Jump to content

ianmacdonald

Members
  • Posts

    3
  • Joined

  • Last visited

Reputation

0 Neutral
  1. 2) RSIT info.txt info.txt logfile of random's system information tool 1.09 2012-05-16 23:22:53 ======Uninstall list====== -->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{8509270B-F44B-435B-930B-2C4C9726EC6D}" "1033" "0" -->MsiExec /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL AC3Filter 1.63b-->"C:\Program Files (x86)\AC3Filter\unins000.exe" Adobe Acrobat X Pro - English, Français, Deutsch-->MsiExec.exe /I{AC76BA86-1033-F400-7760-000000000005} Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723} Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe Adobe Flash Player 11 Plugin 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_2_202_235_Plugin.exe -maintain plugin Adobe Reader 9.5.0 MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-A91000000001} Alcor Micro USB Card Reader-->C:\Program Files (x86)\InstallShield Installation Information\{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}\setup.exe -runfromtemp Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654} Apple Mobile Device Support-->MsiExec.exe /I{9C98CA38-4C1A-4AC8-B55C-169497C8826B} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ASUS AI Recovery-->MsiExec.exe /I{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0} ASUS Live Update-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\Setup.exe" -l0x9 ASUS MultiFrame-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9D48531D-2135-49FC-BC29-ACCDA5396A76}\setup.exe" -l0x9 ASUS Virtual Camera-->MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1} Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly ATK Package-->MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Behavior Tracker-->"C:\ProgramData\{31DA7649-ED60-4CCE-86EF-C02EDB6B9FA3}\Behavior Tracker.exe" REMOVE=TRUE MODIFY=FALSE Behavior Tracker-->C:\ProgramData\{31DA7649-ED60-4CCE-86EF-C02EDB6B9FA3}\Behavior Tracker.exe Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} Bulk Rename Utility 2.7.1.2-->"C:\Program Files (x86)\Bulk Rename Utility\unins000.exe" CDBurnerXP-->"C:\Program Files\CDBurnerXP\unins001.exe" D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{33D32206-AC43-4808-B6A2-5B5EEFFE1EF6}" "1033" "0" Diablo III-->C:\Program Files (x86)\Common Files\Blizzard Entertainment\Diablo III\Uninstall.exe DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall ERUNT 1.1j-->"C:\Program Files (x86)\ERUNT\unins000.exe" ETDWare PS/2-x64 7.0.5.11_WHQL-->%ProgramFiles%\Elantech\ETDUn_inst.exe Facebook Video Calling 1.2.0.159-->MsiExec.exe /X{7CAC6A44-C3DE-4153-ACA6-7524602C789E} FileMaker Pro 11-->D:\Program Files\Setup\Uninstall.exe {EACCC991-8E8C-4397-8854-349506741FC9} "FileMaker Pro 11" FileMaker Pro 11-->MsiExec.exe /I{EACCC991-8E8C-4397-8854-349506741FC9} FLAC 1.2.1b (remove only)-->C:\Program Files (x86)\FLAC\uninstall.exe G*Power 3.1.3-->MsiExec.exe /I{26A39957-0BE3-449B-BA6F-922C8713AB2B} Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} Google Talk Plugin-->MsiExec.exe /I{FD207C2C-A7FF-332A-AC85-5A5ACED6F31B} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} IBM SPSS Statistics 20-->MsiExec.exe /I{2AF8017B-E503-408F-AACE-8A335452CAD2} Intel PROSet Wireless-->Intel PROSet Wireless Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall Intel® PROSet/Wireless WiFi Software-->MsiExec /I{AF162E20-417F-4946-A06D-65734984957F} Intel® WiDi-->MsiExec.exe /X{7257132D-7F65-41E6-A90F-43BF6099461A} iTunes-->MsiExec.exe /I{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E} Java™ 7 Update 4-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217004FF} JavaFX 2.1.0-->MsiExec.exe /X{1111706F-666A-4037-7777-210328764D10} Juniper Networks Setup Client Activex Control-->C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe Malwarebytes Anti-Malware version 1.61.0.1400-->"D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Mendeley Desktop 1.3.2-->D:\Program Files (x86)\Mendeley Desktop\Uninstaller.exe Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-0000-0000000FF1CE}" "{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0044-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00BA-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0116-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0117-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2010-->MsiExec.exe /X{90140000-00BA-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2010-->MsiExec.exe /X{90140000-0044-0409-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2010-->MsiExec.exe /X{90140000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE} Microsoft Office Professional Plus 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL Microsoft Office Professional Plus 2010-->MsiExec.exe /X{90140000-0011-0000-0000-0000000FF1CE} Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE} Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (English) 2010-->MsiExec.exe /X{90140000-002A-0409-1000-0000000FF1CE} Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0116-0409-1000-0000000FF1CE} Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148-->MsiExec.exe /X{EE936C7A-EA40-31D5-9B65-8E3E089C3828} Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50} Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Mozilla Firefox 12.0 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Mozilla Thunderbird (5.0)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP3 Parser (KB973685)-->MsiExec.exe /I{859DFA95-E4A6-48CD-B88E-A3E483E89B44} NEC Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}\setup.exe" -runfromtemp -l0x0409 -removeonly NEC Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /I{D7BF9739-8A68-4335-BBEE-37752AD9E86B} Netflix in Windows Media Center-->MsiExec.exe /X{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6} NVIDIA Graphics Driver 296.10-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.2\NVI2.DLL",UninstallPackage Display.Driver NVIDIA PhysX System Software 9.12.0213-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.2\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA PhysX-->MsiExec.exe /X{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9} NVIDIA Update 1.7.11-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.2\NVI2.DLL",UninstallPackage Display.Update NVIDIA Updatus-->"C:\Program Files (x86)\InstallShield Installation Information\{7357286A-CBE7-4F4A-BABC-EC4B3DD63862}\setup.exe" -runfromtemp -l0x0009 QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C} R for Windows 2.12.0-->"C:\Program Files\R\R-2.12.0\unins000.exe" RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} RealPlayer-->C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe RealNetworks|RealPlayer|15.0 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB} Rosetta Stone Version 3-->MsiExec.exe /X{99011A6E-5200-11DE-BDB8-7ACD56D89593} Samsung Kies-->"C:\Program Files (x86)\InstallShield Installation Information\{758C8301-2696-4855-AF45-534B1200980A}\setup.exe" -runfromtemp -l0x0409 -removeonly Samsung Kies-->MsiExec.exe /I{758C8301-2696-4855-AF45-534B1200980A} Samsung Universal Print Driver-->C:\Program Files (x86)\Samsung\Samsung Universal Print Driver\Install\Setup.exe /R SAMSUNG USB Driver for Mobile Phones-->C:\Program Files (x86)\Samsung\USB Drivers\Uninstall.exe Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B76D8C6D-1F13-42A7-9931-D7504CB89D6D}" "1033" "0" Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1033" "0" Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1033" "0" Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1033" "0" Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1033" "0" Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{01F2485C-FAEE-47E7-986E-B4F2FFC22D57}" "1033" "0" Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{61461470-8168-4F4B-97B7-617AF354F028}" "1033" "0" Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1033" "0" Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}" "1033" "0" Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{B75541D4-3970-4CC7-934B-D48F8C26DCA5}" "1033" "0" Skype Toolbars-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Skype™ 5.3-->MsiExec.exe /X{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED} Spybot - Search & Destroy-->"D:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe" SRS Premium Sound Control Panel-->MsiExec.exe /I{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049} Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1033" "0" Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1033" "0" Update for Microsoft Office 2010 (KB2553092)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}" "1033" "0" Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1033" "0" Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1033" "0" Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{17E7B9AB-2DD2-457D-8D8E-CD14ACA973FE}" "1033" "0" Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{15058154-469F-4794-ACD5-94F8420F9B80}" "1033" "0" Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{995A7832-B512-46D5-87C9-2D71FB541435}" "1033" "0" Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{C8694FF0-8203-483B-A07A-2BC40433167D}" "1033" "0" Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{73E67A3A-8D61-44EF-90C2-1697C3DBE668}" "1033" "0" Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{28FAC187-7C0E-413A-B90A-76F19D0FBF30}" "1033" "0" Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1033" "0" Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1033" "0" Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{4D98EEEA-A31B-42FA-991A-F989594F4DA5}" "1033" "0" Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{4D98EEEA-A31B-42FA-991A-F989594F4DA5}" "1033" "0" Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{9865DC3A-2898-48D9-B96A-46397571C934}" "1033" "0" Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{3613AECC-1454-4DDD-AC36-C42DC16D6DEE}" "1033" "0" Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{3613AECC-1454-4DDD-AC36-C42DC16D6DEE}" "1033" "0" Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{38990592-F6A1-4A26-96C7-0600E36AE794}" "1033" "0" Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{5EBDE1DE-3B28-4134-AB00-85CFF2B4F94D}" "1033" "0" Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0011-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1033" "0" Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}" "1033" "0" VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F} VLC media player 2.0.1-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe Windows Driver Package - Microsoft Corporation ActivityMonitor (06/21/2006 6.0.6001.18000)-->C:\PROGRA~1\DIFX\0169CE3A95F06636\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\wimfltr.inf_amd64_neutral_2c27ed564f5f9545\wimfltr.inf Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Language Selector-->MsiExec.exe /I{180C8888-50F1-426B-A9DC-AB83A1989C65} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live Sync-->MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF} Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} WinFlash-->MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} WinRAR 4.00 beta 6 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe Wireless Console 3-->MsiExec.exe /I{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2} Write-N-Cite-->C:\PROGRA~2\Refworks\UNWISE.EXE C:\PROGRA~2\Refworks\INSTALL.LOG Xiph.Org Open Codecs 0.84.17359-->C:\Program Files (x86)\Xiph.Org\Open Codecs\uninst.exe XMind-->D:\Program Files (x86)\XMind\uninstall.exe ======System event log====== Computer Name: Ian-ASUS Event Code: 37 Message: The speed of processor 3 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report. Record Number: 89929 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20110908042714.830777-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Ian-ASUS Event Code: 37 Message: The speed of processor 1 in group 0 is being limited by system firmware. The processor has been in this reduced performance state for 71 seconds since the last report. Record Number: 89928 Source Name: Microsoft-Windows-Kernel-Processor-Power Time Written: 20110908042714.830777-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Ian-ASUS Event Code: 7026 Message: The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon Record Number: 89902 Source Name: Service Control Manager Time Written: 20110908042632.706491-000 Event Type: Error User: Computer Name: Ian-ASUS Event Code: 4001 Message: WLAN AutoConfig service has successfully stopped. Record Number: 89809 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20110908042535.096640-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: Ian-ASUS Event Code: 10002 Message: WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\IWMSSvc.dll Record Number: 89808 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20110908042535.096640-000 Event Type: Warning User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: iMAC Event Code: 100 Message: Task Scheduling Error: m->NextScheduledSPRetry 1061 Record Number: 17630 Source Name: Bonjour Service Time Written: 20110209065525.000000-000 Event Type: Error User: Computer Name: iMAC Event Code: 100 Message: Task Scheduling Error: m->NextScheduledEvent 1061 Record Number: 17629 Source Name: Bonjour Service Time Written: 20110209065525.000000-000 Event Type: Error User: Computer Name: iMAC Event Code: 100 Message: Task Scheduling Error: Continuously busy for more than a second Record Number: 17628 Source Name: Bonjour Service Time Written: 20110209065525.000000-000 Event Type: Error User: Computer Name: iMAC Event Code: 1002 Message: The program DivXWebPlayerInstaller(2).exe version 2.3.0.20 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 177c Start Time: 01cbc81fe0e059ab Termination Time: 0 Application Path: C:\Users\Ian\Downloads\DivXWebPlayerInstaller(2).exe Report Id: Record Number: 17621 Source Name: Application Hang Time Written: 20110209061157.000000-000 Event Type: Error User: Computer Name: iMAC Event Code: 1002 Message: The program DivXWebPlayerInstaller.exe version 2.3.0.20 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1724 Start Time: 01cbc81dfd789cd6 Termination Time: 6 Application Path: C:\Users\Ian\Downloads\DivXWebPlayerInstaller.exe Report Id: Record Number: 17613 Source Name: Application Hang Time Written: 20110209060744.000000-000 Event Type: Error User: =====Security event log===== Computer Name: Ian-ASUS Event Code: 4648 Message: A logon was attempted using explicit credentials. Subject: Security ID: S-1-5-21-2945578582-593853648-2416519973-1001 Account Name: Ian Account Domain: IAN-ASUS Logon ID: 0x1a8ba Logon GUID: {00000000-0000-0000-0000-000000000000} Account Whose Credentials Were Used: Account Name: HomeGroupUser$ Account Domain: BRIDGET-HP Logon GUID: {00000000-0000-0000-0000-000000000000} Target Server: Target Server Name: Bridget-HP Additional Information: Bridget-HP Process Information: Process ID: 0xbe8 Process Name: C:\Windows\System32\spoolsv.exe Network Information: Network Address: - Port: - This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command. Record Number: 73491 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111211002516.565976-000 Event Type: Audit Success User: Computer Name: Ian-ASUS Event Code: 4648 Message: A logon was attempted using explicit credentials. Subject: Security ID: S-1-5-21-2945578582-593853648-2416519973-1001 Account Name: Ian Account Domain: IAN-ASUS Logon ID: 0x1a8ba Logon GUID: {00000000-0000-0000-0000-000000000000} Account Whose Credentials Were Used: Account Name: HomeGroupUser$ Account Domain: BRIDGET-HP Logon GUID: {00000000-0000-0000-0000-000000000000} Target Server: Target Server Name: Bridget-HP Additional Information: Bridget-HP Process Information: Process ID: 0xbe8 Process Name: C:\Windows\System32\spoolsv.exe Network Information: Network Address: - Port: - This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command. Record Number: 73490 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111211002516.562975-000 Event Type: Audit Success User: Computer Name: Ian-ASUS Event Code: 4648 Message: A logon was attempted using explicit credentials. Subject: Security ID: S-1-5-21-2945578582-593853648-2416519973-1001 Account Name: Ian Account Domain: IAN-ASUS Logon ID: 0x1a8ba Logon GUID: {00000000-0000-0000-0000-000000000000} Account Whose Credentials Were Used: Account Name: HomeGroupUser$ Account Domain: BRIDGET-HP Logon GUID: {00000000-0000-0000-0000-000000000000} Target Server: Target Server Name: Bridget-HP Additional Information: Bridget-HP Process Information: Process ID: 0xbe8 Process Name: C:\Windows\System32\spoolsv.exe Network Information: Network Address: - Port: - This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command. Record Number: 73489 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111211002516.562975-000 Event Type: Audit Success User: Computer Name: Ian-ASUS Event Code: 4648 Message: A logon was attempted using explicit credentials. Subject: Security ID: S-1-5-21-2945578582-593853648-2416519973-1001 Account Name: Ian Account Domain: IAN-ASUS Logon ID: 0x1a8ba Logon GUID: {00000000-0000-0000-0000-000000000000} Account Whose Credentials Were Used: Account Name: HomeGroupUser$ Account Domain: BRIDGET-HP Logon GUID: {00000000-0000-0000-0000-000000000000} Target Server: Target Server Name: Bridget-HP Additional Information: Bridget-HP Process Information: Process ID: 0xbe8 Process Name: C:\Windows\System32\spoolsv.exe Network Information: Network Address: - Port: - This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command. Record Number: 73488 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111211002516.542974-000 Event Type: Audit Success User: Computer Name: Ian-ASUS Event Code: 4648 Message: A logon was attempted using explicit credentials. Subject: Security ID: S-1-5-21-2945578582-593853648-2416519973-1001 Account Name: Ian Account Domain: IAN-ASUS Logon ID: 0x1a8ba Logon GUID: {00000000-0000-0000-0000-000000000000} Account Whose Credentials Were Used: Account Name: HomeGroupUser$ Account Domain: BRIDGET-HP Logon GUID: {00000000-0000-0000-0000-000000000000} Target Server: Target Server Name: Bridget-HP Additional Information: Bridget-HP Process Information: Process ID: 0xbe8 Process Name: C:\Windows\System32\spoolsv.exe Network Information: Network Address: - Port: - This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command. Record Number: 73487 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20111211002516.497972-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\wbem;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;C:\Program Files\Intel\WiFi\bin;C:\Program Files\Common Files\Intel\WirelessCommon;C:\Program Files (x86)\QuickTime\QTSystem;C:\Program Files (x86)\Windows Live\Shared "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=4 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 37 Stepping 5, GenuineIntel "PROCESSOR_REVISION"=2505 "configsetroot"=%SystemRoot%\ConfigSetRoot "asl.log"=Destination=file "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip -----------------EOF----------------- 3) Checkup.txt Results of screen317's Security Check version 0.99.32 Windows 7 x64 (UAC is enabled) Internet Explorer 9 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Spybot - Search & Destroy JavaFX 2.1.0 Java™ 7 Update 4 Adobe Reader 9 Adobe Reader out of date! Mozilla Firefox (12.0.) Mozilla Thunderbird 5.0. Thunderbird out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Spybot Teatimer.exe is disabled! Ian Desktop Malware SecurityCheck.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe ``````````End of Log```````````` 4) Virustotal results File name: nvinit.dll Detection ratio: 0 / 41 Analysis date: 2012-05-17 03:30:01 UTC ( 0 minutes ago ) 5) VirSCAN results File Name : nvinit.dll File Size : 215360 byte File Type : PE32 executable for MS Windows (DLL) (GUI) Intel 80386 32-bi MD5 : 287bd3881745bd2c43efffcd95be7c07 SHA1 : 0f0ecc2c0d66a37c42f073e627cad68458b84139 Scanner results : Scanners did not find malware! 6) Bitdefender log QuickScan 64-bit v0.9.9.114 --------------------------- Scan date: Wed May 16 23:37:01 2012 Machine ID: C8602CD No infection found. ------------------- Processes --------- (verified) avast! Antivirus 2880 C:\Program Files\AVAST Software\Avast\AvastUI.exe (verified) Google Talk Plugin 4720 C:\Users\Ian\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe (verified) Java™ Platform SE Auto Updater 2 0 2936 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (verified) Microsoft® Windows® Operating System 1800 C:\Windows\explorer.exe (verified) Microsoft® Windows® Operating System 1708 C:\Windows\System32\dwm.exe (verified) Microsoft® Windows® Operating System 4092 C:\Windows\System32\notepad.exe (verified) Microsoft® Windows® Operating System 1680 C:\Windows\System32\taskhost.exe (verified) Microsoft® Windows® Operating System 4808 C:\Windows\SysWOW64\ctfmon.exe (verified) NVIDIA Settings 2208 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (verified) Windows® Internet Explorer 1016 C:\Program Files\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 1496 C:\Program Files\Internet Explorer\iexplore.exe (verified) Windows® Internet Explorer 5092 C:\Program Files\Internet Explorer\iexplore.exe (verified) Windows® Search 944 C:\Windows\System32\SearchProtocolHost.exe Network activity ---------------- Process iexplore.exe (1496) connected on port 80 (HTTP) --> 23.64.255.139 Process iexplore.exe (1496) connected on port 80 (HTTP) --> 74.125.228.32 Process iexplore.exe (1496) connected on port 80 (HTTP) --> 74.125.228.32 Autoruns and critical files --------------------------- (unsigned) AUTOBACK.EXE C:\Program Files (x86)\ERUNT\AUTOBACK.EXE (verified) avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastUI.exe (verified) Facebook Update C:\Users\Ian\AppData\Local\Facebook\Update\FacebookUpdate.exe (verified) Google Update C:\Users\Ian\AppData\Local\Google\Update\GoogleUpdate.exe (verified) Intel® Common User Interface C:\Windows\system32\igfxdev.dll (verified) Java™ Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (verified) Microsoft Office 2010 c:\program files (x86)\microsoft office\office14\grooveex.dll (verified) Microsoft Office 2010 c:\program files\microsoft office\office14\grooveex.dll (verified) Microsoft® Windows® Operating System c:\windows\system32\userinit.exe (verified) NVIDIA D3D shim drivers c:\windows\system32\nvinitx.dll (verified) NVIDIA D3D shim drivers c:\windows\syswow64\nvinit.dll (verified) Windows® Internet Explorer c:\windows\system32\webcheck.dll (verified) Windows® Internet Explorer c:\windows\syswow64\webcheck.dll Browser plugins --------------- (unsigned) pdfinfo-Win32.exe C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\zotero\pdfinfo-Win32.exe (unsigned) pdftotext-Win32.exe C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\zotero\pdftotext-Win32.exe (unsigned) QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll (unsigned) QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll (unsigned) QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll (unsigned) QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll (unsigned) QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll (unsigned) QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll (unsigned) QuickTime Plug-in 7.7.1 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-10.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-11.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-12.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-13.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-14.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-5.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-6.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-7.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-8.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-9.0\zoteroWinWordIntegration.dll (unsigned) TODO: <Product name> C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components\zoteroWinWordIntegration.dll (verified) Adobe Acrobat C:\Program Files (x86)\Internet Explorer\plugins\nppdf32.dll (verified) avast! WebRep c:\program files\avast software\avast\aswwebrepie64.dll (verified) Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax64.dll (verified) Bonjour C:\Program Files (x86)\Bonjour\mdnsNSP.dll (verified) Bonjour C:\Program Files\Bonjour\mdnsNSP.dll (verified) DivX VOD Helper Plug-in C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (verified) Facebook Video Calling Plugin C:\Users\Ian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (verified) Google Talk Plugin C:\Users\Ian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (verified) Google Talk Plugin Video Accelerator C:\Users\Ian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll (verified) Google Update C:\Users\Ian\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (verified) JuniperExt.exe C:\Windows\Downloaded Program Files\JuniperExt.exe (verified) JuniperSetupClientATL ActiveX Control M C:\Windows\Downloaded Program Files\JuniperSetupClient.ocx (verified) JuniperSetupClientCtrlUninstaller.exe C:\Windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe (verified) Microsoft Office 2010 c:\program files\microsoft office\office14\grooveex.dll (verified) Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (verified) Microsoft Office 2010 c:\program files\microsoft office\office14\urlredir.dll (verified) Microsoft® CoReXT C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (verified) Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (verified) Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (verified) Microsoft® Windows® Operating System C:\Windows\System32\mswsock.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\NapiNSP.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\pnrpnsp.dll (verified) Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll (verified) NPSWF64_11_2_202_235.dll C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll (verified) Windows® Internet Explorer C:\Windows\System32\ieframe.dll Missing files ------------- File not found: C:\Users\Ian\DOWNLO~1\dds(1).scr --> HKCU\Control Panel\Desktop\"SCRNSAVE.EXE" Scan ---- MD5: e00de20f0f6bed5cd2160247ddc9443b C:\Program Files (x86)\ERUNT\AUTOBACK.EXE MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin2.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin3.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin4.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin5.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin6.dll MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files (x86)\Internet Explorer\plugins\npqtplugin7.dll MD5: 11cda9e52ff9a62ec23eb424fe9f7384 C:\Program Files\WinRAR\RarExt.dll MD5: 1eef6acbbe1d5dcd2ee545895da87454 C:\Users\Ian\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll MD5: edd462c8fc71a47520f93d5e389d02d3 C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-10.0\zoteroWinWordIntegration.dll MD5: 9962107e0ec66efef03d232a137c74a0 C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-11.0\zoteroWinWordIntegration.dll MD5: 9dbd986caab2c23e1c978c02b86038f4 C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-12.0\zoteroWinWordIntegration.dll MD5: 50b452547e08117c75c4e73bfb8a687f C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-13.0\zoteroWinWordIntegration.dll MD5: f0aea79eedfcabc391cb1e0b37fb8d8b C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-14.0\zoteroWinWordIntegration.dll MD5: bf1549e16f05700e7899f4670e61c487 C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-5.0\zoteroWinWordIntegration.dll MD5: 4ded19378d40e8c81299262d9d900e58 C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-6.0\zoteroWinWordIntegration.dll MD5: ab4ba1ab024b154e7c2d218172cde43b C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-7.0\zoteroWinWordIntegration.dll MD5: 76f44da2cb824f8f35b95ef3f58eedcc C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-8.0\zoteroWinWordIntegration.dll MD5: c6752104e8b87eecdec3dd42537ffa6f C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components-9.0\zoteroWinWordIntegration.dll MD5: c0e853a89448e0cd7af367f6dc0fb0af C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\zoteroWinWordIntegration@zotero.org\components\zoteroWinWordIntegration.dll MD5: 471f496601c43c2c62f05ba84bc76c72 C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\zotero\pdfinfo-Win32.exe MD5: 049e524b7e688423e9e6ebe550d50f9a C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\zotero\pdftotext-Win32.exe MD5: 18555f48844c2861d9dce8f2b7223ae5 C:\Windows\system32\DRIVERS\NETw5s64.sys No file uploaded. Scan finished - communication took 3 sec Total traffic - 0.06 MB sent, 3.03 KB recvd Scanned 1348 files and modules - 219 seconds ==============================================================================
  2. Hi Maurice - thanks for the quick reply. I can't recall a specific time or incident that coincides with the performance drop, sorry. It's just no where need as fast as it was (things loading slow etc.). Logs posted in order of request below: 1) RSIT Log.txt Logfile of random's system information tool 1.09 (written by random/random) Run by Ian at 2012-05-16 23:21:54 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 33 GB (27%) free of 119 GB Total RAM: 3893 MB (51% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:22:45 PM, on 5/16/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Users\Ian\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\ERUNT\ERUNT.EXE C:\Program Files\trend micro\Ian.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file) O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O2 - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - (no file) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKUS\S-1-5-21-2945578582-593853648-2416519973-1010\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2945578582-593853648-2416519973-1010\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\PROGRA~2\SPYBOT~1\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {DBDC1CDA-B64B-49F7-9535-6317AA416E51} - O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/...SetupClient.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{043276B7-2929-4D15-BB3B-9220BACF42E6}: NameServer = 0.0.0.0 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\SysWOW64\rpcnet.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11710 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService "C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe" C:\Windows\system32\nvvsvc.exe -session -first C:\Windows\system32\svchost.exe -k NetworkService "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe" C:\Windows\system32\WLANExt.exe 27587728 \??\C:\Windows\system32\conhost.exe "-1686870915921326618138931946116520739916303875511028953632-5105742991033876806 "C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe" "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" C:\Windows\System32\spoolsv.exe "taskhost.exe" C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE taskeng.exe {A601F41B-3191-4720-BC99-A93DFF1CEF25} "C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe" "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe" ATKOSD.exe "C:\Program Files\Intel\WiFi\bin\EvtEng.exe" "C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" KBFiltr.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" WDC.exe "C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe" "C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1 "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui C:\Windows\SysWOW64\rpcnet.exe "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k secsvcs "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" WLIDSvcM.exe 1392 "C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7} "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4276.14929030.1638673491 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4276 "\\.\pipe\gecko-crash-server-pipe.4276" plugin "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4276.1bcb15b0.1782768581 "C:\Users\Ian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4276 "\\.\pipe\gecko-crash-server-pipe.4276" plugin "C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4276.c71d110.301456090 "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4276 "\\.\pipe\gecko-crash-server-pipe.4276" plugin "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" "C:\Users\Ian\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe" C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding "C:\Windows\system32\NOTEPAD.EXE" C:\Program Files (x86)\ERUNT\README.TXT "C:\Program Files (x86)\ERUNT\ERUNT.EXE" "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe33_ Global\UsGthrCtrlFltPipeMssGthrPipe33 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Windows\system32\SearchFilterHost.exe" 0 540 544 552 65536 548 "C:\Users\Ian\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\svchost.exe -k WerSvcGroup ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2945578582-593853648-2416519973-1001Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2945578582-593853648-2416519973-1001UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2945578582-593853648-2416519973-1001Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2945578582-593853648-2416519973-1001UA.job =========Mozilla firefox========= ProfilePath - C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default prefs.js - "browser.startup.homepage" - "http://www.sciencedaily.com/|http://www.thisviewoflife.com/index.php/religion/index.php|http://groupselections.blogspot.com/?zx=3f57039ba2650a" prefs.js - "extensions.enabledItems" - "{4176DFF4-4698-11DE-BEEB-45DA55D89593}:0.8.12, noia2_option@kk.noia:3.76, en-CA@dictionaries.addons.mozilla.org:2.0.0, en-GB@dictionaries.addons.mozilla.org:1.19.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {AE93811A-5C9A-4d34-8462-F7B864FC4696}:3.81, {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94, {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, zotero@chnm.gmu.edu:2.1.6, zoteroWinWordIntegration@zotero.org:3.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17, {9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}:3.76" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.2.202.235 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"=DivX Plus Web Player "Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.4.1] "Description"= "Path"=C:\Windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198] "Description"=RealPlayer™ LiveConnect-Enabled Plug-In "Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198] "Description"=RealJukebox Netscape Plugin "Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198] "Description"=RealNetworks™ RealPlayer Chrome Background Extension Plug-In "Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198] "Description"=RealPlayer™ HTML5VideoShim Plug-In "Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198] "Description"=15.0.0.198 "Path"=C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat] "Description"=Handles PDFs in-place in Firefox "Path"=D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.2.202.235 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL C:\Program Files (x86)\Mozilla Firefox\extensions\ {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files (x86)\Mozilla Firefox\plugins\ nppdf32.DEU nppdf32.dll nppdf32.FRA nppl3260.dll nppl3260.xpt npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll nprjplug.dll nprpjplug.dll nsjsrealplayerplugin.xpt QuickTimePlugin.class C:\Program Files (x86)\Mozilla Firefox\searchplugins\ amazondotcom.xml answers.xml bing.xml creativecommons.xml eBay.xml google.xml twitter.xml wikipedia.xml yahoo.xml C:\Users\Ian\AppData\Roaming\Mozilla\Firefox\Profiles\bzhxhjzs.default\extensions\ en-CA@dictionaries.addons.mozilla.org en-GB@dictionaries.addons.mozilla.org zigboom@ymail.com zotero@chnm.gmu.edu zoteroWinWordIntegration@zotero.org ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-06 1211776] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-12-21 689040] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-12-01 425680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}] DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}] Spybot-S&D IE Protection - D:\PROGRA~2\SPYBOT~1\SDHelper.dll [2009-01-26 1879896] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java™ Plug-In SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-06 1003704] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}] Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 339872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-05-16 1164680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}] SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 339872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-06 1211776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-06 1003704] {47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-01-03 339872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2012-01-03 815512] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] D:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [2012-01-03 36760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-04 37296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface] C:\Users\Ian\AppData\Local\Akamai\netsession_win.exe [2012-03-13 3331872] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-09-22 323584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe [2010-08-22 3058304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS WebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-01-05 170624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-02-04 7350912] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe start [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-28 1259376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ETDWare] C:\Program Files\Elantech\ETDCtrl.exe [2010-04-13 649608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] C:\Users\Ian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-03-08 137536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\Windows\system32\hkcmd.exe [2011-10-21 392472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray] C:\Windows\system32\igfxtray.exe [2011-10-21 167704] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2010-11-02 1933584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-10-09 421736] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-11-29 935312] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-11-29 3508624] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-01-22 106496] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2011-07-22 718720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence] C:\Windows\system32\igfxpers.exe [2011-10-21 416024] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2011-10-24 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-03-26 10135584] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Setwallpaper] c:\programdata\SetWallpaper.cmd [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe /systray /nologon [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer] D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2011-12-01 296056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0 [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk] C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe [2010-08-22 156952] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-06 4241512] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296] C:\Users\Ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ERUNT AutoBackup.lnk - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-10-21 390144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-05-23 249344] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2011-06-12 6721936] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2011-06-12 4221328] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveAutoRun"=0 "NoDrives"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDrives"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "msacm.ac3filter"=ac3filter64.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2012-05-16 23:21:54 ----D---- C:\rsit 2012-05-16 23:21:54 ----D---- C:\Program Files\trend micro 2012-05-16 23:12:52 ----D---- C:\Program Files (x86)\ERUNT 2012-05-16 01:49:30 ----D---- C:\Program Files (x86)\Oracle 2012-05-16 01:49:03 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll 2012-05-16 01:49:03 ----A---- C:\Windows\SYSWOW64\javaws.exe 2012-05-16 01:48:32 ----A---- C:\Windows\SYSWOW64\javaw.exe 2012-05-16 01:48:32 ----A---- C:\Windows\SYSWOW64\java.exe 2012-05-16 00:31:12 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2012-05-16 00:31:12 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll 2012-05-16 00:31:12 ----A---- C:\Windows\SYSWOW64\nvumdshim.dll 2012-05-16 00:31:12 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll 2012-05-16 00:31:12 ----A---- C:\Windows\system32\OpenCL.dll 2012-05-16 00:31:12 ----A---- C:\Windows\system32\nvwgf2umx.dll 2012-05-16 00:31:12 ----A---- C:\Windows\system32\nvoglv64.dll 2012-05-16 00:31:12 ----A---- C:\Windows\system32\drivers\nvpciflt.sys 2012-05-16 00:31:11 ----A---- C:\Windows\SYSWOW64\nvinit.dll 2012-05-16 00:31:11 ----A---- C:\Windows\SYSWOW64\nvdecodemft.dll 2012-05-16 00:31:11 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll 2012-05-16 00:31:11 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll 2012-05-16 00:31:11 ----A---- C:\Windows\SYSWOW64\nvcuvenc.dll 2012-05-16 00:31:11 ----A---- C:\Windows\SYSWOW64\nvcuda.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvinitx.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvgenco64.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvdispco64.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvdecodemft.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvd3dumx.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvcuvid.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvcuvenc.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\nvcuda.dll 2012-05-16 00:31:11 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys 2012-05-16 00:31:10 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll 2012-05-16 00:31:10 ----A---- C:\Windows\SYSWOW64\nvapi.dll 2012-05-16 00:31:10 ----A---- C:\Windows\system32\nvcompiler.dll 2012-05-16 00:30:47 ----D---- C:\Windows\pss 2012-05-15 19:38:26 ----D---- C:\ProgramData\Blizzard Entertainment 2012-05-15 19:33:00 ----D---- C:\ProgramData\Battle.net 2012-05-15 11:51:46 ----D---- C:\Program Files (x86)\Bulk Rename Utility 2012-05-13 16:38:34 ----SHD---- C:\$RECYCLE.BIN 2012-05-13 16:04:00 ----A---- C:\ComboFix.txt 2012-05-13 15:45:07 ----D---- C:\Windows\temp 2012-05-10 09:16:32 ----A---- C:\Windows\system32\DWrite.dll 2012-05-10 09:16:31 ----A---- C:\Windows\SYSWOW64\DWrite.dll 2012-05-10 09:16:22 ----A---- C:\Windows\system32\ntoskrnl.exe 2012-05-10 09:16:18 ----A---- C:\Windows\system32\win32k.sys 2012-05-10 09:16:16 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2012-05-10 09:16:14 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2012-05-10 09:15:42 ----A---- C:\Windows\system32\drivers\partmgr.sys 2012-05-10 09:15:20 ----A---- C:\Windows\system32\drivers\tcpip.sys 2012-05-07 20:21:15 ----D---- C:\Program Files (x86)\Sonix 2012-05-07 20:21:07 ----D---- C:\Users\Ian\AppData\Roaming\InstallShield 2012-04-26 10:12:36 ----D---- C:\ProgramData\Mozilla 2012-04-26 10:12:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service ======List of files/folders modified in the last 1 month====== 2012-05-16 23:22:31 ----D---- C:\Windows\Prefetch 2012-05-16 23:21:54 ----RD---- C:\Program Files 2012-05-16 23:13:28 ----D---- C:\Windows\ERDNT 2012-05-16 23:12:52 ----D---- C:\Program Files (x86) 2012-05-16 23:07:52 ----A---- C:\Windows\system32\rpcnetp.exe 2012-05-16 15:04:15 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2012-05-16 10:26:08 ----D---- C:\Windows\system32\config 2012-05-16 09:45:53 ----D---- C:\Windows\System32 2012-05-16 09:45:53 ----D---- C:\Windows\inf 2012-05-16 09:45:53 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-05-16 09:41:42 ----A---- C:\Windows\SYSWOW64\log.txt 2012-05-16 09:41:40 ----A---- C:\Windows\SYSWOW64\rpcnet.dll 2012-05-16 09:41:11 ----D---- C:\Windows\SYSWOW64\NV 2012-05-16 09:41:10 ----D---- C:\Windows\system32\NV 2012-05-16 01:50:05 ----SHD---- C:\Windows\Installer 2012-05-16 01:50:04 ----D---- C:\Program Files (x86)\Common Files 2012-05-16 01:49:22 ----SHD---- C:\System Volume Information 2012-05-16 01:49:03 ----D---- C:\Windows\SysWOW64 2012-05-16 01:48:19 ----D---- C:\Program Files (x86)\Java 2012-05-16 00:54:57 ----D---- C:\Windows 2012-05-16 00:53:41 ----D---- C:\ProgramData\NVIDIA 2012-05-16 00:35:38 ----RD---- C:\Users 2012-05-16 00:35:37 ----D---- C:\Program Files (x86)\NVIDIA Corporation 2012-05-16 00:35:36 ----D---- C:\Program Files\NVIDIA Corporation 2012-05-16 00:34:47 ----D---- C:\NVIDIA 2012-05-16 00:32:46 ----D---- C:\Windows\system32\drivers 2012-05-16 00:32:36 ----D---- C:\Windows\system32\catroot 2012-05-16 00:32:34 ----D---- C:\Windows\system32\catroot2 2012-05-16 00:32:32 ----D---- C:\Windows\system32\DriverStore 2012-05-15 22:08:43 ----D---- C:\ProgramData 2012-05-15 22:08:37 ----D---- C:\Windows\system32\Tasks 2012-05-15 21:30:54 ----D---- C:\Users\Ian\AppData\Roaming\vlc 2012-05-14 20:04:54 ----D---- C:\Users\Ian\AppData\Roaming\uTorrent 2012-05-13 16:04:15 ----D---- C:\Qoobox 2012-05-13 15:48:22 ----A---- C:\Windows\system.ini 2012-05-13 15:47:56 ----D---- C:\Windows\system32\drivers\etc 2012-05-13 15:37:29 ----D---- C:\Windows\SYSWOW64\drivers 2012-05-13 15:37:29 ----D---- C:\Windows\AppPatch 2012-05-13 15:37:27 ----D---- C:\Program Files\Common Files 2012-05-13 14:49:28 ----D---- C:\Windows\Microsoft.NET 2012-05-13 14:49:27 ----RSD---- C:\Windows\assembly 2012-05-12 09:26:05 ----D---- C:\Windows\winsxs 2012-05-12 09:24:40 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2012-05-11 11:55:11 ----A---- C:\Windows\system32\MRT.exe 2012-05-11 11:55:02 ----D---- C:\ProgramData\Microsoft Help 2012-05-11 11:34:07 ----D---- C:\Program Files\Windows Journal 2012-05-07 21:02:12 ----D---- C:\Users\Ian\AppData\Roaming\Mozilla 2012-05-07 20:21:24 ----D---- C:\Windows\twain_32 2012-05-07 20:17:21 ----D---- C:\Program Files (x86)\Runic Games 2012-05-07 20:16:07 ----D---- C:\Program Files (x86)\ASUS 2012-05-07 19:57:37 ----SD---- C:\ProgramData\Microsoft 2012-05-05 18:55:41 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2012-05-05 18:55:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe 2012-04-26 10:12:27 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-04-23 11:08:40 ----D---- C:\Program Files (x86)\VideoLAN ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-12-17 538136] R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2012-02-29 28992] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-06 53080] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-06 819032] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-06 337240] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-06 59224] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904] R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-06 24408] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-06 69976] R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-04-13 135560] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-10-21 12310112] R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-03-26 2307616] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440] R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-04-21 76912] R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-11-09 8500736] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224] R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2010-11-22 34032] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 17920] R3 wdkmd;Intel WiDi KMD; C:\Windows\system32\DRIVERS\WDKMD.sys [2011-08-05 42392] S0 TfFsMon;TfFsMon; C:\Windows\system32\drivers\TfFsMon.sys [] S0 TfSysMon;TfSysMon; C:\Windows\system32\drivers\TfSysMon.sys [] S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-10-23 46592] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-10-26 36328] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-19 1394688] S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-13 95232] S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5a64.SYS [2010-06-30 35840] S3 catchme;catchme; \??\C:\ComboFix\catchme.sys [] S3 dc3d;MS Hardware Device Detection Driver; C:\Windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616] S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520] S3 s0017bus;Sony Ericsson Device 0017 driver (WDM); C:\Windows\system32\DRIVERS\s0017bus.sys [2008-10-21 113704] S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0017mdfl.sys [2008-10-21 19496] S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0017mdm.sys [2008-10-21 152616] S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0017mgmt.sys [2008-10-21 133160] S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS); C:\Windows\system32\DRIVERS\s0017nd5.sys [2008-10-21 34856] S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0017obex.sys [2008-10-21 128552] S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM); C:\Windows\system32\DRIVERS\s0017unic.sys [2008-10-21 145960] S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] S3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-10-26 157672] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-10-26 16872] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-10-26 177640] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-10-26 146920] S3 taphss;Anchorfree HSS Adapter; C:\Windows\system32\DRIVERS\taphss.sys [2012-04-06 38632] S3 TfNetMon;TfNetMon; \??\C:\Windows\system32\drivers\TfNetMon.sys [] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-13 41984] S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-23 154168] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536] R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-06 44768] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-11-02 1515792] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2009-11-04 268824] R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2012-02-29 889664] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-02-29 2348352] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-11-02 836880] R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2011-06-21 58288] R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-11-04 2320920] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-26 129976] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-11-02 340240] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-09-17 1255736] S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-10-09 55144] S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] S4 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-06-05 655624] S4 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 136176] S4 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-02-03 136176] S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-10-09 934760] S4 Samsung UPD Service;Samsung UPD Service; C:\Windows\System32\SUPDSvc.exe [2010-03-16 167280] -----------------EOF-----------------
  3. Computer performance has taken a drop of late. Ran full and updated Avast scan, Malwarebytes, Spybot, but no real effect so to speak. Required logs are attached. Any assistance is appreciated. Ian Attach.txt DDS.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.