-0409-0000-0000000FF1CE}" = Microsoft Expression Web MUI (English) "{90120000-0026-0409-0000-0000000FF1CE}_WebDesigner_{E1044ED2-E4AD-4B39-B500-31109750F6B4}" = Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006e-0409-0000-0000000ff1ce}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_visualwebdeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000ff1ce}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_visualwebdeveloper_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{951EDFAE-B29A-2FB6-7BBA-B5FA80D56ACA}" = CCC Help Korean "{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source "{96F11791-3916-8BC0-AB17-B959A642160E}" = CCC Help English "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{99E447AA-C24F-7E07-AAA0-2533D2BA1857}" = Catalyst Control Center Localization Polish "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A00CF943-CB73-D593-731B-7FC462CC79F8}" = Catalyst Control Center Localization Greek "{a3051cd0-2f64-3813-a88d-b8dccde8f8c7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A3CBDF8A-4E8C-360C-5E8F-3E091364E87D}" = Catalyst Control Center Localization Turkish "{A87B11AC-4344-4E5D-8B12-8F471A87DAD9}" = LightScribe 1.4.136.1 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-A83000000003}" = Adobe Reader 8.3.0 "{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers "{B1AFE717-EDC1-6B67-8136-AE735D37795A}" = CCC Help Spanish "{B2042D5E-986D-44EC-AEE3-AFE4108CCC93}" = Python 3.2 "{B28B351F-1232-46EA-85EF-B8EA91641033}" = Nero 7 Essentials "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B43357AA-3A6D-4D94-B56E-43C44D09E548}" = Microsoft .NET Framework (English) "{B46DE583-C8C5-CB70-FA59-FAE6D2FEA58D}" = CCC Help Italian "{B5BDC1B8-FAE5-2E99-D861-0E5B0D01113E}" = CCC Help Chinese Standard "{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player "{B81AA136-4243-92EC-0169-2CACCB977BBA}" = Catalyst Control Center Localization French "{B9169E14-DF66-BD28-5318-E1D3029B8EE3}" = CCC Help Portuguese "{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49 "{BE8B2261-C89D-10E3-22FC-DA5059B17D1D}" = Catalyst Control Center Localization Korean "{BEDBC661-8D69-8CCA-400B-6289F3CEE1FF}" = Catalyst Control Center Localization Chinese Standard "{c09fb3cd-3d0c-3f2d-899a-6a1d67f2073f}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C167A588-87AA-47BF-A88E-5B0F9A14480D}" = InterVideo DVDCopy5 "{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour "{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries "{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update "{c7eec93a-2a61-4b1e-b696-a264680a889d}" = MobileMe Control Panel "{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE2121C6-C94D-4A73-8EA4-6943F33EE335}" = Music Transfer "{ce2cdd62-0124-36ca-84d3-9f4dcf5c5bd9}" = Microsoft .NET Framework 3.5 SP1 "{D1696920-9794-4BBC-8A30-7A88763DE5A2}" = ABBYY FineReader 5.0 Sprint Plus "{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility "{D5866667-789F-9078-3B2F-032E46BFF70A}" = Catalyst Control Center Localization Russian "{D6AFFAD0-56D3-2D76-3466-B3084E171424}" = CCC Help Turkish "{D8087907-E255-3A41-A46D-D0F798709C71}" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU "{D852836C-7EFF-4471-BC07-4E7AEF5BACE7}" = MyLife Webcam Pro "{D8CD91C7-4A1A-7D7D-0930-2806D97D137E}" = ccc-utility "{DA26293D-57F1-8832-042C-FDE09EFE1BD3}" = CCC Help Hungarian "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E7E84E23-C5C0-4B15-B13A-C63149E59C98}" = AVG 2012 "{E87991C6-AF87-072B-10DC-9B7100504A22}" = Catalyst Control Center Graphics Full New "{E89921E3-013F-3518-F930-42673090C567}" = CCC Help Russian "{EA57EFB9-A257-4DD0-BC6D-0FA5625F3421}" = ArcSoft PhotoImpression 5 "{EC877639-07AB-495C-BFD1-D63AF9140810}" = Roxio Activation Module "{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX "{F46CC671-A61E-D471-35F6-2C565C50706A}" = CCC Help Finnish "{F59A9E08-A6A4-4ACF-91F2-D0344956C30B}" = iTunes "{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects "{F8F35EDE-7816-36DF-C6EC-DCA2954B0C78}" = CCC Help Greek "{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}" = ooVoo "{FDB46DE7-9045-47BB-970A-3E4ED5369E03}" = EMC 10 Content "45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) "53F13DB4D9611FD63BE580F06F0729BF236ABE68" = Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0) "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player "AIM_7" = AIM 7 "All ATI Software" = ATI - Software Uninstall Utility "Any Video Converter_is1" = Any Video Converter 2.5.9 "AOL Instant Messenger" = AOL Instant Messenger "ATI Display Driver" = ATI Display Driver "AVG" = AVG 2012 "AviSynth" = AviSynth 2.5 "DECCHECK" = Microsoft Windows XP Video Decoder Checkup Utility "Dell Photo AIO Printer 922" = Dell Photo AIO Printer 922 "Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2) "DVD Decrypter" = DVD Decrypter (Remove Only) "DVDFab HD Decrypter 4_is1" = DVDFab HD Decrypter 4.1.0.2 "ESET Online Scanner" = ESET Online Scanner v3 "Guild Wars" = Guild Wars "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie7" = Windows Internet Explorer 7 "InstallShield_{1F6423DE-7959-4178-80E0-023C7EAA5347}" = NVIDIA ForceWare Network Access Manager "InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin "JCreator LE_is1" = JCreator LE 4.50 "Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000 "Media Player - Codec Pack" = Media Player Codec Pack 3.2.0 "Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 "microsoft .net framework 3.5 sp1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework Full v1.0.3705 (1033)" = Microsoft .NET Framework (English) v1.0.3705 "Microsoft DirectX SDK (November 2008)" = Microsoft DirectX SDK (November 2008) "microsoft msdn 2005 express edition - enu" = Microsoft MSDN 2005 Express Edition - ENU "Microsoft Visual C++ 2008 Express Edition with SP1 - ENU" = Microsoft Visual C++ 2008 Express Edition with SP1 - ENU "Mozilla Firefox 4.0.1 (x86 en-US)" = Mozilla Firefox 4.0.1 (x86 en-US) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "NVIDIA Drivers" = NVIDIA Drivers "pepakura_viewer3en" = Pepakura Viewer 3 "PhotoScape" = PhotoScape "PopCap Browser Plugin" = PopCap Browser Plugin "PowerISO" = PowerISO "RealPlayer 6.0" = RealPlayer "SoftwareUpdUtility" = Download Updater (AOL LLC) "ST6UNST #1" = ProProfs CompTIA A+ Practice Exams "Starcraft" = Starcraft "Steam App 10" = Counter-Strike "Steam App 80" = Condition Zero "SystemRequirementsLab" = System Requirements Lab "Veetle TV" = Veetle TV 0.9.15 "ViewpointMediaPlayer" = Viewpoint Media Player "visualwebdeveloper" = Microsoft Visual Studio Web Authoring Component "VLC media player" = VideoLAN VLC media player 0.8.6d "vshare" = vShare Toolbar "wampserver 2_is1" = WampServer 2.0 "WebDesigner" = Microsoft Expression Web "wic" = Windows Imaging Component "windows live onecare safety scanner" = Windows Live OneCare safety scanner "Windows Media Encoder 9" = Windows Media Encoder 9 Series "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 2 "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0 "XviD Video Codec" = XviD Video Codec 1.1.2-01022007 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1645522239-261478967-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Juniper_Setup_Client" = Juniper Networks Setup Client "Move Media Player" = Move Media Player ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 3/4/2012 12:02:14 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481, P2 1033, P3 1635, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 12:02:25 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:18:23 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb982168, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:18:31 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976576, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:19:41 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481, P2 1033, P3 1635, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:19:48 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:00:25 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb982168, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:00:32 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976576, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:01:41 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481, P2 1033, P3 1635, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:01:47 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. [ Application Events ] Error - 3/4/2012 12:02:14 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481, P2 1033, P3 1635, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 12:02:25 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:18:23 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb982168, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:18:31 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976576, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:19:41 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481, P2 1033, P3 1635, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/4/2012 1:19:48 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:00:25 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 3.0-kb982168, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40215.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:00:32 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb976576, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:01:41 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb958481, P2 1033, P3 1635, P4 msi, P5 f, P6 9.0.31211.0, P7 install, P8 x86, P9 xp, P10 0. Error - 3/5/2012 12:01:47 AM | Computer Name = GLENN-XO7NI61RK | Source = HotFixInstaller | ID = 5000 Description = EventType visualstudio8setup, P1 microsoft .net framework 2.0-kb974417, P2 1033, P3 1605, P4 msi, P5 f, P6 9.0.40302.0, P7 install, P8 x86, P9 xp, P10 0. [ System Events ] Error - 3/5/2012 12:21:24 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:21:44 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:22:04 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:22:24 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:22:44 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:23:04 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:23:24 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:23:44 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:24:04 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} Error - 3/5/2012 12:24:24 AM | Computer Name = GLENN-XO7NI61RK | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service NMIndexingService with arguments "" in order to run the server: {C6A811AB-F8FF-45A4-93E5-FC5CCB650BE7} < End of report >
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.