Rehzi

There's also a Program that cannot be removed using Control Panel. It's called "BCool Gadget".

Chrome, IE & FF

Can't find the extra.txt file

OTL logfile created on: 8/17/2012 9:22:41 AM - Run 2 OTL by OldTimer - Version 3.2.57.0 Folder = C:\Users\Owner\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19298) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.90 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 29.47% Memory free 6.04 Gb Paging File | 2.98 Gb Available in Paging File | 49.35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.05 Gb Total Space | 110.91 Gb Free Space | 38.91% Space Free | Partition Type: NTFS Drive D: | 13.04 Gb Total Space | 1.44 Gb Free Space | 11.04% Space Free | Partition Type: NTFS Drive E: | 4.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Drive F: | 3.68 Gb Total Space | 1.02 Gb Free Space | 27.82% Space Free | Partition Type: FAT32 Computer Name: IWES | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/08/17 09:22:11 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL (1).exe PRC - [2012/07/11 12:44:15 | 000,186,832 | ---- | M] (Google Inc.) -- C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe PRC - [2012/07/10 23:23:59 | 000,935,008 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe PRC - [2012/07/10 23:21:55 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012/05/30 20:06:18 | 000,059,280 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe PRC - [2012/02/23 12:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe PRC - [2012/02/23 12:22:56 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe PRC - [2012/02/23 12:22:24 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2012/01/17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/09/13 09:56:02 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/09/15 18:47:36 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe PRC - [2008/12/17 20:11:40 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe PRC - [2008/11/26 20:13:08 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe PRC - [2008/11/26 20:13:08 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe ========== Modules (No Company Name) ========== MOD - [2012/08/14 00:30:59 | 000,442,392 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll MOD - [2012/08/14 00:30:58 | 012,235,288 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll MOD - [2012/08/14 00:30:57 | 003,997,720 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll MOD - [2012/08/14 00:29:28 | 000,144,424 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\avutil-51.dll MOD - [2012/08/14 00:29:27 | 000,266,792 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\avformat-54.dll MOD - [2012/08/14 00:29:26 | 002,480,680 | ---- | M] () -- C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\avcodec-54.dll MOD - [2012/07/10 23:24:05 | 000,132,704 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll MOD - [2012/07/10 23:21:55 | 001,107,552 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012/06/13 04:31:47 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll MOD - [2012/06/13 04:26:35 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll MOD - [2012/06/13 03:26:51 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll MOD - [2012/06/13 03:26:26 | 014,329,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7343fbab1ba137db2f8b284047ef3f3c\PresentationFramework.ni.dll MOD - [2012/06/13 03:24:28 | 012,219,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7b6293b0c23321c255c2530aea8e32bb\PresentationCore.ni.dll MOD - [2012/05/12 04:20:13 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\5ebaa15cccc356bc3afba0c8f56977f7\UIAutomationTypes.ni.dll MOD - [2012/05/12 04:20:00 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f3d4d5fe5ab848fbfcf91a49960dc8ae\System.Management.ni.dll MOD - [2012/05/12 04:18:36 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll MOD - [2012/05/12 04:18:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll MOD - [2012/05/12 04:14:04 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll MOD - [2012/05/12 04:13:20 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\bfdd10e0a0aacf46bac557ffc5d55ba5\System.Data.ni.dll MOD - [2012/05/12 04:13:05 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\c8c3ab08933fef9fb6657da871395c46\PresentationFramework.Aero.ni.dll MOD - [2012/05/12 04:12:33 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll MOD - [2012/05/12 04:12:29 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll MOD - [2012/05/12 04:12:19 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe MOD - [2009/11/19 10:20:44 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2009/11/19 10:20:42 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2009/11/19 10:20:42 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2009/08/26 13:11:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2009/08/26 13:11:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll MOD - [2009/08/26 13:11:22 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2009/08/26 13:11:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2009/08/26 13:11:22 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2009/08/26 13:11:20 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2009/08/26 13:11:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2009/08/26 13:11:02 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll MOD - [2009/05/26 21:06:28 | 000,913,408 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2009/01/13 13:00:42 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/02/22 21:08:10 | 000,267,776 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe -- (STacSV) SRV:64bit: - [2009/02/12 04:21:34 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe -- (AESTFilters) SRV:64bit: - [2008/03/18 19:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv) SRV:64bit: - [2008/03/18 08:26:56 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio) SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/08/14 23:56:47 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/07/10 23:23:59 | 000,935,008 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe -- (vToolbarUpdater11.2.0) SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/11/10 09:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/05/21 21:35:32 | 000,923,136 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/12/17 20:11:40 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/11/26 20:13:08 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) SRV - [2008/11/26 20:13:08 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/25 12:11:36 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/02/29 09:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/05/27 19:05:14 | 000,117,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver) DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011/02/22 08:12:34 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV:64bit: - [2011/02/10 07:53:22 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter) DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2010/06/23 09:21:34 | 000,318,568 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2009/12/30 11:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\revoflt.sys -- (Revoflt) DRV:64bit: - [2009/11/26 13:42:40 | 002,685,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX) DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2009/04/29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:64bit: - [2009/04/11 01:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser.sys -- (usbser) DRV:64bit: - [2009/02/22 21:08:10 | 000,473,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA) DRV:64bit: - [2008/10/29 15:55:52 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2008/10/28 04:33:30 | 008,039,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx) DRV:64bit: - [2008/09/22 01:49:58 | 000,126,464 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) DRV:64bit: - [2008/09/19 20:43:58 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR) DRV:64bit: - [2008/09/04 13:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir) DRV:64bit: - [2008/07/24 12:48:10 | 000,250,928 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM) DRV:64bit: - [2008/03/27 15:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2008/03/27 15:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam) DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus) DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV - [2008/11/28 21:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/06/27 03:43:11] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{682A7A5C-953E-4F46-BE75-B46823CC9E8B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/?affid=gb2 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes\{682A7A5C-953E-4F46-BE75-B46823CC9E8B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468 IE - HKLM\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?affid=gb2&q={searchTerms} IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes\{AB40DD79-0845-416A-B585-4A78A6EE9897}: "URL" = http://search.avg.com/route/?d=4cc9492a&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=b&ychte=us IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\..\SearchScopes\{AB40DD79-0845-416A-B585-4A78A6EE9897}: "URL" = http://search.avg.com/route/?d=4cc9492a&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=b&ychte=us IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com/?affid=gb2 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\URLSearchHook: {7473b6bd-4691-4744-a82b-7854eb3d70b6} - No CLSID value found IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{682A7A5C-953E-4F46-BE75-B46823CC9E8B}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.dm/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enBB342 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={520A4C0B-E0D2-4329-93F2-8E0549790DF3}&mid=27c7f56d07e9442dafd5ec6d32621f2a-f1cf3f2cc362b13f5ef9d7dd0b7e8eb5952313cc〈=us&ds=AVG&pr=fr&d=2011-12-10 09:10:27&v=9.0.0.18&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}: "URL" = http://search.gboxapp.com/?affid=gb2&q={searchTerms} IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1 ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/02/03 10:03:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/22 12:22:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012/07/10 23:24:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/22 12:22:50 | 000,000,000 | ---D | M] [2012/04/01 15:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions [2009/09/25 13:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011/12/19 06:40:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\extensions [2011/09/06 19:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088} [2012/07/10 23:21:48 | 000,003,767 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml ========== Chrome ========== CHR - homepage: CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\Application\21.0.1180.79\pdf.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll CHR - plugin: Conduit Radio Plugin (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.11.21.5_0\plugins/np-cwmp.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Owner\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: uTorrentControl_v2 = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.11.21.5_0\ CHR - Extension: AVG Safe Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\ O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [HF_G_Jul] C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe () O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [cdloader] C:\Users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe (Apple Inc.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED File not found O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..Trusted Domains: localhost ([]http in Computer) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.0) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.5.0) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.244.175.2 65.75.69.58 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24}: DhcpNameServer = 216.137.13.22 216.137.13.23 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D00227C2-EAC7-4390-B069-BB86459BA6AD}: DhcpNameServer = 24.244.175.2 65.75.69.58 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll () O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/12/19 06:10:27 | 000,000,000 | RH-- | M] () - E:\autorun.wbcat -- [ UDF ] O32 - AutoRun File - [2011/12/19 06:10:53 | 000,000,124 | ---- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{0a07ac47-a43e-11de-8671-00238be9f1db}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL owNER.exE O33 - MountPoints2\{7d428266-dc6e-11df-b09e-00238be9f1db}\Shell\AutoRun\command - "" = ircphate.exe O33 - MountPoints2\{7d428266-dc6e-11df-b09e-00238be9f1db}\Shell\open\command - "" = ircphate.exe O33 - MountPoints2\{bc812d42-c477-11de-a930-00238be9f1db}\Shell\AutoRun\command - "" = systemkernal.exe O33 - MountPoints2\{bc812d47-c477-11de-a930-00238be9f1db}\Shell - "" = AutoRun O33 - MountPoints2\{bc812d47-c477-11de-a930-00238be9f1db}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{f89a1b4c-674c-11df-bd47-00238be9f1db}\Shell - "" = AutoRun O33 - MountPoints2\{f89a1b4c-674c-11df-bd47-00238be9f1db}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012/08/17 09:05:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\Desktop\RK_Quarantine [2012/08/17 08:27:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro [2012/08/17 08:27:25 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys [2012/08/17 08:27:23 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2012/08/16 23:26:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/08/16 23:08:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Apps [2012/08/16 23:08:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Deployment [2012/08/16 21:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\GBox [2012/08/16 21:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\OptimizerPro1 [2012/08/16 20:54:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\CRE [2012/08/16 20:45:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\TuneUp Software [2012/08/16 20:45:02 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012/08/16 20:44:22 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012/08/16 20:42:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\OpenCandy [2012/08/16 18:31:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{586CA352-1720-4600-AD29-880131CDA80A} [2012/08/16 18:31:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{516B12F4-4507-4A5B-A3F3-30D15D29F5C0} [2012/08/14 23:49:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DB8781D5-C187-40ED-9A6B-6C4174E78E82} [2012/08/14 23:48:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{1B9A8D27-2328-4AF0-A165-B52C21788D11} [2012/08/14 07:24:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3F54377C-9887-4505-B67C-8C541B1104DD} [2012/08/14 07:24:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{68F39A9F-D37A-4BE8-81C0-4C82E131F828} [2012/08/13 19:23:52 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3D1089BB-174D-4DB8-B98D-B5C3658388A1} [2012/08/13 19:23:28 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F02D1E9C-2B18-4312-B21D-A47FCB619C52} [2012/08/13 01:27:17 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F23C64D8-7B53-4F8C-B73C-B9BF060D8553} [2012/08/13 01:27:05 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DCC0A7F3-4215-41D6-A3BF-D2F20A5FBB41} [2012/08/12 13:26:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{743FD2D7-F2E8-4C24-80E2-34E97496C1A7} [2012/08/12 13:26:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{22AC21F1-E0A1-41A6-848D-B14621CCD21E} [2012/08/11 19:50:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C3118F00-73AD-4150-B900-8C300D21D28C} [2012/08/11 19:49:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A0F35CB8-4968-4542-A8E7-2524261B2122} [2012/08/11 07:49:38 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{EB200201-FB3F-4874-94C5-8357277388B7} [2012/08/11 07:49:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F3573169-36A1-4CE1-957D-CB1C612ED567} [2012/08/10 11:08:46 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{AA507E1F-7BB2-4407-B8AC-574CBED60DB3} [2012/08/10 11:08:35 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{AA605221-3133-4E1D-953A-C5B494D5AEAB} [2012/08/09 23:50:39 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FD014226-6FCA-4B2A-A39C-B8D3F5F99CA4} [2012/08/09 11:20:34 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{44BF61EE-7BB3-49D6-95D0-5DB7B53A6721} [2012/08/09 11:20:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DD080915-90CC-4BC2-AA27-697E889CFC23} [2012/08/08 22:40:30 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F619C492-5F90-4D05-8EE5-0ADAFADEB83F} [2012/08/08 21:42:41 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9F6C6776-7ABF-4A69-92BD-80741BD5CB0B} [2012/08/08 16:43:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C8284D45-BE23-4C90-82B4-987C608337C7} [2012/08/07 20:19:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0BFE1DC5-572D-47CE-8EDC-DC7BCDAC8AF5} [2012/08/07 20:18:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{92E2CAE5-7A37-45EE-9965-71A3C7034E8A} [2012/08/05 13:07:59 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C30A53FE-91E1-4E99-B6A7-9D9C1347F015} [2012/08/05 13:07:37 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{2AFBAC85-6917-48A3-BF11-41F7E383109D} [2012/08/05 01:07:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4677C6CF-B387-4DC4-911B-AA43F0226DC3} [2012/08/05 01:07:12 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BD15115B-B715-4007-A325-EAFD20BE7233} [2012/08/04 13:06:57 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0D6E2524-F47E-4876-A402-8A0EC18FBBBB} [2012/08/04 13:06:29 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{097CE671-E1FE-4666-ACF9-1659A64AA1F9} [2012/08/04 01:06:13 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{87DD8C1D-3C42-4FE2-B425-49DD2AFE5F86} [2012/08/04 01:05:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{DE91F878-ED27-4DA2-85E5-7258B0638D43} [2012/08/02 20:52:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{8C01D110-0830-4408-B85F-F7EC665BDFC2} [2012/08/02 20:52:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4B1D3E14-0E1D-414C-92B7-B429205D2345} [2012/08/01 20:59:14 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{3A5EDFA9-834E-4BD4-AEB9-ECE256AA1009} [2012/07/30 23:12:11 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{7613F652-496F-4D15-876C-2D3D78F23272} [2012/07/30 09:05:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{FE418F77-0BBC-421A-96B3-E3294652A9D0} [2012/07/30 09:05:32 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{23010EEB-A69F-4154-9724-27E1E03C8F8E} [2012/07/29 21:05:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0DBD0D6A-5C31-4C12-B4FF-02D38D8D6CE4} [2012/07/29 21:05:04 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0A7D94BC-054F-4400-8C3A-AE13AEA6829F} [2012/07/28 22:08:03 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{C8BEF97E-71E7-4A90-83FD-DD1A8FE676B9} [2012/07/28 22:07:50 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{5CE5F527-4D42-42F7-BF96-8D44AFC4BBCB} [2012/07/28 09:39:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{21ED6A2E-8E5E-4507-9167-0F5157F5EBCF} [2012/07/28 09:38:51 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{302D687D-BB1F-42CC-B05E-CA14748881A3} [2012/07/27 21:38:31 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{4335A695-BE8E-4E7C-B9E0-B81E28FFE414} [2012/07/27 21:38:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{9662F91B-866E-416F-A9E5-806FE6D9E522} [2012/07/25 11:16:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Skype [2012/07/25 11:16:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2012/07/25 11:16:11 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype [2012/07/25 11:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2012/07/25 11:16:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2012/07/25 08:56:23 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{D254FE0B-D5D8-42F4-81E4-5F354AB3BB61} [2012/07/25 08:56:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{ED91366C-8549-4F37-AA50-9E96BD95BF13} [2012/07/23 14:31:33 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{B14557AB-276D-4CEC-A80F-29F9E8C8E7BC} [2012/07/23 14:31:10 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CA66F96D-CA44-4648-AA5E-DD42D53B252D} [2012/07/22 11:53:26 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{BEE15832-0535-4570-B10C-2124AACDF077} [2012/07/22 11:52:53 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{009278CF-85EB-41F3-AA4E-CEAF0D972DF9} [2012/07/21 11:40:25 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{A7F8406C-1CA7-4792-AF8B-EC4E76FC5ED9} [2012/07/21 11:40:02 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{CE901E48-C6FC-4952-9D8E-D47DC4B61213} [2012/07/20 23:39:42 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F6CD5E0E-44E7-4C55-8C23-0A2F7CB8DE2F} [2012/07/20 23:39:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{401C74EF-BA1B-4BD8-AF9D-A354E6D7D28C} [2012/07/20 03:52:43 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{62A5C2E3-A095-4E42-8CB3-3FD78D6636E7} [2012/07/20 03:52:16 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{043C80A6-2207-44B2-8980-1B1BFCEA76F6} [2012/07/19 15:52:00 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{32301A49-D492-42DD-8F5E-3B6A3DF6A803} [2012/07/19 15:51:45 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{0B038B68-6DEE-49F7-BAE8-DE87473D4A74} [2012/07/18 16:13:09 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{F39A2834-A0FD-4234-A770-FE3D1FB96C40} [2012/07/18 16:12:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\{45C0E9F7-D06D-4BCF-AF82-32763B745859} [2 C:\Users\Owner\Downloads\Documents\*.tmp files -> C:\Users\Owner\Downloads\Documents\*.tmp -> ] [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/08/17 09:37:54 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/08/17 08:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012/08/17 08:49:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000UA.job [2012/08/17 08:46:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/08/17 08:46:20 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/08/17 08:27:28 | 000,001,045 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk [2012/08/17 08:27:28 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2012/08/17 07:33:04 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000UA.job [2012/08/17 06:45:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/08/16 23:26:08 | 000,002,042 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk [2012/08/16 23:26:08 | 000,002,004 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/08/16 23:12:38 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/08/16 23:12:03 | 3119,714,304 | -HS- | M] () -- C:\hiberfil.sys [2012/08/16 20:43:29 | 000,000,009 | ---- | M] () -- C:\END [2012/08/16 20:41:54 | 000,001,074 | ---- | M] () -- C:\Users\Owner\Desktop\DVDVideoSoft Free Studio.lnk [2012/08/16 19:33:02 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000Core.job [2012/08/16 19:01:04 | 000,033,792 | ---- | M] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/08/16 18:34:44 | 104,052,063 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/08/16 17:17:12 | 000,703,516 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/08/16 17:17:12 | 000,604,752 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/08/16 17:17:12 | 000,104,420 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/08/16 12:49:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000Core.job [2012/08/16 09:26:29 | 000,000,392 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0EB4410A-F22D-4AFE-BB88-4402968F4519}.job [2012/08/15 03:34:42 | 000,315,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/08/15 03:34:23 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job [2012/08/02 13:00:25 | 000,563,847 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/07/25 11:16:13 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2 C:\Users\Owner\Downloads\Documents\*.tmp files -> C:\Users\Owner\Downloads\Documents\*.tmp -> ] [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/08/17 08:27:28 | 000,001,045 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk [2012/08/17 08:27:28 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2012/08/16 23:26:08 | 000,002,042 | ---- | C] () -- C:\Users\Owner\Desktop\Google Chrome.lnk [2012/08/16 23:26:08 | 000,002,004 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [2012/07/25 11:16:13 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2011/09/27 00:18:23 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp [2011/09/22 12:04:28 | 000,207,289 | ---- | C] () -- C:\Windows\hpwins28.dat [2011/09/06 19:41:51 | 000,000,272 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\.backup.dm [2010/12/23 07:07:08 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Examples [2010/12/23 07:07:08 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\Enhance Timing [2010/12/23 07:07:08 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Flange Saw [2010/12/23 07:03:32 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Equalizer [2010/12/23 07:03:32 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\Electric Clav [2010/12/23 07:03:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filesystems [2010/09/06 11:36:39 | 000,006,080 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat [2010/07/29 18:24:20 | 000,000,058 | -H-- | C] () -- C:\ProgramData\Ts_infos.ini [2009/12/04 18:16:06 | 000,023,849 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpSNAPSHOT_20091202.3 [2009/12/04 18:16:06 | 000,023,459 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpSNAPSHOT_20091202.2 [2009/12/04 18:16:05 | 000,023,802 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpSNAPSHOT_20091202.1 [2009/12/04 18:16:04 | 000,032,205 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpSNAPSHOT_20091202.JPG [2009/12/04 18:16:04 | 000,032,205 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpSNAPSHOT_20091202.0 [2009/12/03 10:38:03 | 000,014,469 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpL_43958B141382DEDB63AC67346AF05300.JPG [2009/12/03 10:38:03 | 000,014,393 | ---- | C] () -- C:\Users\Owner\AppData\Local\tmpL_43958B141382DEDB63AC67346AF05300.0 [2009/12/02 18:20:17 | 000,449,536 | ---- | C] () -- C:\Users\Owner\Untitled.MSWMM [2009/09/23 07:52:14 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/08/31 17:10:13 | 000,028,980 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\UserTile.png [2009/08/26 18:45:04 | 000,033,792 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ========== LOP Check ========== [2010/10/28 18:41:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG10 [2010/11/20 09:14:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012/08/16 20:42:52 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DVDVideoSoft [2012/08/16 21:05:36 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers [2011/09/06 19:41:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\eBayDesktopShortcut [2010/02/09 19:27:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FloodLightGames [2010/07/29 18:50:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FxFotoDB [2011/11/23 14:28:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\HEC [2010/01/19 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\iWin [2010/02/27 16:45:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ludia [2012/05/06 07:03:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mjusbsp [2009/09/28 18:58:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\muvee Technologies [2010/12/23 07:30:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nikon [2012/08/16 20:42:25 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\OpenCandy [2009/08/31 17:10:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeerNetworking [2010/06/23 15:28:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst [2012/03/13 13:43:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\RETScreen [2011/07/27 18:32:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SplashupLight.8F84E54D18819F0C71CA15FE192C56A89F17989F.1 [2012/08/16 20:45:18 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\TuneUp Software [2010/02/14 16:39:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Vivox [2009/08/27 08:49:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent [2010/03/11 14:54:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch [2012/08/05 19:55:17 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WindSolutions [2012/08/16 19:33:02 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000Core.job [2012/08/17 07:33:04 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000UA.job [2009/08/31 18:07:06 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\NSSstub.job [2012/08/16 23:10:59 | 000,032,522 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/08/16 09:26:29 | 000,000,392 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0EB4410A-F22D-4AFE-BB88-4402968F4519}.job ========== Purity Check ========== < End of report >

RogueKiller V7.6.6 [08/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 64 bits version Started in : Normal mode User: Owner [Admin rights] Mode: Scan -- Date: 08/17/2012 09:08:20 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 7 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : cdloader ("C:\Users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK) -> FOUND [sUSP PATH] HKUS\S-1-5-21-2935616890-3038444645-374369962-1000[...]\Run : cdloader ("C:\Users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK) -> FOUND [PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ::1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST9320325AS ATA Device +++++ --- User --- [MBR] e27a466fbc46f9fe3fce8639861ee371 [bSP] 22972e2f49c6b730a388b231012a0ee3 : Toshiba tatooed MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 291893 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 597798912 | Size: 13348 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++ --- User --- [MBR] e1081c0feb0c15b931ef016b4c9f1ce1 [bSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown Partition table: 0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 3776 Mo User = LL1 ... OK! Error reading LL2 MBR! Finished : << RKreport[1].txt >> RKreport[1].txt

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 6/27/2009 6:02:18 AM System Uptime: 8/16/2012 11:11:38 PM (0 hours ago) . Motherboard: Quanta | | 3627 Processor: Intel® Core2 Duo CPU T6500 @ 2.10GHz | CPU | 2100/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 113.762 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1.438 GiB free. E: is CDROM (UDF) F: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: Microsoft ISATAP Adapter Device ID: ROOT\*ISATAP\0005 Manufacturer: Microsoft Name: Microsoft ISATAP Adapter #3 PNP Device ID: ROOT\*ISATAP\0005 Service: tunnel . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 4500 G510n-z Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: HP Name: Officejet 4500 G510n-z PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 6000 E609n Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: HP Name: Officejet 6000 E609n PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP Color LaserJet CM2320nf MFP Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: Hewlett-Packard Name: HP Color LaserJet CM2320nf MFP PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP DesignJet 750C Plus (C4709B) Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: Hewlett-Packard Name: HP DesignJet 750C Plus (C4709B) PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 3050 J610 series Device ID: ROOT\MULTIFUNCTION\0004 Manufacturer: HP Name: Deskjet 3050 J610 series PNP Device ID: ROOT\MULTIFUNCTION\0004 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet 6500 E710a-f Device ID: ROOT\MULTIFUNCTION\0005 Manufacturer: HP Name: Officejet 6500 E710a-f PNP Device ID: ROOT\MULTIFUNCTION\0005 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP Color LaserJet 3600 Device ID: ROOT\MULTIFUNCTION\0006 Manufacturer: Hewlett-Packard Name: HP Color LaserJet 3600 PNP Device ID: ROOT\MULTIFUNCTION\0006 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP Color LaserJet 4700 Device ID: ROOT\MULTIFUNCTION\0007 Manufacturer: Hewlett-Packard Name: HP Color LaserJet 4700 PNP Device ID: ROOT\MULTIFUNCTION\0007 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro L7600 Device ID: ROOT\MULTIFUNCTION\0008 Manufacturer: HP Name: Officejet Pro L7600 PNP Device ID: ROOT\MULTIFUNCTION\0008 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP Color LaserJet 4700 Device ID: ROOT\MULTIFUNCTION\0009 Manufacturer: Hewlett-Packard Name: HP Color LaserJet 4700 PNP Device ID: ROOT\MULTIFUNCTION\0009 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro K5400 Device ID: ROOT\MULTIFUNCTION\0010 Manufacturer: HP Name: Officejet Pro K5400 PNP Device ID: ROOT\MULTIFUNCTION\0010 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 6980 series Device ID: ROOT\MULTIFUNCTION\0011 Manufacturer: HP Name: Deskjet 6980 series PNP Device ID: ROOT\MULTIFUNCTION\0011 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Photosmart D110 series Device ID: ROOT\MULTIFUNCTION\0012 Manufacturer: HP Name: Photosmart D110 series PNP Device ID: ROOT\MULTIFUNCTION\0012 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: DesignJet 1055CM (C6075A) Device ID: ROOT\MULTIFUNCTION\0013 Manufacturer: Hewlett-Packard Name: DesignJet 1055CM (C6075A) PNP Device ID: ROOT\MULTIFUNCTION\0013 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A909a Device ID: ROOT\MULTIFUNCTION\0014 Manufacturer: HP Name: Officejet Pro 8500 A909a PNP Device ID: ROOT\MULTIFUNCTION\0014 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A909a Device ID: ROOT\MULTIFUNCTION\0015 Manufacturer: HP Name: Officejet Pro 8500 A909a PNP Device ID: ROOT\MULTIFUNCTION\0015 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: HP LaserJet 5200 Device ID: ROOT\MULTIFUNCTION\0016 Manufacturer: Hewlett-Packard Name: HP LaserJet 5200 PNP Device ID: ROOT\MULTIFUNCTION\0016 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: hp LaserJet 1320 series Device ID: ROOT\MULTIFUNCTION\0017 Manufacturer: Hewlett-Packard Name: hp LaserJet 1320 series PNP Device ID: ROOT\MULTIFUNCTION\0017 Service: . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 4500_G510nz_Help 4500G510nz 4500G510nz_Software_Min Acrobat.com Activation Assistant for the 2007 Microsoft Office suites ActiveCheck component for HP Active Support Library Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.1) Adobe Shockwave Player 11.5 Agatha Christie - Death on the Nile Aiseesoft iPad Transfer 6.1.30 Algebra and Trigonometry with Analytic Geometry Apple Application Support Apple Software Update ArcSoft Panorama Maker 5 BufferChm Compatibility Pack for the 2007 Office system CopyTrans Suite Remove Only CyberLink DVD Suite D3DX10 Destinations DeviceDiscovery DocMgr DocProc ESU for Microsoft Vista Facebook Video Calling 1.2.0.159 Fax File Uploader Final Fantasy VII - Ultima Edition Free YouTube to MP3 Converter version 3.11.26.706 FxFoto by Triscape Google Chrome Google Earth Google Talk Plugin Google Toolbar for Internet Explorer Google Update Helper GooReader GPBaseService2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Active Support Library HP Advisor HP Common Access Service Library HP Customer Experience Enhancements HP Help and Support HP MediaSmart DVD HP MediaSmart Music/Photo/Video HP MediaSmart SlingPlayer HP MediaSmart TV HP MediaSmart Webcam HP Product Detection HP Quick Launch Buttons HP Total Care Setup HP Update HP User Guides 0126 HP Wireless Assistant HPAsset component for HP Active Support Library HPDiagnosticAlert HPProductAssistant HPSSupply IDT Audio Java Auto Updater Java 6 Update 26 Java 6 Update 7 Java 7 Update 5 JavaFX 2.1.1 Juno Preloader LabelPrint LightScribe System Software magicJack MarketResearch Microsoft Live Search Toolbar Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Works MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee Reveal My HP Games NetZero Preloader Nikon Transfer Physical Geology Picture Control Utility Prism Video File Converter Project64 1.6 QLBCASL QuickTime Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek USB 2.0 Card Reader RETScreen RETScreen Version 4 Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Segoe UI Skype™ 5.10 Slingbox - Watch Your TV Anywhere SlingPlayer SmartWebPrinting SolutionCenter Spelling Dictionaries Support For Adobe Reader 9 Status Toolbox TrayApp Triscape FxFoto Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) ViewNX Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables WebReg Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR archiver WM Converter 2.0 Yahoo! Detect Yahoo! Messenger Yahoo! Software Update Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 8/16/2012 9:36:50 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {D5641912-E47A-429C-879E-CFE13EAC7A13} as /. The error: "740" Happened while starting this command: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe -Embedding 8/16/2012 9:21:56 PM, Error: EventLog [6008] - The previous system shutdown at 9:19:48 PM on 8/16/2012 was unexpected. 8/16/2012 10:59:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect. 8/16/2012 10:59:47 PM, Error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/16/2012 10:31:45 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0. 8/15/2012 4:08:21 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:. 8/15/2012 3:13:01 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect. 8/15/2012 3:13:01 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/15/2012 3:08:36 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 8/15/2012 2:11:21 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.103 for the Network Card with network address 00255693BDA2 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). 8/14/2012 11:48:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 8/12/2012 9:17:57 PM, Error: Service Control Manager [7034] - The Google Update Service (gupdate1ca3c727dd2f4e0) service terminated unexpectedly. It has done this 1 time(s). 8/11/2012 9:34:32 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.99.196 for the Network Card with network address 00238BE9F1DB has been denied by the DHCP server 192.168.99.1 (The DHCP Server sent a DHCPNACK message). 8/11/2012 8:42:58 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Com4QLBEx service to connect. 8/11/2012 8:42:58 PM, Error: Service Control Manager [7000] - The Com4QLBEx service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 8/11/2012 8:42:58 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service Com4QLBEx with arguments "" in order to run the server: {DB536E5D-10F7-4B34-B443-140161048E2E} 8/11/2012 8:40:18 PM, Error: EventLog [6008] - The previous system shutdown at 8:37:45 PM on 8/11/2012 was unexpected. 8/10/2012 8:33:18 AM, Error: Microsoft-Windows-Diagnostics-Networking [5300] - An error occurred. The Network Diagnostics Framework failed to complete the repair phase of operation. A Windows Error Report was generated. [2147942487] 8/10/2012 11:03:51 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.108 for the Network Card with network address 00255693BDA2 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). 8/10/2012 10:27:44 AM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.99.196 for the Network Card with network address 00238BE9F1DB has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================

. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.6001.19298 BrowserJavaVersion: 10.5.0 Run by Owner at 23:35:54 on 2012-08-16 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2974.1052 [GMT -4:00] . AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\PROGRA~2\AVG\AVG10\avgchsva.exe C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe C:\Windows\system32\agr64svc.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\SMINST\BLService.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\AVG\AVG10\avgnsa.exe C:\Program Files (x86)\AVG\AVG10\avgemca.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\IDT\WDM\sttray64.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\system32\svchost.exe -k HPService C:\Windows\System32\mobsync.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\AVG Secure Search\vprot.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\PROGRA~2\AVG\AVG10\avgrsa.exe C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\sdclt.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe C:\Program Files (x86)\Hp\Digital Imaging\smart web printing\hpswp_clipbook.exe C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_3_300_271_ActiveX.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe C:\Users\Owner\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler64.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.gboxapp.com/?affid=gb2 uSearch Bar = mStart Page = hxxp://search.gboxapp.com/?affid=gb2 mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb mSearchAssistant = uURLSearchHooks: H - No File uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: H - No File mWinlogon: Userinit=userinit.exe BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} TB: {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe uRun: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet uRun: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup uRun: [cdloader] "C:\Users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY uRun: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000 uRun: [Facebook Update] "C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver uRun: [Google Update] "C:\Users\Owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" mRun: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction StartupFolder: C:\Users\Owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\IMVU.lnk - C:\Users\Owner\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe uPolicies-explorer: NoDesktopCleanupWizard = 1 (0x1) mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Free YouTube to MP3 Converter - C:\Users\Owner\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 24.244.175.2 65.75.69.58 TCP: Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24} : DhcpNameServer = 216.137.13.22 216.137.13.23 TCP: Interfaces\{D00227C2-EAC7-4390-B069-BB86459BA6AD} : DhcpNameServer = 24.244.175.2 65.75.69.58 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe" BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll BHO-X64: 0x1 - No File BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll BHO-X64: HP Print Enhancer - No File BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll BHO-X64: HP Smart BHO Class - No File TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File TB-X64: {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No File EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun-x64: [ArcSoft Connection Service] "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" mRun-x64: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe mRun-x64: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe mRun-x64: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe" mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?] R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?] R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?] R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?] R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?] R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/27 03:43:11];C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-11-28 146928] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952] R2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe --> C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe [?] R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2012-1-31 7391072] R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2011-2-8 269520] R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2009-1-13 365952] R2 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-11-26 296320] R2 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-11-26 116096] R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-7-10 935008] R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?] R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?] R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-1-13 228408] R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate1ca3c727dd2f4e0;Google Update Service (gupdate1ca3c727dd2f4e0);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-23 133104] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 250056] S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-5-12 167264] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-9-23 133104] S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\NETw3v64.sys --> C:\Windows\system32\DRIVERS\NETw3v64.sys [?] S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968] S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?] S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768] S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x64.sys --> C:\Windows\system32\DRIVERS\yk60x64.sys [?] S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920] . =============== File Associations =============== . JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %* . =============== Created Last 30 ================ . 2012-08-17 03:09:25 3993600 ----a-w- C:\Program Files (x86)\GUTB819.tmp 2012-08-17 03:09:25 -------- d-----w- C:\Program Files (x86)\GUMB7F8.tmp 2012-08-17 03:08:57 -------- d-----w- C:\Users\Owner\AppData\Local\Apps 2012-08-17 03:08:56 -------- d-----w- C:\Users\Owner\AppData\Local\Deployment 2012-08-17 01:04:42 -------- d-----w- C:\ProgramData\GBox 2012-08-17 01:03:47 -------- d-----w- C:\ProgramData\OptimizerPro1 2012-08-17 00:54:10 -------- d-----w- C:\Users\Owner\AppData\Local\CRE 2012-08-17 00:45:18 -------- d-----w- C:\Users\Owner\AppData\Roaming\TuneUp Software 2012-08-17 00:45:02 -------- d-----w- C:\ProgramData\TuneUp Software 2012-08-17 00:44:22 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-08-17 00:42:25 -------- d-----w- C:\Users\Owner\AppData\Roaming\OpenCandy 2012-08-16 22:31:53 -------- d-----w- C:\Users\Owner\AppData\Local\{586CA352-1720-4600-AD29-880131CDA80A} 2012-08-16 22:31:41 -------- d-----w- C:\Users\Owner\AppData\Local\{516B12F4-4507-4A5B-A3F3-30D15D29F5C0} 2012-08-15 07:08:53 2769408 ----a-w- C:\Windows\System32\win32k.sys 2012-08-15 04:13:59 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-08-15 04:13:59 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2012-08-15 04:13:11 788480 ----a-w- C:\Windows\System32\localspl.dll 2012-08-15 04:13:10 623616 ----a-w- C:\Windows\SysWow64\localspl.dll 2012-08-15 03:49:18 -------- d-----w- C:\Users\Owner\AppData\Local\{DB8781D5-C187-40ED-9A6B-6C4174E78E82} 2012-08-15 03:48:35 -------- d-----w- C:\Users\Owner\AppData\Local\{1B9A8D27-2328-4AF0-A165-B52C21788D11} 2012-08-14 11:24:22 -------- d-----w- C:\Users\Owner\AppData\Local\{3F54377C-9887-4505-B67C-8C541B1104DD} 2012-08-14 11:24:04 -------- d-----w- C:\Users\Owner\AppData\Local\{68F39A9F-D37A-4BE8-81C0-4C82E131F828} 2012-08-13 23:23:52 -------- d-----w- C:\Users\Owner\AppData\Local\{3D1089BB-174D-4DB8-B98D-B5C3658388A1} 2012-08-13 23:23:28 -------- d-----w- C:\Users\Owner\AppData\Local\{F02D1E9C-2B18-4312-B21D-A47FCB619C52} 2012-08-13 05:27:17 -------- d-----w- C:\Users\Owner\AppData\Local\{F23C64D8-7B53-4F8C-B73C-B9BF060D8553} 2012-08-13 05:27:05 -------- d-----w- C:\Users\Owner\AppData\Local\{DCC0A7F3-4215-41D6-A3BF-D2F20A5FBB41} 2012-08-12 17:26:43 -------- d-----w- C:\Users\Owner\AppData\Local\{743FD2D7-F2E8-4C24-80E2-34E97496C1A7} 2012-08-12 17:26:31 -------- d-----w- C:\Users\Owner\AppData\Local\{22AC21F1-E0A1-41A6-848D-B14621CCD21E} 2012-08-11 23:50:16 -------- d-----w- C:\Users\Owner\AppData\Local\{C3118F00-73AD-4150-B900-8C300D21D28C} 2012-08-11 23:49:57 -------- d-----w- C:\Users\Owner\AppData\Local\{A0F35CB8-4968-4542-A8E7-2524261B2122} 2012-08-11 11:49:38 -------- d-----w- C:\Users\Owner\AppData\Local\{EB200201-FB3F-4874-94C5-8357277388B7} 2012-08-11 11:49:19 -------- d-----w- C:\Users\Owner\AppData\Local\{F3573169-36A1-4CE1-957D-CB1C612ED567} 2012-08-10 15:08:46 -------- d-----w- C:\Users\Owner\AppData\Local\{AA507E1F-7BB2-4407-B8AC-574CBED60DB3} 2012-08-10 15:08:35 -------- d-----w- C:\Users\Owner\AppData\Local\{AA605221-3133-4E1D-953A-C5B494D5AEAB} 2012-08-10 03:50:39 -------- d-----w- C:\Users\Owner\AppData\Local\{FD014226-6FCA-4B2A-A39C-B8D3F5F99CA4} 2012-08-09 15:20:34 -------- d-----w- C:\Users\Owner\AppData\Local\{44BF61EE-7BB3-49D6-95D0-5DB7B53A6721} 2012-08-09 15:20:31 -------- d-----w- C:\Users\Owner\AppData\Local\{DD080915-90CC-4BC2-AA27-697E889CFC23} 2012-08-09 02:40:30 -------- d-----w- C:\Users\Owner\AppData\Local\{F619C492-5F90-4D05-8EE5-0ADAFADEB83F} 2012-08-09 01:42:41 -------- d-----w- C:\Users\Owner\AppData\Local\{9F6C6776-7ABF-4A69-92BD-80741BD5CB0B} 2012-08-08 20:43:42 -------- d-----w- C:\Users\Owner\AppData\Local\{C8284D45-BE23-4C90-82B4-987C608337C7} 2012-08-08 00:19:25 -------- d-----w- C:\Users\Owner\AppData\Local\{0BFE1DC5-572D-47CE-8EDC-DC7BCDAC8AF5} 2012-08-08 00:18:24 -------- d-----w- C:\Users\Owner\AppData\Local\{92E2CAE5-7A37-45EE-9965-71A3C7034E8A} 2012-08-05 17:07:59 -------- d-----w- C:\Users\Owner\AppData\Local\{C30A53FE-91E1-4E99-B6A7-9D9C1347F015} 2012-08-05 17:07:37 -------- d-----w- C:\Users\Owner\AppData\Local\{2AFBAC85-6917-48A3-BF11-41F7E383109D} 2012-08-05 05:07:23 -------- d-----w- C:\Users\Owner\AppData\Local\{4677C6CF-B387-4DC4-911B-AA43F0226DC3} 2012-08-05 05:07:12 -------- d-----w- C:\Users\Owner\AppData\Local\{BD15115B-B715-4007-A325-EAFD20BE7233} 2012-08-04 17:06:57 -------- d-----w- C:\Users\Owner\AppData\Local\{0D6E2524-F47E-4876-A402-8A0EC18FBBBB} 2012-08-04 17:06:29 -------- d-----w- C:\Users\Owner\AppData\Local\{097CE671-E1FE-4666-ACF9-1659A64AA1F9} 2012-08-04 05:06:13 -------- d-----w- C:\Users\Owner\AppData\Local\{87DD8C1D-3C42-4FE2-B425-49DD2AFE5F86} 2012-08-04 05:05:45 -------- d-----w- C:\Users\Owner\AppData\Local\{DE91F878-ED27-4DA2-85E5-7258B0638D43} 2012-08-03 00:52:50 -------- d-----w- C:\Users\Owner\AppData\Local\{8C01D110-0830-4408-B85F-F7EC665BDFC2} 2012-08-03 00:52:42 -------- d-----w- C:\Users\Owner\AppData\Local\{4B1D3E14-0E1D-414C-92B7-B429205D2345} 2012-08-02 00:59:14 -------- d-----w- C:\Users\Owner\AppData\Local\{3A5EDFA9-834E-4BD4-AEB9-ECE256AA1009} 2012-07-31 03:12:11 -------- d-----w- C:\Users\Owner\AppData\Local\{7613F652-496F-4D15-876C-2D3D78F23272} 2012-07-30 13:05:50 -------- d-----w- C:\Users\Owner\AppData\Local\{FE418F77-0BBC-421A-96B3-E3294652A9D0} 2012-07-30 13:05:32 -------- d-----w- C:\Users\Owner\AppData\Local\{23010EEB-A69F-4154-9724-27E1E03C8F8E} 2012-07-30 01:05:16 -------- d-----w- C:\Users\Owner\AppData\Local\{0DBD0D6A-5C31-4C12-B4FF-02D38D8D6CE4} 2012-07-30 01:05:04 -------- d-----w- C:\Users\Owner\AppData\Local\{0A7D94BC-054F-4400-8C3A-AE13AEA6829F} 2012-07-29 02:08:03 -------- d-----w- C:\Users\Owner\AppData\Local\{C8BEF97E-71E7-4A90-83FD-DD1A8FE676B9} 2012-07-29 02:07:50 -------- d-----w- C:\Users\Owner\AppData\Local\{5CE5F527-4D42-42F7-BF96-8D44AFC4BBCB} 2012-07-28 13:39:09 -------- d-----w- C:\Users\Owner\AppData\Local\{21ED6A2E-8E5E-4507-9167-0F5157F5EBCF} 2012-07-28 13:38:51 -------- d-----w- C:\Users\Owner\AppData\Local\{302D687D-BB1F-42CC-B05E-CA14748881A3} 2012-07-28 01:38:31 -------- d-----w- C:\Users\Owner\AppData\Local\{4335A695-BE8E-4E7C-B9E0-B81E28FFE414} 2012-07-28 01:38:16 -------- d-----w- C:\Users\Owner\AppData\Local\{9662F91B-866E-416F-A9E5-806FE6D9E522} 2012-07-25 15:16:11 -------- d-----r- C:\Program Files (x86)\Skype 2012-07-25 12:56:23 -------- d-----w- C:\Users\Owner\AppData\Local\{D254FE0B-D5D8-42F4-81E4-5F354AB3BB61} 2012-07-25 12:56:22 -------- d-----w- C:\Users\Owner\AppData\Local\{ED91366C-8549-4F37-AA50-9E96BD95BF13} 2012-07-23 18:31:33 -------- d-----w- C:\Users\Owner\AppData\Local\{B14557AB-276D-4CEC-A80F-29F9E8C8E7BC} 2012-07-23 18:31:10 -------- d-----w- C:\Users\Owner\AppData\Local\{CA66F96D-CA44-4648-AA5E-DD42D53B252D} 2012-07-22 15:53:26 -------- d-----w- C:\Users\Owner\AppData\Local\{BEE15832-0535-4570-B10C-2124AACDF077} 2012-07-22 15:52:53 -------- d-----w- C:\Users\Owner\AppData\Local\{009278CF-85EB-41F3-AA4E-CEAF0D972DF9} 2012-07-21 15:40:25 -------- d-----w- C:\Users\Owner\AppData\Local\{A7F8406C-1CA7-4792-AF8B-EC4E76FC5ED9} 2012-07-21 15:40:02 -------- d-----w- C:\Users\Owner\AppData\Local\{CE901E48-C6FC-4952-9D8E-D47DC4B61213} 2012-07-21 03:39:42 -------- d-----w- C:\Users\Owner\AppData\Local\{F6CD5E0E-44E7-4C55-8C23-0A2F7CB8DE2F} 2012-07-21 03:39:19 -------- d-----w- C:\Users\Owner\AppData\Local\{401C74EF-BA1B-4BD8-AF9D-A354E6D7D28C} 2012-07-20 07:52:43 -------- d-----w- C:\Users\Owner\AppData\Local\{62A5C2E3-A095-4E42-8CB3-3FD78D6636E7} 2012-07-20 07:52:16 -------- d-----w- C:\Users\Owner\AppData\Local\{043C80A6-2207-44B2-8980-1B1BFCEA76F6} 2012-07-19 19:52:00 -------- d-----w- C:\Users\Owner\AppData\Local\{32301A49-D492-42DD-8F5E-3B6A3DF6A803} 2012-07-19 19:51:45 -------- d-----w- C:\Users\Owner\AppData\Local\{0B038B68-6DEE-49F7-BAE8-DE87473D4A74} 2012-07-18 20:13:09 -------- d-----w- C:\Users\Owner\AppData\Local\{F39A2834-A0FD-4234-A770-FE3D1FB96C40} 2012-07-18 20:12:08 -------- d-----w- C:\Users\Owner\AppData\Local\{45C0E9F7-D06D-4BCF-AF82-32763B745859} 2012-07-18 08:11:47 -------- d-----w- C:\Users\Owner\AppData\Local\{6FFCFBF1-6D76-4941-913C-356BFECCAA1F} 2012-07-18 08:11:17 -------- d-----w- C:\Users\Owner\AppData\Local\{21D24F35-F65D-4929-A06B-E5190730AA4E} . ==================== Find3M ==================== . 2012-08-15 03:56:45 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-08-15 03:56:45 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-06 15:01:26 772592 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2012-07-06 15:01:26 687600 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-06-28 11:37:42 916992 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-28 11:32:02 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll 2012-06-28 11:31:38 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-28 11:31:23 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll 2012-06-28 11:31:23 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2012-06-28 09:59:23 385024 ----a-w- C:\Windows\SysWow64\html.iec 2012-06-28 08:19:39 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-28 06:53:20 1147392 ----a-w- C:\Windows\System32\wininet.dll 2012-06-28 06:48:35 56832 ----a-w- C:\Windows\System32\licmgr10.dll 2012-06-28 06:48:17 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-28 06:47:59 77312 ----a-w- C:\Windows\System32\iesetup.dll 2012-06-28 06:47:59 132096 ----a-w- C:\Windows\System32\iesysprep.dll 2012-06-28 05:54:02 479232 ----a-w- C:\Windows\System32\html.iec 2012-06-28 05:11:19 162816 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-16 11:19:57 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll 2012-06-16 07:02:13 610816 ----a-w- C:\Windows\System32\vbscript.dll 2012-06-07 00:59:42 1070152 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-06-05 16:47:28 1401856 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-05 16:47:27 1248768 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-05 16:22:47 1797120 ----a-w- C:\Windows\System32\msxml6.dll 2012-06-05 16:22:46 1869824 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-04 15:29:59 516480 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 22:12:13 88576 ----a-w- C:\Windows\SysWow64\wudriver.dll 2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 19:19:42 171904 ----a-w- C:\Windows\SysWow64\wuwebv.dll 2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 19:12:20 33792 ----a-w- C:\Windows\SysWow64\wuapp.exe 2012-06-02 00:22:56 347136 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 00:22:10 254464 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 00:05:11 77312 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 00:04:25 278528 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 00:03:42 204288 ----a-w- C:\Windows\SysWow64\ncrypt.dll . ============= FINISH: 23:36:49.41 ===============

I was trying to download something and clicked the wrong download button now this toolbar does not want to go away! Please help! I've deleted everything related to it from the control panel, yet nothing has happened!

Yea I have been trying to delete this... sorry!

So is the problem solved or is there something else I must do?

It's still there when I search the name...

And problem solved?

SystemLook 30.07.11 by jpshortstuff Log created at 16:12 on 01/04/2012 by Owner Administrator - Elevation successful WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results. ========== folderfind ========== Searching for "*codec*" C:\Windows\winsxs\amd64_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_9e0458317e2c6c2f d------ [15:13 02/11/2006] C:\Windows\winsxs\amd64_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_6.0.6000.16386_none_7abcb516b53ac164 d------ [13:34 02/11/2006] C:\Windows\winsxs\amd64_microsoft-windows-iconcodecservice_31bf3856ad364e35_6.0.6000.16386_none_81207d554586a104 d------ [15:01 02/11/2006] C:\Windows\winsxs\amd64_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_6.0.6000.16386_en-us_09681f11eab190c4 d------ [15:13 02/11/2006] C:\Windows\winsxs\amd64_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_7.0.6002.18107_en-us_fefcd8d96fa34588 d------ [07:05 21/12/2009] C:\Windows\winsxs\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6001.18000_none_fb5849b8fe1c47af d------ [02:51 21/01/2008] C:\Windows\winsxs\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6002.18005_none_fd43c2c4fb3e12fb d------ [15:25 20/12/2009] C:\Windows\winsxs\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_7.0.6002.18107_none_eeb641848622eb9f d------ [07:05 21/12/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.16740_none_ed9eeb8073fcc792 d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20867_none_ee19ea798d24509f d------ [16:46 01/10/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20905_none_ee58cb538cf57372 d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18000_none_efb067f07102eb98 d------ [02:49 21/01/2008] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18131_none_ef90fa5c711a55e9 d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22211_none_f03036ff8a27bdd1 d------ [16:46 01/10/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22253_none_f006f7e38a466043 d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6002.18005_none_f19be0fc6e24b6e4 d------ [15:23 20/12/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_7.0.6002.18107_none_e30e5fbbf9098f88 d------ [07:05 21/12/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.16740_none_f08ed68e5c756b2b d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20867_none_f109d587759cf438 d------ [16:46 01/10/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20905_none_f148b661756e170b d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18000_none_f2a052fe597b8f31 d------ [02:49 21/01/2008] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18131_none_f280e56a5992f982 d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22211_none_f320220d72a0616a d------ [16:46 01/10/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22253_none_f2f6e2f172bf03dc d------ [09:45 27/06/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6002.18005_none_f48bcc0a569d5a7d d------ [15:23 20/12/2009] C:\Windows\winsxs\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_7.0.6002.18107_none_e5fe4ac9e1823321 d------ [07:05 21/12/2009] C:\Windows\winsxs\x86_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_41e5bcadc5cefaf9 d------ [15:13 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_6.0.6000.16386_none_1e9e1992fcdd502e d------ [13:34 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-i..o4-codecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fbc85f1b59b8d262 d------ [15:13 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-i..o5-codecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fd1c9832255334b9 d------ [15:13 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-iconcodecservice_31bf3856ad364e35_6.0.6000.16386_none_2501e1d18d292fce d------ [15:01 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-indeo4-codecs_31bf3856ad364e35_6.0.6000.16386_none_39975c8d5a6988b1 d------ [13:34 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-indeo5-codecs_31bf3856ad364e35_6.0.6000.16386_none_22c9c1557410d750 d------ [13:34 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_6.0.6000.16386_en-us_ad49838e32541f8e d------ [15:13 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_7.0.6002.18107_en-us_a2de3d55b745d452 d------ [07:05 21/12/2009] C:\Windows\winsxs\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6001.18000_none_9f39ae3545bed679 d------ [02:48 21/01/2008] C:\Windows\winsxs\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6002.18005_none_a125274142e0a1c5 d------ [15:23 20/12/2009] C:\Windows\winsxs\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_7.0.6002.18107_none_9297a600cdc57a69 d------ [07:05 21/12/2009] C:\Windows\winsxs\x86_microsoft-windows-v..re-codecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_552d7a41db99a3c7 d------ [15:14 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6000.16386_none_6a6bff15db84b924 d------ [15:02 02/11/2006] C:\Windows\winsxs\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6001.18483_none_6c4f4a27d8adea21 d------ [22:44 11/08/2010] C:\Windows\winsxs\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6001.22702_none_6d2e69d4f18b8b5a d------ [07:10 12/08/2010] C:\Windows\winsxs\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6002.18263_none_6e4b5dcdd5c4048a d------ [22:44 11/08/2010] C:\Windows\winsxs\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6002.22414_none_6f0c0c64eeb82f1d d------ [07:10 12/08/2010] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.16740_none_91804ffcbb9f565c d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20867_none_91fb4ef5d4c6df69 d------ [16:46 01/10/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20905_none_923a2fcfd498023c d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18000_none_9391cc6cb8a57a62 d------ [02:50 21/01/2008] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18131_none_93725ed8b8bce4b3 d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22211_none_94119b7bd1ca4c9b d------ [16:46 01/10/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22253_none_93e85c5fd1e8ef0d d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6002.18005_none_957d4578b5c745ae d------ [15:24 20/12/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_7.0.6002.18107_none_86efc43840ac1e52 d------ [07:05 21/12/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.16740_none_94703b0aa417f9f5 d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20867_none_94eb3a03bd3f8302 d------ [16:46 01/10/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20905_none_952a1addbd10a5d5 d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18000_none_9681b77aa11e1dfb d------ [02:50 21/01/2008] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18131_none_966249e6a135884c d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22211_none_97018689ba42f034 d------ [16:46 01/10/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22253_none_96d8476dba6192a6 d------ [09:45 27/06/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6002.18005_none_986d30869e3fe947 d------ [15:24 20/12/2009] C:\Windows\winsxs\x86_microsoft-windows-windowscodec_31bf3856ad364e35_7.0.6002.18107_none_89dfaf462924c1eb d------ [07:05 21/12/2009] ========== regfind ========== Searching for "codec" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{53946452-f5aa-410a-b5c3-554aa3514b8b}] @="External Mic (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{53946452-f5aa-410a-b5c3-554aa3514b8b}] "DeviceName"="External Mic (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{a299e843-5f13-49a0-8044-4d1f73bc6d8d}] @="Stereo Mix (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{a299e843-5f13-49a0-8044-4d1f73bc6d8d}] "DeviceName"="Stereo Mix (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{f4f2c28e-50e7-45ec-ba3e-40fe9dec0080}] @="Integrated Microphone Array (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{f4f2c28e-50e7-45ec-ba3e-40fe9dec0080}] "DeviceName"="Integrated Microphone Array (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] @="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] "DeviceName"="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] @="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] "DeviceName"="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] @="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] "DeviceName"="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\Tracing\WPPMedia\AudioCodecs] [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\WindowsLiveMessenger] "PrefAudioCapture"="Integrated Microphone Array (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\WindowsLiveMessenger] "PrefAudioRender"="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioCapture\Integrated Microphone Array (IDT High Definition Audio CODEC)] [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioCapture\Microphone Array (IDT High Definition Audio CODEC)] [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioRender\Speakers (IDT High Definition Audio CODEC)] [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioRender\Speakers and Dual Headphones (IDT High Definition Audio CODEC)] [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\Codec] [HKEY_CURRENT_USER\Software\Microsoft\UCCPlatform\wlcsdk\codec] [HKEY_CURRENT_USER\Software\talk4free\USB Softphone\Options\Audio] "CodecList"="" [HKEY_CURRENT_USER\Software\talk4free\USB Softphone\VideoPreferences] "Codecs"="SJH261, SJH263, SJH263+, SJH264 BASE, SJH264 MAIN" [HKEY_CURRENT_USER\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\Users\Owner\Downloads\Codec-C.exe"="Installer" [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_9e0458317e2c6c2f] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_6.0.6000.16386_none_7abcb516b53ac164] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-codecpack-basic_31bf3856ad364e35_6.0.6000.16386_none_c0b9f8c338770b0a] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-iconcodecservice_31bf3856ad364e35_6.0.6000.16386_none_81207d554586a104] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_6.0.6000.16386_en-us_09681f11eab190c4] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_7.0.6002.18107_en-us_fefcd8d96fa34588] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-p..ge-codec-deployment_31bf3856ad364e35_7.0.6002.18107_none_6d4a8de12b3597fd] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6000.16386_none_f92187bd013136db] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6001.18000_none_fb5849b8fe1c47af] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6002.18005_none_fd43c2c4fb3e12fb] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_7.0.6002.18107_none_eeb641848622eb9f] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-w..owscodec-deployment_31bf3856ad364e35_7.0.6002.18107_none_c73c51d755760a0b] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.16386_none_ed79a5f47417dac4] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.16740_none_ed9eeb8073fcc792] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20867_none_ee19ea798d24509f] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20905_none_ee58cb538cf57372] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18000_none_efb067f07102eb98] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18131_none_ef90fa5c711a55e9] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22211_none_f03036ff8a27bdd1] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22253_none_f006f7e38a466043] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6002.18005_none_f19be0fc6e24b6e4] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_7.0.6002.18107_none_e30e5fbbf9098f88] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.16386_none_f06991025c907e5d] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.16740_none_f08ed68e5c756b2b] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20867_none_f109d587759cf438] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20905_none_f148b661756e170b] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18000_none_f2a052fe597b8f31] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18131_none_f280e56a5992f982] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22211_none_f320220d72a0616a] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22253_none_f2f6e2f172bf03dc] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6002.18005_none_f48bcc0a569d5a7d] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_7.0.6002.18107_none_e5fe4ac9e1823321] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\amd64_microsoft-windows-windowsmedia-codecs_31bf3856ad364e35_6.0.6000.16386_none_8867b30624415ef7] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_41e5bcadc5cefaf9] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_6.0.6000.16386_none_1e9e1992fcdd502e] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-codecpack-basic_31bf3856ad364e35_6.0.6000.16386_none_649b5d3f801999d4] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..o4-codecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fbc85f1b59b8d262] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-i..o5-codecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_fd1c9832255334b9] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-iconcodecservice_31bf3856ad364e35_6.0.6000.16386_none_2501e1d18d292fce] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-indeo4-codecs_31bf3856ad364e35_6.0.6000.16386_none_39975c8d5a6988b1] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-indeo5-codecs_31bf3856ad364e35_6.0.6000.16386_none_22c9c1557410d750] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_6.0.6000.16386_en-us_ad49838e32541f8e] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_7.0.6002.18107_en-us_a2de3d55b745d452] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6000.16386_none_9d02ec3948d3c5a5] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6001.18000_none_9f39ae3545bed679] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_6.0.6002.18005_none_a125274142e0a1c5] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_7.0.6002.18107_none_9297a600cdc57a69] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-v..re-codecs.resources_31bf3856ad364e35_6.0.6000.16386_en-us_552d7a41db99a3c7] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6000.16386_none_6a6bff15db84b924] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6001.18483_none_6c4f4a27d8adea21] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6001.22702_none_6d2e69d4f18b8b5a] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6002.18263_none_6e4b5dcdd5c4048a] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_6.0.6002.22414_none_6f0c0c64eeb82f1d] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-vcmcodecsfeature_31bf3856ad364e35_6.0.6000.16386_none_70ff28373951081f] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.16386_none_915b0a70bbba698e] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.16740_none_91804ffcbb9f565c] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20867_none_91fb4ef5d4c6df69] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6000.20905_none_923a2fcfd498023c] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18000_none_9391cc6cb8a57a62] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.18131_none_93725ed8b8bce4b3] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22211_none_94119b7bd1ca4c9b] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6001.22253_none_93e85c5fd1e8ef0d] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_6.0.6002.18005_none_957d4578b5c745ae] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_7.0.6002.18107_none_86efc43840ac1e52] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.16386_none_944af57ea4330d27] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.16740_none_94703b0aa417f9f5] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20867_none_94eb3a03bd3f8302] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6000.20905_none_952a1addbd10a5d5] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18000_none_9681b77aa11e1dfb] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.18131_none_966249e6a135884c] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22211_none_97018689ba42f034] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6001.22253_none_96d8476dba6192a6] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_6.0.6002.18005_none_986d30869e3fe947] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowscodec_31bf3856ad364e35_7.0.6002.18107_none_89dfaf462924c1eb] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\Components\x86_microsoft-windows-windowsmedia-codecs_31bf3856ad364e35_6.0.6000.16386_none_2c4917826be3edc1] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_en-us_505ae303643e9bbb] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_none_9549356708cb3cee] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-codecpack-basic_31bf3856ad364e35_none_ef67a100c152c2f8] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-iconcodecservice_31bf3856ad364e35_none_b09e393c86fbb24e] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-mediaplayer-mp3_31bf3856ad364e35_none_a9baf3e57e9ffde0\f256!l3codeca.acm] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-mediaplayer-mp3_31bf3856ad364e35_none_a9baf3e57e9ffde0\f256!l3codecp.acm] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_en-us_ec68f519582fd08e] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-p..ge-codec-deployment_31bf3856ad364e35_none_d85cb5dcb51f8e81] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_none_cae5bf71393e136f] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-w..owscodec-deployment_31bf3856ad364e35_none_ba5cb3655b186563] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_none_2b54ae8e655d568e] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_none_2b54ae8e655d568e\f256!windowscodecsext.dll] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_none_ad2a67502f170b7d] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_none_ad2a67502f170b7d\f256!windowscodecs.dll] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\amd64_microsoft-windows-windowsmedia-codecs_31bf3856ad364e35_none_d9b7a05bc3919d33] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_en-us_f43c477fabe12a85] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_none_392a99e3506dcbb8] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-codecpack-basic_31bf3856ad364e35_none_9349057d08f551c2] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-i..o4-codecs.resources_31bf3856ad364e35_en-us_836f7f250d38f624] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-i..o5-codecs.resources_31bf3856ad364e35_en-us_229b3729da27cec5] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-iconcodecservice_31bf3856ad364e35_none_547f9db8ce9e4118] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-indeo4-codecs_31bf3856ad364e35_none_763ad9bdf0b38c8d] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-indeo5-codecs_31bf3856ad364e35_none_78215157edd9d926] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-mediaplayer-mp3_31bf3856ad364e35_none_4d9c5861c6428caa\f256!l3codeca.acm] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-mediaplayer-mp3_31bf3856ad364e35_none_4d9c5861c6428caa\f256!l3codecp.acm] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_en-us_904a59959fd25f58] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_none_6ec723ed80e0a239] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-v..re-codecs.resources_31bf3856ad364e35_en-us_2a71acafa97550a7] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_none_73effc36feccf8f2] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-vcmcodecsfeature_31bf3856ad364e35_none_8703ad00d7ef290f] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_none_cf36130aacffe558] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_none_cf36130aacffe558\f256!windowscodecsext.dll] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-windowscodec_31bf3856ad364e35_none_510bcbcc76b99a47] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-windowscodec_31bf3856ad364e35_none_510bcbcc76b99a47\f256!windowscodecs.dll] [HKEY_LOCAL_MACHINE\COMPONENTS\DerivedData\VersionedIndex\6.0.6002.18005_0028c5a9\ComponentFamilies\x86_microsoft-windows-windowsmedia-codecs_31bf3856ad364e35_none_7d9904d80b342bfd] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_en-us_505ae303643e9bbb] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_none_9549356708cb3cee] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-codecpack-basic_31bf3856ad364e35_none_ef67a100c152c2f8] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-iconcodecservice_31bf3856ad364e35_none_b09e393c86fbb24e] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_en-us_ec68f519582fd08e] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-p..ge-codec-deployment_31bf3856ad364e35_none_d85cb5dcb51f8e81] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-photo-image-codec_31bf3856ad364e35_none_cae5bf71393e136f] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-w..owscodec-deployment_31bf3856ad364e35_none_ba5cb3655b186563] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-windowscodecext_31bf3856ad364e35_none_2b54ae8e655d568e] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-windowscodec_31bf3856ad364e35_none_ad2a67502f170b7d] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\amd64_microsoft-windows-windowsmedia-codecs_31bf3856ad364e35_none_d9b7a05bc3919d33] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-a..orecodecs.resources_31bf3856ad364e35_en-us_f43c477fabe12a85] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-audio-acmcorecodecs_31bf3856ad364e35_none_392a99e3506dcbb8] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-codecpack-basic_31bf3856ad364e35_none_9349057d08f551c2] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-i..o4-codecs.resources_31bf3856ad364e35_en-us_836f7f250d38f624] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-i..o5-codecs.resources_31bf3856ad364e35_en-us_229b3729da27cec5] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-iconcodecservice_31bf3856ad364e35_none_547f9db8ce9e4118] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-indeo4-codecs_31bf3856ad364e35_none_763ad9bdf0b38c8d] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-indeo5-codecs_31bf3856ad364e35_none_78215157edd9d926] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-p..age-codec.resources_31bf3856ad364e35_en-us_904a59959fd25f58] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-photo-image-codec_31bf3856ad364e35_none_6ec723ed80e0a239] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-v..re-codecs.resources_31bf3856ad364e35_en-us_2a71acafa97550a7] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-vcm-core-codecs_31bf3856ad364e35_none_73effc36feccf8f2] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-vcmcodecsfeature_31bf3856ad364e35_none_8703ad00d7ef290f] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-windowscodecext_31bf3856ad364e35_none_cf36130aacffe558] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-windowscodec_31bf3856ad364e35_none_510bcbcc76b99a47] [HKEY_LOCAL_MACHINE\COMPONENTS\Winners\x86_microsoft-windows-windowsmedia-codecs_31bf3856ad364e35_none_7d9904d80b342bfd] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.EncodeCRLDistInfo] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.EncodeCRLDistInfo\CurVer] @="CertificateAuthority.EncodeCRLDistInfo.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CertificateAuthority.EncodeCRLDistInfo.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000301-A8F2-4877-BA0A-FD2B6645FB94}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0010668C-0801-4DA6-A4A4-826522B6D28F}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00108226-EE41-44A2-9E9C-4BE4D5B1D2CD}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0131BE10-2001-4C5F-A9B0-CC88FAB64CE8}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01B90D9A-8209-47F7-9C52-E1244BF50CED}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01FA60A0-BBFF-11D0-8825-00A0C903B83C}\ProgID] @="CertificateAuthority.EncodeCRLDistInfo.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01FA60A0-BBFF-11D0-8825-00A0C903B83C}\VersionIndependentProgID] @="CertificateAuthority.EncodeCRLDistInfo" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02805F1E-D5AA-415B-82C5-61C033A988A6}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{03012959-F4F6-44D7-9D09-DAA087A9DB57}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{076C2A6C-F78F-4C46-A723-3583E70876EA}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\Instance\{16BA1501-7B68-4110-BCED-3980DAC0C5A2}] "FriendlyName"="CyberLink XDS Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\Instance\{355605B5-33F6-44E9-B45E-F9BF2A8A1DBF}] "FriendlyName"="CyberLink XDS Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{083863F1-70DE-11D0-BD40-00A0C911CE86}\Instance\{370A1D5D-DDEB-418C-81CD-189E0D4FA443}] "FriendlyName"="VBI Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CE7A4A6-03E8-4A60-9D15-282EF32EE7DA}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E25DC18-9F5E-48B1-80B3-D124E81B773B}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{114F5598-0B22-40A0-86A1-C83EA495ADBD}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{122EC645-CD7E-44D8-B186-2C8C20C3B50F}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1249B20C-5DD0-44FE-B0B3-8F92C8E6D080}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16671E5F-0CE6-4CC4-9768-E89FE5018ADE}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16BA1501-7B68-4110-BCED-3980DAC0C5A2}] @="CyberLink XDS Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16BA1501-7B68-4110-BCED-3980DAC0C5A2}\InprocServer32] @="C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\TV\PCMRxdscodec.ax" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1765E14E-1BD4-462E-B6B1-590BF1262AC6}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1767B93A-B021-44EA-920F-863C11F4F768}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A34F5C1-4A5A-46DC-B644-1F4567E7A676}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1A3F11DC-B514-4B17-8C5F-2154513852F1}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AB78400-B5A3-4D91-8ACE-33FCD1499BE6}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D583ABC-8A0E-4657-9982-A380CA58FB4B}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22C21F93-7DDB-411C-9B17-C5B7BD064ABC}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27949969-876A-41D7-9447-568F6A35A4DC}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2DB5E62B-0D67-495F-8F9D-C2F0188647AC}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31879719-E751-4DF8-981D-68DFF67704ED}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{32557D3B-69DC-4F95-836E-F5972B2F6159}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{355605B5-33F6-44E9-B45E-F9BF2A8A1DBF}] @="CyberLink XDS Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{355605B5-33F6-44E9-B45E-F9BF2A8A1DBF}\InprocServer32] @="C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\PCMRxdscodec.ax" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{356F2F88-05A6-4728-B9A4-1BFBCE04D838}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3692CA39-E082-4350-9E1F-3704CB083CD5}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3697790B-223B-484E-9925-C4869218F17A}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{370A1D5D-DDEB-418C-81CD-189E0D4FA443}] @="VBI Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{370A1D5D-DDEB-418C-81CD-189E0D4FA443}\InprocServer32] @="C:\Windows\SysWOW64\VBICodec.ax" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{381DDA3C-9CE9-4834-A23E-1F98F8FC52BE}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{389EA17B-5078-4CDE-B6EF-25C15175C751}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3FF566F0-6E6B-49D4-96E6-B78886692C62}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{41070793-59E4-479A-A1F7-954ADC2EF5FC}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43324B33-A78F-480F-9111-9638AACCC832}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A2286E0-7BEF-11CE-9BD9-0000E202599C}] @="MPEG Audio Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B59AFCC-B8C3-408A-B670-89E5FAB6FDA7}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4FF2FE0E-E74A-4B71-98C4-AB7DC16707BA}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50B1904B-F28F-4574-93F4-0BADE82C69E9}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50D42F09-ECD1-4B41-B65D-DA1FDAA75663}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5805137A-E348-4F7C-B3CC-6DB9965A0599}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C5C1935-0235-4434-80BC-251BC1EC39C6}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{68E3F2FD-31AE-4441-BB6A-FD7047525F90}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{699745C2-5066-4B82-A8E3-D40478DBEC8C}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69BE8BB4-D66D-47C8-865A-ED1589433782}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6B462062-7CBF-400D-9FDB-813DD10F2778}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D68D1DE-D432-4B0F-923A-091183A9BDA7}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72B624DF-AE11-4948-A65C-351EB0829419}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C037E7-E5D9-4954-876A-6DA81D6E5768}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7447A267-0015-42C8-A8F1-FB3B94C68361}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7B19A919-A9D6-49E5-BD45-02C34E4E4CD5}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F12E753-FC71-43D7-A51D-92F35977ABB5}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FF0997A-1999-4286-A73C-622B8814E7EB}] @="ICodecAPIProxy" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{877A0BB7-A313-4491-87B5-2E6D0594F520}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A03E749-672E-446E-BF1F-2C11D233B6FF}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8ADE5386-8E9B-4F4C-ACF2-F0008706B238}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C89071F-452E-4E95-9682-9D1024627172}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8F914656-9D0A-4EB2-9019-0BF96D8A9EE6}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9456A480-E88B-43EA-9E73-0B2D9B71B1CA}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C24A977-0951-451A-8006-0E49BD28CD5F}\Instance\VBI Codec] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9C24A977-0951-451A-8006-0E49BD28CD5F}\Instance\VBI Codec] "FriendlyName"="VBI Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9CB5172B-D600-46BA-AB77-77BB7E3A00D9}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9F66347C-60C4-4C4D-AB58-D2358685F607}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A02797fC-C4AE-418C-AF95-E637C7EAD2A1}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A09CCA86-27BA-4F39-9053-121FA4DC08FC}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6EE35C6-87EC-47DF-9F22-1D5AAD840C82}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA7E3C50-864C-4604-BC04-8B0B76E637F6}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AA94DCC2-B8B0-4898-B835-000AABD74393}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAA13995-B35D-4C05-8EEB-39607C700DEB}] @="CyberLink XDS Codec Property Page" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAA13995-B35D-4C05-8EEB-39607C700DEB}\InprocServer32] @="C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\PCMRxdscodec.ax" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AABFB2FA-3E1E-4A8f-8977-5556FB94EA23}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC75D454-9F37-48f8-B972-4E19BC856011}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF95DC76-16B2-47F4-B3EA-3C31796693E7}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B05DABD9-56E5-4FDC-AFA4-8A47E91F1C9C}] @="IVideoEncoderCodecAPIProxy" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1EBFC28-C9BD-47A2-8D33-B948769777A7}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B54E85D9-FE23-499F-8B88-6ACEA713752B}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5C8B898-0074-459F-B700-860D4651EA14}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5EBAFB9-253E-4A72-A744-0762D2685683}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B92E345D-F52D-41F3-B562-081BC772E3B9}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6EDFCA-2890-482F-B233-8D7339A1CF8D}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C17CABB2-D4A3-47D7-A557-339B2EFBD4F1}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4C4C4F3-0049-4E2B-98FB-9537F6CE516D}] @="XDS Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4C4C4FC-0049-4E2B-98FB-9537F6CE516D}\Instance\XDS Codec] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4C4C4FC-0049-4E2B-98FB-9537F6CE516D}\Instance\XDS Codec] "FriendlyName"="XDS Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C61BFCDF-2E0F-4AAD-A8D7-E06BAFEBCDFE}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9A14CDA-C339-460B-9078-D4DEBCFABE91}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CB8C13E4-62B5-4C96-A48B-6BA6ACE39C76}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D049B20C-5DD0-44FE-B0B3-8F92C8E6D080}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4DCD3D7-B4C2-47D9-A6BF-B89BA396A4A3}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9403860-297F-4A49-BF9B-77898150A442}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D94EDF02-EFE5-4F0D-85C8-F5A68B3000B1}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA4E3DA0-D07D-11d0-BD50-00A0C911CE86}\Instance\{07dad660-22f1-11d1-a9f4-00c04fbbde8f}] "FriendlyName"="WDM Streaming VBI Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA4E3DA0-D07D-11d0-BD50-00A0C911CE86}\Instance\{9C24A977-0951-451A-8006-0E49BD28CD5F}] "FriendlyName"="Multi-Instance Capable VBI Codecs" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDE33513-774E-4BCD-AE79-02F4ADFE62FC}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E23CE3EB-5608-4E83-BCEF-27B1987E51D7}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E573236F-55B1-4EDA-81EA-9F65DB0290D3}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7E79A30-4F2C-4FAB-8D00-394F2D6BBEBE}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED822C8C-D6BE-4301-A631-0E1416BAD28F}\InProcServer32] @="%SystemRoot%\system32\windowscodecsext.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE366069-1832-420F-B381-0479AD066F19}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3C633A2-46C8-498E-8FBB-CC6F721BBCDE}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5D3E63B-CB0F-4628-A478-6D8244BE36B1}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F90B5F36-367B-402A-9DD1-BC0FD59D8F62}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB012959-F4F6-44D7-9D09-DAA087A9DB57}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB40360C-547E-4956-A3B9-D4418859BA66}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FEB50740-7BEF-11CE-9BD9-0000E202599C}] @="MPEG Video Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF036D13-5D4B-46DD-B10F-106693D9FE4F}\InProcServer32] @="%SystemRoot%\system32\windowscodecs.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{01958640-BBFF-11D0-8825-00A0C903B83C}] @="ICertEncodeCRLDistInfo" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0C13F8B9-F2E0-3918-A33E-3E491BDC529E}] @="_CodeCommentStatement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0F7665A9-8DEB-4AD0-8236-B6AE61B9AD12}] @="IVBICodecConfig" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{17C106B9-0925-42F5-AE32-1FC019649C10}] @="IDebugCodeContext3" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{428EC451-0E7E-41FE-B07E-6137DBFC8F4A}] @="_ICODECCtrlsEvents" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{51973C13-CB0C-11D0-B5C9-00A0244A0E7A}] @="IDebugCodeContext" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{51973C1D-CB0C-11D0-B5C9-00A0244A0E7A}] @="IEnumDebugCodeContexts" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5A33C771-806E-337D-AE1F-66B523FC49BF}] @="_CodeConstructor" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609C7788-BDB0-364C-92E3-FC16AC613430}] @="_CodeCatchClause" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{64C1024E-C3CF-4462-8078-88C2B11C46D9}] @="IWICBitmapCodecProgressNotification" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{69904B31-5FB5-39BF-83B0-5DDFA1F26D71}] @="_CodeConditionStatement" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6F20C263-AF67-380F-A482-9A21F7599748}] @="_CodeCompileUnit" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7EB20114-E822-358C-BDAB-DCF9E5090F23}] @="_CodeChecksumPragma" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{90BED8ED-21E3-31FE-8F02-C929BA4FB0AC}] @="_CodeCastExpression" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AC17B76B-2B09-419A-AD5F-7D7402DA8875}] @="IDebugCodeContext2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AD47A80B-EDA7-459E-AF82-647CC9FBAA50}] @="IEnumDebugCodeContexts2" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C94F39B3-436F-3711-9CB0-91C6299B62A2}] @="_CodeComment" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E34CEB72-8F86-333D-AEDA-069221DF6A1A}] @="_CodeCommentStatementCollection" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E87A44C4-B76E-4C47-8B09-298EB12A2714}] @="IWICBitmapCodecInfo" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FE8A2546-3478-3FAD-BE1D-DA7BC25C4E4E}] @="_CodeConnectAccess" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF5E1CD9-0478-34A4-9B9C-7C80BCB1A725}] @="_CodeCatchClauseCollection" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{299E2A7D-6551-3ED1-B4A0-A51CB56EEFE7}\2.0.0.0] "Class"="System.Globalization.UnicodeCategory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{299E2A7D-6551-3ED1-B4A0-A51CB56EEFE7}\4.0.0.0] "Class"="System.Globalization.UnicodeCategory" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\STacAPI.CODECCtrls] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\STacAPI.CODECCtrls] @="CODECCtrls Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\STacAPI.CODECCtrls\CurVer] @="STacAPI.CODECCtrls.1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\STacAPI.CODECCtrls.1] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\STacAPI.CODECCtrls.1] @="CODECCtrls Class" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AudioCompressionManager\DriverCache\msacm.l3codecp] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication] "Name"="codec_enum.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Settings\MP3Encoding] "PreferredCodecPath"="C:\Windows\SysWOW64\l3codecp.acm" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MediaPlayer\Settings\MP3Encoding] "PreferredCodecName"="MP3" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Live\Photo Gallery\FileSupport\DownloadableCodecs] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc] "C:\Windows\SysWOW64\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc] "l3codecp.acm"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc] "sirenacm.dll"="Messenger Audio Codec" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"="C:\Windows\SysWOW64\l3codeca.acm" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3codecp"="l3codecp.acm" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "IconServiceLib"="IconCodecService.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Photo Gallery\AvailableDownloadableCodecs] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000] "DriverDesc"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000] "CodecName"="92HD75 B3" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\mixer\wdmaud.drv] "Description"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\wave\wdmaud.drv] "Description"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_103C3627&REV_1002\4&2a9d91b2&0&0001] "DeviceDesc"="@oem18.inf,%st.devicedesc%;IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_103C3627&REV_1002\4&2a9d91b2&0&0001] "FriendlyName"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\STHDA] "DisplayName"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000] "DriverDesc"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000] "CodecName"="92HD75 B3" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\mixer\wdmaud.drv] "Description"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\wave\wdmaud.drv] "Description"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_103C3627&REV_1002\4&2a9d91b2&0&0001] "DeviceDesc"="@oem18.inf,%st.devicedesc%;IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_103C3627&REV_1002\4&2a9d91b2&0&0001] "FriendlyName"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\STHDA] "DisplayName"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000] "DriverDesc"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000] "CodecName"="92HD75 B3" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\mixer\wdmaud.drv] "Description"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Drivers\wave\wdmaud.drv] "Description"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_103C3627&REV_1002\4&2a9d91b2&0&0001] "DeviceDesc"="@oem18.inf,%st.devicedesc%;IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\HDAUDIO\FUNC_01&VEN_111D&DEV_7603&SUBSYS_103C3627&REV_1002\4&2a9d91b2&0&0001] "FriendlyName"="IDT High Definition Audio CODEC" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\STHDA] "DisplayName"="IDT High Definition Audio CODEC" [HKEY_USERS\.DEFAULT\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] @="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\.DEFAULT\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] "DeviceName"="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\.DEFAULT\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] @="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_USERS\.DEFAULT\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] "DeviceName"="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_USERS\.DEFAULT\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] @="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\.DEFAULT\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] "DeviceName"="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{53946452-f5aa-410a-b5c3-554aa3514b8b}] @="External Mic (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{53946452-f5aa-410a-b5c3-554aa3514b8b}] "DeviceName"="External Mic (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{a299e843-5f13-49a0-8044-4d1f73bc6d8d}] @="Stereo Mix (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{a299e843-5f13-49a0-8044-4d1f73bc6d8d}] "DeviceName"="Stereo Mix (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{f4f2c28e-50e7-45ec-ba3e-40fe9dec0080}] @="Integrated Microphone Array (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioInput\TokenEnums\MMAudioIn\{0.0.1.00000000}.{f4f2c28e-50e7-45ec-ba3e-40fe9dec0080}] "DeviceName"="Integrated Microphone Array (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] @="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] "DeviceName"="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] @="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] "DeviceName"="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] @="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] "DeviceName"="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Tracing\WPPMedia\AudioCodecs] [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\WindowsLiveMessenger] "PrefAudioCapture"="Integrated Microphone Array (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\WindowsLiveMessenger] "PrefAudioRender"="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioCapture\Integrated Microphone Array (IDT High Definition Audio CODEC)] [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioCapture\Microphone Array (IDT High Definition Audio CODEC)] [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioRender\Speakers (IDT High Definition Audio CODEC)] [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\AudioRender\Speakers and Dual Headphones (IDT High Definition Audio CODEC)] [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\WindowsLiveMessenger\Codec] [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\UCCPlatform\wlcsdk\codec] [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\talk4free\USB Softphone\Options\Audio] "CodecList"="" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\talk4free\USB Softphone\VideoPreferences] "Codecs"="SJH261, SJH263, SJH263+, SJH264 BASE, SJH264 MAIN" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\Users\Owner\Downloads\Codec-C.exe"="Installer" [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\Users\Owner\Downloads\Codec-C.exe"="Installer" [HKEY_USERS\S-1-5-18\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] @="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-18\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{2a488d8e-7cd0-4b16-ab66-7128c1e664e0}] "DeviceName"="Independent Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-18\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] @="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-18\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{9da3f2cf-56f3-4995-b214-06b2e0621fa9}] "DeviceName"="SPDIF (Digital Out via HP Dock) (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-18\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] @="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" [HKEY_USERS\S-1-5-18\Software\Microsoft\Speech\AudioOutput\TokenEnums\MMAudioOut\{0.0.0.00000000}.{d0134559-9a2b-4a9a-b834-6a7df649bff1}] "DeviceName"="Speakers and Dual Headphones (IDT High Definition Audio CODEC)" -= EOF =-

No, just when I click Start and begin to type in the word "codec" in the search bar... but when I try to delete it says it cannot find it.... but it's not in the control panel programs list

The codec file is still under programs though...

All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F866DC5B-A053-40B9-BCDE-375ED3441201}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F866DC5B-A053-40B9-BCDE-375ED3441201}\ not found. HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully! Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F866DC5B-A053-40B9-BCDE-375ED3441201}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F866DC5B-A053-40B9-BCDE-375ED3441201}\ not found. HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully! Registry key HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0D7562AE-8EF6-416d-A838-AB665251703A}\ not found. Registry key HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. Registry key HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}\ not found. Registry key HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF739809-1C6C-47C0-85B9-569DBB141420}\ not found. Registry key HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F866DC5B-A053-40B9-BCDE-375ED3441201}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F866DC5B-A053-40B9-BCDE-375ED3441201}\ not found. C:\Users\Owner\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com folder moved successfully. C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully. Registry value HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ares deleted successfully. C:\ProgramData\PKP_DLdw.DAT moved successfully. C:\ProgramData\PKP_DLdu.DAT moved successfully. C:\Users\Owner\AppData\Roaming\Babylon folder moved successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully! HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Guest ->Temp folder emptied: 50528 bytes ->Temporary Internet Files folder emptied: 120280 bytes ->Flash cache emptied: 456 bytes User: Owner ->Temp folder emptied: 4026603798 bytes ->Temporary Internet Files folder emptied: 269407466 bytes ->Java cache emptied: 9961278 bytes ->FireFox cache emptied: 44092807 bytes ->Google Chrome cache emptied: 27237292 bytes ->Flash cache emptied: 46043 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 267780696 bytes %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 19424557 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 32902 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 4,449.00 mb OTL by OldTimer - Version 3.2.39.2 log created on 04012012_152247 Files\Folders moved on Reboot... C:\Users\Owner\AppData\Local\Temp\ehmsas.txt moved successfully. C:\Users\Owner\AppData\Local\Temp\VGX7BB4.tmp moved successfully. File\Folder C:\Users\Owner\AppData\Local\Temp\~DFECC3.tmp not found! File\Folder C:\Users\Owner\AppData\Local\Temp\~DFED22.tmp not found! File\Folder C:\Users\Owner\AppData\Local\Temp\~DFEE51.tmp not found! File\Folder C:\Users\Owner\AppData\Local\Temp\~DFEF7F.tmp not found! Registry entries deleted on Reboot...

This is the Extras OTL Extras logfile created on: 4/1/2012 2:27:32 PM - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Owner\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19190) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.90 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 30.90% Memory free 6.03 Gb Paging File | 3.59 Gb Available in Paging File | 59.50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.05 Gb Total Space | 123.62 Gb Free Space | 43.37% Space Free | Partition Type: NTFS Drive D: | 13.04 Gb Total Space | 1.50 Gb Free Space | 11.49% Space Free | Partition Type: NTFS Drive E: | 4.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: IWES | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 "VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data] "VistaSp2" = 5F 2F 32 40 97 81 CA 01 [binary data] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "oobe_av" = 1 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02844BF7-DF38-4706-AC97-63864474A70E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{094D12B5-3BD8-4ED7-92E2-D84D921DDB4C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{102C3A62-47D4-4B50-9604-AC22ECAAC6C2}" = rport=445 | protocol=6 | dir=out | app=system | "{27165B43-82E8-43FE-B122-C9B967C2DE3F}" = lport=137 | protocol=17 | dir=in | app=system | "{41CF2E75-B96F-41E8-BADC-715D028C0C36}" = rport=137 | protocol=17 | dir=out | app=system | "{4B93C9D2-2522-46D9-A1AE-59AA912245BD}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{6C5E0433-E9B8-4F17-889C-DF82AF7A952D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{6E144219-42C3-4ED3-BD6B-C1EB37B2D718}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | "{770C3A64-089E-470F-97D3-1DDA68495314}" = lport=138 | protocol=17 | dir=in | app=system | "{8356AACC-2585-44D5-B1FF-FD6B60233976}" = lport=2869 | protocol=6 | dir=in | app=system | "{99C6C779-544A-4164-BF98-B418E126F28D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{ACABFF8D-35A5-4290-95D2-F93734604CF4}" = rport=138 | protocol=17 | dir=out | app=system | "{AF00D87E-DBCF-4A28-9A7E-717F929695B7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{B0A461F6-CB0B-40DD-A98A-9B87678DD539}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{B1BA64A8-3DBD-4AA9-BC58-978DA9D823AF}" = lport=139 | protocol=6 | dir=in | app=system | "{BF2EC04D-EBB5-4867-8989-BCA68023249D}" = lport=445 | protocol=6 | dir=in | app=system | "{C02697E0-E64F-4A05-80F4-3EA2A9859801}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{CEACAB5B-11AC-4C2D-9581-DFF8C81BB5FA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{ECE16D38-83F6-43B7-BECA-C26A06083E57}" = rport=139 | protocol=6 | dir=out | app=system | "{F47DAE69-41B7-4B63-9C39-2C567B68C73F}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{F56B0FF5-E64D-4F5F-9EB7-8098B886CA98}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{043B4918-17FA-4BB7-9EB1-A67AB5B64215}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{045CE453-766E-4F2B-8A8B-B78DBA624A69}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{091A488C-D59C-4AA0-ABAB-90C8058FBFE8}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{0C7393D5-9972-46A9-8E2F-CEEFE1811665}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{1179F4AA-8F04-41FA-9C6D-BA2B0251BFF1}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{130493AD-3D8D-43E0-B933-6445D0292108}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe | "{1948566A-E28C-4CC0-8294-4C3E2FD731A4}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{1A202C44-A9F1-4DD7-A5A4-8C087E64CB56}" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{1CA9E135-17B6-4321-82BB-697B382782AD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | "{1D181BC4-F88A-4713-AAF8-E3BA753C0A1D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe | "{1E2B9695-9CCC-4DC0-899F-D27B56A00787}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{26F6875C-7F89-4F24-9FEA-39E792558255}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe | "{2B08BFFA-717F-4D51-925E-10C2E28813D4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | "{30F6D5B9-3E35-49DA-9542-8A1C27CBF038}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | "{3141A3BB-FC02-4CD7-B0B9-C961A26FEB31}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{36B25FFD-F36B-4110-B04F-3266B2704501}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | "{36D4C90D-FEEB-402C-B158-67275DAAD05A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | "{3897DE4E-9755-479B-BF3F-88D8442BAAAB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | "{3BC499EE-4AF1-49A0-A7FD-46A38787DFFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | "{3CCF70DF-1EC9-4DA7-BEC0-65560C89B4DC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{40EC16F1-7545-4E6E-BA95-CCE05DF66368}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | "{465A68A3-F34A-462E-A251-D62B5E894C88}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe | "{4CD72DC1-596E-4C75-AA5B-091799FB807B}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | "{59A91EC1-4E95-4C40-B29B-FA2DFBD064EE}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | "{607FC933-0C53-4A49-BCFE-509489C2E7F7}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe | "{635BB3EB-33B9-423B-99B1-B97E43906626}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{683EC657-5A56-43FF-8C6F-E65E9B967B42}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{69E76DFD-CE06-4C48-AC0F-362BDEC052C6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | "{6D006B65-AA78-4F3A-AB17-C5C7A1345D04}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{6E1274E3-1447-4A55-8E8F-6EEEB18185B3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{72D0C601-04DD-4031-AD53-EA5E685E9CE5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | "{72E73DDA-B6D0-441C-858B-4E47FF70AB38}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{75953796-2131-4148-B197-D6D6375BE617}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{7EE5E670-2E99-44A4-8871-990FFDBEE49B}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | "{8BA6957C-BCAB-4C15-89B2-C0CF30CAC043}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{945DA3C9-7C2A-4925-BA4A-85578B31A9F3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{96FB22F8-8906-4865-82A0-8CB2007005DA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | "{98694A9B-20AB-41FA-BB73-0ED0F9BEA095}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | "{A63C32BE-8E9B-48A0-BF5F-8F6DF1C55875}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | "{A81D83A5-4F16-4841-BD62-0075F744CE6E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A852C160-C614-45FC-B59B-1086EBAC6953}" = dir=in | app=e:\setup\hpznui40.exe | "{ABABA912-4E62-4D81-BF1D-E44905074217}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | "{B03FB696-9B27-40E9-B44E-7C0C04D998EA}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | "{B253B807-EA86-4DC4-90B0-FA75A58A7ABD}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | "{B5590164-D332-4AE6-A376-4D1C4895E5AB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe | "{B6758572-2A94-4AB4-AA04-FC865F1E822C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | "{B7B8B656-0CD0-4FA9-84AA-5702C27CD851}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe | "{C0177912-07A8-451D-91EF-E51F022A68C2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | "{C363A41C-4E1D-4CEC-94B3-25A19EB76E77}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | "{C9EF55F3-705D-43F5-8CC2-9ADA61E6B86C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe | "{CA815DF4-4560-48AE-94CF-08662C3958B2}" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "{D94EB45A-13C7-47E0-9BE1-37842F74F6C6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe | "{DA9A0045-E04A-4773-AF02-42239E05FBAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | "{DAA063D7-E22B-4555-8B92-92D38807E5AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | "{DEEBA176-4265-4E6E-8208-B22D5CC238BE}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe | "{E8ACA3A3-47BD-4680-8DF2-8333025FAA7D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | "{EAFD4EB3-C08B-43C9-8BE6-C6ED62201AE0}" = dir=in | app=c:\users\owner\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{EE8CA956-54DC-482C-894A-DD4BBB7DC5A9}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe | "{EFCE7AD0-8971-4A17-8404-C52E10C2D894}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | "{F8A4C4C4-C4D5-41FB-BA64-B4BC0CC2510A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | "{FC773E55-D2DD-4E63-8ECE-45DE4AEA95FF}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "TCP Query User{03C9F3A5-C831-4CEE-B251-1FBC4D9FDAE1}C:\users\owner\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\imvuclient\1vivoxvoice.exe | "TCP Query User{43992260-EA62-452E-9E0A-F74EE744EA10}C:\users\owner\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\mjusbsp\magicjack.exe | "TCP Query User{4E85F5C5-56E5-4ECC-B5AD-29DD324158B6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "TCP Query User{76B355FC-C020-4A68-B733-968FCF9F234F}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "TCP Query User{7D02A934-20D9-4582-ACF5-41997B58D5A7}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | "TCP Query User{CC14B487-5DF4-45BA-8108-25976F15552B}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "TCP Query User{FE845FD5-BF9C-4E7B-9F6D-6B52AD0713AD}C:\users\owner\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\owner\appdata\roaming\mjusbsp\magicjack.exe | "UDP Query User{1F76167C-196E-47C7-B91B-F6A2A1FC4A0A}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe | "UDP Query User{234D0254-B3DF-4A50-AAF1-98009017AC80}C:\program files (x86)\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yahoo!\messenger\yahoomessenger.exe | "UDP Query User{5DB2E2B5-FF0F-413E-B32B-B7756F1A4E50}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | "UDP Query User{DD7EB21E-DBC0-416B-B74F-3FFCBB94A28F}C:\users\owner\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\mjusbsp\magicjack.exe | "UDP Query User{EC11FE89-E22A-4926-B3A8-7D6200DDDCE1}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\support\blizzarddownloader.exe | "UDP Query User{F0492BB6-25A3-4919-A9DB-31279603B192}C:\users\owner\appdata\roaming\imvuclient\1vivoxvoice.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\imvuclient\1vivoxvoice.exe | "UDP Query User{FA020A03-3004-47DB-86D1-C093DDF58219}C:\users\owner\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\owner\appdata\roaming\mjusbsp\magicjack.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection "{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{61A3F855-4587-4187-9D77-2EF8CD825A47}" = AVG 2011 "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 2.5.7 "{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}" = HP Officejet 4500 G510n-z "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 "{8FE5B227-1506-4CCE-9002-CC26D6B3F7AA}" = AVG 2011 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007 "{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant "{A4DDB2AB-ECCD-4C3A-8633-77D5A1A0E542}" = Network64 "{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F1568AA6-5982-4AFB-A871-C68E4328BC3B}" = HP MediaSmart SmartMenu "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "07B260955637F1FF7587ED2AA87459040DD09BF7" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0) "Agere Systems Soft Modem" = Agere Systems HDA Modem "AVG" = AVG 2011 "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter "HDMI" = Intel® Graphics Media Accelerator Driver "HP Document Manager" = HP Document Manager 2.0 "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Smart Web Printing" = HP Smart Web Printing 4.5 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "HPOCR" = OCR Software by I.R.I.S. 13.0 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Shop for HP Supplies" = Shop for HP Supplies "SynTPDeinstKey" = Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR "{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java 6 Update 26 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update "{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64) "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java 6 Update 7 "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader "{36E90C09-EB23-4EAC-8B47-12C0CA5DBD3A}" = HP User Guides 0126 "{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista "{3A4D5E2D-988D-4ee9-8E7F-3AC200A2B8F5}" = 4500G510nz_Software_Min "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax "{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant "{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5B05FF91-F20C-4832-A8DE-E1912639C17C}" = 4500G510nz "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader "{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting "{690879A5-18EF-447B-98D6-B699D51008AB}" = 4500_G510nz_Help "{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{732A3F80-008B-4350-BD58-EC5AE98707B8}" = HP Common Access Service Library "{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com "{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere "{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159 "{7EACD74C-147F-478C-9389-F9F52EE3C88A}" = LightScribe System Software "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility "{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8B33984B-EE9B-4F61-8E7E-8DCECCF8C3A9}" = Agatha Christie - Death on the Nile "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007 "{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English) "{9559F7CA-5E34-4237-A2D9-D856464AD727}" = Project64 1.6 "{95A747E0-DF19-46CB-A622-20A0107201BD}" = HP Total Care Setup "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9F479685-180E-4C05-9400-D59292A1B29C}" = Windows Live Movie Maker "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}" = Windows Live Messenger "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{CAE7D1D9-3794-4169-B4DD-964ADBC534EE}" = HP Product Detection "{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library "{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp "{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio "{E6158D07-2637-4ECF-B576-37C489669174}" = Windows Live Call "{E8020EC7-5DD8-80C9-7237-7B2E9BDA8CC6}" = muvee Reveal "{E9021599-1E2A-4027-A1CC-40E42A08603C}" = RETScreen Version 4 "{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer "{ED1D3C27-EFE7-43D9-AFE9-14281CD6AE65}" = GooReader "{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery "{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}" = ArcSoft Panorama Maker 5 "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5 "{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables "{FEA36347-ADBE-423F-A1B2-74A3C3BCE15E}" = RETScreen "Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Algebra and Trigonometry with Analytic Geometry" = Algebra and Trigonometry with Analytic Geometry "com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com "Final Fantasy VII_is1" = Final Fantasy VII - Ultima Edition "FxFoto" = FxFoto by Triscape "Google Chrome" = Google Chrome "HOMESTUDENTR" = Microsoft Office Home and Student 2007 "HP.MediaSmartSlingPlayer_is1" = HP MediaSmart SlingPlayer "InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite "InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US) "Physical Geology" = Physical Geology "QuickTime" = QuickTime "TriscapeFxFoto" = Triscape FxFoto "WildTangent hp Master Uninstall" = My HP Games "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WM Converter 2.0" = WM Converter 2.0 "Yahoo! Companion" = Yahoo! Toolbar "Yahoo! Messenger" = Yahoo! Messenger "Yahoo! Software Update" = Yahoo! Software Update "YTdetect" = Yahoo! Detect ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "magicJack" = magicJack ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 3/23/2012 10:58:40 AM | Computer Name = iWes | Source = Application Error | ID = 1000 Description = Faulting application plugin-container.exe, version 11.0.0.4454, time stamp 0x4f5ecbd4, faulting module ntdll.dll, version 6.0.6002.18541, time stamp 0x4ec3e39f, exception code 0xc0000005, fault offset 0x00030226, process id 0x2f940, application start time 0x01cd08fb14e13750. Error - 3/24/2012 2:31:30 AM | Computer Name = iWes | Source = Application Hang | ID = 1002 Description = The program EXCEL.EXE version 12.0.6654.5003 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 2df8 Start Time: 01cd062950956824 Termination Time: 757 Error - 3/26/2012 7:14:45 PM | Computer Name = iWes | Source = Application Hang | ID = 1002 Description = The program chrome.exe version 17.0.963.79 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Problem Reports and Solutions control panel. Process ID: 2550 Start Time: 01cd06b3dd5fa154 Termination Time: 1516 Error - 3/27/2012 12:44:54 PM | Computer Name = iWes | Source = WinMgmt | ID = 10 Description = Error - 3/29/2012 1:29:12 PM | Computer Name = iWes | Source = MsiInstaller | ID = 11335 Description = Error - 3/29/2012 6:19:18 PM | Computer Name = iWes | Source = WinMgmt | ID = 10 Description = Error - 3/29/2012 6:21:23 PM | Computer Name = iWes | Source = SideBySide | ID = 16842787 Description = Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis. Error - 3/29/2012 6:21:23 PM | Computer Name = iWes | Source = SideBySide | ID = 16842787 Description = Activation context generation failed for "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe".Error in manifest or policy file "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" on line 8. Component identity found in manifest does not match the identity of the component requested. Reference is WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1". Definition is WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Please use sxstrace.exe for detailed diagnosis. Error - 3/29/2012 10:14:10 PM | Computer Name = iWes | Source = WinMgmt | ID = 10 Description = Error - 3/30/2012 6:55:17 PM | Computer Name = iWes | Source = WinMgmt | ID = 10 Description = [ Media Center Events ] Error - 9/4/2009 12:07:29 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 9/4/2009 1:59:19 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. Error - 9/9/2009 2:15:21 PM | Computer Name = Owner-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule. [ System Events ] Error - 4/1/2012 1:17:04 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:30:22 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:30:22 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:30:22 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:36:31 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:36:31 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:43:42 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:43:42 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:43:42 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. Error - 4/1/2012 2:43:42 PM | Computer Name = iWes | Source = atapi | ID = 262155 Description = The driver detected a controller error on \Device\Ide\IdePort0. < End of report >

This is the OTL OTL logfile created on: 4/1/2012 2:27:32 PM - Run 1 OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Owner\Downloads 64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19190) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.90 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 30.90% Memory free 6.03 Gb Paging File | 3.59 Gb Available in Paging File | 59.50% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 285.05 Gb Total Space | 123.62 Gb Free Space | 43.37% Space Free | Partition Type: NTFS Drive D: | 13.04 Gb Total Space | 1.50 Gb Free Space | 11.49% Space Free | Partition Type: NTFS Drive E: | 4.38 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF Computer Name: IWES | User Name: Owner | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/04/01 14:26:47 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Downloads\OTL (2).exe PRC - [2012/03/26 22:28:45 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe PRC - [2012/03/12 18:00:37 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe PRC - [2012/03/12 18:00:33 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe PRC - [2012/01/17 20:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgtray.exe PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe PRC - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe PRC - [2010/08/25 11:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/09/15 18:47:36 | 000,479,232 | ---- | M] (Nikon Corporation) -- C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe PRC - [2008/12/17 20:11:40 | 000,365,952 | ---- | M] () -- C:\Program Files (x86)\SMINST\BLService.exe PRC - [2008/11/26 20:13:08 | 000,296,320 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe PRC - [2008/11/26 20:13:08 | 000,116,096 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe ========== Modules (No Company Name) ========== MOD - [2012/03/26 22:28:43 | 000,444,400 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\ppgooglenaclpluginchrome.dll MOD - [2012/03/26 22:28:42 | 003,915,248 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\pdf.dll MOD - [2012/03/26 22:27:17 | 000,122,880 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\avutil-51.dll MOD - [2012/03/26 22:27:16 | 000,220,672 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\avformat-53.dll MOD - [2012/03/26 22:27:14 | 001,747,456 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\avcodec-53.dll MOD - [2012/03/26 21:37:41 | 008,747,168 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\gcswf32.dll MOD - [2012/03/12 18:00:33 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe MOD - [2012/02/16 03:51:10 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\8b5f54e3b382fc1720c76557ef8c8bc3\System.Management.ni.dll MOD - [2012/02/16 03:49:53 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2598077ccea480c6120d3a1ad4455be0\System.Web.ni.dll MOD - [2012/02/16 03:49:43 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5c3bfd69e0c268baff0d169e11a6a784\System.Runtime.Remoting.ni.dll MOD - [2012/02/16 03:49:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7fd6c62196829d1e2dce5a253145d51a\System.Configuration.ni.dll MOD - [2012/02/16 03:09:55 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d9f0f1dc8cbdb81f1ba122d77a6ab710\System.Xml.ni.dll MOD - [2012/02/16 03:09:33 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65450889f3742aada2a6c0cf8e6173e3\System.Windows.Forms.ni.dll MOD - [2012/02/16 03:09:20 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\137696d0416b65dbc1561152971488b4\System.Drawing.ni.dll MOD - [2012/02/16 03:08:56 | 006,621,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\029217106fa24787ff7a61b754f8ebf7\System.Data.ni.dll MOD - [2012/02/16 03:08:29 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d48e106e015d0f8cb2d5295015cee508\PresentationFramework.Aero.ni.dll MOD - [2012/02/16 03:08:26 | 014,328,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\56df3488472318c59d0a08ed10a065d3\PresentationFramework.ni.dll MOD - [2012/02/16 03:08:00 | 012,216,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3951e0a359c004cd6ba268ff78ac62aa\PresentationCore.ni.dll MOD - [2012/02/16 03:07:39 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1e258a951222c818540b33880ca45f2e\WindowsBase.ni.dll MOD - [2012/02/16 03:07:25 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c50133cb67d7c013fa31e1ffb942060b\System.ni.dll MOD - [2011/10/14 03:59:35 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\8056d047225d4a9c2e4c6b096563d93d\UIAutomationTypes.ni.dll MOD - [2011/10/14 03:47:26 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL MOD - [2011/02/10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe MOD - [2009/11/19 10:20:44 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll MOD - [2009/11/19 10:20:42 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll MOD - [2009/11/19 10:20:42 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll MOD - [2009/08/26 13:11:32 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll MOD - [2009/08/26 13:11:30 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll MOD - [2009/08/26 13:11:22 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll MOD - [2009/08/26 13:11:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll MOD - [2009/08/26 13:11:22 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll MOD - [2009/08/26 13:11:20 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll MOD - [2009/08/26 13:11:18 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll MOD - [2009/08/26 13:11:02 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll MOD - [2009/05/26 21:06:28 | 000,913,408 | ---- | M] () -- C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MOD - [2009/03/30 00:42:17 | 002,933,760 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll MOD - [2009/01/13 13:00:42 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2009/02/22 21:08:10 | 000,267,776 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\STacSV64.exe -- (STacSV) SRV:64bit: - [2009/02/12 04:21:34 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_c7d6edb7\AESTSr64.exe -- (AESTFilters) SRV:64bit: - [2008/03/18 19:25:40 | 000,023,040 | ---- | M] (Hewlett-Packard Corporation) [Auto | Running] -- C:\Windows\SysNative\Hpservice.exe -- (hpsrv) SRV:64bit: - [2008/03/18 08:26:56 | 000,015,872 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\SysNative\agr64svc.exe -- (AgereModemAudio) SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/03/12 18:00:37 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0) SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent) SRV - [2011/11/10 09:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service) SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/02/08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd) SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/05/21 21:35:32 | 000,923,136 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\Hp\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/12/17 20:11:40 | 000,365,952 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SMINST\BLService.exe -- (Recovery Service for Windows) SRV - [2008/11/26 20:13:08 | 000,296,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe -- (TVCapSvc) TV Background Capture Service (TVBCS) SRV - [2008/11/26 20:13:08 | 000,116,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe -- (TVSched) TV Task Scheduler (TVTS) SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011/05/27 19:05:14 | 000,117,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys -- (AVGIDSDriver) DRV:64bit: - [2011/04/05 00:59:54 | 000,377,936 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgtdia.sys -- (Avgtdia) DRV:64bit: - [2011/03/16 16:03:18 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys -- (Avgrkx64) DRV:64bit: - [2011/03/01 14:25:18 | 000,041,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys -- (Avgmfx64) DRV:64bit: - [2011/02/22 08:12:34 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH) DRV:64bit: - [2011/02/10 07:53:22 | 000,029,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys -- (AVGIDSFilter) DRV:64bit: - [2011/01/07 06:41:44 | 000,304,720 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avgldx64.sys -- (Avgldx64) DRV:64bit: - [2010/06/23 09:21:34 | 000,318,568 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169) DRV:64bit: - [2009/12/30 10:21:26 | 000,031,800 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\revoflt.sys -- (Revoflt) DRV:64bit: - [2009/11/26 13:42:40 | 002,685,432 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys -- (BCM43XX) DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb) DRV:64bit: - [2009/04/29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:64bit: - [2009/04/11 01:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser.sys -- (usbser) DRV:64bit: - [2009/02/22 21:08:10 | 000,473,088 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA) DRV:64bit: - [2008/10/29 15:55:52 | 001,253,376 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2008/10/28 04:33:30 | 008,039,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx) DRV:64bit: - [2008/09/22 01:49:58 | 000,126,464 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel® DRV:64bit: - [2008/09/19 20:43:58 | 000,068,096 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR) DRV:64bit: - [2008/09/04 13:48:00 | 000,064,000 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\enecir.sys -- (enecir) DRV:64bit: - [2008/07/24 12:48:10 | 000,250,928 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\SynTP.sys -- (SynTP) DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wdcsam64.sys -- (WDC_SAM) DRV:64bit: - [2008/03/27 15:10:56 | 000,026,984 | ---- | M] (Hewlett-Packard Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys -- (hpdskflt) DRV:64bit: - [2008/03/27 15:10:14 | 000,040,296 | ---- | M] (Hewlett-Packard Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys -- (Accelerometer) DRV:64bit: - [2008/01/20 22:51:07 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2008/01/20 22:47:25 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\serscan.sys -- (StillCam) DRV:64bit: - [2008/01/20 22:46:57 | 003,154,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys -- (NETw3v64) Intel® DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\sdbus.sys -- (sdbus) DRV:64bit: - [2006/10/03 21:45:36 | 000,273,408 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64) DRV - [2008/11/28 21:04:24 | 000,146,928 | ---- | M] (CyberLink Corp.) [2009/06/27 03:43:11] [Kernel | Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49}) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{682A7A5C-953E-4F46-BE75-B46823CC9E8B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{F866DC5B-A053-40B9-BCDE-375ED3441201}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=bf1&s={searchTerms}&f=4 IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{682A7A5C-953E-4F46-BE75-B46823CC9E8B}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{F866DC5B-A053-40B9-BCDE-375ED3441201}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\.DEFAULT\..\SearchScopes\{AB40DD79-0845-416A-B585-4A78A6EE9897}: "URL" = http://search.avg.com/route/?d=4cc9492a&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=b&ychte=us IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-18\..\SearchScopes\{AB40DD79-0845-416A-B585-4A78A6EE9897}: "URL" = http://search.avg.com/route/?d=4cc9492a&v=6.103.18.1&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=b&ychte=us IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/?babsrc=HP_ss&affID=100888&mntrId=49fa998000000000000000255693bda2 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=bf1&s={searchTerms}&f=4 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100888&mntrId=49fa998000000000000000255693bda2 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{682A7A5C-953E-4F46-BE75-B46823CC9E8B}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.dm/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_enBB342 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={520A4C0B-E0D2-4329-93F2-8E0549790DF3}&mid=27c7f56d07e9442dafd5ec6d32621f2a-f1cf3f2cc362b13f5ef9d7dd0b7e8eb5952313cc〈=us&ds=AVG&pr=fr&d=2011-12-10 09:10:27&v=9.0.0.18&sap=dsp&q={searchTerms} IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}: "URL" = http://search.imesh.com/webResults.html?src=ieb&q={searchTerms} IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}: "URL" = http://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=UT2 IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\SearchScopes\{F866DC5B-A053-40B9-BCDE-375ED3441201}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl IE - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Google" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2012/02/03 10:03:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/22 12:22:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\10.2.0.3\ [2012/03/12 18:00:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/19 19:10:49 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/09 10:36:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/09/22 12:22:50 | 000,000,000 | ---D | M] [2010/02/14 11:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions [2010/02/14 11:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions\IMVUClientXUL@imvu.com [2009/09/25 13:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org [2011/12/19 06:40:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\extensions [2011/09/06 19:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\mozilla\Firefox\extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088} [2011/12/19 06:54:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/03/19 19:10:49 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/03/12 18:00:31 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml [2012/02/21 20:37:27 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011/09/25 06:55:16 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml [2012/02/21 20:37:27 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\18.0.1025.142\gcswf32.dll CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Owner\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - Extension: YouTube = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: AVG Safe Search = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\ CHR - Extension: Gmail = C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2006/09/18 17:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.) O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg64.dll (Google Inc.) O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll () O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.) O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll () O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found. O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.) O3:64bit: - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.) O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [Nikon Transfer Monitor] C:\Program Files (x86)\Common Files\Nikon\Monitor\NkMonitor.exe (Nikon Corporation) O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe () O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe () O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [ares] "C:\Program Files (x86)\Ares\Ares.exe" -h File not found O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [cdloader] C:\Users\Owner\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [Facebook Update] C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [Messenger (Yahoo!)] C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [RegistryBooster] "C:\Program Files (x86)\Uniblue\RegistryBooster\launcher.exe" delay 20000 File not found O4 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000..\Run: [speech Recognition] C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) O4:64bit: - HKLM..\RunOnce: [*WerKernelReporting] C:\Windows\SysNative\WerFault.exe (Microsoft Corporation) O4 - Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IMVU.lnk = File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O7 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-2935616890-3038444645-374369962-1000\..Trusted Domains: localhost ([]http in Computer) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab (GMNRev Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 205.214.222.201 205.214.219.201 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C2370A83-364F-4105-905A-275EB21DFC24}: DhcpNameServer = 205.214.222.201 205.214.219.201 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D00227C2-EAC7-4390-B069-BB86459BA6AD}: DhcpNameServer = 205.214.222.201 205.214.219.201 O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.) O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll () O24 - Desktop WallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Owner\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/12/19 06:10:27 | 000,000,000 | RH-- | M] () - E:\autorun.wbcat -- [ UDF ] O32 - AutoRun File - [2011/12/19 06:10:53 | 000,000,124 | ---- | M] () - E:\autorun.inf -- [ UDF ] O33 - MountPoints2\{0a07ac47-a43e-11de-8671-00238be9f1db}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL owNER.exE O33 - MountPoints2\{7d428266-dc6e-11df-b09e-00238be9f1db}\Shell\AutoRun\command - "" = ircphate.exe O33 - MountPoints2\{7d428266-dc6e-11df-b09e-00238be9f1db}\Shell\open\command - "" = ircphate.exe O33 - MountPoints2\{bc812d42-c477-11de-a930-00238be9f1db}\Shell\AutoRun\command - "" = systemkernal.exe O33 - MountPoints2\{bc812d47-c477-11de-a930-00238be9f1db}\Shell - "" = AutoRun O33 - MountPoints2\{bc812d47-c477-11de-a930-00238be9f1db}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a O33 - MountPoints2\{f89a1b4c-674c-11df-bd47-00238be9f1db}\Shell - "" = AutoRun O33 - MountPoints2\{f89a1b4c-674c-11df-bd47-00238be9f1db}\Shell\AutoRun\command - "" = "F:\WD SmartWare.exe" autoplay=true O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\autorun.exe O33 - MountPoints2\G\Shell\phone\command - "" = G:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/04/01 14:21:24 | 000,000,000 | ---D | C] -- C:\75c12df849b2f3177a80f472e7a1 [2012/04/01 10:53:48 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\VS Revo Group [2012/04/01 10:53:05 | 000,031,800 | ---- | C] (VS Revo Group) -- C:\Windows\SysNative\drivers\revoflt.sys [2012/04/01 10:53:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro [2012/04/01 10:53:03 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2012/03/13 13:43:08 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\RETScreen [2012/03/13 13:41:44 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RETScreen International [2012/03/13 13:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RETScreen [2012/03/13 13:39:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard [2012/03/03 01:23:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Facebook [1 C:\Users\Owner\Downloads\Documents\*.tmp files -> C:\Users\Owner\Downloads\Documents\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/04/01 14:35:38 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/04/01 14:22:15 | 000,002,052 | ---- | M] () -- C:\Windows\epplauncher.mif [2012/04/01 14:03:02 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/04/01 14:03:02 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/04/01 13:28:07 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000UA.job [2012/04/01 12:04:10 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/04/01 12:02:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/04/01 12:02:33 | 3119,714,304 | -HS- | M] () -- C:\hiberfil.sys [2012/04/01 12:02:26 | 485,258,191 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012/04/01 10:53:10 | 000,001,045 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk [2012/04/01 10:53:10 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2012/04/01 10:27:10 | 000,000,897 | ---- | M] () -- C:\Users\Owner\Desktop\magicJack.lnk [2012/04/01 08:41:09 | 093,288,619 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm [2012/04/01 01:28:02 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000Core.job [2012/04/01 01:13:03 | 000,000,392 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{0EB4410A-F22D-4AFE-BB88-4402968F4519}.job [2012/03/31 18:22:24 | 000,529,052 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm [2012/03/27 14:19:54 | 000,019,890 | ---- | M] () -- C:\Users\Owner\Downloads\Documents\WindPro.ret [2012/03/24 18:32:31 | 000,006,080 | ---- | M] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat [2012/03/21 03:06:38 | 000,718,676 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/03/21 03:06:38 | 000,604,556 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/03/21 03:06:38 | 000,104,224 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/03/18 17:31:33 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job [2012/03/15 03:31:06 | 000,313,792 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/03/13 13:41:52 | 000,002,015 | ---- | M] () -- C:\Users\Owner\Desktop\RETScreen 4.lnk [2012/03/03 17:27:36 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLdw.DAT [1 C:\Users\Owner\Downloads\Documents\*.tmp files -> C:\Users\Owner\Downloads\Documents\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/04/01 14:22:15 | 000,002,052 | ---- | C] () -- C:\Windows\epplauncher.mif [2012/04/01 10:53:10 | 000,001,045 | ---- | C] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk [2012/04/01 10:53:10 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk [2012/03/27 14:19:50 | 000,019,890 | ---- | C] () -- C:\Users\Owner\Downloads\Documents\WindPro.ret [2012/03/13 13:41:52 | 000,002,015 | ---- | C] () -- C:\Users\Owner\Desktop\RETScreen 4.lnk [2012/03/03 01:23:40 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000UA.job [2012/03/03 01:23:37 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000Core.job [2011/09/27 00:18:23 | 000,000,418 | ---- | C] () -- C:\Windows\hpwmdl28.dat.temp [2011/09/22 12:04:28 | 000,207,289 | ---- | C] () -- C:\Windows\hpwins28.dat [2011/09/06 19:41:51 | 000,000,272 | ---- | C] () -- C:\Users\Owner\AppData\Roaming\.backup.dm [2010/12/23 07:07:08 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Examples [2010/12/23 07:07:08 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\Enhance Timing [2010/12/23 07:07:08 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdw.DAT [2010/12/23 07:07:08 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Flange Saw [2010/12/23 07:03:32 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Equalizer [2010/12/23 07:03:32 | 000,000,268 | RH-- | C] () -- C:\Users\Owner\AppData\Roaming\Electric Clav [2010/12/23 07:03:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT [2010/12/23 07:03:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filesystems [2010/09/06 11:36:39 | 000,006,080 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat [2010/07/29 18:24:20 | 000,000,058 | -H-- | C] () -- C:\ProgramData\Ts_infos.ini ========== LOP Check ========== [2010/10/28 18:41:45 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\AVG10 [2011/10/25 19:05:51 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Babylon [2010/11/20 09:14:00 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011/09/06 19:41:21 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\eBayDesktopShortcut [2010/02/09 19:27:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FloodLightGames [2010/07/29 18:50:57 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\FxFotoDB [2011/11/23 14:28:14 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\HEC [2010/01/19 19:08:47 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\iWin [2010/02/27 16:45:39 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Ludia [2012/04/01 10:27:32 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\mjusbsp [2009/09/28 18:58:26 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\muvee Technologies [2010/12/23 07:30:22 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Nikon [2009/08/31 17:10:13 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PeerNetworking [2010/06/23 15:28:55 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\PlayFirst [2012/03/13 13:43:08 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\RETScreen [2011/07/27 18:32:59 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\SplashupLight.8F84E54D18819F0C71CA15FE192C56A89F17989F.1 [2010/02/14 16:39:46 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\Vivox [2009/08/27 08:49:53 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WildTangent [2010/03/11 14:54:49 | 000,000,000 | ---D | M] -- C:\Users\Owner\AppData\Roaming\WinBatch [2012/04/01 01:28:02 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000Core.job [2012/04/01 13:28:07 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2935616890-3038444645-374369962-1000UA.job [2009/08/31 18:07:06 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\NSSstub.job [2012/03/30 18:52:28 | 000,032,522 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [2012/04/01 01:13:03 | 000,000,392 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{0EB4410A-F22D-4AFE-BB88-4402968F4519}.job ========== Purity Check ========== < End of report >

Nevermind it started again

The OTL is not responding...

Ok I'm on it! Just waiting on the OTL to scan!

I am so mad right now! I just installed the codec-c malware trying to watch a tv show. I sensed something was wrong when I tried to press escape and the program started to download even faster, and just as I was researching the program online I saw virus next to the search options so I immediately performed and improper shut down but it was too late! Please help! Please delete an earlier post I made on this... I did not know that I was not supposed to BUMP because it would look as if I am being helped! I am just so out of it right now and I have tons of work to do!

BUMP!

I am so mad right now! I just installed the codec-c malware trying to watch a tv show. I sensed something was wrong when I tried to press escape and the program started to download even faster, and just as I was researching the program online I saw virus next to the search options so I immediately performed and improper shut down but it was too late! Please help!