iMoni
-
Posts
27 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by iMoni
-
-
I think I found it !!!
on Chrome it was the YouTube add on (I think it was not the clean add on)On firefox I dont know if the problem existed in first place as I never use it.
-
Just now I went back to facebook on Chrome and again link was hijacked by malwere
-
in safe mode its fine.
But I saw most problems in Chrome not firefox
-
Now I have noticed that meetme-tonight.info... is working on this site as well.
-
Hi it seems that in some small way cleaning Java helped because I am not taken to next page
but in the lower left corner on browser Chrome I see that its connecting to the page connected to this virus
meetme.tonight....
I have blocked cookies to be dropped and plug ins to be played.
it seems that firefox and ie are not affected as much although ie was affected before as I remember.
No worries I dont use the registry booster to clean my registry just ran it to see if it show something did not deleted any of those keys.
So the malware is hiding still somewhere.
-
Hi I found this RegistryBooster by UniBlue I ran it maybe you can see something helpful.
Scan Results
Scan date: 2012-03-04 17:40:52.823000
Total problems found: 200
System related errors
Errors affecting all users on this computer.
Scan subsection: Application paths
Entries found: 1
Entries:
Entry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Adobe SVG Viewer
Value name:
Value: C:\Windows\System32\Adobe\SVG Viewer\Adobe SVG Viewer
Reason: The default value in HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/App Paths/Adobe SVG Viewer contains an invalid path C:/Windows/System32/Adobe/SVG Viewer/Adobe SVG Viewer
Scan subsection: System software settings
Entries found: 0
Entries:
Scan subsection: ActiveX, OLE, COM sections
Entries found: 122
Entries:
Entry: HKEY_CLASSES_ROOT\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}/InprocServer32 points to the missing file C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{1152F8E0-69DB-4935-AFC3-59F8A5A86A3E}\LocalServer32
Value name:
Value: C:\PROGRA~1\AVG\AVG10\PCTuneup\MICROS~1.EXE
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{1152F8E0-69DB-4935-AFC3-59F8A5A86A3E}/LocalServer32 points to the missing file C:/PROGRA~1/AVG/AVG10/PCTuneup/MICROS~1.EXE
Entry: HKEY_CLASSES_ROOT\CLSID\{546958A5-5C48-48BE-9396-599811623E60}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.79\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{546958A5-5C48-48BE-9396-599811623E60}/InprocHandler32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.79/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.69\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{218D2740-5A50-42A8-AB9F-62FF1B168782}/InProcServer32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.69/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}/InprocServer32 points to the missing file C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.65\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{DB25D157-76D4-41C1-97B5-359E4A4CECEB}/InProcServer32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.65/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{4A26DF46-A5AF-4D46-A60D-14AD89E57A63}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.65\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{4A26DF46-A5AF-4D46-A60D-14AD89E57A63}/InprocHandler32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.65/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{3A6EE5C3-7A28-452B-832D-08FE74C7EEAD}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.69\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{3A6EE5C3-7A28-452B-832D-08FE74C7EEAD}/InprocHandler32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.69/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.57\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}/InProcServer32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.57/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{515C93ED-88BD-4CCB-AE7F-9F2A1E9695A3}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.57\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{515C93ED-88BD-4CCB-AE7F-9F2A1E9695A3}/InprocHandler32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.57/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}/InprocServer32 points to the missing file C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.79\psuser.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{320F0FDB-BE0A-4648-9D18-4A2C3448C007}/InProcServer32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.3.21.79/psuser.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.2.183.39\goopdate.dll
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{29A96789-9595-4947-BEDB-0FCC776F7DB8}/InProcServer32 points to the missing file C:/Users/Monika/AppData/Local/Google/Update/1.2.183.39/goopdate.dll
Entry: HKEY_CLASSES_ROOT\TypeLib\{01118D01-3E00-11D2-8470-0060089874ED}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{01118D01-3E00-11D2-8470-0060089874ED}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{01010E01-5E80-11D8-9E86-0007E96C65AE}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{01010E01-5E80-11D8-9E86-0007E96C65AE}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{B80C6976-50C0-4110-BC85-44EB975CDCA0}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{B80C6976-50C0-4110-BC85-44EB975CDCA0}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{F5078F18-C551-11D3-89B9-0000F81FE221}\4.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{F5078F18-C551-11D3-89B9-0000F81FE221}/4.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{86173bae-64e7-429b-b28a-e14ee55eb845}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{86173bae-64e7-429b-b28a-e14ee55eb845}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{01013801-5E80-11D8-9E86-0007E96C65AE}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{01013801-5E80-11D8-9E86-0007E96C65AE}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{01119001-3E00-11D2-8470-0060089874ED}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{01119001-3E00-11D2-8470-0060089874ED}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{D6995525-B33A-4980-A106-9DF58570CC66}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{D6995525-B33A-4980-A106-9DF58570CC66}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{72A71D0F-AEDD-4427-BCAE-679796D2F0EA}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{72A71D0F-AEDD-4427-BCAE-679796D2F0EA}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{9D8925E0-D73D-44CC-B7D1-C7DE4345AED6}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{9D8925E0-D73D-44CC-B7D1-C7DE4345AED6}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{071C2681-F571-11D1-A771-00A02474F207}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{071C2681-F571-11D1-A771-00A02474F207}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{42D8034F-DC31-4F2F-86FF-B0959335D51A}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{42D8034F-DC31-4F2F-86FF-B0959335D51A}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{01017E2A-5E80-11D8-9E86-0007E96C65AE}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{01017E2A-5E80-11D8-9E86-0007E96C65AE}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{C1D8C091-AC66-4159-B738-E70A12B983A4}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{C1D8C091-AC66-4159-B738-E70A12B983A4}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{6318E0A8-2E93-11D1-B8ED-00608CC9A71F}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{6318E0A8-2E93-11D1-B8ED-00608CC9A71F}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}\2.3\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{2DF8D04C-5BFA-101B-BDE5-00AA0044DE52}/2.3/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{5F847504-3E17-11D3-BABB-00C04F72FB4E}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{5F847504-3E17-11D3-BABB-00C04F72FB4E}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{01012100-5E80-11D8-9E86-0007E96C65AE}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{01012100-5E80-11D8-9E86-0007E96C65AE}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{41738EEA-442F-477F-92CF-2889BD6CD7E7}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{41738EEA-442F-477F-92CF-2889BD6CD7E7}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{D9C70CDD-6E26-419E-966B-EFCA8CFB24FD}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{D9C70CDD-6E26-419E-966B-EFCA8CFB24FD}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{B880BF6E-1646-47D0-96EB-E963AADA3740}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{B880BF6E-1646-47D0-96EB-E963AADA3740}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{2991F100-D9C3-4243-82A2-A718747FC0CF}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{2991F100-D9C3-4243-82A2-A718747FC0CF}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{7F3D5669-6B22-4B26-A7B8-EE0A4DA1B6FA}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{7F3D5669-6B22-4B26-A7B8-EE0A4DA1B6FA}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{7C1E4FCC-B47E-44AE-8EA7-FA66EBC8BAC4}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{2ABAB2A7-490B-44C3-8C68-733B21ACEEE3}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{2ABAB2A7-490B-44C3-8C68-733B21ACEEE3}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{01011301-5E80-11D8-9E86-0007E96C65AE}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{01011301-5E80-11D8-9E86-0007E96C65AE}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{3205CF2E-CA6A-40FA-838C-EC38E0AB74F0}\1.0\HELPDIR
Value name:
Value:
Reason: The key HKEY_CLASSES_ROOT/TypeLib/{3205CF2E-CA6A-40FA-838C-EC38E0AB74F0}/1.0/HELPDIR is empty
Entry: HKEY_CLASSES_ROOT\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}\1.0\0\win32
Value name:
Value: C:\Program Files\StartNow Toolbar\Toolbar32.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}/1.0/0/win32 points to the missing file C:/Program Files/StartNow Toolbar/Toolbar32.dll
Entry: HKEY_CLASSES_ROOT\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}\1.0\0\win32
Value name:
Value: C:\Program Files\StartNow Toolbar\ToolbarBroker.exe
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}/1.0/0/win32 points to the missing file C:/Program Files/StartNow Toolbar/ToolbarBroker.exe
Entry: HKEY_CLASSES_ROOT\TypeLib\{4045F420-8872-4B39-98E2-A05526D55BB3}\1.0\0\win32
Value name:
Value: C:\Users\Monika\AppData\Local\Temp\PPT11.0\ShockwaveFlashObjects.exd
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{4045F420-8872-4B39-98E2-A05526D55BB3}/1.0/0/win32 points to the missing file C:/Users/Monika/AppData/Local/Temp/PPT11.0/ShockwaveFlashObjects.exd
Entry: HKEY_CLASSES_ROOT\TypeLib\{66694099-FBD8-4A98-AB9F-F19EAB4144C8}\1.0\0\win32
Value name:
Value: C:\Program Files\AVG\AVG10\PCTuneup\MicroScanner.exe
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{66694099-FBD8-4A98-AB9F-F19EAB4144C8}/1.0/0/win32 points to the missing file C:/Program Files/AVG/AVG10/PCTuneup/MicroScanner.exe
Entry: HKEY_CLASSES_ROOT\TypeLib\{B0A632A5-B0D1-41E8-A84A-A502B3341363}\1.0\0\win32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{B0A632A5-B0D1-41E8-A84A-A502B3341363}/1.0/0/win32 points to the missing file C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CLASSES_ROOT\TypeLib\{9CA8CA48-AC7A-478B-A747-C63F1EE142DC}\2.0\0\win32
Value name:
Value: C:\Users\Monika\AppData\Local\Temp\VBE\MSForms.exd
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{9CA8CA48-AC7A-478B-A747-C63F1EE142DC}/2.0/0/win32 points to the missing file C:/Users/Monika/AppData/Local/Temp/VBE/MSForms.exd
Entry: HKEY_CLASSES_ROOT\TypeLib\{506B4C1F-587D-4CD3-94A3-00354CF6EFEF}\1.0\0\win32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{506B4C1F-587D-4CD3-94A3-00354CF6EFEF}/1.0/0/win32 points to the missing file C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CLASSES_ROOT\TypeLib\{071C2681-F571-11D1-A771-00A02474F207}\1.0\0\win32
Value name:
Value: C:\Program Files\BreezyPrint\outsidex.ocx
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{071C2681-F571-11D1-A771-00A02474F207}/1.0/0/win32 points to the missing file C:/Program Files/BreezyPrint/outsidex.ocx
Entry: HKEY_CLASSES_ROOT\TypeLib\{283C8576-0726-4DBC-9609-3F855162009A}\4.0\0\win32
Value name:
Value: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
Reason: The default value in HKEY_CLASSES_ROOT/TypeLib/{283C8576-0726-4DBC-9609-3F855162009A}/4.0/0/win32 points to the missing file c:/Program Files/Microsoft Silverlight/4.0.60831.0/npctrl.dll
Entry: HKEY_CLASSES_ROOT\CLSID\{F354D256-D164-4823-8F00-DE139ACF21CA}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F354D256-D164-4823-8F00-DE139ACF21CA}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{050FA6F7-9841-4D4E-836A-3E1EE50D324D}\TypeLib
Value name:
Value: ⺨ᖿ⺵
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{050FA6F7-9841-4D4E-836A-3E1EE50D324D}/TypeLib points to missing TypeLib ⺨ᖿ⺵
Entry: HKEY_CLASSES_ROOT\CLSID\{E8EFAA5B-D95F-4C16-BDBD-4087354D025D}\TypeLib
Value name:
Value: {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{E8EFAA5B-D95F-4C16-BDBD-4087354D025D}/TypeLib points to missing TypeLib {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Entry: HKEY_CLASSES_ROOT\CLSID\{6C0D8920-0F96-4C4E-A6EE-D87C7501D859}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{6C0D8920-0F96-4C4E-A6EE-D87C7501D859}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{F663A636-67CD-441F-A130-88F8572E9EE2}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F663A636-67CD-441F-A130-88F8572E9EE2}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{F2B865AF-388A-4200-A57D-5F316A01125A}\TypeLib
Value name:
Value: {007658AA-9403-4159-BA53-32DC553FA655}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F2B865AF-388A-4200-A57D-5F316A01125A}/TypeLib points to missing TypeLib {007658AA-9403-4159-BA53-32DC553FA655}
Entry: HKEY_CLASSES_ROOT\CLSID\{D62DD144-A79C-461C-B6AE-110A08E04798}\TypeLib
Value name:
Value: {450821B9-952C-4027-B25E-9759208BD14A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{D62DD144-A79C-461C-B6AE-110A08E04798}/TypeLib points to missing TypeLib {450821B9-952C-4027-B25E-9759208BD14A}
Entry: HKEY_CLASSES_ROOT\CLSID\{5CBAD860-46EE-4193-8FDF-5EF8625E0CA1}\TypeLib
Value name:
Value: {81BCFB9F-5C3B-404D-B5BF-6BA3F5CE35B7}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5CBAD860-46EE-4193-8FDF-5EF8625E0CA1}/TypeLib points to missing TypeLib {81BCFB9F-5C3B-404D-B5BF-6BA3F5CE35B7}
Entry: HKEY_CLASSES_ROOT\CLSID\{94FA25C7-7127-4842-A2A2-00DFFA76647B}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{94FA25C7-7127-4842-A2A2-00DFFA76647B}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{188a4c39-df85-4881-8c94-29b69c307ecf}\TypeLib
Value name:
Value: {188a4c39-df85-4881-8c94-29b69c307ecf}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{188a4c39-df85-4881-8c94-29b69c307ecf}/TypeLib points to missing TypeLib {188a4c39-df85-4881-8c94-29b69c307ecf}
Entry: HKEY_CLASSES_ROOT\CLSID\{9CCF1631-F464-4558-84F4-4D65E148F239}\TypeLib
Value name:
Value: {D05E7A69-5438-447F-992B-123064F2E3DD}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{9CCF1631-F464-4558-84F4-4D65E148F239}/TypeLib points to missing TypeLib {D05E7A69-5438-447F-992B-123064F2E3DD}
Entry: HKEY_CLASSES_ROOT\CLSID\{242D1EAA-77A0-481F-94A3-0D2B431C6310}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{242D1EAA-77A0-481F-94A3-0D2B431C6310}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{1BD58F1A-2987-4726-AD1C-FBB0C3D270AB}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{1BD58F1A-2987-4726-AD1C-FBB0C3D270AB}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{8822E85A-28E8-4295-8A22-52CF0A494CDE}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{8822E85A-28E8-4295-8A22-52CF0A494CDE}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{245A886D-E775-4B78-9F3E-54905DD1943B}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{245A886D-E775-4B78-9F3E-54905DD1943B}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{A7D633F3-A2F4-4176-ACFA-817FA25E16F7}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{A7D633F3-A2F4-4176-ACFA-817FA25E16F7}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{B14C34C6-B46F-47AB-9F51-3D7E2379FA27}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{B14C34C6-B46F-47AB-9F51-3D7E2379FA27}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{78637AD0-E0BA-4EF6-B90E-5386C7CC7845}\TypeLib
Value name:
Value: {}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{78637AD0-E0BA-4EF6-B90E-5386C7CC7845}/TypeLib points to missing TypeLib {}
Entry: HKEY_CLASSES_ROOT\CLSID\{E8EFAA5C-D95F-4C16-BDBD-4087354D025D}\TypeLib
Value name:
Value: {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{E8EFAA5C-D95F-4C16-BDBD-4087354D025D}/TypeLib points to missing TypeLib {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Entry: HKEY_CLASSES_ROOT\CLSID\{9D13E607-106F-4892-8A83-FF9827C0A3D5}\TypeLib
Value name:
Value: {BEB70C92-90A2-4166-A7F5-DD648E36594A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{9D13E607-106F-4892-8A83-FF9827C0A3D5}/TypeLib points to missing TypeLib {BEB70C92-90A2-4166-A7F5-DD648E36594A}
Entry: HKEY_CLASSES_ROOT\CLSID\{4AACD9FF-3093-46DF-8C8E-20C1EAAE5D20}\TypeLib
Value name:
Value: {A74B2E7D-21C5-4CE5-A4B5-620BCF425B28}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{4AACD9FF-3093-46DF-8C8E-20C1EAAE5D20}/TypeLib points to missing TypeLib {A74B2E7D-21C5-4CE5-A4B5-620BCF425B28}
Entry: HKEY_CLASSES_ROOT\CLSID\{96F129DC-65DD-496A-835D-71685D615289}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{96F129DC-65DD-496A-835D-71685D615289}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC6}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{75C11604-5C51-48B2-B786-DF5E51D10EC6}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{026813CC-986D-4DFF-855A-8F8F1262B1F8}\TypeLib
Value name:
Value: {450821B9-952C-4027-B25E-9759208BD14A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{026813CC-986D-4DFF-855A-8F8F1262B1F8}/TypeLib points to missing TypeLib {450821B9-952C-4027-B25E-9759208BD14A}
Entry: HKEY_CLASSES_ROOT\CLSID\{035CE1DB-94A9-48B0-8D6C-E7DF8A91170F}\TypeLib
Value name:
Value: ᮈꢀ쪲캧
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{035CE1DB-94A9-48B0-8D6C-E7DF8A91170F}/TypeLib points to missing TypeLib ᮈꢀ쪲캧
Entry: HKEY_CLASSES_ROOT\CLSID\{688B0D3D-AF8F-483C-A712-8F4E9868B8DA}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{688B0D3D-AF8F-483C-A712-8F4E9868B8DA}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{B49F4689-8708-4F54-A4DD-CEBD79321A04}\TypeLib
Value name:
Value: {E8E7D1F3-BA7E-4DBD-B6FF-D018F1945806}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{B49F4689-8708-4F54-A4DD-CEBD79321A04}/TypeLib points to missing TypeLib {E8E7D1F3-BA7E-4DBD-B6FF-D018F1945806}
Entry: HKEY_CLASSES_ROOT\CLSID\{3753737C-DD75-11D2-966A-00C04F79487A}\TypeLib
Value name:
Value: {D1446E16-E0DE-11D2-966A-00C04F79487A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{3753737C-DD75-11D2-966A-00C04F79487A}/TypeLib points to missing TypeLib {D1446E16-E0DE-11D2-966A-00C04F79487A}
Entry: HKEY_CLASSES_ROOT\CLSID\{94C5EFFF-6C03-4801-90BE-F936F8692AB1}\TypeLib
Value name:
Value: {BD404CA1-A5F8-49B7-8B42-30A80687B316}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{94C5EFFF-6C03-4801-90BE-F936F8692AB1}/TypeLib points to missing TypeLib {BD404CA1-A5F8-49B7-8B42-30A80687B316}
Entry: HKEY_CLASSES_ROOT\CLSID\{009D33D4-DAEE-4B37-9741-A73E85991BCC}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{009D33D4-DAEE-4B37-9741-A73E85991BCC}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{BA32E1B5-A414-4D9D-BFF0-250C9C8A4DD9}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{BA32E1B5-A414-4D9D-BFF0-250C9C8A4DD9}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{80EE9910-D470-4AED-AC5D-987046FDB574}\TypeLib
Value name:
Value: {19D52A9A-379C-4720-BA00-3D396ECD24D7}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{80EE9910-D470-4AED-AC5D-987046FDB574}/TypeLib points to missing TypeLib {19D52A9A-379C-4720-BA00-3D396ECD24D7}
Entry: HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC9}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{75C11604-5C51-48B2-B786-DF5E51D10EC9}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{FF044937-3BF1-49B2-8DB1-E0CAE8B9A3DC}\TypeLib
Value name:
Value: {8C56919B-2A3B-413A-8E03-0B4855FE7DAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{FF044937-3BF1-49B2-8DB1-E0CAE8B9A3DC}/TypeLib points to missing TypeLib {8C56919B-2A3B-413A-8E03-0B4855FE7DAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{BAA8FB92-D1E7-4181-B0EE-94DA3329F7C0}\TypeLib
Value name:
Value: {3D3027D0-2B43-4C5B-89F7-151AC7C20AE6}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{BAA8FB92-D1E7-4181-B0EE-94DA3329F7C0}/TypeLib points to missing TypeLib {3D3027D0-2B43-4C5B-89F7-151AC7C20AE6}
Entry: HKEY_CLASSES_ROOT\CLSID\{98E7EFB4-CDE6-4D85-B7AD-CE89EDD302E2}\TypeLib
Value name:
Value: {741B0663-AA4B-42E0-888E-64A9C9347A6A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{98E7EFB4-CDE6-4D85-B7AD-CE89EDD302E2}/TypeLib points to missing TypeLib {741B0663-AA4B-42E0-888E-64A9C9347A6A}
Entry: HKEY_CLASSES_ROOT\CLSID\{DAD90BC7-5321-4048-939A-694B0A274C02}\TypeLib
Value name:
Value: {8C56919B-2A3B-413A-8E03-0B4855FE7DAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{DAD90BC7-5321-4048-939A-694B0A274C02}/TypeLib points to missing TypeLib {8C56919B-2A3B-413A-8E03-0B4855FE7DAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{C2EEF66E-23CA-43D1-9603-0202FC6174A0}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{C2EEF66E-23CA-43D1-9603-0202FC6174A0}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{5C94209A-F8BF-45B9-B658-8987E2E2DA19}\TypeLib
Value name:
Value: {EE0805F0-8F35-41BA-98F6-172F008EC3DD}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5C94209A-F8BF-45B9-B658-8987E2E2DA19}/TypeLib points to missing TypeLib {EE0805F0-8F35-41BA-98F6-172F008EC3DD}
Entry: HKEY_CLASSES_ROOT\CLSID\{F28D5171-0577-11D4-8F60-00C04F9CF4AC}\TypeLib
Value name:
Value: {11A3B755-0562-11D4-8F60-00C04F9CF4AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F28D5171-0577-11D4-8F60-00C04F9CF4AC}/TypeLib points to missing TypeLib {11A3B755-0562-11D4-8F60-00C04F9CF4AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{640459E1-C75B-43B7-8E52-E7701E8D4EBF}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{640459E1-C75B-43B7-8E52-E7701E8D4EBF}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{D54984FC-EB92-4500-A386-F07CCC41E45C}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{D54984FC-EB92-4500-A386-F07CCC41E45C}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}\TypeLib
Value name:
Value: {47A7A4B0-2723-41BA-865E-EBBB7081A602}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}/TypeLib points to missing TypeLib {47A7A4B0-2723-41BA-865E-EBBB7081A602}
Entry: HKEY_CLASSES_ROOT\CLSID\{2BBA66D2-47E8-4d91-9B51-0B0D6D784F38}\TypeLib
Value name:
Value: {BD404CA1-A5F8-49B7-8B42-30A80687B316}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{2BBA66D2-47E8-4d91-9B51-0B0D6D784F38}/TypeLib points to missing TypeLib {BD404CA1-A5F8-49B7-8B42-30A80687B316}
Entry: HKEY_CLASSES_ROOT\CLSID\{02D0B323-4ECA-48e4-8C1E-80AE1C028B29}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{02D0B323-4ECA-48e4-8C1E-80AE1C028B29}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{ABF651A1-0F07-48DF-9FF6-8B1B557669CA}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{ABF651A1-0F07-48DF-9FF6-8B1B557669CA}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{8EE4C235-F2CE-4C3B-9ADE-DD68718AE32A}\TypeLib
Value name:
Value: {4743C1A4-E33C-4495-B873-67AB9EA4E5F9}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{8EE4C235-F2CE-4C3B-9ADE-DD68718AE32A}/TypeLib points to missing TypeLib {4743C1A4-E33C-4495-B873-67AB9EA4E5F9}
Entry: HKEY_CLASSES_ROOT\CLSID\{35AAEA84-40DC-4397-9A80-613FD196FBAD}\TypeLib
Value name:
Value: {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{35AAEA84-40DC-4397-9A80-613FD196FBAD}/TypeLib points to missing TypeLib {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Entry: HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC7}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{75C11604-5C51-48B2-B786-DF5E51D10EC7}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{B8E622FC-D912-4C4D-B0F9-616AA3B44EED}\TypeLib
Value name:
Value: {E4B8DE1A-75AB-47E8-92D7-8B268450C980}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{B8E622FC-D912-4C4D-B0F9-616AA3B44EED}/TypeLib points to missing TypeLib {E4B8DE1A-75AB-47E8-92D7-8B268450C980}
Entry: HKEY_CLASSES_ROOT\CLSID\{5591379C-B467-4BCA-B647-A438712504B0}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5591379C-B467-4BCA-B647-A438712504B0}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{08F13781-BEF4-4758-A434-007BFD2FD858}\TypeLib
Value name:
Value: {08F13781-BEF4-4758-A434-007BFD2FD858}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{08F13781-BEF4-4758-A434-007BFD2FD858}/TypeLib points to missing TypeLib {08F13781-BEF4-4758-A434-007BFD2FD858}
Entry: HKEY_CLASSES_ROOT\CLSID\{7DBB6493-54E1-4E5C-BBFC-1AFF6D5CDCC9}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{7DBB6493-54E1-4E5C-BBFC-1AFF6D5CDCC9}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{8619FFAE-8AE1-481F-84B2-41A3C9669C0A}\TypeLib
Value name:
Value: {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{8619FFAE-8AE1-481F-84B2-41A3C9669C0A}/TypeLib points to missing TypeLib {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Entry: HKEY_CLASSES_ROOT\CLSID\{70873882-ED56-459D-92EC-04B9F749310D}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{70873882-ED56-459D-92EC-04B9F749310D}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{3246A6CF-2898-4541-AA7E-3F847903D29B}\TypeLib
Value name:
Value: {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{3246A6CF-2898-4541-AA7E-3F847903D29B}/TypeLib points to missing TypeLib {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Entry: HKEY_CLASSES_ROOT\CLSID\{B830025D-E08D-4671-9937-89D1B12F860B}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{B830025D-E08D-4671-9937-89D1B12F860B}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{09A35D39-9D00-442A-8621-35309D05933B}\TypeLib
Value name:
Value: {741B0663-AA4B-42E0-888E-64A9C9347A6A}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{09A35D39-9D00-442A-8621-35309D05933B}/TypeLib points to missing TypeLib {741B0663-AA4B-42E0-888E-64A9C9347A6A}
Entry: HKEY_CLASSES_ROOT\CLSID\{141B125E-656A-485F-8EB2-DB942C72F5FD}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{141B125E-656A-485F-8EB2-DB942C72F5FD}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{72B082C6-97D5-11D3-8BEC-00C04F68DDC2}\TypeLib
Value name:
Value: {72B082B9-97D5-11D3-8BEC-00C04F68DDC2}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{72B082C6-97D5-11D3-8BEC-00C04F68DDC2}/TypeLib points to missing TypeLib {72B082B9-97D5-11D3-8BEC-00C04F68DDC2}
Entry: HKEY_CLASSES_ROOT\CLSID\{5F6C4076-12F5-11D3-8CEE-005004838434}\TypeLib
Value name:
Value: {AE997BEB-0FBD-11D3-8CEE-005004838434}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{5F6C4076-12F5-11D3-8CEE-005004838434}/TypeLib points to missing TypeLib {AE997BEB-0FBD-11D3-8CEE-005004838434}
Entry: HKEY_CLASSES_ROOT\CLSID\{E8EFAA5A-D95F-4C16-BDBD-4087354D025D}\TypeLib
Value name:
Value: {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{E8EFAA5A-D95F-4C16-BDBD-4087354D025D}/TypeLib points to missing TypeLib {6D68BC7E-6746-46be-8EFB-C5A6D56B6B3B}
Entry: HKEY_CLASSES_ROOT\CLSID\{F719CCF9-FE2D-441D-9FCF-D26133B19D1A}\TypeLib
Value name:
Value: {A74B2E7D-21C5-4CE5-A4B5-620BCF425B28}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F719CCF9-FE2D-441D-9FCF-D26133B19D1A}/TypeLib points to missing TypeLib {A74B2E7D-21C5-4CE5-A4B5-620BCF425B28}
Entry: HKEY_CLASSES_ROOT\CLSID\{9196C75B-8267-4189-AB40-D18C1662519E}\TypeLib
Value name:
Value: {3E636608-9157-41B3-9AE3-36A231A142AC}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{9196C75B-8267-4189-AB40-D18C1662519E}/TypeLib points to missing TypeLib {3E636608-9157-41B3-9AE3-36A231A142AC}
Entry: HKEY_CLASSES_ROOT\CLSID\{75C11604-5C51-48B2-B786-DF5E51D10EC8}\TypeLib
Value name:
Value: {893CD020-4354-4B33-A78D-909EE58BAFAF}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{75C11604-5C51-48B2-B786-DF5E51D10EC8}/TypeLib points to missing TypeLib {893CD020-4354-4B33-A78D-909EE58BAFAF}
Entry: HKEY_CLASSES_ROOT\CLSID\{F9BA3D2E-B17D-4af9-A23D-9B8044249722}\TypeLib
Value name:
Value: {A1D61DC9-1F6A-450b-B345-4EE64DE4B45D}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{F9BA3D2E-B17D-4af9-A23D-9B8044249722}/TypeLib points to missing TypeLib {A1D61DC9-1F6A-450b-B345-4EE64DE4B45D}
Entry: HKEY_CLASSES_ROOT\CLSID\{28ACED1E-CC5E-49F8-A00F-68224725AD0B}\TypeLib
Value name:
Value: {}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{28ACED1E-CC5E-49F8-A00F-68224725AD0B}/TypeLib points to missing TypeLib {}
Entry: HKEY_CLASSES_ROOT\CLSID\{CC886017-50D0-410A-B1DC-691AC7D61A80}\TypeLib
Value name:
Value: {BD404CA1-A5F8-49B7-8B42-30A80687B316}
Reason: The default value in HKEY_CLASSES_ROOT/CLSID/{CC886017-50D0-410A-B1DC-691AC7D61A80}/TypeLib points to missing TypeLib {BD404CA1-A5F8-49B7-8B42-30A80687B316}
Entry: HKEY_CLASSES_ROOT\Interface\{915DA835-02FE-4953-92FA-624BDF5D85AB}\TypeLib
Value name:
Value: {19D52A9A-379C-4720-BA00-3D396ECD24D7}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{915DA835-02FE-4953-92FA-624BDF5D85AB}/TypeLib points to missing TypeLib {19D52A9A-379C-4720-BA00-3D396ECD24D7}
Entry: HKEY_CLASSES_ROOT\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}\TypeLib
Value name:
Value: {47A7A4B0-2723-41BA-865E-EBBB7081A602}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}/TypeLib points to missing TypeLib {47A7A4B0-2723-41BA-865E-EBBB7081A602}
Entry: HKEY_CLASSES_ROOT\Interface\{46B89F5A-769D-4792-AD9A-E3755915CBC3}\TypeLib
Value name:
Value: {47A7A4B0-2723-41BA-865E-EBBB7081A602}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{46B89F5A-769D-4792-AD9A-E3755915CBC3}/TypeLib points to missing TypeLib {47A7A4B0-2723-41BA-865E-EBBB7081A602}
Entry: HKEY_CLASSES_ROOT\Interface\{D775A119-EAC2-4F28-B06E-8AC16F2695DA}\TypeLib
Value name:
Value: {19D52A9A-379C-4720-BA00-3D396ECD24D7}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{D775A119-EAC2-4F28-B06E-8AC16F2695DA}/TypeLib points to missing TypeLib {19D52A9A-379C-4720-BA00-3D396ECD24D7}
Entry: HKEY_CLASSES_ROOT\Interface\{576D076F-BFA5-422D-99E6-2D04C1CB7E73}\TypeLib
Value name:
Value: {3D3027D0-2B43-4C5B-89F7-151AC7C20AE6}
Reason: The default value in HKEY_CLASSES_ROOT/Interface/{576D076F-BFA5-422D-99E6-2D04C1CB7E73}/TypeLib points to missing TypeLib {3D3027D0-2B43-4C5B-89F7-151AC7C20AE6}
Scan subsection: Invalid file associations
Entries found: 18
Entries:
Entry: HKEY_CLASSES_ROOT\OISemffile
Value name:
Value:
Reason: The key OISemffile under HKEY_CLASSES_ROOT is empty
Entry: HKEY_CLASSES_ROOT\OISgiffile
Value name:
Value:
Reason: The key OISgiffile under HKEY_CLASSES_ROOT is empty
Entry: HKEY_CLASSES_ROOT\OISpngfile
Value name:
Value:
Reason: The key OISpngfile under HKEY_CLASSES_ROOT is empty
Entry: HKEY_CLASSES_ROOT\OISbmpfile
Value name:
Value:
Reason: The key OISbmpfile under HKEY_CLASSES_ROOT is empty
Entry: HKEY_CLASSES_ROOT\OIStiffile
Value name:
Value:
Reason: The key OIStiffile under HKEY_CLASSES_ROOT is empty
Entry: HKEY_CLASSES_ROOT\OISwmffile
Value name:
Value:
Reason: The key OISwmffile under HKEY_CLASSES_ROOT is empty
Entry: HKEY_CLASSES_ROOT\OISjpegfile
Value name:
Value:
Reason: The key OISjpegfile under HKEY_CLASSES_ROOT is empty
Entry: HKEY_CLASSES_ROOT\filetype\{00020821-0000-0000-C000-000000000046}
Value name:
Value:
Reason: The key {00020821-0000-0000-C000-000000000046} under HKEY_CLASSES_ROOT\filetype is empty
Entry: HKEY_CLASSES_ROOT\Agent.Preview.2\CLSID
Value name:
Value: {D45FD301-5C6E-11D1-9EC1-00C04FD7081F}
Reason: The key HKEY_CLASSES_ROOT\Agent.Preview.2\CLSID points to a missing CLSID {D45FD301-5C6E-11D1-9EC1-00C04FD7081F}
Entry: HKEY_CLASSES_ROOT\mapifvbx.object\Clsid
Value name:
Value: {41116C00-8B90-101B-96CD-00AA003B14FC}
Reason: The key HKEY_CLASSES_ROOT\mapifvbx.object\Clsid points to a missing CLSID {41116C00-8B90-101B-96CD-00AA003B14FC}
Entry: HKEY_CLASSES_ROOT\Conduit.Engine\CLSID
Value name:
Value: {8AE839F9-CD66-408B-A5B4-C8CB07CFA9B0}
Reason: The key HKEY_CLASSES_ROOT\Conduit.Engine\CLSID points to a missing CLSID {8AE839F9-CD66-408B-A5B4-C8CB07CFA9B0}
Entry: HKEY_CLASSES_ROOT\mapifvbx.object.1\Clsid
Value name:
Value: {41116C00-8B90-101B-96CD-00AA003B14FC}
Reason: The key HKEY_CLASSES_ROOT\mapifvbx.object.1\Clsid points to a missing CLSID {41116C00-8B90-101B-96CD-00AA003B14FC}
Entry: HKEY_CLASSES_ROOT\JavaPlugin.FamilyVersionSupport\CLSID
Value name:
Value: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Reason: The key HKEY_CLASSES_ROOT\JavaPlugin.FamilyVersionSupport\CLSID points to a missing CLSID {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Entry: HKEY_CLASSES_ROOT\spmServices.NamedStrings\CLSID
Value name:
Value: {D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}
Reason: The key HKEY_CLASSES_ROOT\spmServices.NamedStrings\CLSID points to a missing CLSID {D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}
Entry: HKEY_CLASSES_ROOT\Toolbar.CT2790392\CLSID
Value name:
Value: {4CF9A5FF-F79A-4929-85E6-34A247D69231}
Reason: The key HKEY_CLASSES_ROOT\Toolbar.CT2790392\CLSID points to a missing CLSID {4CF9A5FF-F79A-4929-85E6-34A247D69231}
Entry: HKEY_CLASSES_ROOT\MailFileAtt\CLSID
Value name:
Value: {00020D05-0000-0000-C000-000000000046}
Reason: The key HKEY_CLASSES_ROOT\MailFileAtt\CLSID points to a missing CLSID {00020D05-0000-0000-C000-000000000046}
Entry: HKEY_CLASSES_ROOT\spmServices.PluginWindow\CLSID
Value name:
Value: {BB6410D8-F879-4184-9C5C-6A02D16AE0B3}
Reason: The key HKEY_CLASSES_ROOT\spmServices.PluginWindow\CLSID points to a missing CLSID {BB6410D8-F879-4184-9C5C-6A02D16AE0B3}
Entry: HKEY_CLASSES_ROOT\ezPMUtils.GameController\CLSID
Value name:
Value: {CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}
Reason: The key HKEY_CLASSES_ROOT\ezPMUtils.GameController\CLSID points to a missing CLSID {CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}
Scan subsection: System drivers
Entries found: 2
Entries:
Entry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mbr
Value name: ImagePath
Value: \??\C:\Users\Monika\AppData\Local\Temp\mbr.sys
Reason: The value ImagePath in HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/mbr contains an invalid path /??/C:/Users/Monika/AppData/Local/Temp/mbr.sys
Entry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\catchme
Value name: ImagePath
Value: \??\C:\Users\Monika\AppData\Local\Temp\catchme.sys
Reason: The value ImagePath in HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Services/catchme contains an invalid path /??/C:/Users/Monika/AppData/Local/Temp/catchme.sys
Scan subsection: Startup section
Entries found: 0
Entries:
Scan subsection: Shared DLLs
Entries found: 3
Entries:
Entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value name: C:\Program Files\Common Files\Adobe\TypeSpt\AdobeFnt.lst
Value: 1
Reason: The key HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/SharedDLLs contains an invalid path C:\Program Files\Common Files\Adobe\TypeSpt\AdobeFnt.lst
Entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value name: C:\Program Files\Common Files\Adobe\Fonts\AdobeFnt.lst
Value: 1
Reason: The key HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/SharedDLLs contains an invalid path C:\Program Files\Common Files\Adobe\Fonts\AdobeFnt.lst
Entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDLLs
Value name: C:\Program Files\Common Files\Adobe\Fonts\Reqrd\Base\AdobeFnt.lst
Value: 1
Reason: The key HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/SharedDLLs contains an invalid path C:\Program Files\Common Files\Adobe\Fonts\Reqrd\Base\AdobeFnt.lst
Scan subsection: Fonts section
Entries found: 0
Entries:
Scan subsection: Help section
Entries found: 3
Entries:
Entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Help
Value name: nwind9.hlp
Value: C:\Program Files\Microsoft Office\OFFICE11\SAMPLES\
Reason: The help file nwind9.hlp in HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Helpis missing
Entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Help
Value name: nwindcs9.hlp
Value: C:\Program Files\Microsoft Office\OFFICE11\SAMPLES\
Reason: The help file nwindcs9.hlp in HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Helpis missing
Entry: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Help
Value name: scanpst.hlp
Value: C:\Program Files\Common Files\SYSTEM\MSMAPI\1033\
Reason: The help file scanpst.hlp in HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Helpis missing
Scan subsection: Shared folders
Entries found: 0
Entries:
User related errors
Errors specific to your Windows account.
Scan subsection: Invalid shortcuts
Entries found: 1
Entries:
Entry: C:/Users/Monika/AppData/Roaming/AVG/PC Tuneup 2011/Disabled Startup/LimeWire On Startup.lnk
Value name:
Value:
Reason: Invalid shortcut C:/Users/Monika/AppData/Roaming/AVG/PC Tuneup 2011/Disabled Startup/LimeWire On Startup.lnk
Scan subsection: User software settings
Entries found: 42
Entries:
Entry: HKEY_CURRENT_USER\SOFTWARE\Visioneer\OneTouch
Value name: Temp Folder
Value: C:\Users\Monika\AppData\Local\Temp\OneTouch
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Visioneer/OneTouch contains an invalid path C:/Users/Monika/AppData/Local/Temp/OneTouch
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{075C37BC-68A9-4E01-A11E-DE214BBA3FCB}\2.0\HELPDIR
Value name:
Value: C:\Users\Monika\AppData\Local\Temp\VBE
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{075C37BC-68A9-4E01-A11E-DE214BBA3FCB}/2.0/HELPDIR contains an invalid path C:/Users/Monika/AppData/Local/Temp/VBE
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{B0A632A5-B0D1-41E8-A84A-A502B3341363}\1.0\HELPDIR
Value name:
Value: C:\Program Files\Skype\Plugin Manager
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{B0A632A5-B0D1-41E8-A84A-A502B3341363}/1.0/HELPDIR contains an invalid path C:/Program Files/Skype/Plugin Manager
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{B0A632A5-B0D1-41E8-A84A-A502B3341363}\1.0\0\win32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{B0A632A5-B0D1-41E8-A84A-A502B3341363}/1.0/0/win32 contains an invalid path C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{506B4C1F-587D-4CD3-94A3-00354CF6EFEF}\1.0\HELPDIR
Value name:
Value: C:\Program Files\Skype\Plugin Manager
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{506B4C1F-587D-4CD3-94A3-00354CF6EFEF}/1.0/HELPDIR contains an invalid path C:/Program Files/Skype/Plugin Manager
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{506B4C1F-587D-4CD3-94A3-00354CF6EFEF}\1.0\0\win32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{506B4C1F-587D-4CD3-94A3-00354CF6EFEF}/1.0/0/win32 contains an invalid path C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{4045F420-8872-4B39-98E2-A05526D55BB3}\1.0\HELPDIR
Value name:
Value: C:\Users\Monika\AppData\Local\Temp\PPT11.0
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{4045F420-8872-4B39-98E2-A05526D55BB3}/1.0/HELPDIR contains an invalid path C:/Users/Monika/AppData/Local/Temp/PPT11.0
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{4045F420-8872-4B39-98E2-A05526D55BB3}\1.0\0\win32
Value name:
Value: C:\Users\Monika\AppData\Local\Temp\PPT11.0\ShockwaveFlashObjects.exd
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{4045F420-8872-4B39-98E2-A05526D55BB3}/1.0/0/win32 contains an invalid path C:/Users/Monika/AppData/Local/Temp/PPT11.0/ShockwaveFlashObjects.exd
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{9CA8CA48-AC7A-478B-A747-C63F1EE142DC}\2.0\HELPDIR
Value name:
Value: C:\Users\Monika\AppData\Local\Temp\VBE
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{9CA8CA48-AC7A-478B-A747-C63F1EE142DC}/2.0/HELPDIR contains an invalid path C:/Users/Monika/AppData/Local/Temp/VBE
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\TypeLib\{9CA8CA48-AC7A-478B-A747-C63F1EE142DC}\2.0\0\win32
Value name:
Value: C:\Users\Monika\AppData\Local\Temp\VBE\MSForms.exd
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/TypeLib/{9CA8CA48-AC7A-478B-A747-C63F1EE142DC}/2.0/0/win32 contains an invalid path C:/Users/Monika/AppData/Local/Temp/VBE/MSForms.exd
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.69\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{218D2740-5A50-42A8-AB9F-62FF1B168782}/InProcServer32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.69/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.2.183.39\goopdate.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{29A96789-9595-4947-BEDB-0FCC776F7DB8}/InProcServer32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.2.183.39/goopdate.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}/InprocServer32 contains an invalid path C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{515C93ED-88BD-4CCB-AE7F-9F2A1E9695A3}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.57\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{515C93ED-88BD-4CCB-AE7F-9F2A1E9695A3}/InprocHandler32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.57/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.79\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{320F0FDB-BE0A-4648-9D18-4A2C3448C007}/InProcServer32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.79/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}/InprocServer32 contains an invalid path C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32
Value name:
Value: C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}/InprocServer32 contains an invalid path C:/Program Files/Skype/Plugin Manager/ezPMUtils.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.65\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{DB25D157-76D4-41C1-97B5-359E4A4CECEB}/InProcServer32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.65/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InProcServer32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.57\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}/InProcServer32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.57/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{4A26DF46-A5AF-4D46-A60D-14AD89E57A63}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.65\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{4A26DF46-A5AF-4D46-A60D-14AD89E57A63}/InprocHandler32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.65/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{3A6EE5C3-7A28-452B-832D-08FE74C7EEAD}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.69\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{3A6EE5C3-7A28-452B-832D-08FE74C7EEAD}/InprocHandler32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.69/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{546958A5-5C48-48BE-9396-599811623E60}\InprocHandler32
Value name:
Value: C:\Users\Monika\AppData\Local\Google\Update\1.3.21.79\psuser.dll
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Classes/CLSID/{546958A5-5C48-48BE-9396-599811623E60}/InprocHandler32 contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/1.3.21.79/psuser.dll
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Installer\Products\31D31FCCB78A8E436B9881690D2CBD2A\SourceList\Net
Value name: 1
Value: C:\Users\Monika\AppData\Local\Google\Update\Install\{EF2B2E50-EAC4-4282-80D4-0552A48BE364}\
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Installer/Products/31D31FCCB78A8E436B9881690D2CBD2A/SourceList/Net contains an invalid path C:/Users/Monika/AppData/Local/Google/Update/Install/{EF2B2E50-EAC4-4282-80D4-0552A48BE364}/
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\11.0\PowerPoint\Recent File List
Value name: File4
Value: C:\Users\Monika\Downloads\Comcast_MOP.ppt
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Office/11.0/PowerPoint/Recent File List contains an invalid path C:/Users/Monika/Downloads/Comcast_MOP.ppt
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\11.0\OIS\Options
Value name: LastTreeSelection
Value: C:\Users\Monika\Pictures\
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Office/11.0/OIS/Options contains an invalid path C:/Users/Monika/Pictures/
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\FirstFolder
Value name: 2
Value: C:\Program Files\CueCard\cuecard.exe
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/ComDlg32/FirstFolder contains an invalid path C:/Program Files/CueCard/cuecard.exe
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\FirstFolder
Value name: 7
Value: C:\Program Files\Research In Motion\BlackBerry\DesktopMgr.exe
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/ComDlg32/FirstFolder contains an invalid path C:/Program Files/Research In Motion/BlackBerry/DesktopMgr.exe
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\FirstFolder
Value name: 10
Value: C:\Program Files\YouTube Downloader\youtubedownloader.exe
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Explorer/ComDlg32/FirstFolder contains an invalid path C:/Program Files/YouTube Downloader/youtubedownloader.exe
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List
Value name: File6
Value: C:\Users\Monika\Documents\f c benefits.rtf
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows/CurrentVersion/Applets/Wordpad/Recent File List contains an invalid path C:/Users/Monika/Documents/f c benefits.rtf
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\MediaPlayer\Services\MediaGuide
Value name: CachedLargeLogoPath
Value: C:\Users\Monika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Y4BK54X\mg4_wmp12_30x30_2[1].png
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/MediaPlayer/Services/MediaGuide contains an invalid path C:/Users/Monika/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/0Y4BK54X/mg4_wmp12_30x30_2[1].png
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\MediaPlayer\Services\MediaGuide
Value name: CachedIconPath
Value: C:\Users\Monika\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0Y4BK54X\media_guide_16x16[1].png
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/MediaPlayer/Services/MediaGuide contains an invalid path C:/Users/Monika/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/0Y4BK54X/media_guide_16x16[1].png
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer
Value name: Download Directory
Value: C:\Users\Monika\Videos\MOP
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Internet Explorer contains an invalid path C:/Users/Monika/Videos/MOP
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3}
Value name: AppPath
Value: C:\Users\Monika\AppData\Local\Google\Google Talk Plugin\\redirect
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Internet Explorer/Low Rights/ElevationPolicy/{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} contains an invalid path C:/Users/Monika/AppData/Local/Google/Google Talk Plugin//redirect
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A}
Value name: AppPath
Value: C:\Users\Monika\AppData\Local\Google\Chrome\Application\14.0.835.202
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Internet Explorer/Low Rights/ElevationPolicy/{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} contains an invalid path C:/Users/Monika/AppData/Local/Google/Chrome/Application/14.0.835.202
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
Value name: Local Page
Value: C:\Windows\system32\blank.htm
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Internet Explorer/Main contains an invalid path C:/Windows/system32/blank.htm
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\MPEG2Demultiplexer
Value name: WriteCaptureDir
Value: c:\dm.capture\
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/MPEG2Demultiplexer contains an invalid path c:/dm.capture/
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Media\WMSDK\Namespace
Value name: LocalDelta
Value: C:\Users\Monika\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSD.XML
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows Media/WMSDK/Namespace contains an invalid path C:/Users/Monika/AppData/Local/Microsoft/Windows Media/12.0/WMSDKNSD.XML
Entry: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows Media\WMSDK\Namespace
Value name: RemoteDelta
Value: C:\Users\Monika\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNSR.XML
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Microsoft/Windows Media/WMSDK/Namespace contains an invalid path C:/Users/Monika/AppData/Local/Microsoft/Windows Media/12.0/WMSDKNSR.XML
Entry: HKEY_CURRENT_USER\SOFTWARE\NCH Software\Prism\Settings
Value name: LoadFromFolder
Value: C:\Users\Monika\Videos\MOP
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/NCH Software/Prism/Settings contains an invalid path C:/Users/Monika/Videos/MOP
Entry: HKEY_CURRENT_USER\SOFTWARE\SupportSoft\ProviderList\verizon\users\Monika\Dna Agent
Value name: currentIssue
Value: C:\Users\Monika\AppData\Local\SupportSoft\Verizon\Monika\\state\issues\78b8c1a0-2d92-43e8-9e4d-1aa71fd0218f.xml
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/SupportSoft/ProviderList/verizon/users/Monika/Dna Agent contains an invalid path C:/Users/Monika/AppData/Local/SupportSoft/Verizon/Monika//state/issues/78b8c1a0-2d92-43e8-9e4d-1aa71fd0218f.xml
Entry: HKEY_CURRENT_USER\SOFTWARE\Malwarebytes' Anti-Malware
Value name: selectedrives
Value: C:\|F:\|
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/Malwarebytes' Anti-Malware contains an invalid path C:/|F:/|
Entry: HKEY_CURRENT_USER\SOFTWARE\CueCard
Value name: file1
Value: C:\Users\Monika\Desktop\Neuro.wcu
Reason: The value PackagePath in HKEY_CURRENT_USER/SOFTWARE/CueCard contains an invalid path C:/Users/Monika/Desktop/Neuro.wcu
Scan subsection: File extensions
Entries found: 8
Entries:
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dat
Value name:
Value:
Reason: The key .dat under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dat contains a bad path for the value
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bin
Value name:
Value:
Reason: The key .bin under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bin contains a bad path for the value
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp
Value name:
Value:
Reason: The key .tmp under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tmp contains a bad path for the value
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ithmb
Value name:
Value:
Reason: The key .ithmb under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ithmb contains a bad path for the value
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.oti
Value name:
Value:
Reason: The key .oti under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.oti contains a bad path for the value
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM
Value name:
Value:
Reason: The key .THM under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.THM contains a bad path for the value
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.E30
Value name:
Value:
Reason: The key .E30 under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.E30 contains a bad path for the value
Entry: HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wcu
Value name:
Value:
Reason: The key .wcu under HKEY_USERS\S-1-5-21-74289745-3478087381-2590528953-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wcu contains a bad path for the value
Scan subsection: Sound and app events
Entries found: 0
Entries:
Third party related errors
Errors affecting programs installed on your PC.
Scan subsection: Uninstall section
Entries found: 0
Entries:
-
I am not sure if it will help but blocking JavaScript on Facebook helps control of the problem. But as soon as I allowed the scrip to run on facebook web site the warm... or what ever it is took over again
-
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Database version: v2012.03.04.06
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Monika :: MONIKA-PC [administrator]
3/4/2012 3:35:16 PM
mbam-log-2012-03-04 (15-35-16).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 362680
Time elapsed: 1 hour(s), 36 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Monika at 17:13:13 on 2012-03-04
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.1622 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
C:\Program Files\AVG\AVG2012\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McKesson\MIG\Service\AliUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\VERIZONDM\bin\sprtsvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\VERIZONDM\bin\tgsrvc.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\epservice.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\ep.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RTHDCPL.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\dps.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\pl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Squeezebox\SqueezeTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Monika\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\PROGRA~1\SQUEEZ~1\server\SQUEEZ~3.EXE
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Monika\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TrustedID Secure Browse: {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} - c:\program files\trustedid\trustedid secure browse\epbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
BHO: TrustedID Secure Browse: {ff507020-a257-4527-a222-b6f5732e55ee} - c:\program files\trustedid\trustedid secure browse\plbho.dll
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [skyTel] SkyTel.EXE
mRun: [soundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Data Protection Suite] "c:\program files\trustedid\trustedid secure browse\dps.exe"
mRun: [PhishLock] "c:\program files\trustedid\trustedid secure browse\pl.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\squeezebox\SqueezeTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quicke~1.lnk - c:\program files\quicken\bagent.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
mPolicies-system: DisableStartupSound = 1 (0x1)
mPolicies-system: DisableStatusMessages = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "c:\program files\fiddler2\Fiddler.exe"
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {36B874FC-EECA-4622-8DCE-F8D453C88845} - hxxps://cnypacs.com/HRS/download/AliUpdate.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.stemc.org/CACHE/stc/1/binaries/vpnweb.cab
DPF: {6A1C1D9A-00D4-468C-BAC0-34941BF5DBA1} - hxxps://cnypacs.com/HRS/download/Setup.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\0527F64657364796F6E6370275962756C65637370225F657475627 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\2456C6B696E6F574F505C65737F5D494D4F4F5138303137303 : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\D656C666275646F6 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{FEC1F568-0142-484C-87C3-765B651A5097} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
AppInit_DLLs: c:\progra~1\google\google~1\GoogleDesktopNetwork3.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\monika\appdata\roaming\mozilla\firefox\profiles\n60gv88i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1621166&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z128&ocid=zdhp&install_date=20111215
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form=ZGAADF&install_date=20111215&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - c:\program files\fiddler2\FiddlerHook
FF - Ext: CommentsBar 1 Toolbar: {23ec984e-464c-4a0c-a8df-f80cb8c090e1} - %profile%\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]
R2 AliUpdate;Horizon Medical Imaging Update Service;c:\program files\common files\mckesson\mig\service\AliUpdate.exe [2010-1-18 79152]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
R2 EntryProtect;TrustedID Secure Browse;c:\program files\trustedid\trustedid secure browse\epservice.exe [2011-8-21 46952]
R2 ppsio2;PPDevice;c:\windows\system32\drivers\ppsio2.sys [2010-3-2 23200]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\verizondm\bin\sprtsvc.exe [2011-2-1 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\verizondm\bin\tgsrvc.exe [2011-2-1 185640]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2009-12-17 497856]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 epfilter;epfilter;c:\windows\system32\drivers\epfilter.sys [2011-1-29 18240]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-2-15 1097216]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2007-4-25 31232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 sbupdate;TrustedID Update Service;c:\program files\sentrybay\update\SentryBayUpdate.exe [2011-4-29 138080]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-24 1343400]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
S4 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-9-26 30192]
S4 MediaMall Server;MediaMall Server;c:\program files\mediamall\MediaMallServer.exe [2010-10-29 3994480]
.
=============== Created Last 30 ================
.
2012-03-04 17:08:12 -------- d-----w- c:\windows\pss
2012-03-04 02:19:23 -------- d-----w- c:\users\monika\appdata\roaming\AVG2012
2012-03-04 02:17:51 -------- d-----w- c:\programdata\AVG2012
2012-03-04 02:13:00 -------- d-sh--w- C:\$RECYCLE.BIN
2012-03-04 02:06:50 -------- d-----w- c:\users\monika\appdata\local\temp
2012-03-04 01:53:01 5516608 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll
2012-03-04 01:52:55 6552120 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6a4698e2-04f2-47cf-a4bd-128e45b63db7}\mpengine.dll
2012-03-01 16:00:56 98816 ----a-w- c:\windows\sed.exe
2012-03-01 16:00:56 518144 ----a-w- c:\windows\SWREG.exe
2012-03-01 16:00:56 256000 ----a-w- c:\windows\PEV.exe
2012-03-01 16:00:56 208896 ----a-w- c:\windows\MBR.exe
2012-02-28 22:16:21 -------- d-----w- c:\users\monika\appdata\roaming\Malwarebytes
2012-02-28 22:16:13 -------- d-----w- c:\programdata\Malwarebytes
2012-02-28 22:16:12 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-28 22:16:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-27 21:08:32 -------- d-----w- c:\programdata\PC Tools
2012-02-15 12:33:03 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 12:32:59 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 12:32:54 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 12:32:53 2343424 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-01-29 10:10:42 237072 ------w- c:\windows\system32\MpSigStub.exe
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 17:14:12.24 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/16/2009 7:04:34 AM
System Uptime: 3/4/2012 3:07:51 PM (2 hours ago)
.
Motherboard: Acer, Inc. | | Bodensee
Processor: Genuine Intel® CPU T2300 @ 1.66GHz | U2E1 | 983/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 148 GiB total, 90.016 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 1 GiB total, 0.934 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
Class GUID:
Description: Mass Storage Controller
Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_00941025&REV_00\4&3981ECD8&0&4AF0
Manufacturer:
Name: Mass Storage Controller
PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_00941025&REV_00\4&3981ECD8&0&4AF0
Service:
.
==== System Restore Points ===================
.
RP266: 3/3/2012 6:43:16 PM - Windows Backup
RP267: 3/3/2012 8:42:18 PM - Removed AVG 2011
RP268: 3/3/2012 8:44:31 PM - Removed AVG 2011
RP269: 3/3/2012 8:52:23 PM - Windows Update
RP270: 3/3/2012 9:16:43 PM - Installed AVG 2012
RP271: 3/3/2012 9:17:19 PM - Installed AVG 2012
.
==== Installed Programs ======================
.
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Reader 9.5.0
Adobe SVG Viewer
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2012
AVG PC Tuneup 2011
Belarc Advisor 8.1
BlackBerry Desktop Software 6.0
BlackBerry Device Software Updater
BlackBerry Device Software v5.0.0 for the BlackBerry 8520 smartphone
Bonjour
Cisco AnyConnect VPN Client
CIT200
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Facebook Plug-In
Fiddler2
FlashFXP v3
Garmin Communicator Plugin
Garmin USB Drivers
Google Chrome
Google Desktop
Google Talk Plugin
HDAUDIO Soft Data Fax Modem with SmartCP
Horizon Medical Imaging Update Service
HRS 11.6 Distributed
iCloud
iPod To Computer Transfer 6.2
iTunes
Java Auto Updater
Java 6 Update 29
Logitech Media Server 7.7.0
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2003 Web Components
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
MobileMe Control Panel
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB973685)
OGA Notifier 2.0.0048.0
OneTouch 4.6
PhysExam (Palm) v 6.0.152 by Skyscape
PlayOn
Prism Video File Converter
Quicken 2004
QuickTime
Realtek High Definition Audio Driver
Redist
Review for the PHYSICIAN ASSISTANT
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
SentryBay Update Helper
Skype™ 5.5
TrustedID Secure Browse
Uniblue RegistryBooster 2010
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Verizon Download Manager
Verizon High Speed Internet
Verizon Media Manager
Visioneer 8100 Scanner
WIDCOMM Bluetooth Software 6.0.1.3500
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Media Player Firefox Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
3/4/2012 3:10:16 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
3/4/2012 3:10:16 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
3/4/2012 3:10:16 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
3/4/2012 3:10:11 PM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
3/4/2012 3:09:22 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
3/4/2012 3:09:00 PM, Error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
3/4/2012 1:18:31 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
3/3/2012 9:02:17 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
3/3/2012 8:55:34 PM, Error: Service Control Manager [7034] - The XAudioService service terminated unexpectedly. It has done this 1 time(s).
3/1/2012 11:03:12 AM, Error: Service Control Manager [7034] - The Updater Service for StartNow Toolbar service terminated unexpectedly. It has done this 1 time(s).
3/1/2012 10:40:16 AM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{6EF495A2-8B37-4967-BC10-32E0F501172A} because another computer on the network has the same name. The server could not start.
3/1/2012 10:40:16 AM, Error: NetBT [4321] - The name "MONIKA-PC :20" could not be registered on the interface with IP address 192.168.1.101. The computer with the IP address 169.254.224.8 did not allow the name to be claimed by this computer.
3/1/2012 10:40:16 AM, Error: NetBT [4321] - The name "MONIKA-PC :0" could not be registered on the interface with IP address 192.168.1.101. The computer with the IP address 169.254.224.8 did not allow the name to be claimed by this computer.
2/29/2012 1:14:33 PM, Error: Service Control Manager [7001] - The Server service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/29/2012 1:14:33 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 1:04:20 PM, Error: Service Control Manager [7001] - The HomeGroup Listener service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/28/2012 6:49:45 PM, Error: NetBT [4321] - The name "MONIKA-PC :0" could not be registered on the interface with IP address 192.168.1.112. The computer with the IP address 169.254.224.8 did not allow the name to be claimed by this computer.
2/28/2012 10:30:57 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
.
==== End Of File ===========================
-
please look up the next entry has the file
you must have looked when I was reposting -
-
I know it does not show up but when it comes to the steps of how it happened exactly... including the Flash update.
Any way here is the xPUD file
-
Hi I just did some more reading and found exactly what I have here is the article.
Kaspersky Lab Detects New Worms Attacking MySpace and Facebook
New worms target both MySpace and Facebook users
Kaspersky Lab, a leading developer of secure content management systems, has detected two variants of a new worm, Net-Worm.Win32.Koobface.a. and Net-Worm.Win32.Koobface.b, which attack MySpace and Facebook respectively. As part of their malicious payload, the worms transform victim machines into zombie computers to form botnets.
Even though the worms are currently only infecting MySpace and Facebook users, Kaspersky Lab analysts are warning users that the worms are designed to upload additional malicious modules with other functionality via the Internet. It is highly probable that victim machines will not only be used for spreading links via these social networking sites, but the botnets will also be used for other malicious purposes.
Net-Worm.Win32.Koobface.a spreads when a user accesses his/her MySpace account. The worm creates a range of commentaries to friends' accounts. Net-Worm.Win32.Koobface.b, which targets Facebook users, creates spam messages and sends them to the infected users' friends via the Facebook site. The messages and comments include texts such as Paris Hilton Tosses Dwarf On The Street; Examiners Caught Downloading Grades From The Internet; Hello; You must see it!!! LOL. My friend catched you on hidden cam; Is it really celebrity? Funny Moments and many others.
Messages and comments on MySpace and Facebook include links to http://youtube.[skip].pl. If the user clicks on this link, s/he is redirected to http://youtube.[skip].ru, a site which purportedly contains a video clip. If the user tries to watch it, a message appears saying that s/he needs the latest version of Flash Player in order to watch the clip. However, instead of the latest version of Flash Player, a file called codecsetup.exe is downloaded to the victim machine; this file is also a network worm. The result is that users who have come to the site via Facebook will have the MySpace worm downloaded to their machines, and vice versa.
“Unfortunately, users are very trusting of messages left by 'friends' on social networking sites. So the likelihood of a user clicking on a link like this is very high”, says Alexander Gostev, Senior Virus Analyst at Kaspersky Lab. “At the beginning of 2008 we predicted that we'd see an increase in cybercriminals exploiting MySpace, Facebook and similar sites, and we're now seeing evidence of this. I'm sure that this is simply the first step, and that virus writers will continue to target these resources with increased intensity”.
Kaspersky Internet Security detected these threats proactively and signatures were added to the database on July 31, 2008.
Hope it helps you with helping me
-
can I do that with my infected computer I don't have an access to another PC
-
Hi yes I was able to temporally delete my facebook account so if someone got a message all they have is an empty link as my account does not exists for time being.
Also in between waiting for your response I went through the cookies on my PC and found those:
geobanner.bookofsex... AB_TRACKING, HISTORY, IP_COUNTRY, LOCATION_FROM, ffadult_tr, ffadult_who, v_hash
and
forgot the name of the cookie but its basically the name of the web site I was taken to with this endings:
HstCfa 1833951, HstCla 1833951, basically I deleted all of them also disabled Java Script on my Chrome browser
Then I went to registery and found an add FlashFXE folder which I deleted as well
now here is the result of the scan:
aswMBR version 0.9.9.1649 Copyright© 2011 AVAST Software
Run date: 2012-03-04 12:29:16
-----------------------------
12:29:16.223 OS Version: Windows 6.1.7601 Service Pack 1
12:29:16.223 Number of processors: 2 586 0xE08
12:29:16.225 ComputerName: MONIKA-PC UserName: Monika
12:29:33.825 Initialize success
12:30:05.285 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:30:05.293 Disk 0 Vendor: Hitachi_HTS542516K9SA00 BBCOC31P Size: 152627MB BusType: 3
12:30:05.310 Disk 0 MBR read successfully
12:30:05.315 Disk 0 MBR scan
12:30:05.320 Disk 0 Windows 7 default MBR code
12:30:05.338 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 999 MB offset 2048
12:30:05.353 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2050048
12:30:05.368 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 151525 MB offset 2254848
12:30:05.375 Disk 0 scanning sectors +312578048
12:30:05.460 Disk 0 scanning C:\Windows\system32\drivers
12:30:14.229 Service scanning
12:30:41.022 Modules scanning
12:30:50.671 Disk 0 trace - called modules:
12:30:50.693
12:30:50.703 Scan finished successfully
12:31:06.537 Disk 0 MBR has been saved successfully to "C:\Users\Monika\Desktop\MBR.dat"
12:31:06.547 The log file has been saved successfully to "C:\Users\Monika\Desktop\aswMBR.txt"
-
So my problem is just as the title of this thread is when I go to www.facebook.com and try to go ether to my facebook or any other page that I don't even log into the facebook ... I am taken to pornographic web site plus if I am logged in to my facebook all of my friends get I message that I have tagged them to see a video with a link.. that's how the virus is being spread.
I have researched the facebook problems and one of them said that I should look for a process called
Security Account Manager SamSs I did find this process also they instructed to go to registery and look for a specific key which I did not found.
Interesting is the way that this thing works is like in a flash or something because you see this process loading in the middle of the page then bum you are on that xxx web site.
Any ideas?
-
Success I was able to finally complete the ComboFix run after uninstalling AVG
here are the results
ComboFix 12-03-01.01 - Monika 03/03/2012 20:57:41.3.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.1770 [GMT -5:00]
Running from: c:\users\Monika\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\4461f48e31bde5c56b31b973b773de09\List.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\93e7e3d6030f426844228042348210cf\Service.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\bd5179a413bc0c4b82eedc22c6cab101\re.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\e56c61f7248672819579325af3387035\POSIX.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\eb138ef0e4282611dbf485a302784646\LibYAML.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\f233f63b6654362865c7577442edb9e3\Win32.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3456\perl514.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\0665c25e931c1ac0151b062449e91028\XSAccessor.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\17d0b152e63e6bfe81b4b19588538896\mro.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\19febd96672ffdb7ea244cef36aaa062\Zlib.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\3b7106dd14676048b10bbb09a990f74c\XS.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\4461f48e31bde5c56b31b973b773de09\List.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\44727051c604ef6b79894b64d4c63832\Expat.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\7f177c338672436e01c4f0bdbcf94491\EV.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\7f2598c08178217a0e2c754f3d568f28\Byte.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\87fe0906e4bfbcec428293cf9a5ac335\NetResource.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\951e8057c3fe65524966ea64dff289ac\Scan.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\aff7ee779ea184f884ed432c30a58f5d\Scale.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\b6bd87c968599725b8ab2e5c25d3046a\API.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\b979ace6da01e63d651cce9ee2474fdc\Name.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\bc147d83c7c868eeee67082dcf55430c\File.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\bd5179a413bc0c4b82eedc22c6cab101\re.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\c199d3c1960e7aeeecb599487952bed2\HiRes.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\c344fd5536724b2af2e6453833b60203\SHA1.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\c668a322917d32a5ea22894518aa9897\Base64.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\d0bf009923f29116535c26d228271d6d\Scan.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\e2e81dd6b3e5a36f0bdae076393cc11d\icuin46.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\e2e81dd6b3e5a36f0bdae076393cc11d\icuuc46.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\e56c61f7248672819579325af3387035\POSIX.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\eb138ef0e4282611dbf485a302784646\LibYAML.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\f233f63b6654362865c7577442edb9e3\Win32.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-4524\perl514.dll
.
---- Previous Run -------
.
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\0665c25e931c1ac0151b062449e91028\XSAccessor.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\17d0b152e63e6bfe81b4b19588538896\mro.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\19febd96672ffdb7ea244cef36aaa062\Zlib.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\3b7106dd14676048b10bbb09a990f74c\XS.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\4461f48e31bde5c56b31b973b773de09\List.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\44727051c604ef6b79894b64d4c63832\Expat.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\7f177c338672436e01c4f0bdbcf94491\EV.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\7f2598c08178217a0e2c754f3d568f28\Byte.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\951e8057c3fe65524966ea64dff289ac\Scan.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\aff7ee779ea184f884ed432c30a58f5d\Scale.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\b6bd87c968599725b8ab2e5c25d3046a\API.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\b979ace6da01e63d651cce9ee2474fdc\Name.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\bc147d83c7c868eeee67082dcf55430c\File.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\bd5179a413bc0c4b82eedc22c6cab101\re.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\c199d3c1960e7aeeecb599487952bed2\HiRes.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\c344fd5536724b2af2e6453833b60203\SHA1.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\c668a322917d32a5ea22894518aa9897\Base64.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\d0bf009923f29116535c26d228271d6d\Scan.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\icuin46.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\icuuc46.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\e56c61f7248672819579325af3387035\POSIX.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\eb138ef0e4282611dbf485a302784646\LibYAML.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\f233f63b6654362865c7577442edb9e3\Win32.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-1372\perl514.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\4461f48e31bde5c56b31b973b773de09\List.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\93e7e3d6030f426844228042348210cf\Service.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\bd5179a413bc0c4b82eedc22c6cab101\re.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\e56c61f7248672819579325af3387035\POSIX.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\eb138ef0e4282611dbf485a302784646\LibYAML.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\f233f63b6654362865c7577442edb9e3\Win32.dll
c:\users\Monika\AppData\Local\Temp\pdk-Monika-3020\perl514.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Updater Service for StartNow Toolbar
-------\Service_Updater Service for StartNow Toolbar
.
.
((((((((((((((((((((((((( Files Created from 2012-02-04 to 2012-03-04 )))))))))))))))))))))))))))))))
.
.
2012-03-04 02:06 . 2012-03-04 02:08 -------- d-----w- c:\users\Monika\AppData\Local\temp
2012-03-04 02:06 . 2012-03-04 02:06 -------- d-----w- c:\users\xbox\AppData\Local\temp
2012-03-04 02:06 . 2012-03-04 02:06 -------- d-----w- c:\users\Mcx1-MONIKA-PC\AppData\Local\temp
2012-03-04 02:06 . 2012-03-04 02:06 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-03-04 02:06 . 2012-03-04 02:06 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-04 01:52 . 2012-02-20 06:05 6552120 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A4698E2-04F2-47CF-A4BD-128E45B63DB7}\mpengine.dll
2012-02-28 22:16 . 2012-02-28 22:16 -------- d-----w- c:\users\Monika\AppData\Roaming\Malwarebytes
2012-02-28 22:16 . 2012-02-28 23:45 -------- d-----w- c:\programdata\Malwarebytes
2012-02-28 22:16 . 2012-02-28 22:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-28 22:16 . 2011-12-10 20:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-27 21:08 . 2012-02-27 21:08 -------- d-----w- c:\programdata\PC Tools
2012-02-15 12:33 . 2011-12-30 05:27 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 12:32 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 12:32 . 2012-01-04 08:58 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 12:32 . 2012-01-14 03:35 2343424 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-29 10:10 . 2009-11-16 13:13 237072 ------w- c:\windows\system32\MpSigStub.exe
2009-09-13 03:05 . 2009-09-13 03:05 124240 ----a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
2009-09-13 03:06 . 2009-09-13 03:06 13136 ----a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
2009-09-13 03:06 . 2009-09-13 03:06 70488 ----a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
2009-09-13 03:06 . 2009-09-13 03:06 91480 ----a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
2009-09-13 03:06 . 2009-09-13 03:06 22360 ----a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
2009-09-13 03:07 . 2009-09-13 03:07 255312 ----a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
2009-09-13 03:06 . 2009-09-13 03:06 31064 ----a-w- c:\program files\mozilla firefox\plugins\icafile.dll
2009-09-13 03:06 . 2009-09-13 03:06 40280 ----a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
2009-08-14 17:33 . 2009-08-14 17:33 652640 ----a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
2009-09-13 03:06 . 2009-09-13 03:06 23896 ----a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
2010-09-26 19:15 . 2010-09-26 19:15 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3955aa73-8c60-4a9b-acdb-0c2edb1b6748}]
2011-08-21 22:20 141160 ----a-w- c:\program files\TrustedID\TrustedID Secure Browse\epbho.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="c:\program files\Common Files\Apple\Internet Services\iCloudServices.exe" [2011-11-11 59240]
"ApplePhotoStreams"="c:\program files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2011-11-11 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 16270848]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SoundMan"="SOUNDMAN.EXE" [2006-07-21 86016]
"AlcWzrd"="ALCWZRD.EXE" [2006-05-04 2808832]
"OneTouch Monitor"="c:\program files\Visioneer OneTouch\OneTouchMon.exe" [2002-04-16 86016]
"VERIZONDM"="c:\program files\VERIZONDM\bin\sprtcmd.exe" [2011-02-01 206120]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-10-06 59240]
"Data Protection Suite"="c:\program files\TrustedID\TrustedID Secure Browse\dps.exe" [2011-08-21 1642856]
"RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-02-18 79192]
"PhishLock"="c:\program files\TrustedID\TrustedID Secure Browse\pl.exe" [2011-08-21 688488]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2009-09-13 103768]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-04 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
.
c:\users\Monika\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CIT200.lnk - c:\program files\Linksys\CIT200\cit200.exe [2006-12-21 762368]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-30 719664]
Logitech Media Server Tray Tool.lnk - c:\program files\Squeezebox\SqueezeTray.exe [2011-12-10 3051619]
Quicken Scheduled Updates.lnk - c:\program files\Quicken\bagent.exe [2003-7-29 57344]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
"DisableStartupSound"= 1 (0x1)
"DisableStatusMessages"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 mrtRate;mrtRate; [x]
R2 sbupdate;TrustedID Update Service;c:\program files\SentryBay\Update\SentryBayUpdate.exe [2011-04-30 138080]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-09-26 30192]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-02-25 1343400]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 17920]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 65584]
S2 AliUpdate;Horizon Medical Imaging Update Service;c:\program files\Common Files\McKesson\MIG\Service\AliUpdate.exe [2010-01-18 79152]
S2 EntryProtect;TrustedID Secure Browse;c:\program files\TrustedID\TrustedID Secure Browse\epservice.exe [2011-08-21 46952]
S2 MediaMall Server;MediaMall Server;c:\program files\MediaMall\MediaMallServer.exe [2011-01-12 3994480]
S2 ppsio2;PPDevice; [x]
S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\VERIZONDM\bin\sprtsvc.exe [2011-02-01 206120]
S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\VERIZONDM\bin\tgsrvc.exe [2011-02-01 185640]
S2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe [2009-12-17 497856]
S3 epfilter;epfilter;c:\windows\system32\drivers\epfilter.sys [2011-09-01 18240]
S3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\DRIVERS\lv321av.sys [2006-02-15 1097216]
S3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
S3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\DRIVERS\SMSCirda.sys [2007-04-25 31232]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - epinject
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-74289745-3478087381-2590528953-1001Core.job
- c:\users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-16 13:36]
.
2012-03-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-74289745-3478087381-2590528953-1001UA.job
- c:\users\Monika\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-16 13:36]
.
2012-03-04 c:\windows\Tasks\SentryBayUpdateTaskMachineCore.job
- c:\program files\SentryBay\Update\SentryBayUpdate.exe [2011-04-30 00:18]
.
2012-03-04 c:\windows\Tasks\SentryBayUpdateTaskMachineUA.job
- c:\program files\SentryBay\Update\SentryBayUpdate.exe [2011-04-30 00:18]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {36B874FC-EECA-4622-8DCE-F8D453C88845} - hxxps://cnypacs.com/HRS/download/AliUpdate.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.stemc.org/CACHE/stc/1/binaries/vpnweb.cab
DPF: {6A1C1D9A-00D4-468C-BAC0-34941BF5DBA1} - hxxps://cnypacs.com/HRS/download/Setup.cab
FF - ProfilePath - c:\users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1621166&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z128&ocid=zdhp&install_date=20111215
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form=ZGAADF&install_date=20111215&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - c:\program files\Fiddler2\FiddlerHook
FF - Ext: CommentsBar 1 Toolbar: {23ec984e-464c-4a0c-a8df-f80cb8c090e1} - %profile%\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
HKCU-Run-Spyware Doctor with AntiVirus - c:\users\Monika\Desktop\sdasetup_revwire207.exe
HKLM-Run-TrustedID Secure Browse - c:\program files\TrustedID Secure Browse\sss.exe
AddRemove-StartNow Toolbar - c:\program files\StartNow Toolbar\StartNowToolbarUninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3880)
c:\program files\TrustedID\TrustedID Secure Browse\epclient32.dll
c:\windows\system32\msi.dll
c:\windows\system32\SFC.DLL
c:\windows\system32\sfc_os.DLL
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Visioneer\OneTouch 4.0\OtService.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\TrustedID\TrustedID Secure Browse\ep.exe
c:\windows\system32\conhost.exe
c:\windows\system32\UI0Detect.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2012-03-03 21:13:47 - machine was rebooted
ComboFix-quarantined-files.txt 2012-03-04 02:13
.
Pre-Run: 97,846,898,688 bytes free
Post-Run: 97,809,326,080 bytes free
.
- - End Of File - - 998DDB9A5D660EB8D9F090B3DDD46EAA
-
the virus is still on my pc
-
Ok the scan gut stuck again but I was able to find this scan report in C://Combofix/Combofix.txt
ComboFix 12-03-01.01 - Monika 03/01/2012 15:18:00.2.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.1929 [GMT -5:00]
Running from: C:\Users\Monika\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\0665c25e931c1ac0151b062449e91028\XSAccessor.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\17d0b152e63e6bfe81b4b19588538896\mro.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\19febd96672ffdb7ea244cef36aaa062\Zlib.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\3b7106dd14676048b10bbb09a990f74c\XS.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\4461f48e31bde5c56b31b973b773de09\List.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\44727051c604ef6b79894b64d4c63832\Expat.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\7f177c338672436e01c4f0bdbcf94491\EV.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\7f2598c08178217a0e2c754f3d568f28\Byte.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\951e8057c3fe65524966ea64dff289ac\Scan.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\aff7ee779ea184f884ed432c30a58f5d\Scale.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\b6bd87c968599725b8ab2e5c25d3046a\API.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\b979ace6da01e63d651cce9ee2474fdc\Name.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\bc147d83c7c868eeee67082dcf55430c\File.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\bd5179a413bc0c4b82eedc22c6cab101\re.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\c199d3c1960e7aeeecb599487952bed2\HiRes.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\c344fd5536724b2af2e6453833b60203\SHA1.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\c668a322917d32a5ea22894518aa9897\Base64.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\d0bf009923f29116535c26d228271d6d\Scan.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\icuin46.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\icuuc46.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\e56c61f7248672819579325af3387035\POSIX.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\eb138ef0e4282611dbf485a302784646\LibYAML.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\f233f63b6654362865c7577442edb9e3\Win32.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-1372\perl514.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\4461f48e31bde5c56b31b973b773de09\List.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\93e7e3d6030f426844228042348210cf\Service.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\bd5179a413bc0c4b82eedc22c6cab101\re.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\e56c61f7248672819579325af3387035\POSIX.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\eb138ef0e4282611dbf485a302784646\LibYAML.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\f233f63b6654362865c7577442edb9e3\Win32.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-3020\perl514.dll
---- Previous Run -------
C:\install.exe
C:\Program Files\StartNow Toolbar\ReactivateFF.exe
C:\Program Files\StartNow Toolbar\ReactivateIE.exe
C:\Program Files\StartNow Toolbar\Resources\images\engine_images.png
C:\Program Files\StartNow Toolbar\Resources\images\engine_maps.png
C:\Program Files\StartNow Toolbar\Resources\images\engine_news.png
C:\Program Files\StartNow Toolbar\Resources\images\engine_videos.png
C:\Program Files\StartNow Toolbar\Resources\images\engine_web.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_amazon.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_ebay.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_facebook.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_games.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_msn.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_shopping.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_travel.png
C:\Program Files\StartNow Toolbar\Resources\images\icon_twitter.png
C:\Program Files\StartNow Toolbar\Resources\images\startnow_logo.png
C:\Program Files\StartNow Toolbar\Resources\installer.xml
C:\Program Files\StartNow Toolbar\Resources\skin\chevron_button.png
C:\Program Files\StartNow Toolbar\Resources\skin\searchbox_button_hover.png
C:\Program Files\StartNow Toolbar\Resources\skin\searchbox_button_normal.png
C:\Program Files\StartNow Toolbar\Resources\skin\searchbox_dropdown_button_normal.png
C:\Program Files\StartNow Toolbar\Resources\skin\searchbox_input_background.png
C:\Program Files\StartNow Toolbar\Resources\skin\searchbox_input_left.png
C:\Program Files\StartNow Toolbar\Resources\skin\searchbox_input_middle.png
C:\Program Files\StartNow Toolbar\Resources\skin\separator.png
C:\Program Files\StartNow Toolbar\Resources\skin\splitter.png
C:\Program Files\StartNow Toolbar\Resources\skin\toolbarbutton_ff_hover_c.png
C:\Program Files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_c.png
C:\Program Files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_l.png
C:\Program Files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_hover_r.png
C:\Program Files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_c.png
C:\Program Files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_l.png
C:\Program Files\StartNow Toolbar\Resources\skin\toolbarbutton_ie_normal_r.png
C:\Program Files\StartNow Toolbar\Resources\toolbar.xml
C:\Program Files\StartNow Toolbar\Resources\update.xml
C:\Program Files\StartNow Toolbar\StartNowToolbarUninstall.exe
C:\Program Files\StartNow Toolbar\Toolbar32.dll
C:\Program Files\StartNow Toolbar\ToolbarBroker.exe
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Program Files\StartNow Toolbar\uninstall.dat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
C:\Users\Monika\AppData\Local\Microsoft\Windows\Temporary Internet Files\cookies.sqlite
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\4461f48e31bde5c56b31b973b773de09\List.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\93e7e3d6030f426844228042348210cf\Service.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\bd5179a413bc0c4b82eedc22c6cab101\re.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\e56c61f7248672819579325af3387035\POSIX.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\eb138ef0e4282611dbf485a302784646\LibYAML.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\f233f63b6654362865c7577442edb9e3\Win32.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-4640\perl514.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\0665c25e931c1ac0151b062449e91028\XSAccessor.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\17d0b152e63e6bfe81b4b19588538896\mro.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\19febd96672ffdb7ea244cef36aaa062\Zlib.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\2b1fc61b36a6711ea149b18bf3b41500\Parser.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\31638f63e39b38d3e250a9a57cb9d1c5\Cwd.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\32785c19dc6898fbbbf06f3b776edd08\Fcntl.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\3a7ccbf8181ee5a145227a6dfce3594c\WinError.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\3a8764e0d7c5d453e01d9ad08cf7fb58\IO.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\3b7106dd14676048b10bbb09a990f74c\XS.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\4461f48e31bde5c56b31b973b773de09\List.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\44727051c604ef6b79894b64d4c63832\Expat.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\4f2c03383aab0133b8dc0a3fa2dd92fa\Storable.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\5ffd05b2cbd58528e56519784ca9c869\Hostname.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\60ff464e01c2cd5526dbdad5a125081d\Dumper.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\7ef0d901bf4203fbcf7a0fff0e82aa5f\Encode.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\7f177c338672436e01c4f0bdbcf94491\EV.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\7f2598c08178217a0e2c754f3d568f28\Byte.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\87fe0906e4bfbcec428293cf9a5ac335\NetResource.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\8fedeb86a4a984edfc1fb255d4ea965c\XS.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\951e8057c3fe65524966ea64dff289ac\Scan.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\961b0d62fa52b1dd29c795a822fbf1cf\DBI.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\aff7ee779ea184f884ed432c30a58f5d\Scale.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\b6bd87c968599725b8ab2e5c25d3046a\API.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\b979ace6da01e63d651cce9ee2474fdc\Name.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\bc147d83c7c868eeee67082dcf55430c\File.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\bd5179a413bc0c4b82eedc22c6cab101\re.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\c199d3c1960e7aeeecb599487952bed2\HiRes.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\c19d5e3dc664d9f4ce700001e2621cee\MD5.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\c344fd5536724b2af2e6453833b60203\SHA1.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\c5cce8d16a1bd48692b421dcf46d3396\Util.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\c668a322917d32a5ea22894518aa9897\Base64.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\cf5fe81e2f5dcbfecfd0495e1648c991\Unicode.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\d0bf009923f29116535c26d228271d6d\Scan.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\d10c2c06ba2044cccc247c4315f5c7d3\Process.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\d1c77e404b5c4b954fa537ed63c8fb7b\File.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\d1e7c33431cd8713f2ce3582829a8b14\Socket.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\dacfd0ab9b5fd029ed8d29e4482b0775\XS.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\de446fdd1ae335c7d2b9e62bb8cdf765\B.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\df1ba73f49c38cbbc7a11c779c3506d2\OLE.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\e2e81dd6b3e5a36f0bdae076393cc11d\icudt46.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\e2e81dd6b3e5a36f0bdae076393cc11d\icuin46.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\e2e81dd6b3e5a36f0bdae076393cc11d\icuuc46.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\e2e81dd6b3e5a36f0bdae076393cc11d\SQLite.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\e56c61f7248672819579325af3387035\POSIX.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\eaeabd54205de2f10c00aea80bbf0d83\Registry.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\eb138ef0e4282611dbf485a302784646\LibYAML.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\f233f63b6654362865c7577442edb9e3\Win32.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\fa9e3c814aa32db2ad5f17bdfbc22746\attributes.dll
C:\Users\Monika\AppData\Local\Temp\pdk-Monika-5732\perl514.dll
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome.manifest
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.js
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.xul
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\buttons.js
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\constants.js
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\events.js
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\globals.js
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\hosts.js
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\init.js
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_images.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_maps.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_news.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_videos.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_web.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_amazon.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_ebay.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_facebook.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_games.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_msn.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_shopping.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_travel.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_twitter.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\startnow_logo.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\installer.xml
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\chevron_button.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_hover.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_normal.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_dropdown_button_normal.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_background.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_left.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_middle.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\separator.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\splitter.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ff_hover_c.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_c.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_l.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_r.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_c.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_l.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_r.png
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\toolbar.xml
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\locale\en-US\{5911488E-9D1E-40ec-8CBB-06B231CC153F}.dtd
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\skin\overlay.css
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\components\tellSvc.dll
C:\Users\Monika\AppData\Roaming\Mozilla\Firefox\Profiles\n60gv88i.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\install.rdf
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_Updater Service for StartNow Toolbar
-------\Service_Updater Service for StartNow Toolbar
((((((((((((((((((((((((( Files Created from 2012-02-01 to 2012-03-01 )))))))))))))))))))))))))))))))
2012-03-01 20:27:53 . 2012-03-01 21:35:21 -------- d-----w- C:\Users\Monika\AppData\Local\temp
2012-03-01 20:27:53 . 2012-03-01 20:27:53 -------- d-----w- C:\Users\xbox\AppData\Local\temp
2012-03-01 20:27:53 . 2012-03-01 20:27:53 -------- d-----w- C:\Users\Mcx1-MONIKA-PC\AppData\Local\temp
2012-03-01 20:27:53 . 2012-03-01 20:27:53 -------- d-----w- C:\Users\Guest\AppData\Local\temp
2012-03-01 20:27:53 . 2012-03-01 20:27:53 -------- d-----w- C:\Users\Default\AppData\Local\temp
2012-02-28 22:16:21 . 2012-02-28 22:16:21 -------- d-----w- C:\Users\Monika\AppData\Roaming\Malwarebytes
2012-02-28 22:16:13 . 2012-02-28 23:45:30 -------- d-----w- C:\ProgramData\Malwarebytes
2012-02-28 22:16:12 . 2012-02-28 22:16:15 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2012-02-28 22:16:12 . 2011-12-10 20:24:06 20464 ----a-w- C:\Windows\system32\drivers\mbam.sys
2012-02-27 21:08:32 . 2012-02-27 21:08:32 -------- d-----w- C:\ProgramData\PC Tools
2012-02-15 12:33:03 . 2011-12-30 05:27:56 478720 ----a-w- C:\Windows\system32\timedate.cpl
2012-02-15 12:32:59 . 2011-12-16 07:52:58 690688 ----a-w- C:\Windows\system32\msvcrt.dll
2012-02-15 12:32:54 . 2012-01-04 08:58:41 442880 ----a-w- C:\Windows\system32\ntshrui.dll
2012-02-15 12:32:53 . 2012-01-14 03:35:54 2343424 ----a-w- C:\Windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2009-09-13 03:05:42 . 2009-09-13 03:05:42 124240 ----a-w- C:\Program Files\mozilla firefox\plugins\CCMSDK.dll
2009-09-13 03:06:48 . 2009-09-13 03:06:48 13136 ----a-w- C:\Program Files\mozilla firefox\plugins\cgpcfg.dll
2009-09-13 03:06:22 . 2009-09-13 03:06:22 70488 ----a-w- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
2009-09-13 03:06:32 . 2009-09-13 03:06:32 91480 ----a-w- C:\Program Files\mozilla firefox\plugins\confmgr.dll
2009-09-13 03:06:28 . 2009-09-13 03:06:28 22360 ----a-w- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
2009-09-13 03:07:08 . 2009-09-13 03:07:08 255312 ----a-w- C:\Program Files\mozilla firefox\plugins\ctxmui.dll
2009-09-13 03:06:30 . 2009-09-13 03:06:30 31064 ----a-w- C:\Program Files\mozilla firefox\plugins\icafile.dll
2009-09-13 03:06:46 . 2009-09-13 03:06:46 40280 ----a-w- C:\Program Files\mozilla firefox\plugins\icalogon.dll
2009-08-14 17:33:38 . 2009-08-14 17:33:38 652640 ----a-w- C:\Program Files\mozilla firefox\plugins\sslsdk_b.dll
2009-09-13 03:06:24 . 2009-09-13 03:06:24 23896 ----a-w- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
2010-09-26 19:15:30 . 2010-09-26 19:15:30 119808 ----a-w- C:\Program Files\mozilla firefox\components\GoogleDesktopMozilla.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
As you can see the report shorted here
-
It's been like 50 min now and the blue window did not change I looked into c drive and no log file
Should I just close it?
-
Hi I think something went wrong when I run combofix
I have disabled the AVG but I forgot to look at the list of other programs to be disabled and now combo fix is stuck on the screen
Preparing Log report
Do Not run any programs until ComboFix has finished
It's been 20 min on that screen
The other scan had found 0 threats
What should I do?
-
thank you I have followed your instructions this topic can be closed
-
Hi I have nasty virus from facebook please help me remove it.
here are the dds results
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Monika at 13:56:17 on 2012-02-29
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.1886 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McKesson\MIG\Service\AliUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MediaMall\MediaMallServer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RTHDCPL.exe
C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\VERIZONDM\bin\sprtcmd.exe
C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\dps.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\pl.exe
C:\Program Files\VERIZONDM\bin\sprtsvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\VERIZONDM\bin\tgsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\epservice.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\ep.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Squeezebox\SqueezeTray.exe
C:\Users\Monika\AppData\Local\Temp\RtkBtMnt.exe
C:\PROGRA~1\SQUEEZ~1\server\SQUEEZ~3.EXE
C:\Windows\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\MediaMall\MediaMallServer.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TrustedID Secure Browse: {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} - c:\program files\trustedid\trustedid secure browse\epbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
BHO: TrustedID Secure Browse: {ff507020-a257-4527-a222-b6f5732e55ee} - c:\program files\trustedid\trustedid secure browse\plbho.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
uRun: [Google Update] "c:\users\monika\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [spyware Doctor with AntiVirus] c:\users\monika\desktop\sdasetup_revwire207.exe -min
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [skyTel] SkyTel.EXE
mRun: [soundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [OneTouch Monitor] c:\program files\visioneer onetouch\OneTouchMon.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [TrustedID Secure Browse] "c:\program files\trustedid secure browse\sss.exe"
mRun: [VERIZONDM] "c:\program files\verizondm\bin\sprtcmd.exe" /P VERIZONDM
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Data Protection Suite] "c:\program files\trustedid\trustedid secure browse\dps.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [PhishLock] "c:\program files\trustedid\trustedid secure browse\pl.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\users\monika\appdata\roaming\micros~1\windows\startm~1\programs\startup\cit200.lnk - c:\program files\linksys\cit200\cit200.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\squeezebox\SqueezeTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quicke~1.lnk - c:\program files\quicken\bagent.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
mPolicies-system: DisableStartupSound = 1 (0x1)
mPolicies-system: DisableStatusMessages = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "c:\program files\fiddler2\Fiddler.exe"
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {36B874FC-EECA-4622-8DCE-F8D453C88845} - hxxps://cnypacs.com/HRS/download/AliUpdate.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.stemc.org/CACHE/stc/1/binaries/vpnweb.cab
DPF: {6A1C1D9A-00D4-468C-BAC0-34941BF5DBA1} - hxxps://cnypacs.com/HRS/download/Setup.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A} : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\0527F64657364796F6E6370275962756C65637370225F657475627 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\2456C6B696E6F574F505C65737F5D494D4F4F5138303137303 : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\D656C666275646F6 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{FEC1F568-0142-484C-87C3-765B651A5097} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
AppInit_DLLs: c:\progra~1\google\google~1\GO36F4~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\monika\appdata\roaming\mozilla\firefox\profiles\n60gv88i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1621166&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z128&ocid=zdhp&install_date=20111215
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form=ZGAADF&install_date=20111215&q=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\users\monika\appdata\roaming\mozilla\firefox\profiles\n60gv88i.default\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}\components\FFExternalAlert.dll
FF - component: c:\users\monika\appdata\roaming\mozilla\firefox\profiles\n60gv88i.default\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}\components\RadioWMPCore.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\monika\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\monika\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\monika\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\monika\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - c:\program files\fiddler2\FiddlerHook
FF - Ext: CommentsBar 1 Toolbar: {23ec984e-464c-4a0c-a8df-f80cb8c090e1} - %profile%\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]
R2 AliUpdate;Horizon Medical Imaging Update Service;c:\program files\common files\mckesson\mig\service\AliUpdate.exe [2010-1-18 79152]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 EntryProtect;TrustedID Secure Browse;c:\program files\trustedid\trustedid secure browse\epservice.exe [2011-8-21 46952]
R2 MediaMall Server;MediaMall Server;c:\program files\mediamall\MediaMallServer.exe [2010-10-29 3994480]
R2 ppsio2;PPDevice;c:\windows\system32\drivers\ppsio2.sys [2010-3-2 23200]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\verizondm\bin\sprtsvc.exe [2011-2-1 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\verizondm\bin\tgsrvc.exe [2011-2-1 185640]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-10-25 244960]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2009-12-17 497856]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 epfilter;epfilter;c:\windows\system32\drivers\epfilter.sys [2011-1-29 18240]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-2-15 1097216]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2007-4-25 31232]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 sbupdate;TrustedID Update Service;c:\program files\sentrybay\update\SentryBayUpdate.exe [2011-4-29 138080]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-9-26 30192]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-24 1343400]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
.
=============== Created Last 30 ================
.
2012-02-28 22:16:21 -------- d-----w- c:\users\monika\appdata\roaming\Malwarebytes
2012-02-28 22:16:13 -------- d-----w- c:\programdata\Malwarebytes
2012-02-28 22:16:12 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-28 22:16:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-27 21:08:32 -------- d-----w- c:\programdata\PC Tools
2012-02-15 12:33:03 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 12:32:59 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 12:32:54 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 12:32:53 2343424 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 13:57:02.72 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/16/2009 7:04:34 AM
System Uptime: 2/29/2012 9:37:27 AM (4 hours ago)
.
Motherboard: Acer, Inc. | | Bodensee
Processor: Genuine Intel® CPU T2300 @ 1.66GHz | U2E1 | 983/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 148 GiB total, 81.692 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 1 GiB total, 0.934 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
Class GUID:
Description: Mass Storage Controller
Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_00941025&REV_00\4&3981ECD8&0&4AF0
Manufacturer:
Name: Mass Storage Controller
PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_00941025&REV_00\4&3981ECD8&0&4AF0
Service:
.
==== System Restore Points ===================
.
RP259: 1/19/2012 3:00:14 AM - Windows Update
RP260: 1/28/2012 4:02:37 PM - Scheduled Checkpoint
RP261: 2/4/2012 8:22:06 PM - Windows Backup
RP262: 2/16/2012 3:00:18 AM - Windows Update
RP263: 2/27/2012 1:05:40 PM - Removed Garmin WebUpdater
RP264: 2/27/2012 1:06:23 PM - Removed Facebook Messenger 2.0.4430.0
RP265: 2/28/2012 7:11:07 PM - Windows Update
.
==== Installed Programs ======================
.
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Reader 9.5.0
Adobe SVG Viewer
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
AVG PC Tuneup 2011
Belarc Advisor 8.1
BlackBerry Desktop Software 6.0
BlackBerry Device Software Updater
BlackBerry Device Software v5.0.0 for the BlackBerry 8520 smartphone
Bonjour
Cisco AnyConnect VPN Client
CIT200
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Facebook Plug-In
Fiddler2
FlashFXP v3
Garmin Communicator Plugin
Garmin USB Drivers
Google Chrome
Google Desktop
Google Talk Plugin
HDAUDIO Soft Data Fax Modem with SmartCP
Horizon Medical Imaging Update Service
HRS 11.6 Distributed
iCloud
iPod To Computer Transfer 6.2
iTunes
Java Auto Updater
Java 6 Update 29
Logitech Media Server 7.7.0
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2003 Web Components
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
mIRC
MobileMe Control Panel
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB973685)
OGA Notifier 2.0.0048.0
OneTouch 4.6
PhysExam (Palm) v 6.0.152 by Skyscape
PlayOn
Prism Video File Converter
Quicken 2004
QuickTime
Realtek High Definition Audio Driver
Redist
Review for the PHYSICIAN ASSISTANT
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
SentryBay Update Helper
Skype™ 5.5
StartNow Toolbar
TrustedID Secure Browse
Uniblue RegistryBooster 2010
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Verizon Download Manager
Verizon High Speed Internet
Verizon Media Manager
Visioneer 8100 Scanner
WIDCOMM Bluetooth Software 6.0.1.3500
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Media Player Firefox Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
2/29/2012 1:55:51 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
2/29/2012 1:55:51 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
2/29/2012 1:55:51 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
2/29/2012 1:14:33 PM, Error: Service Control Manager [7001] - The Server service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/29/2012 1:14:33 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 1:04:20 PM, Error: Service Control Manager [7001] - The HomeGroup Listener service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/29/2012 1:04:19 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
2/28/2012 7:48:29 PM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
2/28/2012 7:46:47 PM, Error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
2/28/2012 6:49:45 PM, Error: NetBT [4321] - The name "MONIKA-PC :0" could not be registered on the interface with IP address 192.168.1.112. The computer with the IP address 169.254.224.8 did not allow the name to be claimed by this computer.
2/28/2012 10:45:02 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
2/28/2012 10:30:57 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
.
==== End Of File ===========================
-
Hi thanks for putting an idea into my head my router sometimes needs reboot I guess I did not connect the two once I ran
MAMB.
So I am back on line. The only thing that still worries me is if there is still something hidden on my PC
if anyone can review my scan and tell me if I am clean clean I would appreciate it thank you
-
HA! found the DDS thing here is the report
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
Run by Monika at 22:30:09 on 2012-02-28
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3070.1607 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\McKesson\MIG\Service\AliUpdate.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\MediaMall\MediaMallServer.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RTHDCPL.exe
C:\Program Files\Visioneer OneTouch\OneTouchMon.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\VERIZONDM\bin\sprtcmd.exe
C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\dps.exe
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\pl.exe
C:\Program Files\VERIZONDM\bin\sprtsvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\VERIZONDM\bin\tgsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\epservice.exe
C:\Program Files\TrustedID\TrustedID Secure Browse\ep.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Squeezebox\SqueezeTray.exe
C:\Users\Monika\AppData\Local\Temp\RtkBtMnt.exe
C:\PROGRA~1\SQUEEZ~1\server\SQUEEZ~3.EXE
C:\Windows\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\MediaMall\MediaMallServer.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uInternet Settings,ProxyOverride = *.local
mURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TrustedID Secure Browse: {3955aa73-8c60-4a9b-acdb-0c2edb1b6748} - c:\program files\trustedid\trustedid secure browse\epbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - c:\program files\startnow toolbar\Toolbar32.dll
BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: FlashFXP Helper for Internet Explorer: {e5a1691b-d188-4419-ad02-90002030b8ee} - c:\progra~1\flashfxp\IEFlash.dll
BHO: TrustedID Secure Browse: {ff507020-a257-4527-a222-b6f5732e55ee} - c:\program files\trustedid\trustedid secure browse\plbho.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll
TB: {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No File
uRun: [Google Update] "c:\users\monika\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [iCloudServices] c:\program files\common files\apple\internet services\iCloudServices.exe
uRun: [ApplePhotoStreams] c:\program files\common files\apple\internet services\ApplePhotoStreams.exe
uRun: [spyware Doctor with AntiVirus] c:\users\monika\desktop\sdasetup_revwire207.exe -min
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [skyTel] SkyTel.EXE
mRun: [soundMan] SOUNDMAN.EXE
mRun: [AlcWzrd] ALCWZRD.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [OneTouch Monitor] c:\program files\visioneer onetouch\OneTouchMon.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [TrustedID Secure Browse] "c:\program files\trustedid secure browse\sss.exe"
mRun: [VERIZONDM] "c:\program files\verizondm\bin\sprtcmd.exe" /P VERIZONDM
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Data Protection Suite] "c:\program files\trustedid\trustedid secure browse\dps.exe"
mRun: [RIMBBLaunchAgent.exe] c:\program files\common files\research in motion\usb drivers\RIMBBLaunchAgent.exe
mRun: [PhishLock] "c:\program files\trustedid\trustedid secure browse\pl.exe"
mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [ConnectionCenter] "c:\program files\citrix\ica client\concentr.exe" /startup
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\users\monika\appdata\roaming\micros~1\windows\startm~1\programs\startup\cit200.lnk - c:\program files\linksys\cit200\cit200.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\squeezebox\SqueezeTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quicke~1.lnk - c:\program files\quicken\bagent.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: SoftwareSASGeneration = 1 (0x1)
mPolicies-system: DisableStartupSound = 1 (0x1)
mPolicies-system: DisableStatusMessages = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "c:\program files\fiddler2\Fiddler.exe"
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {36B874FC-EECA-4622-8DCE-F8D453C88845} - hxxps://cnypacs.com/HRS/download/AliUpdate.cab
DPF: {55963676-2F5E-4BAF-AC28-CF26AA587566} - hxxps://vpn.stemc.org/CACHE/stc/1/binaries/vpnweb.cab
DPF: {6A1C1D9A-00D4-468C-BAC0-34941BF5DBA1} - hxxps://cnypacs.com/HRS/download/Setup.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\0527F64657364796F6E6370275962756C65637370225F657475627 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\2456C6B696E6F574F505C65737F5D494D4F4F5138303137303 : DhcpNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{6EF495A2-8B37-4967-BC10-32E0F501172A}\D656C666275646F6 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{FEC1F568-0142-484C-87C3-765B651A5097} : DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
AppInit_DLLs: c:\progra~1\google\google~1\GO36F4~1.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\monika\appdata\roaming\mozilla\firefox\profiles\n60gv88i.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1621166&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://www.msn.com/?pc=Z128&ocid=zdhp&install_date=20111215
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form=ZGAADF&install_date=20111215&q=
FF - component: c:\program files\avg\avg10\firefox\components\avgssff.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: c:\program files\avg\avg10\toolbar\firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: c:\users\monika\appdata\roaming\mozilla\firefox\profiles\n60gv88i.default\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}\components\FFExternalAlert.dll
FF - component: c:\users\monika\appdata\roaming\mozilla\firefox\profiles\n60gv88i.default\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}\components\RadioWMPCore.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\users\monika\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\monika\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\users\monika\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\monika\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: FiddlerHook: fiddlerhook@fiddler2.com - c:\program files\fiddler2\FiddlerHook
FF - Ext: CommentsBar 1 Toolbar: {23ec984e-464c-4a0c-a8df-f80cb8c090e1} - %profile%\extensions\{23ec984e-464c-4a0c-a8df-f80cb8c090e1}
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-4 297168]
R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-9-8 65584]
R2 AliUpdate;Horizon Medical Imaging Update Service;c:\program files\common files\mckesson\mig\service\AliUpdate.exe [2010-1-18 79152]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 EntryProtect;TrustedID Secure Browse;c:\program files\trustedid\trustedid secure browse\epservice.exe [2011-8-21 46952]
R2 MediaMall Server;MediaMall Server;c:\program files\mediamall\MediaMallServer.exe [2010-10-29 3994480]
R2 ppsio2;PPDevice;c:\windows\system32\drivers\ppsio2.sys [2010-3-2 23200]
R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\verizondm\bin\sprtsvc.exe [2011-2-1 206120]
R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\verizondm\bin\tgsrvc.exe [2011-2-1 185640]
R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\ToolbarUpdaterService.exe [2011-10-25 244960]
R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2009-12-17 497856]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-5-27 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
R3 epfilter;epfilter;c:\windows\system32\drivers\epfilter.sys [2011-1-29 18240]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-2-15 1097216]
R3 netw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\netw5v32.sys [2009-6-10 4231168]
R3 SMSCIRDA;SMSC Infrared Device Driver;c:\windows\system32\drivers\smscirda.sys [2007-4-25 31232]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2012-1-31 7391072]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 sbupdate;TrustedID Update Service;c:\program files\sentrybay\update\SentryBayUpdate.exe [2011-4-29 138080]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-9-26 30192]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-3 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-2-24 1343400]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2009-7-13 17920]
.
=============== Created Last 30 ================
.
2012-02-28 22:16:21 -------- d-----w- c:\users\monika\appdata\roaming\Malwarebytes
2012-02-28 22:16:13 -------- d-----w- c:\programdata\Malwarebytes
2012-02-28 22:16:12 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-28 22:16:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-02-27 21:08:32 -------- d-----w- c:\programdata\PC Tools
2012-02-15 12:33:03 478720 ----a-w- c:\windows\system32\timedate.cpl
2012-02-15 12:32:59 690688 ----a-w- c:\windows\system32\msvcrt.dll
2012-02-15 12:32:54 442880 ----a-w- c:\windows\system32\ntshrui.dll
2012-02-15 12:32:53 2343424 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2011-12-14 03:04:54 1798656 ----a-w- c:\windows\system32\jscript9.dll
2011-12-14 02:57:18 1127424 ----a-w- c:\windows\system32\wininet.dll
2011-12-14 02:56:58 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
2011-12-14 02:50:04 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 22:30:55.68 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/16/2009 7:04:34 AM
System Uptime: 2/28/2012 7:45:20 PM (3 hours ago)
.
Motherboard: Acer, Inc. | | Bodensee
Processor: Genuine Intel® CPU T2300 @ 1.66GHz | U2E1 | 1667/166mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 148 GiB total, 81.924 GiB free.
D: is CDROM ()
F: is FIXED (NTFS) - 1 GiB total, 0.934 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
Device ID: ROOT\NET\0000
Manufacturer: Cisco Systems
Name: Cisco AnyConnect VPN Virtual Miniport Adapter for Windows
PNP Device ID: ROOT\NET\0000
Service: vpnva
.
Class GUID:
Description: Mass Storage Controller
Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_00941025&REV_00\4&3981ECD8&0&4AF0
Manufacturer:
Name: Mass Storage Controller
PNP Device ID: PCI\VEN_104C&DEV_803B&SUBSYS_00941025&REV_00\4&3981ECD8&0&4AF0
Service:
.
==== System Restore Points ===================
.
RP259: 1/19/2012 3:00:14 AM - Windows Update
RP260: 1/28/2012 4:02:37 PM - Scheduled Checkpoint
RP261: 2/4/2012 8:22:06 PM - Windows Backup
RP262: 2/16/2012 3:00:18 AM - Windows Update
RP263: 2/27/2012 1:05:40 PM - Removed Garmin WebUpdater
RP264: 2/27/2012 1:06:23 PM - Removed Facebook Messenger 2.0.4430.0
RP265: 2/28/2012 7:11:07 PM - Windows Update
.
==== Installed Programs ======================
.
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Photoshop 6.0
Adobe Reader 9.5.0
Adobe SVG Viewer
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
AVG PC Tuneup 2011
Belarc Advisor 8.1
BlackBerry Desktop Software 6.0
BlackBerry Device Software Updater
BlackBerry Device Software v5.0.0 for the BlackBerry 8520 smartphone
Bonjour
Cisco AnyConnect VPN Client
CIT200
Citrix online plug-in - web
Citrix online plug-in (DV)
Citrix online plug-in (HDX)
Citrix online plug-in (USB)
Citrix online plug-in (Web)
Compatibility Pack for the 2007 Office system
Facebook Plug-In
Fiddler2
FlashFXP v3
Garmin Communicator Plugin
Garmin USB Drivers
Google Chrome
Google Desktop
Google Talk Plugin
HDAUDIO Soft Data Fax Modem with SmartCP
Horizon Medical Imaging Update Service
HRS 11.6 Distributed
iCloud
iPod To Computer Transfer 6.2
iTunes
Java Auto Updater
Java 6 Update 29
Logitech Media Server 7.7.0
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2003 Web Components
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
mIRC
MobileMe Control Panel
Mozilla Firefox (3.6.8)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser (KB973685)
OGA Notifier 2.0.0048.0
OneTouch 4.6
PhysExam (Palm) v 6.0.152 by Skyscape
PlayOn
Prism Video File Converter
Quicken 2004
QuickTime
Realtek High Definition Audio Driver
Redist
Review for the PHYSICIAN ASSISTANT
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
SentryBay Update Helper
Skype™ 5.5
StartNow Toolbar
TrustedID Secure Browse
Uniblue RegistryBooster 2010
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Verizon Download Manager
Verizon High Speed Internet
Verizon Media Manager
Visioneer 8100 Scanner
WIDCOMM Bluetooth Software 6.0.1.3500
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Media Player Firefox Plugin
WinRAR archiver
.
==== Event Viewer Messages From Past Week ========
.
2/28/2012 7:48:29 PM, Error: Microsoft-Windows-WMPNSS-Service [14338] - A new media server was not initialized because CoCreateInstance(CLSID_UPnPRegistrar) encountered error '0x80070422'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
2/28/2012 7:46:47 PM, Error: Service Control Manager [7000] - The mrtRate service failed to start due to the following error: The system cannot find the file specified.
2/28/2012 6:49:45 PM, Error: NetBT [4321] - The name "MONIKA-PC :0" could not be registered on the interface with IP address 192.168.1.112. The computer with the IP address 169.254.224.8 did not allow the name to be claimed by this computer.
2/28/2012 6:49:45 PM, Error: Microsoft-Windows-SharedAccess_NAT [31004] - The DNS proxy agent was unable to allocate 0 bytes of memory. This may indicate that the system is low on virtual memory, or that the memory manager has encountered an internal error.
2/28/2012 10:30:57 PM, Error: cdrom [11] - The driver detected a controller error on \Device\CdRom0.
2/28/2012 10:26:49 PM, Error: Service Control Manager [7001] - The Server service depends on the Security Accounts Manager service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
2/28/2012 10:26:49 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/28/2012 10:26:48 PM, Error: Service Control Manager [7001] - The HomeGroup Listener service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/27/2012 4:18:47 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535
2/27/2012 4:18:47 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535
2/27/2012 4:18:47 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80630801.
.
==== End Of File ===========================
on Chrome it was the YouTube add on (I think it was not the clean add on)
nasty facebook virus Hijacking link to other web site
in Resolved Malware Removal Logs
Posted
I was not sure if I should choose to delete and uninstall the program from my PC
C:\Program Files\Uniblue\RegistryBooster\Launcher.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Program Files\Uniblue\RegistryBooster\registrybooster.exe Win32/RegistryBooster application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ReactivateIE.exe.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\Toolbar32.dll.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ToolbarBroker.exe.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe.vir a variant of Win32/Toolbar.Zugo application cleaned by deleting - quarantined
C:\Users\Monika\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\101123111342954.rsc multiple threats deleted - quarantined
C:\Users\Monika\Desktop\Improve Your PC.lnk LNK/URL.B trojan cleaned by deleting - quarantined
C:\Users\Monika\Downloads\CheatEngine56.exe multiple threats deleted - quarantined
C:\Users\Monika\Downloads\mirc714.exe Win32/OpenCandy application deleted - quarantined
C:\Users\Monika\Downloads\registrybooster.exe multiple threats deleted - quarantined
C:\Users\Monika\Downloads\YouTubeDownloaderSetup264.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Users\Monika\Downloads\YouTubeDownloaderSetup265.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Users\Monika\Downloads\RegistryBooster2010 4.6.1.19 Incl.Serial (100% working) [h33t] [AppZ-4You]\SETUP\registrybooster.exe Win32/RegistryBooster application deleted - quarantined