blite
-
Posts
10 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by blite
-
-
OTL Extras logfile created on: 11/23/2012 7:39:41 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Larry\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.48 Gb Total Physical Memory | 2.07 Gb Available Physical Memory | 59.65% Memory free
6.95 Gb Paging File | 4.49 Gb Available in Paging File | 64.62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284.08 Gb Total Space | 189.77 Gb Free Space | 66.80% Space Free | Partition Type: NTFS
Drive D: | 13.71 Gb Total Space | 1.53 Gb Free Space | 11.18% Space Free | Partition Type: NTFS
Computer Name: LARRY-HP | User Name: Larry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{098F004C-56B0-4C64-B08C-126AB788505C}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdater.exe |
"{14278FBF-6F20-43B9-9265-56298A723BE4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{199F3BB4-6609-4B8E-B716-D5DC82F88D16}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{22ED30EA-78B0-4191-9668-FD00D408D60F}" = rport=445 | protocol=6 | dir=out | app=system |
"{26AA9D73-FD7C-40BB-AE02-2734A5D38AC3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{39D12868-AFFF-472F-8B09-3BE0F390BD69}" = lport=139 | protocol=6 | dir=in | app=system |
"{3AB1883C-036C-44AA-A35D-18CB39505BFC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{411BA606-1DA0-46E9-972A-EA8460E0F982}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4B91C103-EE12-4AEA-8FE6-7640B9317D17}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4DDE4262-EC6C-4202-8863-F91F8562F717}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{54B5F21D-9705-41F2-B89E-F9080CC2A5D7}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{593EA21A-39CE-4FA4-8AA9-CF196E266A3A}" = rport=138 | protocol=17 | dir=out | app=system |
"{5A680E17-3D6F-4D34-BA41-B4879B4C8EDB}" = lport=138 | protocol=17 | dir=in | app=system |
"{5C31AD07-0ACC-4485-9CB3-F408CDB49A52}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6453D1C9-D488-48EB-9073-1724E5A50DA6}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{677A9041-673C-4BBB-8C98-7F102EDB367B}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe |
"{6F40B8BB-4106-404B-9663-39E912833632}" = lport=137 | protocol=17 | dir=in | app=system |
"{73B90345-E9CD-44D0-8886-364E61EF3C56}" = lport=10243 | protocol=6 | dir=in | app=system |
"{98B68EA2-A31C-4D54-94EC-92B332340E3C}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{A70BECF1-4816-4A49-BBA9-9268DFAFA075}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BB6A5500-5192-40A1-BB11-0820DC8BD15A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BD432531-C098-4D02-B7C9-AEBA53F1C580}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{CC0B1169-F0F5-4935-A201-2FF79D5713C3}" = rport=139 | protocol=6 | dir=out | app=system |
"{D05BA0BC-D3DC-4612-8F7C-2A25008E9A92}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{D109A9E0-7D5D-4404-9AC3-F5E59DD651ED}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DA0DE9E6-C843-4E7E-AFBF-A22764B6AD4F}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{DF3C9370-0AD7-4DEA-90E9-55E7146FE88C}" = rport=137 | protocol=17 | dir=out | app=system |
"{DFF35377-283A-4F9D-BAC0-2211677932DC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{E3BF4D8E-BD67-46D5-81FD-A630C5781151}" = lport=445 | protocol=6 | dir=in | app=system |
"{FBB56A76-44FC-48E6-B05B-8FF254194765}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FDE003F2-44DB-4118-BB52-FB66D5D03566}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03694D66-EE55-45FE-90C7-6B8D4A47C87F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0F75DAF7-0124-47EA-B99C-E5B806517B34}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{0F7AE645-BC52-4AE0-8F96-50C06523ECFA}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{0FFDD67F-75A7-4CB8-8FE4-6643445D4337}" = protocol=6 | dir=out | app=system |
"{1FD07D14-5931-447F-B09E-D920F063785D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{208DEA21-E770-4924-9F3C-B22537F92E7F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{25D7E5C6-20A1-4326-8C22-F65A08C0FADC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{2B7B03FA-DF12-4343-8A95-FE795B8EFDB7}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{2E257930-7B50-4556-9AA6-1191B99DCC4A}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{2F1B4948-C5EE-4009-92FD-C4CBC3279731}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{39BFCAC3-8A94-42D2-A34E-EB80D8DB093C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3AEDD0A7-BE9F-4D15-AA88-342021977C0A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{3B7E4119-98E5-43D0-9099-2CB254BEEE97}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\roxionow\rnow.exe |
"{3B9AB165-3A62-4207-BD8F-11626CE1F9A4}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3D105C13-DC74-4F52-80DE-13FB8FB60AC4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{411C513C-E1A4-4ACA-ABE0-3A8E014E0B2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{48788630-D6F8-40BB-887A-E03D8F9DC5E1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4A8E33DA-2940-45CB-B6D8-7E69B3427530}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4AD462F5-B4D8-44DC-9BC6-8F61E65A81A3}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4B1088C6-9738-422D-A9B6-8C1F006803FC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{56938858-E5B5-4DBA-A641-C080C3FED1C5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{611586DD-3929-469E-8377-BFC5D7473706}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{78C56F75-021B-4B94-9892-FF8D5978EEDA}" = protocol=17 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{7ADEB93E-3AD8-4F3E-BB33-AC661FD7C2E3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{7F622E84-E75E-484D-84E4-2E46E0CAB7B4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{824369C1-17C5-49CE-9E30-7DA3CB97EF3E}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{84D93342-5736-4608-B8E6-D0A2168A4C2E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D391115-F2D7-483E-BD46-16C0B8CCF092}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8D6D629D-1A0B-450A-B290-60C3868441D2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{919E08B0-5C93-4B28-815F-22B784910B5F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9C74F114-C9AF-42BA-A751-0C4D95356D28}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{A1D48CED-7A9D-4EB2-BAB3-BA77F6E3ED8A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A4FB365D-B342-4A1A-9C15-254FF25DC25A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{AA34C062-36A3-4404-8A6D-C35396050E50}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe |
"{AB5027A2-A597-4087-A232-6A6002041DF5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{B2A261F6-8377-4A4B-B7E1-313E4910F3ED}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B540B11F-355C-4428-9E17-63EBBFDE7DA3}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{C12A06FC-6834-42C9-BA4E-7C35A5CE4700}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C75A3152-6B0E-4673-89E3-08550887AA92}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{C82BE79A-0802-4C0E-B49E-FDCD4F9CA391}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{CCDAB4B9-05DE-457B-8B72-F177D223CD90}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CEF04835-B31C-4E4B-BD7B-FC5BBB16E146}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D00134B9-EB73-4F28-90E2-058A52AB428D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{D2D34871-0F9D-447C-8A98-DD3D9BF68918}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{DAC5D096-CF7B-495C-8FF4-B8E71F7A0484}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{DC612F72-DF9D-4D47-8B68-2D11C09FEBBD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DE4E655D-9024-43A1-90D5-51782EE9BA48}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E3C19A65-B69D-4CE6-B511-25BABADCF326}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{E7C1D36C-8FBC-46EA-A35F-C75F62624AF3}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{E83132E2-6A7A-4DA9-8FA4-947FB1CC6332}" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{EDE4636B-6B82-47B0-880D-CDCE406193A5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F337597E-89D9-4ABC-8B34-030DB21359F0}" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid hd\vid.exe |
"{F3C35067-B14E-4DC3-99BE-5C35B51D3355}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{FB0CE133-8447-4AA3-88C7-6CF36DF06E4F}" = protocol=6 | dir=in | app=c:\program files (x86)\roxio\roxionow player\rnowshell.exe |
"{FCD14C10-0773-41DD-A359-2DFE8611FCE9}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe |
"{FEB03106-72E6-4E79-9D5F-7C7828F6F4DC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"TCP Query User{19FD6A47-975E-416A-A603-0FF29E10B1F1}C:\users\larry\appdata\roaming\kalydo\kalydoplayer\content\apps\formulacartoon\bin\formulacartoonkalydo.exe" = protocol=6 | dir=in | app=c:\users\larry\appdata\roaming\kalydo\kalydoplayer\content\apps\formulacartoon\bin\formulacartoonkalydo.exe |
"TCP Query User{C7D3873F-1AC2-4A61-A429-EC9FB8738A7D}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"TCP Query User{F31C95AC-5CD0-4F01-8965-D89B4CBD0C70}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{263AB974-8E6B-4A9E-96B3-8E74FFBF0CFA}C:\program files (x86)\1clickdownload\1clickdownloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\1clickdownload\1clickdownloader.exe |
"UDP Query User{5332EEAC-A38C-4D05-80CA-87D51F625F38}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |
"UDP Query User{BE7C67BB-D118-4507-A58D-C3B7B594E660}C:\users\larry\appdata\roaming\kalydo\kalydoplayer\content\apps\formulacartoon\bin\formulacartoonkalydo.exe" = protocol=17 | dir=in | app=c:\users\larry\appdata\roaming\kalydo\kalydoplayer\content\apps\formulacartoon\bin\formulacartoonkalydo.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series" = Canon MX350 series MP Drivers
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86416024FF}" = Java 6 Update 24 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{2938994B-155D-4DE2-96A2-3CA3BB660FD3}" = Nitro Reader 2
"{2FD3DC87-EC8D-78D2-1D3A-F4D6E7531BAF}" = AMD Fuel
"{45726347-6D97-4613-9F89-A9635ACBD34D}" = AMD Media Foundation Decoders
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6ECDAC2F-12C1-E49B-448E-6002368967E0}" = AMD Steady Video Plug-In
"{6FEDAFB4-A2AE-4D6B-A505-D82B07291F40}" = AVG 2012
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B485965-8EFE-464A-842F-CF8F18C3DFD7}" = iCloud
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ACD449FA-9DF3-779D-DA68-11D486963225}" = AMD Catalyst Install Manager
"{BF46C84D-1AC3-4CC3-A45C-EF6257B80984}" = AVG 2012
"{BF92729B-1505-55D8-DAD4-4727CDB02FF6}" = ccc-utility64
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AVG" = AVG 2012
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{0535D679-6FFB-2CAB-F7FF-7B05D6D6CAB5}" = CCC Help Chinese Standard
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C262D84-FFA4-4621-8ED7-41F8287369F5}" = Google Apps Migration For Microsoft Outlook® 2.3.12.34
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0EDEB615-1A60-425E-8306-0E10519C7B55}" = RoxioNow Player
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = HP MovieStore
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{16F1B95A-F813-7600-EFA5-A97CB11222BC}" = CCC Help French
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{17A5CB1F-712A-41D2-FBBB-4A881EBA9B17}" = CCC Help Polish
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}" = Rapport
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20DBF540-DF10-0A5C-7443-F139A84CC1F5}" = CCC Help Dutch
"{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup
"{21CC6030-B1EA-3E53-DF36-38054A1596B4}" = CCC Help Turkish
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29819186-C15B-D50E-AB2E-8C24E2619273}" = CCC Help Portuguese
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{314F8264-25FB-C833-1017-3A0E0846112C}" = CCC Help Hungarian
"{3167966F-9811-30EF-6093-B7B95E2F19B7}" = Catalyst Control Center Graphics Previews Common
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{346DAD45-38D4-B63C-C372-1E2BC136DE69}" = CCC Help Finnish
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3A83B36C-17B9-4832-445A-7A9DF377BB12}" = CCC Help Swedish
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58A2F6F8-6009-CC35-2A83-DB5F922003DE}" = CCC Help Czech
"{5E21F3A1-9E84-DC22-1C62-0DB056EC7344}" = CCC Help Japanese
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{675D093B-815D-47FD-AB2C-192EC751E8E2}" = HP Software Framework
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{6F630F31-975B-11D7-A22C-00104B06AB37}" = PC Study Bible 4 - Wycliffe
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72AFDA89-371C-4596-B1ED-6F0E2CFFE5AA}" = TARGUS ACP45 V3.1.2
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{81C9D048-B677-3CDD-7E20-3AF8DBFC4A0A}" = Catalyst Control Center Localization All
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{870163D1-4D3A-198C-5414-889F1F4347AE}" = CCC Help Korean
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MovieStore
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93335AAC-9F8B-54DF-7DB5-2C98D0DC2111}" = CCC Help Chinese Traditional
"{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}" = Blio
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCF0AC-8F47-400E-BDAC-5A20655BAFC1}" = PC Study Bible 4 - Bonus CD
"{9D3D8C60-A55F-4123-B2B9-173F09590E16}" = REALTEK Wireless LAN Driver
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A760067A-C07E-1033-0000-A764AC000008}" = Avery Template
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.4) MUI
"{AD0AAA4D-9A81-8B10-EB28-3C1372987DE7}" = CCC Help Italian
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{B4F17D6A-12A3-5403-6050-32A5B4A31F31}" = Catalyst Control Center InstallProxy
"{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}" = HP Connection Manager
"{B86FB076-3531-4AF4-86CC-68CA36BFF48A}" = HP Documentation
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C82DC9-1547-4038-8F0A-C069F0B7F2ED}" = AMD System Monitor
"{C55C2A19-BAD2-287A-1D7A-9D5FF5FD526E}" = AMD VISION Engine Control Center
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46914D5-CA39-1A40-3CEC-9368E9C28568}" = CCC Help Greek
"{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}" = HP Power Manager
"{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}" = AnswerWorks 5.0 English Runtime
"{DBCD5E64-7379-4648-9444-8A6558DCB614}" = Recovery Manager
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DEA477E5-F916-973D-E1AB-3CDC735FDB58}" = CCC Help Norwegian
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2F58F63-BDF5-11D7-A22C-000475C4ADA7}" = PC Study Bible 4 Bonus
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{EA0E4DD2-7CD7-9583-0BE6-AFF3DF09E3E4}" = CCC Help Thai
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}" = Quicken 2009
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0A76517-2D1D-8DE3-F3B7-121B6A1990E8}" = CCC Help English
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F30403FF-0146-4633-AAC5-D5CD5C50AE70}" = Catalyst Control Center - Branding
"{F35C5FE9-57EC-9936-5738-D7EB3EA73B28}" = CCC Help Spanish
"{F4708461-A1E0-0657-1FC6-FACFEEA55CBE}" = CCC Help Russian
"{F4EB5AE1-0065-0752-FF11-1E45ABCD443A}" = CCC Help Danish
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.2.2
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FC2150C5-A1AF-6238-9632-E5BB8739C0BC}" = CCC Help German
"{FC4DE34E-DA9E-4F02-9837-2E65F73A0234}" = Verizon Wireless Software Utility Application for Android - Samsung
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Canon_IJ_Network_Scan_UTILITY" = Canon IJ Network Scan Utility
"Canon_IJ_Network_UTILITY" = Canon IJ Network Tool
"ebba750" = Contextual Tool Sleekseek
"ESET Online Scanner" = ESET Online Scanner v3
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 16.0.2 (x86 en-US)" = Mozilla Firefox 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator 2.2" = Canon MP Navigator 2.2
"NSS" = Norton Security Scan
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PC Study Bible 3.0 -- Christian Classics Vol. 1" = PC Study Bible 3.0 -- Christian Classics Vol. 1
"Rapport_msi" = Rapport
"RealPlayer 15.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.92
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"UnityWebPlayer" = Unity Web Player
"WildTangent hp Master Uninstall" = HP Games
"Willowrd.exe" = Daily Devotional
"WinLiveSuite" = Windows Live Essentials
"WT087328" = Blackhawk Striker 2
"WT087330" = Bounce Symphony
"WT087335" = Build-a-lot 2
"WT087343" = Dora's World Adventure
"WT087393" = Mah Jong Medley
"WT087394" = Penguins!
"WT087395" = Poker Superstars III
"WT087396" = Polar Bowler
"WT087397" = Polar Golfer
"WT087415" = Wheel of Fortune 2
"WT087536" = Diner Dash 2 Restaurant Rescue
"WT089307" = Virtual Villagers 4 - The Tree of Life
"WT089308" = Blasterball 3
"WT089328" = Farm Frenzy
"WT089359" = Cake Mania
"WT089362" = Agatha Christie - Peril at End House
"WT089453" = Bejeweled 2 Deluxe
"WT089454" = Chuzzle Deluxe
"WT089455" = Zuma Deluxe
"WT089457" = Slingo Supreme
"WT089458" = Plants vs. Zombies - Game of the Year
"WT089470" = FATE - The Traitor Soul
"WT089484" = Namco All-Stars PAC-MAN
"WT089496" = Mystery P.I. - Stolen in San Francisco
"WT089498" = Bejeweled 3
"YTdetect" = Yahoo! Detect
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{373B1718-8CC5-4567-8EE2-9033AD08A680}" = ROBLOX Player for Larry
"Adobe Connect Add-in" = Adobe Connect Add-in
"Google Chrome" = Google Chrome
"GoToMeeting" = GoToMeeting 4.8.0.723
"Kalydo App FormulaCartoon" = FormulaCartoon
"KalydoPlayer" = Kalydo Player 4.09.00
"SOE-Free Realms" = Free Realms
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11/23/2012 8:18:35 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5320
Error - 11/23/2012 8:18:37 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/23/2012 8:18:37 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6942
Error - 11/23/2012 8:18:37 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6942
Error - 11/23/2012 9:02:36 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/23/2012 9:02:36 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1154
Error - 11/23/2012 9:02:36 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1154
Error - 11/23/2012 9:02:37 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 11/23/2012 9:02:37 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2184
Error - 11/23/2012 9:02:37 PM | Computer Name = Larry-HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2184
[ Hewlett-Packard Events ]
Error - 10/20/2012 9:34:52 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 10/27/2012 9:22:51 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 10/27/2012 9:24:58 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 10/27/2012 9:25:46 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 10/27/2012 9:26:35 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 10/27/2012 9:26:44 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 11/3/2012 9:35:02 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261 at HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
at HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Message: Object
reference not set to an instance of an object. StackTrace: at HP.SupportFramework.Communicator.MessengerComm.MessengerPublisher.closeConnection()
at HP.SupportAssistant.UI.MessengerCommunication.initializeCommunication()
at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: HP.SupportFramework.Communicator
Name:
HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
Framework\HPSF.exe Format: en-US RAM: 3561 Ram Utilization: 40 TargetSite: Void closeConnection()
Error - 11/3/2012 11:57:02 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 11/10/2012 10:25:50 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
Error - 11/10/2012 10:25:50 PM | Computer Name = Larry-HP | Source = HPSF.exe | ID = 4000
Description =
[ HP Connection Manager Events ]
Error - 11/21/2012 9:31:32 PM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/21 19:31:32.660|00001720|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/21/2012 11:45:17 PM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/21 21:45:17.928|00000E5C|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/22/2012 9:29:33 AM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/22 07:29:33.303|0000122C|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/22/2012 11:17:26 AM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/22 09:17:25.730|00000738|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/22/2012 3:19:46 PM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/22 13:19:46.587|00000A44|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/22/2012 8:14:21 PM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/22 18:14:20.277|000011F8|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/23/2012 9:40:19 AM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/23 07:40:19.693|00000C44|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/23/2012 9:56:31 AM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/23 07:56:31.481|000010C4|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/23/2012 11:06:32 AM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/23 09:06:32.189|00000ED8|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
Error - 11/23/2012 7:59:12 PM | Computer Name = Larry-HP | Source = HPConnectionManager | ID = 5
Description = 2012/11/23 17:59:12.330|000016E8|Error |App::ExitIfServiceIsNotInstalled{void()}|Application
is exiting because the service is not installed
[ HP Software Framework Events ]
Error - 5/5/2012 10:30:56 PM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/05 21:30:56.243|00000AE4|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/12/2012 9:43:10 PM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/12 20:43:10.738|00001648|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/12/2012 9:44:37 PM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/12 20:44:37.728|0000165C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/12/2012 9:44:39 PM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/12 20:44:39.836|00001678|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/12/2012 9:44:44 PM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/12 20:44:44.789|00000208|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/12/2012 9:44:46 PM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/12 20:44:46.625|0000160C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/12/2012 9:44:50 PM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/12 20:44:50.837|00001274|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/13/2012 11:31:23 AM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/13 10:31:23.498|0000115C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/13/2012 11:31:25 AM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/13 10:31:25.826|0000143C|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
Error - 5/13/2012 11:31:30 AM | Computer Name = Larry-HP | Source = CaslWmi | ID = 5
Description = 2012/05/13 10:31:30.687|00001518|Error |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
[ Media Center Events ]
Error - 2/6/2012 12:27:46 PM | Computer Name = Larry-HP | Source = MCUpdate | ID = 0
Description = 10:27:38 AM - Error connecting to the internet. 10:27:38 AM - Unable
to contact server..
Error - 2/15/2012 5:46:30 PM | Computer Name = Larry-HP | Source = MCUpdate | ID = 0
Description = 3:46:23 PM - Error connecting to the internet. 3:46:24 PM - Unable
to contact server..
Error - 3/7/2012 12:17:22 PM | Computer Name = Larry-HP | Source = MCUpdate | ID = 0
Description = 10:17:15 AM - Error connecting to the internet. 10:17:15 AM - Unable
to contact server..
Error - 3/27/2012 1:27:02 AM | Computer Name = Larry-HP | Source = MCUpdate | ID = 0
Description = 12:27:02 AM - Error connecting to the internet. 12:27:02 AM - Unable
to contact server..
Error - 3/27/2012 1:27:13 AM | Computer Name = Larry-HP | Source = MCUpdate | ID = 0
Description = 12:27:07 AM - Error connecting to the internet. 12:27:07 AM - Unable
to contact server..
Error - 3/27/2012 2:28:34 AM | Computer Name = Larry-HP | Source = MCUpdate | ID = 0
Description = 1:28:34 AM - Error connecting to the internet. 1:28:34 AM - Unable
to contact server..
Error - 3/27/2012 2:28:40 AM | Computer Name = Larry-HP | Source = MCUpdate | ID = 0
Description = 1:28:39 AM - Error connecting to the internet. 1:28:39 AM - Unable
to contact server..
[ System Events ]
Error - 11/23/2012 9:56:47 AM | Computer Name = Larry-HP | Source = Service Control Manager | ID = 7000
Description = The Browser Manager service failed to start due to the following error:
%%2
Error - 11/23/2012 10:36:22 AM | Computer Name = Larry-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126
Error - 11/23/2012 10:38:43 AM | Computer Name = Larry-HP | Source = Service Control Manager | ID = 7000
Description = The Browser Manager service failed to start due to the following error:
%%2
Error - 11/23/2012 3:06:16 PM | Computer Name = Larry-HP | Source = Service Control Manager | ID = 7034
Description = The Web Assistant Updater service terminated unexpectedly. It has
done this 1 time(s).
Error - 11/23/2012 3:11:17 PM | Computer Name = Larry-HP | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 11/23/2012 3:15:56 PM | Computer Name = Larry-HP | Source = Application Popup | ID = 1060
Description = \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility
with this system. Please contact your software vendor for a compatible version
of the driver.
Error - 11/23/2012 3:17:56 PM | Computer Name = Larry-HP | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.
Error - 11/23/2012 3:21:09 PM | Computer Name = Larry-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.
Error - 11/23/2012 7:04:58 PM | Computer Name = Larry-HP | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll
Error
Code: 126
Error - 11/23/2012 7:57:55 PM | Computer Name = Larry-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HPWMISVC service.
< End of report >
-
Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
AVG Anti-Virus Free Edition 2012
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.0
Java 6 Update 31
Java 7 Update 9
Adobe Flash Player 11.4.402.287
Adobe Reader X (10.1.4)
Mozilla Firefox (16.0.2)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
AVG avgtray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 3%
````````````````````End of Log``````````````````````
-
# AdwCleaner v2.008 - Logfile created 11/23/2012 at 17:02:59
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Larry - LARRY-HP
# Boot Mode : Normal
# Running from : C:\Users\Larry\Desktop\adwcleaner.exe
# Option [Delete]
***** [services] *****
Stopped & Deleted : Browser Manager
Stopped & Deleted : Web Assistant Updater
***** [Files / Folders] *****
File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchTheWeb.xml
File Deleted : C:\user.js
File Deleted : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\searchplugins\Askcom.xml
File Deleted : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\searchplugins\Search_Results.xml
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\IMinent toolbar
Folder Deleted : C:\Program Files (x86)\Mozilla Firefox\Extensions\webbooster@iminent.com
Folder Deleted : C:\Program Files\Precision Codec
Folder Deleted : C:\Program Files\Web Assistant
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Larry\AppData\Local\APN
Folder Deleted : C:\Users\Larry\AppData\Local\Babylon
Folder Deleted : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Folder Deleted : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Deleted : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdgpiokbciemjnjggokjjimajiboacpb
Folder Deleted : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Deleted : C:\Users\Larry\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Larry\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Larry\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Larry\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Larry\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Larry\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\extensions\toolbar@ask.com
Folder Deleted : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Savings Sidekick
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\bProtector
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\bProtector
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\430E8DB44F0E90547A3564A7E858C48D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\430E8DB44F0E90547A3564A7E858C48D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\incredibar.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\Software\Precision Codec
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jdgpiokbciemjnjggokjjimajiboacpb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jdgpiokbciemjnjggokjjimajiboacpb
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Web Assistant
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v16.0.2 (en-US)
Profile name : default-1347073889778 [Profil par défaut]
File : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\prefs.js
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]
-\\ Google Chrome v23.0.1271.64
File : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [30474 octets] - [23/11/2012 14:36:53]
AdwCleaner[R2].txt - [30535 octets] - [23/11/2012 17:02:36]
AdwCleaner[s1].txt - [30696 octets] - [23/11/2012 17:02:59]
########## EOF - C:\AdwCleaner[s1].txt - [30757 octets] ##########
-
# AdwCleaner v2.008 - Logfile created 11/23/2012 at 14:36:53
# Updated 17/11/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Larry - LARRY-HP
# Boot Mode : Normal
# Running from : C:\Users\Larry\Desktop\adwcleaner.exe
# Option [search]
***** [services] *****
Found : Browser Manager
Found : Web Assistant Updater
***** [Files / Folders] *****
File Found : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchTheWeb.xml
File Found : C:\user.js
File Found : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\searchplugins\Askcom.xml
File Found : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\searchplugins\Search_Results.xml
Folder Found : C:\Program Files (x86)\Ask.com
Folder Found : C:\Program Files (x86)\Iminent
Folder Found : C:\Program Files (x86)\IMinent toolbar
Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\webbooster@iminent.com
Folder Found : C:\Program Files\Precision Codec
Folder Found : C:\Program Files\Web Assistant
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\ProgramData\Iminent
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\Users\Larry\AppData\Local\APN
Folder Found : C:\Users\Larry\AppData\Local\Babylon
Folder Found : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Folder Found : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Folder Found : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdgpiokbciemjnjggokjjimajiboacpb
Folder Found : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Folder Found : C:\Users\Larry\AppData\LocalLow\AskToolbar
Folder Found : C:\Users\Larry\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\Larry\AppData\Roaming\Babylon
Folder Found : C:\Users\Larry\AppData\Roaming\Iminent
Folder Found : C:\Users\Larry\AppData\Roaming\Media Finder
Folder Found : C:\Users\Larry\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Found : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\extensions\toolbar@ask.com
Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registry] *****
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\AppDataLow\Software\Crossrider
Key Found : HKCU\Software\AppDataLow\Software\Savings Sidekick
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\bProtector
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Iminent
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\MediaFinder
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{58124A0B-DC32-4180-9BFF-E0E21AE34026}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\bProtector
Key Found : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Found : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\430E8DB44F0E90547A3564A7E858C48D
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\430E8DB44F0E90547A3564A7E858C48D
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
Key Found : HKLM\SOFTWARE\Classes\MF
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\Software\Precision Codec
Key Found : HKLM\Software\Web Assistant
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jdgpiokbciemjnjggokjjimajiboacpb
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Found : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jdgpiokbciemjnjggokjjimajiboacpb
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66}_is1
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Found : HKLM\SOFTWARE\Web Assistant
Key Found : HKU\S-1-5-21-3462364393-2223812934-809412414-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3462364393-2223812934-809412414-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-3462364393-2223812934-809412414-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Key Found : HKU\S-1-5-21-3462364393-2223812934-809412414-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]
***** [internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
[OK] Registry is clean.
-\\ Mozilla Firefox v16.0.2 (en-US)
Profile name : default-1347073889778 [Profil par défaut]
File : C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\prefs.js
Found : user_pref("browser.search.defaultengine", "Ask.com");
Found : user_pref("browser.search.defaultenginename", "Ask.com");
Found : user_pref("browser.search.order.1", "Ask.com");
Found : user_pref("extensions.asktb.ff-original-keyword-url", "");
Found : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_u[...]
-\\ Google Chrome v23.0.1271.64
File : C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
*************************
AdwCleaner[R1].txt - [30569 octets] - [23/11/2012 14:36:53]
########## EOF - C:\AdwCleaner[R1].txt - [30630 octets] ##########
-
ComboFix 12-11-23.02 - Larry 11/23/2012 13:06:21.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.1468 [GMT -6:00]
Running from: c:\users\Larry\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Savings Sidekick
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ico
c:\program files (x86)\Savings Sidekick\Savings Sidekick.ini
c:\program files\Web Assistant\ExTEnsion32.dll
c:\users\Larry\AppData\Local\Savings Sidekick
c:\users\Larry\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-10-23 to 2012-11-23 )))))))))))))))))))))))))))))))
.
.
2012-11-23 19:16 . 2012-11-23 19:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-19 17:51 . 2012-11-19 17:51 -------- d-----w- c:\users\Larry\AppData\Local\APN
2012-11-19 17:51 . 2012-11-19 17:51 -------- d-----w- c:\program files (x86)\Ask.com
2012-11-19 17:40 . 2012-11-19 17:40 -------- d-----w- c:\programdata\Ask
2012-11-19 17:40 . 2012-09-25 05:16 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-18 05:24 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-11-18 05:24 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-18 05:24 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-18 05:24 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-18 04:59 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-18 04:59 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-18 04:59 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-18 04:59 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-18 04:59 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-18 04:59 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-18 04:59 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-18 01:33 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-18 01:33 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-11-18 01:33 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-18 01:33 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-11-18 01:33 . 2012-10-18 18:25 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-11-18 01:30 . 2012-10-03 17:56 1914248 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-18 01:30 . 2012-10-03 17:44 216576 ----a-w- c:\windows\system32\ncsi.dll
2012-11-18 01:30 . 2012-10-03 17:42 569344 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-18 01:30 . 2012-10-03 16:42 156672 ----a-w- c:\windows\SysWow64\ncsi.dll
2012-11-18 01:30 . 2012-10-03 17:44 303104 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-18 01:30 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-18 01:30 . 2012-10-03 17:44 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-18 01:30 . 2012-10-03 16:42 18944 ----a-w- c:\windows\SysWow64\netevent.dll
2012-11-18 01:30 . 2012-10-03 16:42 175104 ----a-w- c:\windows\SysWow64\netcorehc.dll
2012-11-18 01:30 . 2012-01-13 07:12 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll
2012-11-18 01:28 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-11-18 01:28 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-11-17 21:43 . 2012-11-17 21:43 -------- d-----w- c:\users\Larry\.smplayer
2012-11-17 20:41 . 2012-11-17 20:54 -------- d-----w- c:\programdata\boost_interprocess
2012-11-15 12:49 . 2012-10-03 17:44 246272 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-15 12:49 . 2012-10-03 16:07 45568 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-04 22:56 . 2012-11-17 22:39 -------- d-----w- c:\programdata\KingsIsle Entertainment
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-18 05:03 . 2011-07-30 03:42 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-30 05:11 . 2012-09-06 07:01 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-30 05:11 . 2012-07-23 16:34 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-28 21:46 . 2011-08-29 13:45 101688 ----a-w- c:\windows\system32\drivers\RapportKE64.sys
2012-09-14 19:19 . 2012-10-10 11:48 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 11:48 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-09-13 06:44 . 2012-09-18 21:02 17936 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-09-13 06:44 . 2012-09-18 21:02 29712 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-09-01 21:49 . 2012-05-12 14:02 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-01 21:49 . 2011-05-14 05:30 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-08-31 18:19 . 2012-10-10 11:49 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 18:03 . 2012-10-10 11:49 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 11:49 3914096 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-08-30 17:12 . 2012-10-10 11:49 3968880 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2004-07-30 14:56 . 2011-08-07 17:47 90112 ----a-w- c:\program files (x86)\Common Files\PCSBclean.exe
2004-07-26 20:30 . 2011-08-15 09:04 291840 ----a-w- c:\program files (x86)\Common Files\PCSBoff.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-17 1521352]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-10-17 06:46 1521352 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-10-17 1521352]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2011-01-13 6129496]
"MobileDocuments"="c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]
"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-03-02 190808]
"IJNetworkScanUtility"="c:\program files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe" [2010-08-23 206240]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-09-13 103992]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-28 343168]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2012-04-17 296056]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-10-17 1573576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\users\Larry\Desktop\mbar\mbar.exe" [2012-11-23 1341800]
.
c:\users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Launch Utility Application.lnk - c:\users\Larry\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe [2011-3-22 547840]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe [2011-6-17 272528]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-08-13 5167736]
R2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-05-01 185856]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2011-04-01 341856]
R3 LVUVC64;Logitech Webcam Pro 9000(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2011-04-01 4184672]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-06-17 237008]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 USBPNPA;USB PnP Sound Device Interface;c:\windows\system32\drivers\CM10864.sys [2008-01-04 1120256]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-30 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-11-27 79488]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-11-27 40064]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]
S0 RapportKE64;RapportKE64;c:\windows\System32\Drivers\RapportKE64.sys [2012-10-28 101688]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-07-26 291680]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-08-24 384352]
S1 RapportCerberus_43926;RapportCerberus_43926;c:\programdata\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys [2012-10-30 505720]
S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-10-28 55096]
S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-10-28 297240]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-27 204288]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-09-28 361984]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-08-06 681528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-03-05 35200]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-04 2413056]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-08-25 13672]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-09-13 229392]
S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-10-28 976728]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-04-01 428640]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-11-27 114704]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [2010-07-28 31088]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [2011-12-04 338536]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-11-27 425064]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [2012-05-27 878184]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2011-11-27 53376]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-06 05:11]
.
2012-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08 03:30]
.
2012-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-08 03:30]
.
2012-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3462364393-2223812934-809412414-1001Core.job
- c:\users\Larry\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-12 01:51]
.
2012-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3462364393-2223812934-809412414-1001UA.job
- c:\users\Larry\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-12 01:51]
.
2012-11-20 c:\windows\Tasks\HPCeeScheduleForLARRY-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-11-04 c:\windows\Tasks\HPCeeScheduleForLarry.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 05:15]
.
2012-10-31 c:\windows\Tasks\Norton Security Scan for Larry.job
- c:\progra~2\NORTON~2\Engine\372~1.5\Nss.exe [2012-06-24 08:30]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-12-04 1128448]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download with &Media Finder - c:\program files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: intuit.com\ttlc
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 75.75.76.76 75.75.75.75
FF - ProfilePath - c:\users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=FC8DE060-69B7-477D-8968-F2CF716FAC7A&apn_ptnrs=TV&apn_sauid=92FBD31E-3538-4039-BDF2-FA487DC0D302&apn_dtid=OSJ000YYUS&&q=
FF - ExtSQL: 2012-11-19 11:51; toolbar@ask.com; c:\users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\extensions\toolbar@ask.com
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{336D0C35-8A85-403a-B9D2-65C292C39087} - c:\program files\Web Assistant\Extension32.dll
BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
BHO-{e9562ac8-7cfd-c239-1614-43cb98e9ce56} - (no file)
Toolbar-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
Toolbar-{F9639E4A-801B-4843-AEE3-03D9DA199E77} - (no file)
Wow6432Node-HKCU-Run-Media Finder - c:\program files (x86)\Media Finder\MF.exe
Wow6432Node-HKLM-Run-Easybits Recovery - c:\program files (x86)\EasyBits For Kids\ezRecover.exe
Wow6432Node-HKLM-Run-Cm108Sound - CM108.cpl
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
BHO-{7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66} - c:\program files\Precision Codec\Extension64.dll
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ebba750 - c:\windows\system32\ebba750.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}"=hex:51,66,7a,6c,4c,1d,38,12,81,2d,20,
35,ad,85,e1,00,d0,fd,90,4e,9f,38,f2,ae
"{336D0C35-8A85-403A-B9D2-65C292C39087}"=hex:51,66,7a,6c,4c,1d,38,12,5b,0f,7e,
37,b7,c4,54,05,c6,c4,26,82,97,9d,d4,93
"{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}"=hex:51,66,7a,6c,4c,1d,38,12,7c,f0,b1,
38,5c,21,3d,0e,d9,78,0d,25,e1,c9,8c,d4
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:eb,e0,01,15,39,c7,cd,01
.
[HKEY_USERS\S-1-5-21-3462364393-2223812934-809412414-1001_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):a8,06,4e,9d,0f,81,88,60,ee,4f,11,ac,01,5b,37,3e,a0,e2,e2,0f,ce,
78,43,da,c6,95,2d,bb,7f,70,2a,a3,a7,82,3d,03,65,a0,b3,72,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3462364393-2223812934-809412414-1001_Classes\Wow6432Node\CLSID\{cf79ffb3-f758-4147-995a-6f566d55d7df}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:000000f7
"Therad"=dword:00000009
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Hewlett-Packard\HP Software Framework\{F7A31DE6-534B-4564-808A-7D170A9F74A1}\DeviceDbcc\*€ *]
@="\010\01"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-23 13:22:48
ComboFix-quarantined-files.txt 2012-11-23 19:22
.
Pre-Run: 190,770,315,264 bytes free
Post-Run: 195,204,546,560 bytes free
.
- - End Of File - - F46195E54B0B6B6A604349E2DDBA044E
-
Thank you for the quick reply. After the initial cleanup when I ran it a 2nd time it did not find anything.
Malwarebytes Anti-Rootkit 1.1.0.1009
www.malwarebytes.org
Database version: v2012.11.03.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Larry :: LARRY-HP [administrator]
11/23/2012 9:04:59 AM
mbar-log-2012-11-23 (09-04-59).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: PUP | PUM | P2P
Objects scanned: 29403
Time elapsed: 24 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1009
© Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_31
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 1.896000 GHz
Memory total: 3734405120, free: 2060050432
------------ Kernel report ------------
11/23/2012 08:39:58
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\amd_sata.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\amd_xata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\RapportKE64.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\avgrkx64.sys
\SystemRoot\system32\DRIVERS\avgidsha.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\avgmfx64.sys
\??\C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys
\??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\avgtdia.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\??\C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\system32\DRIVERS\avgldx64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\rtl8192Ce.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\clwvd.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\stwrt64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\avgidsfiltera.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\avgidsdrivera.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80044b6060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000006b\
Lower Device Object: 0xfffffa800412f4a0
Lower Device Driver Name: \Driver\amd_sata\
Driver name found: amd_sata
DriverEntry returned 0x0
Function returned 0x0
Initializing...
Done!
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80044b6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80044b6ab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80044b6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8004133ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa800412f4a0, DeviceName: \Device\0000006b\, DriverName: \Driver\amd_sata\
------------ End ----------
Upper DeviceData: 0xfffff8a00c958850, 0xfffffa80044b6060, 0xfffffa80037fb790
Lower DeviceData: 0xfffff8a00cac18a0, 0xfffffa800412f4a0, 0xfffffa80037dcb10
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 381D09F3
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 407552
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 409600 Numsec = 595757056
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 596166656 Numsec = 28762112
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Performing system, memory and registry scan...
Read File: File "C:\ProgramData\AVG2012\Chjw\28ec0600ec05c8d0.dat" is sparse (flags = 32768)
Read File: File "C:\ProgramData\AVG2012\log\avgchjw.log.1" is compressed (flags = 1)
Done!
Scan finished
=======================================
-
Thank you for such a quick reply
RogueKiller V8.3.1 [Nov 22 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Larry [Admin rights]
Mode : Scan -- Date : 11/22/2012 18:15:26
¤¤¤ Bad processes : 2 ¤¤¤
[sUSP PATH] UtilityApplication.exe -- C:\Users\Larry\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe -> KILLED [TermProc]
[sVCHOST] svchost.exe -- \\.\globalroot\systemroot\svchost.exe -> KILLED [TermProc]
¤¤¤ Registry Entries : 7 ¤¤¤
[sTARTUP][sUSP PATH] Launch Utility Application.lnk @Larry : C:\Users\Larry\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: SAMSUNG HM321HI SATA Disk Device +++++
--- User ---
[MBR] 78b8a17f73e4d9cdf7707bafe177fa0b
[bSP] 4c557618dc60eb9fe5bfd1bf9ca79858 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 199 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 409600 | Size: 290897 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 596166656 | Size: 14044 Mo
3 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 624928768 | Size: 103 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1]_S_11222012_02d1815.txt >>
RKreport[1]_S_11222012_02d1815.txt
-
My father clicked on a popup saying he needed to install a new video player to play the video he wanted to see. 2 or 3 programs were installed. I ran MBAM and removed the trojans but they reappeared after the next restart. I uninstalled the 2 or 3 progams but cannot remember what they were called. Each time the computer restarts I get a box that pops up saying,"When the computer restarts a box pops up saying "Service not installed- HP connection Manager service not installed. Application will exit."
Thank you for your help.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Larry at 12:49:43 on 2012-11-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.352 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Larry\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\AVG\AVG2012\avgscana.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: {e9562ac8-7cfd-c239-1614-43cb98e9ce56} - <orphaned>
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
uRun: [Google Update] "C:\Users\Larry\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [Cm108Sound] RunDll32 CM108.cpl,CMICtrlWnd
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
StartupFolder: C:\Users\Larry\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Users\Larry\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 75.75.76.76 75.75.75.75 75.75.76.76 75.75.75.75
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90} : DHCPNameServer = 75.75.76.76 75.75.75.75 75.75.76.76 75.75.75.75
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90}\14E646562737F6E6F5E45647 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90}\3726963746D27657563747 : DHCPNameServer = 10.254.254.151 10.254.251.91
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\22580~1.182\{16cdf~1\brwmngr.dll
SSODL: WebCheck - <orphaned>
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Precision Codec: {7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=FC8DE060-69B7-477D-8968-F2CF716FAC7A&apn_ptnrs=TV&apn_sauid=92FBD31E-3538-4039-BDF2-FA487DC0D302&apn_dtid=OSJ000YYUS&&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-3ebe0cca16b6421c\NPRobloxProxy.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Larry\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Larry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Larry\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll
FF - plugin: C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-19 11:51; toolbar@ask.com; C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\extensions\toolbar@ask.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-11-27 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-11-27 40064]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2011-8-29 101688]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R1 RapportCerberus_43926;RapportCerberus_43926;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys [2012-10-30 505720]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-10-28 55096]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-10-28 297240]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-27 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-3 2413056]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-9-13 229392]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-10-28 976728]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-5-10 185856]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-5-29 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-11-27 114704]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-5-29 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-27 425064]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-5-29 878184]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-11-27 53376]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.exe --> C:\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\System32\drivers\CM10864.sys [2011-8-26 1120256]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-30 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-11-21 18:28:21 20480 ----a-w- C:\Windows\svchost.exe
2012-11-19 17:51:17 -------- d-----w- C:\Users\Larry\AppData\Local\APN
2012-11-19 17:51:16 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-11-19 17:40:59 -------- d-----w- C:\ProgramData\Ask
2012-11-19 17:40:19 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-18 05:24:13 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-18 05:24:12 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-18 05:24:12 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-18 05:24:12 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-18 04:59:59 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-18 04:59:59 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-18 04:59:57 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-18 04:59:57 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-18 04:59:55 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-18 04:59:55 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-18 04:59:54 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-18 01:33:56 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-11-18 01:33:56 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-11-18 01:33:56 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-11-18 01:33:56 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-11-18 01:33:41 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-18 01:30:47 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-11-18 01:30:46 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-11-18 01:30:46 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-11-18 01:30:46 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-11-18 01:30:45 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-11-18 01:30:44 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-11-18 01:30:44 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2012-11-18 01:30:44 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-11-18 01:30:44 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-11-18 01:30:44 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-11-18 01:28:00 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-18 01:28:00 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-11-17 21:43:34 -------- d-----w- C:\Users\Larry\.smplayer
2012-11-17 20:41:05 -------- d-----w- C:\ProgramData\boost_interprocess
2012-11-15 12:49:56 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-11-15 12:49:55 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-11-04 22:56:57 -------- d-----w- C:\ProgramData\KingsIsle Entertainment
.
==================== Find3M ====================
.
2012-10-30 05:11:20 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 05:11:20 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-28 21:46:36 101688 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-09-13 06:44:32 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2012-09-13 06:44:30 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2012-09-01 21:49:26 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-01 21:49:26 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 20:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:22:46 1346048 ----a-w- C:\Windows\System32\urlmon(218).dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet(220).dll
2012-08-24 10:12:04 2144768 ----a-w- C:\Windows\System32\iertutil(212).dll
2012-08-24 07:27:00 12319744 ----a-w- C:\Windows\SysWow64\mshtml(232).dll
2012-08-24 07:03:49 9738240 ----a-w- C:\Windows\SysWow64\ieframe(228).dll
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9(230).dll
2012-08-24 06:51:50 1103872 ----a-w- C:\Windows\SysWow64\urlmon(235).dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet(237).dll
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript(236).dll
2012-08-24 06:44:35 1793024 ----a-w- C:\Windows\SysWow64\iertutil(229).dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml(233).tlb
2004-07-30 14:56:22 90112 ----a-w- C:\Program Files (x86)\Common Files\PCSBclean.exe
2004-07-26 20:30:14 291840 ----a-w- C:\Program Files (x86)\Common Files\PCSBoff.exe
.
============= FINISH: 12:50:49.90 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/29/2011 5:26:20 PM
System Uptime: 11/21/2012 12:26:37 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 3564
Processor: AMD A4-3300M APU with Radeon™ HD Graphics | Socket FS1 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 175.456 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.533 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP207: 11/17/2012 10:53:16 PM - Windows Update
RP208: 11/19/2012 11:36:47 AM - Installed Java 7 Update 9
.
==== Installed Programs ======================
.
Adobe Connect Add-in
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) MUI
Adobe Shockwave Player 11.6
Agatha Christie - Peril at End House
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Media Foundation Decoders
AMD Steady Video Plug-In
AMD System Monitor
AMD VISION Engine Control Center
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Avery Template
AVG 2012
Bejeweled 2 Deluxe
Bejeweled 3
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Bounce Symphony
Build-a-lot 2
Cake Mania
CameraHelperMsi
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator 2.2
Canon MP830
Canon MX350 series MP Drivers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Contextual Tool Sleekseek
CyberLink YouCam
D3DX10
Daily Devotional
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
Energy Star Digital Logo
erLT
ESET Online Scanner v3
ESU for Microsoft Windows 7
Evernote v. 4.2.2
Farm Frenzy
FATE - The Traitor Soul
FormulaCartoon
Free Realms
Google Apps Migration For Microsoft Outlook® 2.3.12.34
Google Chrome
Google Earth Plug-in
Google Update Helper
GoToMeeting 4.8.0.723
Hewlett-Packard ACLM.NET v1.1.2.0
HP Auto
HP Client Services
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
iCloud
IDT Audio
iTunes
Java 7 Update 9
Java Auto Updater
Java™ 6 Update 24 (64-bit)
Java™ 6 Update 31
JavaFX 2.1.0
Junk Mail filter update
Kalydo Player 4.09.00
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Mah Jong Medley
Malwarebytes Anti-Malware version 1.62.0.1300
McAfee Security Scan Plus
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Nitro Reader 2
Norton Security Scan
PC Study Bible 3.0 -- Christian Classics Vol. 1
PC Study Bible 4 - Bonus CD
PC Study Bible 4 - Wycliffe
PC Study Bible 4 Bonus
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Precision Codec 2.0.0.415
Quicken 2009
QuickTime
Rapport
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Recovery Manager
Revo Uninstaller 1.92
ROBLOX Player
RoxioNow Player
SAMSUNG USB Driver for Mobile Phones
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Slingo Supreme
swMSM
Synaptics Pointing Device Driver
TARGUS ACP45 V3.1.2
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Verizon Wireless Software Utility Application for Android - Samsung
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Web Assistant 2.0.0.430
Wheel of Fortune 2
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Yahoo! Detect
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
11/21/2012 12:30:04 PM, Error: Service Control Manager [7000] - The Browser Manager service failed to start due to the following error: The system cannot find the file specified.
11/21/2012 12:27:24 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
11/21/2012 12:26:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapportMgmtService service.
11/21/2012 10:51:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service v4 service to connect.
11/21/2012 10:51:51 AM, Error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/21/2012 10:51:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service service to connect.
11/21/2012 10:51:20 AM, Error: Service Control Manager [7000] - The Intuit Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/21/2012 10:48:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HPWMISVC service to connect.
11/21/2012 10:48:16 AM, Error: Service Control Manager [7000] - The HPWMISVC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/20/2012 9:36:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
11/20/2012 9:35:46 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800030b366b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-68468-01.
11/20/2012 3:20:11 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00-1E-8F-8E-03-F3. Network operations on this system may be disrupted as a result.
11/20/2012 12:50:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004b01bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-38766-01.
11/20/2012 12:46:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004b2dbb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-49483-01.
11/20/2012 12:42:59 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000306666b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-47689-01.
11/19/2012 8:41:09 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/19/2012 8:41:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/19/2012 8:41:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/19/2012 4:02:59 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
11/19/2012 4:02:29 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service.
11/19/2012 4:01:19 AM, Error: Service Control Manager [7022] - The Intuit Update Service v4 service hung on starting.
11/19/2012 3:53:23 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Client Services service to connect.
11/19/2012 12:56:53 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000001, 0xfffff8000309724e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-40076-01.
11/19/2012 12:54:22 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff800030b416a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-41901-01.
11/19/2012 12:51:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff8000308ded6, 0xfffff88002129000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-47439-01.
11/19/2012 1:41:24 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/19/2012 1:06:32 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:46 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/19/2012 1:05:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/19/2012 1:05:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/19/2012 1:05:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/19/2012 1:05:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/19/2012 1:05:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/19/2012 1:05:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000703, 0x0000000000000002, 0x0000000000000001, 0xfffff800030b50c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-24102-01.
11/19/2012 1:05:09 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched RapportKE64 rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:02:25 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000307566b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-41090-01.
11/18/2012 5:20:05 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Web Assistant Updater service to connect.
11/18/2012 5:18:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bonjour Service service to connect.
11/18/2012 5:18:37 PM, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/18/2012 5:14:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
11/18/2012 2:17:40 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004952bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-43929-01.
11/18/2012 2:09:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033cb63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-56144-01.
11/18/2012 12:09:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
11/18/2012 12:07:34 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/18/2012 12:07:01 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 21
11/18/2012 12:06:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache RapportKE64 spldr Wanarpv6
11/18/2012 12:06:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000306d66b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-25474-01.
11/18/2012 12:03:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004b35bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-44943-01.
11/18/2012 1:02:02 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/17/2012 6:55:46 PM, Error: Service Control Manager [7023] - The Windows Driver Foundation - User-mode Driver Framework service terminated with the following error: Insufficient system resources exist to complete the requested service.
11/17/2012 5:54:56 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
11/17/2012 5:54:39 PM, Error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
11/17/2012 4:33:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800030af66b, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-31356-01.
11/17/2012 4:00:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x000000007fefef29, 0x0000000000000002, 0x0000000000000001, 0xfffff8000310c0c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-35568-01.
11/17/2012 3:21:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Audio Endpoint Builder service to connect.
11/17/2012 3:21:59 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
11/17/2012 3:21:59 PM, Error: Service Control Manager [7000] - The Windows Audio Endpoint Builder service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/15/2012 8:32:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/15/2012 8:32:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
.
==== End Of File ===========================
-
My father clicked on a popup saying he needed to install a new video player to play the video he wanted to see. 2 or 3 programs were installed. I ran MBAM and removed the trojans but they reappeared after the next restart. I uninstalled the 2 or 3 progams but cannot remember what they were called. Each time the computer restarts I get a box that pops up saying,"When the computer restarts a box pops up saying "Service not installed- HP connection Manager service not installed. Application will exit."
Thank you for your help.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.9.2
Run by Larry at 12:49:43 on 2012-11-21
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3561.352 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Larry\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
\\.\globalroot\systemroot\svchost.exe -netsvcs
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\AVG\AVG2012\avgscana.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - <orphaned>
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: {e9562ac8-7cfd-c239-1614-43cb98e9ce56} - <orphaned>
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
uRun: [Media Finder] "C:\Program Files (x86)\Media Finder\MF.exe" /opentotray
uRun: [Google Update] "C:\Users\Larry\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
mRun: [iJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [Cm108Sound] RunDll32 CM108.cpl,CMICtrlWnd
mRun: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
StartupFolder: C:\Users\Larry\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LAUNCH~1.LNK - C:\Users\Larry\AppData\Roaming\Verizon\UA_ar\UtilityApplication.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: EnableShellExecuteHooks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:0
IE: Download with &Media Finder - C:\Program Files (x86)\Media Finder\hook.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 75.75.76.76 75.75.75.75 75.75.76.76 75.75.75.75
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90} : DHCPNameServer = 75.75.76.76 75.75.75.75 75.75.76.76 75.75.75.75
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90}\14E646562737F6E6F5E45647 : DHCPNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90}\3726963746D27657563747 : DHCPNameServer = 10.254.254.151 10.254.251.91
TCP: Interfaces\{7B29FC58-B20C-4CE5-825F-988427478C90}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= c:\progra~3\browse~1\22580~1.182\{16cdf~1\brwmngr.dll
SSODL: WebCheck - <orphaned>
x64-BHO: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll
x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
x64-BHO: Precision Codec: {7D99783A-E6BF-4a1a-A923-4DAA5ADF3D66} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
x64-DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=FC8DE060-69B7-477D-8968-F2CF716FAC7A&apn_ptnrs=TV&apn_sauid=92FBD31E-3538-4039-BDF2-FA487DC0D302&apn_dtid=OSJ000YYUS&&q=
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitroie.dll
FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll
FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-3ebe0cca16b6421c\NPRobloxProxy.dll
FF - plugin: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\5\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Larry\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Larry\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Larry\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll
FF - plugin: C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-11-19 11:51; toolbar@ask.com; C:\Users\Larry\AppData\Roaming\Mozilla\Firefox\Profiles\sp8jtxqq.default-1347073889778\extensions\toolbar@ask.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-11-27 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-11-27 40064]
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2012-4-19 28480]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2012-1-31 36944]
R0 RapportKE64;RapportKE64;C:\Windows\System32\drivers\RapportKE64.sys [2011-8-29 101688]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2012-7-26 291680]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2011-12-23 47696]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2012-8-24 384352]
R1 RapportCerberus_43926;RapportCerberus_43926;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus64_43926.sys [2012-10-30 505720]
R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2012-10-28 55096]
R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2012-10-28 297240]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-27 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-9-28 361984]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288]
R2 ezSharedSvc;Easybits Services for Windows;C:\Windows\System32\ezSharedSvcHost.exe --> C:\Windows\System32\ezSharedSvcHost.exe [?]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2011-9-9 86072]
R2 HPAuto;HP Auto;C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2010-8-5 681528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-12-3 2413056]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2011-8-25 13672]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-9-13 229392]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2012-10-28 976728]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-4-1 428640]
R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-5-10 185856]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-5-29 46136]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-11-27 114704]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2011-12-23 124496]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\avgidsfiltera.sys [2011-12-23 29776]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2010-7-28 31088]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-5-29 338536]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-27 425064]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\Windows\System32\drivers\rtl8192ce.sys [2011-5-29 878184]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-11-27 53376]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-8-13 5167736]
S2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.exe --> C:\ProgramData\Browser Manager\2.2.580.182\{16cdff19-861d-48e3-a751-d99a27784753}\brwmngr.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2011-4-1 341856]
S3 LVUVC64;Logitech Webcam Pro 9000(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2011-4-1 4184672]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBPNPA;USB PnP Sound Device Interface;C:\Windows\System32\drivers\CM10864.sys [2011-8-26 1120256]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-30 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-11-21 18:28:21 20480 ----a-w- C:\Windows\svchost.exe
2012-11-19 17:51:17 -------- d-----w- C:\Users\Larry\AppData\Local\APN
2012-11-19 17:51:16 -------- d-----w- C:\Program Files (x86)\Ask.com
2012-11-19 17:40:59 -------- d-----w- C:\ProgramData\Ask
2012-11-19 17:40:19 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-18 05:24:13 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-11-18 05:24:12 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-11-18 05:24:12 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-11-18 05:24:12 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-11-18 04:59:59 87040 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys
2012-11-18 04:59:59 198656 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys
2012-11-18 04:59:57 84992 ----a-w- C:\Windows\System32\WUDFSvc.dll
2012-11-18 04:59:57 194048 ----a-w- C:\Windows\System32\WUDFPlatform.dll
2012-11-18 04:59:55 45056 ----a-w- C:\Windows\System32\WUDFCoinstaller.dll
2012-11-18 04:59:55 229888 ----a-w- C:\Windows\System32\WUDFHost.exe
2012-11-18 04:59:54 744448 ----a-w- C:\Windows\System32\WUDFx.dll
2012-11-18 01:33:56 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-11-18 01:33:56 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-11-18 01:33:56 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-11-18 01:33:56 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-11-18 01:33:41 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-18 01:30:47 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-11-18 01:30:46 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-11-18 01:30:46 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-11-18 01:30:46 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-11-18 01:30:45 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-11-18 01:30:44 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-11-18 01:30:44 52224 ----a-w- C:\Windows\SysWow64\nlaapi.dll
2012-11-18 01:30:44 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-11-18 01:30:44 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-11-18 01:30:44 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-11-18 01:28:00 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-11-18 01:28:00 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-11-17 21:43:34 -------- d-----w- C:\Users\Larry\.smplayer
2012-11-17 20:41:05 -------- d-----w- C:\ProgramData\boost_interprocess
2012-11-15 12:49:56 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-11-15 12:49:55 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-11-04 22:56:57 -------- d-----w- C:\ProgramData\KingsIsle Entertainment
.
==================== Find3M ====================
.
2012-10-30 05:11:20 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-30 05:11:20 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-10-28 21:46:36 101688 ----a-w- C:\Windows\System32\drivers\RapportKE64.sys
2012-10-08 11:31:03 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-10-08 11:23:52 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-10-08 11:22:55 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-10-08 11:18:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-10-08 11:17:35 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-10-08 11:13:33 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-10-08 07:56:24 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-09-14 19:19:29 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-09-14 18:28:53 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-09-13 06:44:32 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll
2012-09-13 06:44:30 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll
2012-09-01 21:49:26 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-09-01 21:49:26 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 20:43:16 384352 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-08-24 18:05:07 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-08-24 16:57:48 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-08-24 10:22:46 1346048 ----a-w- C:\Windows\System32\urlmon(218).dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet(220).dll
2012-08-24 10:12:04 2144768 ----a-w- C:\Windows\System32\iertutil(212).dll
2012-08-24 07:27:00 12319744 ----a-w- C:\Windows\SysWow64\mshtml(232).dll
2012-08-24 07:03:49 9738240 ----a-w- C:\Windows\SysWow64\ieframe(228).dll
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9(230).dll
2012-08-24 06:51:50 1103872 ----a-w- C:\Windows\SysWow64\urlmon(235).dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet(237).dll
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript(236).dll
2012-08-24 06:44:35 1793024 ----a-w- C:\Windows\SysWow64\iertutil(229).dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml(233).tlb
2004-07-30 14:56:22 90112 ----a-w- C:\Program Files (x86)\Common Files\PCSBclean.exe
2004-07-26 20:30:14 291840 ----a-w- C:\Program Files (x86)\Common Files\PCSBoff.exe
.
============= FINISH: 12:50:49.90 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/29/2011 5:26:20 PM
System Uptime: 11/21/2012 12:26:37 PM (0 hours ago)
.
Motherboard: Hewlett-Packard | | 3564
Processor: AMD A4-3300M APU with Radeon HD Graphics | Socket FS1 | 1900/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 175.456 GiB free.
D: is FIXED (NTFS) - 14 GiB total, 1.533 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP207: 11/17/2012 10:53:16 PM - Windows Update
RP208: 11/19/2012 11:36:47 AM - Installed Java 7 Update 9
.
==== Installed Programs ======================
.
Adobe Connect Add-in
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4) MUI
Adobe Shockwave Player 11.6
Agatha Christie - Peril at End House
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD Media Foundation Decoders
AMD Steady Video Plug-In
AMD System Monitor
AMD VISION Engine Control Center
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
Avery Template
AVG 2012
Bejeweled 2 Deluxe
Bejeweled 3
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Bounce Symphony
Build-a-lot 2
Cake Mania
CameraHelperMsi
Canon IJ Network Scan Utility
Canon IJ Network Tool
Canon MP Navigator 2.2
Canon MP830
Canon MX350 series MP Drivers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCleaner
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Contextual Tool Sleekseek
CyberLink YouCam
D3DX10
Daily Devotional
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
Dora's World Adventure
Energy Star Digital Logo
erLT
ESET Online Scanner v3
ESU for Microsoft Windows 7
Evernote v. 4.2.2
Farm Frenzy
FATE - The Traitor Soul
FormulaCartoon
Free Realms
Google Apps Migration For Microsoft Outlook® 2.3.12.34
Google Chrome
Google Earth Plug-in
Google Update Helper
GoToMeeting 4.8.0.723
Hewlett-Packard ACLM.NET v1.1.2.0
HP Auto
HP Client Services
HP Connection Manager
HP Customer Experience Enhancements
HP Documentation
HP Games
HP MovieStore
HP On Screen Display
HP Power Manager
HP Quick Launch
HP Setup
HP Setup Manager
HP Software Framework
HP Support Assistant
iCloud
IDT Audio
iTunes
Java 7 Update 9
Java Auto Updater
Java 6 Update 24 (64-bit)
Java 6 Update 31
JavaFX 2.1.0
Junk Mail filter update
Kalydo Player 4.09.00
Logitech Vid HD
Logitech Webcam Software
LWS Facebook
LWS Gallery
LWS Help_main
LWS Launcher
LWS Motion Detection
LWS Pictures And Video
LWS Twitter
LWS Video Mask Maker
LWS VideoEffects
LWS Webcam Software
LWS WLM Plugin
LWS YouTube Plugin
Mah Jong Medley
Malwarebytes Anti-Malware version 1.62.0.1300
McAfee Security Scan Plus
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft WSE 3.0 Runtime
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Mystery P.I. - Stolen in San Francisco
Namco All-Stars PAC-MAN
Nitro Reader 2
Norton Security Scan
PC Study Bible 3.0 -- Christian Classics Vol. 1
PC Study Bible 4 - Bonus CD
PC Study Bible 4 - Wycliffe
PC Study Bible 4 Bonus
Penguins!
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Precision Codec 2.0.0.415
Quicken 2009
QuickTime
Rapport
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek PCIE Card Reader
REALTEK Wireless LAN Driver
RealUpgrade 1.1
Recovery Manager
Revo Uninstaller 1.92
ROBLOX Player
RoxioNow Player
SAMSUNG USB Driver for Mobile Phones
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
Slingo Supreme
swMSM
Synaptics Pointing Device Driver
TARGUS ACP45 V3.1.2
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wrapper
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update Installer for WildTangent Games App
Verizon Wireless Software Utility Application for Android - Samsung
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Web Assistant 2.0.0.430
Wheel of Fortune 2
WildTangent Games App
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
Yahoo! Detect
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
11/21/2012 12:30:04 PM, Error: Service Control Manager [7000] - The Browser Manager service failed to start due to the following error: The system cannot find the file specified.
11/21/2012 12:27:24 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
11/21/2012 12:26:11 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RapportMgmtService service.
11/21/2012 10:51:51 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service v4 service to connect.
11/21/2012 10:51:51 AM, Error: Service Control Manager [7000] - The Intuit Update Service v4 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/21/2012 10:51:20 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service service to connect.
11/21/2012 10:51:20 AM, Error: Service Control Manager [7000] - The Intuit Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/21/2012 10:48:16 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HPWMISVC service to connect.
11/21/2012 10:48:16 AM, Error: Service Control Manager [7000] - The HPWMISVC service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/20/2012 9:36:30 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
11/20/2012 9:35:46 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800030b366b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-68468-01.
11/20/2012 3:20:11 PM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.101 with the system having network hardware address 00-1E-8F-8E-03-F3. Network operations on this system may be disrupted as a result.
11/20/2012 12:50:32 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004b01bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-38766-01.
11/20/2012 12:46:34 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004b2dbb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-49483-01.
11/20/2012 12:42:59 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000306666b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 112012-47689-01.
11/19/2012 8:41:09 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/19/2012 8:41:09 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/19/2012 8:41:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/19/2012 4:02:59 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
11/19/2012 4:02:29 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AudioSrv service.
11/19/2012 4:01:19 AM, Error: Service Control Manager [7022] - The Intuit Update Service v4 service hung on starting.
11/19/2012 3:53:23 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Client Services service to connect.
11/19/2012 12:56:53 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000001, 0xfffff8000309724e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-40076-01.
11/19/2012 12:54:22 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000096, 0xfffff800030b416a, 0x0000000000000000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-41901-01.
11/19/2012 12:51:27 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff8000308ded6, 0xfffff88002129000, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-47439-01.
11/19/2012 1:41:24 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
11/19/2012 1:06:32 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:46 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
11/19/2012 1:05:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/19/2012 1:05:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
11/19/2012 1:05:41 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
11/19/2012 1:05:37 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/19/2012 1:05:24 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
11/19/2012 1:05:10 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x0000000000000703, 0x0000000000000002, 0x0000000000000001, 0xfffff800030b50c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-24102-01.
11/19/2012 1:05:09 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx64 Avgmfx64 Avgtdia DfsC discache NetBIOS NetBT nsiproxy Psched RapportKE64 rdbss spldr tdx vwififlt Wanarpv6 WfpLwf
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:07 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:05:06 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
11/19/2012 1:02:25 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000307566b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111912-41090-01.
11/18/2012 5:20:05 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Web Assistant Updater service to connect.
11/18/2012 5:18:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Bonjour Service service to connect.
11/18/2012 5:18:37 PM, Error: Service Control Manager [7000] - The Bonjour Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/18/2012 5:14:23 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
11/18/2012 2:17:40 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004952bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-43929-01.
11/18/2012 2:09:16 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800033cb63a, 0x0000000000000001, 0x0000000000000018). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-56144-01.
11/18/2012 12:09:29 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
11/18/2012 12:07:34 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
11/18/2012 12:07:01 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 21
11/18/2012 12:06:49 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx64 Avgmfx64 discache RapportKE64 spldr Wanarpv6
11/18/2012 12:06:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff8000306d66b, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-25474-01.
11/18/2012 12:03:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8004b35bb0, 0x0000000000000000, 0x000000007efa8000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111812-44943-01.
11/18/2012 1:02:02 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
11/17/2012 6:55:46 PM, Error: Service Control Manager [7023] - The Windows Driver Foundation - User-mode Driver Framework service terminated with the following error: Insufficient system resources exist to complete the requested service.
11/17/2012 5:54:56 PM, Error: Service Control Manager [7023] - The Windows Update service terminated with the following error: %%-2147467243
11/17/2012 5:54:39 PM, Error: Service Control Manager [7034] - The Intuit Update Service service terminated unexpectedly. It has done this 1 time(s).
11/17/2012 4:33:14 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff800030af66b, 0x0000000000000000, 0x000007fffffa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-31356-01.
11/17/2012 4:00:07 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000000a (0x000000007fefef29, 0x0000000000000002, 0x0000000000000001, 0xfffff8000310c0c5). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 111712-35568-01.
11/17/2012 3:21:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Audio Endpoint Builder service to connect.
11/17/2012 3:21:59 PM, Error: Service Control Manager [7001] - The Windows Audio service depends on the Windows Audio Endpoint Builder service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
11/17/2012 3:21:59 PM, Error: Service Control Manager [7000] - The Windows Audio Endpoint Builder service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/15/2012 8:32:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
11/15/2012 8:32:57 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
.
==== End Of File ===========================
Need help removing 2 trojans
in Resolved Malware Removal Logs
Posted
Meh, I might be a little slow. Thank you very much for your help.