chopperbob

Maurice, Did you intentionally omit instructing me to run a scan after "Delete" any of the listed registries (if found) before I reboot? BTW, there were absolutely no registries listed. Since there's no listed registries to delete, I'm going to go ahead and scan. RKreport[2]_S_01122013_02d1718.txt RogueKiller V8.4.3 [Jan 10 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Bob Ingham [Admin rights] Mode : Scan -- Date : 01/12/2013 17:18:35 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [sTARTUP][sUSP PATH] Best Buy pc app.lnk @Guest : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\windows\system32\drivers\etc\hosts 127.0.0.1 new.localhost 127.0.0.1 week_3.localhost 127.0.0.1 views.localhost 127.0.0.1 week_6.localhost 127.0.0.1 week_7_theming.localhost 127.0.0.1 week8_panels.localhost 127.0.0.1 week_8_context_module.localhost 127.0.0.1 philly_station_test.localhost 127.0.0.1 week_9_extras.localhost 127.0.0.1 localhost 127.0.0.1 drupaltest.localhost 127.0.0.1 rideau.localhost 127.0.0.1 upp_edu_sa.localhost 127.0.0.1 mediacurrent.localhost 127.0.0.1 knitrowan.localhost 192.168.1.105 rideau.ubuntu 192.168.1.105 ubuntu 127.0.0.1 drupalville.localhost 127.0.0.1 ostraining_intermediate.localhost 127.0.0.1 65.52.240.48 [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] 0b292c56c97b6fbfa1b1d56de2f48584 [bSP] a27490fbeb28f455b23c4767051a7e3d : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 698469 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1433538560 | Size: 15434 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_S_01122013_02d1718.txt >> RKreport[1]_S_01102013_02d1714.txt ; RKreport[2]_S_01122013_02d1718.txt

Security Check checkup.txt (had pop-up error msg while running) Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Wise Registry Cleaner 7.62 Java™ 6 Update 25 Java 7 Update 9 Adobe Flash Player 11.5.502.146 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (17.0.1) Google Chrome 19.0.1084.46 Google Chrome 19.0.1084.52 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 Google Chrome 23.0.1271.91 Google Chrome 23.0.1271.95 Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log`````````````````````` BitDefender Report 2013-01-10 17.07.44 QuickScan 32-bit v0.9.9.118 --------------------------- Scan date: Thu Jan 10 17:07:44 2013 Machine ID: 2A747BE0 No infection found. ------------------- Processes --------- Adobe Acrobat Update Service 1760 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe avast! Antivirus 1476 C:\Program Files\AVAST Software\Avast\AvastSvc.exe avast! Antivirus 5416 C:\Program Files\AVAST Software\Avast\AvastUI.exe Dropbox 5552 C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe Intel® Active Management Technology L 4484 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe Intel® Management and Security Applic 6180 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe IviRegMgr Module 4940 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe Java™ Platform SE Auto Updater 2 0 196 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe KeNotify Application 5628 C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe Microsoft Office 2010 10936 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE Microsoft OneNote 5756 C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE MobileDeviceService 1800 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe PsiService System Service 1496 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe SetPoint32.exe 2468 C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe Skype 1100 C:\Program Files (x86)\Skype\Phone\Skype.exe TOSHIBA Wireless Display Monitor 3084 C:\Program Files (x86)\Toshiba\widimon\widimon.exe Window Washer 2356 C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe Window Washer 5708 C:\Program Files (x86)\Webroot\Washer\wwDisp.exe Windows® Internet Explorer 6548 C:\Program Files (x86)\Internet Explorer\iexplore.exe Windows® Internet Explorer 8516 C:\Program Files (x86)\Internet Explorer\iexplore.exe Windows® Internet Explorer 11976 C:\Program Files (x86)\Internet Explorer\iexplore.exe XMail.exe 2416 C:\Program Files (x86)\acquia-drupal\xmail\XMail.exe Yahoo! Mail 5764 C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe Yahoo! Messenger 4804 C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe Yahoo! Toolbar Assistant 6400 C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe Yammer.exe 2576 C:\Program Files (x86)\Yammer\Yammer.exe Yammer.exe 5896 C:\Program Files (x86)\Yammer\Yammer.exe (verified) GoogleToolbarNotifier 4588 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (verified) Microsoft® .NET Framework 8756 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (verified) Yahoo! AutoUpdater 2436 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe Network activity ---------------- Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 67.228.168.216 Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 67.228.168.216 Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 67.228.168.216 Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 77.234.40.52 Process Yammer.exe (2576) connected on port 443 (HTTP over SSL) --> 204.152.18.206 Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13 Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13 Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13 Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13 Process Dropbox.exe (5552) connected on port 80 (HTTP) --> 199.47.217.146 Process Yammer.exe (5896) connected on port 443 (HTTP over SSL) --> 204.152.18.206 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 23.64.159.139 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 23.64.159.139 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 68.142.250.142 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 173.194.37.109 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 173.194.37.109 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 72.21.81.253 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.161 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.161 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.205 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.205 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.130.104 Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.130.104 Process iexplore.exe (8516) connected on port 80 (HTTP) --> 68.142.250.161 Process iexplore.exe (8516) connected on port 80 (HTTP) --> 216.39.54.32 Process XMail.exe (2416) listens on ports: 25 (SMTP), 6017, 6018 Process BitTorrent.exe (5232) listens on ports: 42203 Process Dropbox.exe (5552) listens on ports: 17500 Autoruns and critical files --------------------------- HWSetup C:\Program Files\TOSHIBA\Utilities\HWSetup.exe Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Adobe® Flash® Player Update Service C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastUI.exe CheckUpdate.exe C:\Program Files (x86)\Xvid\CheckUpdate.exe DAEMON Tools Lite C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe Dropbox C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe Java™ Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe KeNotify Application C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe Logitech SetPoint C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe Microsoft OneNote C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE Microsoft® Windows® Operating System C:\windows\system32\userinit.exe Skype C:\Program Files (x86)\Skype\Phone\Skype.exe SVPWUTIL Application C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe TOSHIBA Service Station C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe TOSHIBA Sleep C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe Window Washer C:\Program Files (x86)\Webroot\Washer\wwDisp.exe Yahoo! Mail C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe Yahoo! Messenger C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe Yammer.exe C:\Program Files (x86)\Yammer\Yammer.exe (verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (verified) GoogleToolbarNotifier C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe Browser plugins --------------- AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll avast! Antivirus c:\program files\avast software\avast\aswwebrepie.dll Best Buy pc app Detector C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll Freemake np-plugin for google chrome C:\Users\Bob Ingham\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll Google Toolbar for Internet Explorer c:\program files (x86)\google\google toolbar\googletoolbar_32.dll Google Update C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll Java Deployment Toolkit 7.0.90.5 C:\windows\SysWOW64\npDeployJava1.dll Java™ Platform SE 7 U9 C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll Java™ Platform SE 7 U9 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll Java™ Platform SE 7 U9 C:\Program Files (x86)\Java\jre7\bin\ssv.dll Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL Microsoft® Windows® Operating System C:\windows\system32\mswsock.dll Microsoft® Windows® Operating System C:\windows\system32\NLAapi.dll NPSWF32_11_5_502_146.dll C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll TOSHIBA Media Controller Plug-in c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll WebEx Download Module C:\windows\Downloaded Program Files\ieatgpc.dll Windows Activation Technologies C:\windows\system32\Wat\npWatWeb.dll Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll Yahoo Application State Plugin C:\Program Files (x86)\Yahoo!\Shared\npYState.dll Yahoo! Single Instance for Mail C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll Yahoo! Toolbar C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (verified) Microsoft® Windows® Operating System C:\windows\system32\napinsp.dll (verified) Microsoft® Windows® Operating System C:\windows\system32\pnrpnsp.dll (verified) Microsoft® Windows® Operating System C:\windows\System32\winrnr.dll Scan ---- MD5: bfc0d872f29652cf21382b25903acf3b C:\Program Files (x86)\acquia-drupal\xmail\LIBEAY32.dll MD5: 41afac67eb06ddf8f38a2412265617cb C:\Program Files (x86)\acquia-drupal\xmail\SSLEAY32.dll MD5: 1619a3283d9125d44116a1ee9143e035 C:\Program Files (x86)\acquia-drupal\xmail\XMail.exe MD5: 84cbd6f6aa7ee399fbdc265b8ea64474 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll MD5: c3125fee4c351ca868ec6640b7752d42 C:\Program Files (x86)\BandiMPEG1\bdfilters.dll MD5: d0a12ed17be1366cb59845937da3b854 C:\Program Files (x86)\BitTorrent\BitTorrent.exe MD5: d3cfdde30b24b1266030f75baf337660 c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll MD5: 9d680c0dfbd26a3f8f1d5ad424439f23 c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll MD5: ba0ed7aa3c36a8da27ded1d6b3508158 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll MD5: b63e5c7807334a3a8f731062f15462cc C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe MD5: d19c4ee2ac7c47b8f5f84fff1a789d8a C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe MD5: 92da9ede07390b4352b29dd82079e398 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll MD5: 5d76c8cc87d0efbe0b4a3bef6b67ebf0 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll MD5: 5e33c164dc7fa74728d8a83036c438bb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll MD5: 638c7596b493f5f77db9ef6bad8fe46c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll MD5: 2dedc3afe3c49b5dae717d0a9bebf298 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.DLL MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll MD5: 7ef47644b74ebe721cc32211d3c35e76 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe MD5: f8ecb748b53a010464f7a63154d75f56 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll MD5: 2c478e667ce27b2b7142f756cf569a9a C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll MD5: f415a88162d23977b5edae4f0410e903 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe MD5: 12916e0642e92561c98b18a2a2d01b14 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE MD5: 6d113e9c1210dfa7cba6f92a226c0748 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\1033\MSOINTL.DLL MD5: e9901a7e569c4156fda69f5c9356b8ed C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf MD5: 911f487f7dd6538ac9fb17dedfd5117f C:\Program Files (x86)\Common Files\Microsoft Shared\office14\mso.dll MD5: a1cfdef143b1b4047e0fd3510f85de97 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL MD5: 4c0da2b69f8de16e97fcec0e19312923 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\riched20.dll MD5: 6df2076a4ac5e3655529142917b579a4 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\USP10.DLL MD5: 1d9c3d7a1f8838e6280fa3f7d1fe4ed8 C:\Program Files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL MD5: cf39a105cd553eed31e2255aff4c6742 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll MD5: 45406ffd87f6ba4345b018e303a64ff1 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\wlidcli.DLL MD5: 12b79422a23814429cda9e734c58f78f C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL MD5: f036cfb275d0c55f4e45fbbf5f98b3c8 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe MD5: aaa298bddc6033909aebae9547441575 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe MD5: b78f4c2c592c87df54e8e0c6aaef3874 C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll MD5: b9497c5acaea521663bffbb321dd3afa c:\program files (x86)\google\google toolbar\googletoolbar_32.dll MD5: 76e7410b3a308f6960d3ce06dc7874ad C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll MD5: 917a728a12f25fcf4636858fac9979fa C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll MD5: 50c7ce53ef461870410355f1f2e7d515 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe MD5: d480c9220bfe667de65a46cde80ea7e9 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll MD5: 374ebda379a8f38e0cfc2211611e7167 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe MD5: 122f89e0905fc656d56f65cd7a2e9b4d C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll MD5: 62cbf36e3e10baa74224bc7a6dd998b5 C:\Program Files (x86)\Internet Explorer\ieproxy.dll MD5: 1d4127fe151165c5fb9c0eed8701a3d1 C:\Program Files (x86)\Internet Explorer\IEShims.dll MD5: 0d286c0fe561d1a7eb30e83a0ff305b2 C:\Program Files (x86)\Internet Explorer\iexplore.exe MD5: eb47e405a9222ca595e5e763b4156529 C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll MD5: c04fcb7eebeb5097b30468828f20fb9e C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll MD5: a7a6954e500715117b64b414ab81cb44 C:\Program Files (x86)\Java\jre7\bin\ssv.dll MD5: 970e191fa2ba21844d7103792b6885f6 C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe MD5: dcdaa5ad16ae0fd9a71ed7347ab2c236 C:\Program Files (x86)\Logitech\SetPoint\x86\AdobeHookDll.dll MD5: e23d6338e27442a11578dd284ea4d08c C:\Program Files (x86)\Logitech\SetPoint\x86\AOLHookDll.dll MD5: 858b5dff1516d0deeae8a129b9eeb005 C:\Program Files (x86)\Logitech\SetPoint\x86\GameHook.dll MD5: 697743e98dfe021850bd28c4aae990cd C:\Program Files (x86)\Logitech\SetPoint\x86\HookDll.dll MD5: 9c13b38b77b89283238f79b960e72fff C:\Program Files (x86)\Logitech\SetPoint\x86\IMHook.dll MD5: 29bb5ae1f5535b909ceee43f21a7ee0d C:\Program Files (x86)\Logitech\SetPoint\x86\KEMHook.dll MD5: 25e06481510846a7b0447fe8c051dc8f C:\Program Files (x86)\Logitech\SetPoint\x86\lgscroll.dll MD5: 55709a4daf50eaf99c38aa09e758decd C:\Program Files (x86)\Logitech\SetPoint\x86\MessengerHook.dll MD5: c316afae719b1c1ce1b903673bc6a641 C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe MD5: 1acaa67676e9e7bda5e0c41b6e0decaf C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe MD5: 916b8954ac3e06dc9e898affb41f3fb6 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe MD5: fc19f3d46e21ef65eea990b8af2076f6 C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL MD5: 572b3225fd8c1d6c741bee61e8edc5de C:\Program Files (x86)\Microsoft Office\Office14\1033\wwintl.dll MD5: 53eb8ca63cafc4f07424cd76b58903d1 C:\Program Files (x86)\Microsoft Office\Office14\css7Data0009.dll MD5: 140cce53806f79c2e45bd198e76dc79e C:\Program Files (x86)\Microsoft Office\Office14\gfx.dll MD5: a729ecf8e670558dfa3bc260c02126c4 C:\Program Files (x86)\Microsoft Office\Office14\mscss7en.dll MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL MD5: 7a48223093a2b6fecb00e4360c71dcc2 C:\Program Files (x86)\Microsoft Office\Office14\msproof7.dll MD5: a0ae3739a2b9a256df984244c763577c C:\Program Files (x86)\Microsoft Office\Office14\oart.dll MD5: 043fe3c9088beadc6a9ffc033c84f20f C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE MD5: fd41ecec831c4d85e6fd42a6d5ec1b57 C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\1033\MSGR3EN.DLL MD5: c5dd903eb57afb76368689f85a8b25d3 C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\MSSP7EN.DLL MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL MD5: c866f8c29508363a09fac5c235855d56 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE MD5: 0cb194c8b6ce384d3876a698519c4009 C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll MD5: 8c7336950f1e69cdfd811cbbd9cf00a2 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe MD5: 0015113a604b94769ab5159e8dcfc6e6 C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe MD5: 2c6dfc761f1dae61940c7eae97ebdb19 C:\Program Files (x86)\Skype\Phone\Skype.exe MD5: a4fab5f7818a69da6e740943cb8f7ca9 C:\Program Files (x86)\Skype\Updater\Updater.exe MD5: df6f7d5b1c7cae71a24585c54c753013 c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll MD5: 71c321649b28638ee80a2eeb164c1dc8 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe MD5: 1705b6e6e1d883965f32c7d3b8e78ce6 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe MD5: bb752714d14cb1f13969d721f1a3a60f C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe MD5: 1faa54e9ffea6fd3e0cead951cddfef6 C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe MD5: 5698035892d860a883fcea17a154cab5 C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe MD5: 169c83471930c8c9945684af8b9b26bc C:\Program Files (x86)\Toshiba\widimon\widimon.exe MD5: a3a5dcf65b4ac8d98c7e2dd9b58b37a3 C:\Program Files (x86)\UGS\NX 7.5\UGFLEXLM\lmgrd.exe MD5: 9ad7594cc7c3b2d591505d7a696e2d4f C:\Program Files (x86)\Webroot\Washer\Languages\English.dll MD5: b2232d645fad62fd49d7d3efcb7b5fb4 C:\Program Files (x86)\Webroot\Washer\sqlite3.dll MD5: d42b153cd9ac1237b7fac8ba24e1a7e4 C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe MD5: 709fa812be8459d076abf3eaf7678dd6 C:\Program Files (x86)\Webroot\Washer\wwDisp.exe MD5: 0a1ff0b674e2f268799442a434a63bb3 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll MD5: 6d9e1356a9c1b5f36698faff9205e34a C:\Program Files (x86)\Xvid\CheckUpdate.exe MD5: 7d21171da91a625692daa6e0f27d27b2 C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe MD5: 01ed3846c78888de27e9ebc8fd8549e3 C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll MD5: c9fd7471ef07ddf219c2a719ca1b960e C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe MD5: 9dfe558b6e48b58fbe230ab94652d2a8 C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll MD5: d6eae5cd8b8f78ed11e9e0db1737c3db C:\Program Files (x86)\Yahoo!\Messenger\resources\en-US\res_msgr.dll MD5: 1ca2943dc17355330ba5b3efc6ca4537 C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe MD5: cf5905e75bda423ff97a0be4d4e1b499 C:\Program Files (x86)\Yahoo!\Messenger\YImage.dll MD5: 79fc43289b528cfb49a18d209c1e7e6d C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe MD5: 0e51b156d7d51d97d6bb730b5dbc8b61 C:\Program Files (x86)\Yahoo!\Messenger\yui.dll MD5: 6e83e7c3a7a2c5ec6409442ef189f71d C:\Program Files (x86)\Yahoo!\Shared\npYState.dll MD5: e417576715e736048ebd370fcae0c35d C:\Program Files (x86)\Yammer\Yammer.exe MD5: b316906b4a04dd39985350d29de31068 C:\Program Files\AVAST Software\Avast\1033\Base.dll MD5: ab6e3df509c6bd59062f685a40395c23 C:\Program Files\AVAST Software\Avast\1033\UILangRes.dll MD5: 6f367a9b88cfdd46f42c1d11e5cb7964 C:\Program Files\AVAST Software\Avast\Aavm4h.dll MD5: c2434dea392826c1687d9bd7fa4845bc C:\Program Files\AVAST Software\Avast\AavmRpch.dll MD5: f7d4a7047bcb7d3cc70b0dc23e928022 C:\Program Files\AVAST Software\Avast\AhAScr.dll MD5: 9c09af87ac7351985ab5ffba3fc52575 C:\Program Files\AVAST Software\Avast\AhResBhv.dll MD5: e844c96552989fa1eca95778583a904c C:\Program Files\AVAST Software\Avast\AhResJs.dll MD5: 17f5861a03516864a5f4cc04c7324278 C:\Program Files\AVAST Software\Avast\AhResMai.dll MD5: 8bec10c53e927cd5e442fe332804f1ac C:\Program Files\AVAST Software\Avast\AhResMes.dll MD5: 9b2f20ecf609edf54fec43e792028261 C:\Program Files\AVAST Software\Avast\AhResNS.dll MD5: 857661f2e5a677cfb6d3b2cf6e428227 C:\Program Files\AVAST Software\Avast\AhResP2P.dll MD5: 2466ed58b8efb3320bca73acf8179d24 C:\Program Files\AVAST Software\Avast\AhResStd.dll MD5: 5d9550e02d981b92b133e5f8f7bdf8d2 C:\Program Files\AVAST Software\Avast\AhResWS.dll MD5: 55afa63f5f2a6ced0c09e2afe57eca8d C:\Program Files\AVAST Software\Avast\ashBase.dll MD5: 977c54291bfa6fee7ff865630e51757b C:\Program Files\AVAST Software\Avast\ashServ.dll MD5: 16ce3ed063923253905341c9af850fe7 C:\Program Files\AVAST Software\Avast\ashTask.dll MD5: 4ff19ac422b7709d786de58b385c9647 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll MD5: 13790c4fb6311ece6d6763a7ec2313fb C:\Program Files\AVAST Software\Avast\aswAra.dll MD5: 045ee3dc56b12b404dc07848d8597c66 C:\Program Files\AVAST Software\Avast\aswAux.dll MD5: eb398ded91cff2f425610eaa2ccf2a23 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll MD5: babe99a18a382a5e2f99b48e0bc3e0d4 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll MD5: 178b51198b7b46cd3c5e744474459a63 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll MD5: f0e7dec6f7a3610949bded0ca8ccb3ea C:\Program Files\AVAST Software\Avast\aswData.dll MD5: 264b5d8f4c70a26749ff2cedde06ba30 C:\Program Files\AVAST Software\Avast\aswDld.dll MD5: c515caec6b3c6970007954c0250a124c C:\Program Files\AVAST Software\Avast\aswEngLdr.dll MD5: 902f670f58193a2bc30aa342b11b2c7b C:\Program Files\AVAST Software\Avast\aswIdle.dll MD5: 124715cd10c62a78404f1a3b1048d062 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll MD5: fca9cc8611654b790dd6242bf862b7f5 C:\Program Files\AVAST Software\Avast\aswLog.dll MD5: 12b9869e74f9e698f550f04f8989c591 C:\Program Files\AVAST Software\Avast\aswProperty.dll MD5: f186897e0a3b9d0784041221d0265069 C:\Program Files\AVAST Software\Avast\aswSqLt.dll MD5: 273fd83fc8c4e12f8c55381674f92a44 C:\Program Files\AVAST Software\Avast\aswStrm.dll MD5: 179eed57fed3c7422a559633641032ba C:\Program Files\AVAST Software\Avast\aswUtil.dll MD5: dfce15e59b8ac862b8e3ca6e43fe33f8 c:\program files\avast software\avast\aswwebrepie.dll MD5: 8fa553e9ae69808d99c164733a0f9590 C:\Program Files\AVAST Software\Avast\AvastSvc.exe MD5: 083649ef692a066880c9326020915afe C:\Program Files\AVAST Software\Avast\AvastUI.exe MD5: ab04c6ce5df23819b914f822e9aa0edf C:\Program Files\AVAST Software\Avast\CommonRes.dll MD5: 74ad964aa7df00395aa9df1209f142d3 C:\Program Files\AVAST Software\Avast\defs\13011000\algo.dll MD5: d94e28dcd7ece4fb522e42b11a355980 C:\Program Files\AVAST Software\Avast\defs\13011000\aswCmnBS.dll MD5: d4a7d2f81ff187b20abd95f8ad788b6d C:\Program Files\AVAST Software\Avast\defs\13011000\aswCmnIS.dll MD5: 24a64ba361e24cfca2e68dbe66584957 C:\Program Files\AVAST Software\Avast\defs\13011000\aswCmnOS.dll MD5: e5b6c6acdbe581af7b9f6d9dcf4d9de8 C:\Program Files\AVAST Software\Avast\defs\13011000\aswEngin.dll MD5: 605cb6d612f3ac6abf0c944893b5082d C:\Program Files\AVAST Software\Avast\defs\13011000\aswFiDb.dll MD5: 39e5000f00d779c139e5e11368b36a44 C:\Program Files\AVAST Software\Avast\defs\13011000\aswRep.dll MD5: 65f140a94ca3524968d341b80651bebd C:\Program Files\AVAST Software\Avast\defs\13011000\aswScan.dll MD5: 33c8847c17bc00ecc1b06240a6ceafbf C:\Program Files\AVAST Software\Avast\defs\13011000\uiExt.dll MD5: d79d3eabd4730970770efa530d094e0f C:\Program Files\AVAST Software\Avast\snxhk.dll MD5: 18505d90fee940ee9eae4c5b421f22b4 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe MD5: 88e52495b47c67126b510af53fdb0bc7 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe MD5: afb5b500ad69e24ed1bc15d1161641ef C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL MD5: 2bacd71123f42cea603f4e205e1ae337 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE MD5: 57e61dc4f7980d57c0b162fc5b9f0b38 C:\Program Files\Intel\WiFi\bin\EvtEng.exe MD5: 50b99d53bc013458381c6476d790c9f3 C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe MD5: 245ea6a2cfae7b183ee9a14a4673b1f1 C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe MD5: e7b489fa5b15d2fec3e52066e015b788 C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe MD5: 1c73689b900428c7d054a41c4687f55c C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe MD5: 63aafcf3ea5dbb17123e0bae9afe4d58 C:\Program Files\TOSHIBA\TECO\TecoService.exe MD5: 29d0886cf250fcef1bf9e65ab8d2c0c8 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe MD5: 098b8a408c17e125a3d9a8e1166780c8 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe MD5: d46214e72d863fdc48a887ce21693d49 C:\Program Files\TOSHIBA\Utilities\HWSetup.exe MD5: 06c8fa1cf39de6a735b54d906ba791c6 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe MD5: 8a67413465b16698d3ac2e7ac1d5ffd2 C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll MD5: 8deff623811cbf594d0ab68705fe80c6 C:\Users\Bob Ingham\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll MD5: 2f01b303dc54c4d6a82596f6813ba4f6 C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe MD5: d1f4ef194a129726fbf30e2f514824aa C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll MD5: 5cf6e9a685199445fee02fe8c191c9ba c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe MD5: 3c533761ec447a65f865695e86e7f15c c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe MD5: 9c17dcd6ddfeb1a012544faf4f2789f6 C:\windows\AppPatch\AcGenral.DLL MD5: c0cf56a4a837f43cf08aba9985be7ad4 C:\windows\Downloaded Program Files\ieatgpc.dll MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll MD5: c4002b6b41975f057d98c439030cea07 C:\windows\ehome\ehRecvr.exe MD5: 332feab1435662fc6c672e25beb37be3 C:\windows\Explorer.exe MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe MD5: 82a98d0eb83505529ad81e4c1fadc37d C:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll MD5: ab690cd34cf4b4e3ddf78fd4fbcf88c3 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll MD5: 773212b2aaa24c1e31f10246b15b276c C:\windows\servicing\TrustedInstaller.exe MD5: 3c3685c29eef909266f124a184f849e6 C:\windows\system32\api-ms-win-core-console-l1-1-0.dll MD5: 139590e1c420a439f23f261979a59bc4 C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll MD5: a2c23b02dc32aa8d3801b84fb54137a6 C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll MD5: 1697959965bc58308d046048a69e6c1e C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll MD5: 50a078c76d94014b61238f1118b6e02c C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll MD5: caf11064a276247fe9f30ab06c4f2f2c C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll MD5: d433e08b64837534afb786e454bab61e C:\windows\system32\api-ms-win-core-file-l1-1-0.dll MD5: 72d37545bc03b38537c3acc7fa8fca3a C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll MD5: 7978b487e3fbbc666a494ebecbfb26a9 C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll MD5: d7573a8d927b68f962bd0b5da6603eef C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll MD5: 1818ccee5cfc3fcc876f42643109f2c0 C:\windows\system32\api-ms-win-core-io-l1-1-0.dll MD5: b4fcce5ba0990ae78809379cb0c3873c C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll MD5: cbe6c675d3b10e48ef7b25a5ff07b46d C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll MD5: 4a01572d2030d49ceb0a319de0bff53c C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll MD5: c1fa7d1a6548037873c90d4eee34df2b C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll MD5: ec0a0e7b3537bb2912221d4933216727 C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll MD5: 73af314c216f08a1c97bc03ecad3a423 C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll MD5: 3b319cc2334ac0d15be25a5994065f13 C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll MD5: 0e3ceb4fce14af72fbaaae754a7c136a C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll MD5: 6b28d57a511929227ff1c8f412c1a3f9 C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll MD5: 2a1a2c962bb789ef8ee8cf8cb8f100c0 C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll MD5: bc24199038f4be63a1825cf168408120 C:\windows\system32\api-ms-win-core-string-l1-1-0.dll MD5: 63416d211d4b15fd841a21e508081f4c C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll MD5: 6f08cabf92af8fab3509dd9f313b83f9 C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll MD5: 1a208f0ceb6de90a7ee3d4469b3a88ba C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll MD5: 97188f405255248ac8316001411d9cc5 C:\windows\system32\api-ms-win-core-util-l1-1-0.dll MD5: 2b9b097c293696dbc473cef9f623c980 C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll MD5: 2330b3912a579f8a3feea001b79f6a11 C:\windows\system32\api-ms-win-security-base-l1-1-0.dll MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\windows\system32\apphelp.dll MD5: 088cf5b6380fb9002f2a4246f812225d C:\windows\system32\asycfilt.dll MD5: c940f2f5c60b3727c5f18840735b229c C:\windows\system32\AUDIOSES.DLL MD5: 560297f44935b93ef15e8c55f9816878 C:\windows\system32\bdmpega.acm MD5: ad7b9c14083b52bc532fba5948342b98 C:\windows\system32\cmd.exe MD5: d1de1eafde97be41cf6585027ff3e732 C:\windows\System32\comdlg32.dll MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\windows\system32\credssp.dll MD5: ca79539d3d4c0ba66f0f051a5ee5e923 C:\windows\system32\cryptnet.dll MD5: 96c0e38905cfd788313be8e11dae3f2f C:\windows\system32\cryptsvc.dll MD5: 28ca821606669bb9215ce010767720fa C:\windows\system32\cryptui.dll MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\windows\system32\cscapi.dll MD5: 35cede6439ff0d8903223a0817ffe46c C:\windows\system32\d2d1.dll MD5: 2de90400a63818fa38c4c5c9adb166bf C:\windows\system32\d3d10_1.dll MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\windows\system32\d3d10_1core.dll MD5: 78b7a3bda25c90daa50d36a56a8d1351 C:\windows\system32\D3D10Warp.dll MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\windows\system32\d3d9.dll MD5: 284b59d7b56fc76c80e622ab856b1fab C:\windows\system32\DavClnt.DLL MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\windows\system32\dbghelp.dll MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\windows\system32\dhcpcore.dll MD5: 81f6c1ae23b1c493d9e996c3103915d7 C:\windows\system32\dhcpcsvc6.DLL MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\windows\system32\DNSAPI.dll MD5: f5cf06754ae54d9d3353fc9c59bc4e04 C:\windows\System32\DRIVERS\papycpu2.sys MD5: b09a71e8e1e127455f3a2fe83d38851f C:\windows\System32\DRIVERS\papyjoy.sys MD5: a29d734f650f958424743be3baa052c8 C:\windows\system32\DWrite.dll MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\windows\system32\dxgi.dll MD5: 1060d60cca69a8136a87dbe3c8f4a467 C:\windows\system32\EhStorAPI.dll MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\windows\system32\explorer.exe MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\windows\system32\explorerframe.dll MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\windows\System32\fwpuclnt.dll MD5: 5466dcaef5a648e04d1b6580f2c901b5 C:\windows\system32\ieframe.dll MD5: f9d038a8c2bdc3ae2548150a7aed0f8a C:\windows\system32\IEUI.dll MD5: afcd28b2ae82bd2bed74ab320182282e C:\windows\system32\igd10umd32.dll MD5: 43cecd58e8e9be59dca4565040619203 C:\windows\system32\igdumd32.dll MD5: 72f4c9617260eb57e1e8945d23a13984 C:\windows\system32\igdumdx32.dll MD5: a6f09e5669d9a19035f6d942caa15882 C:\windows\system32\IMM32.DLL MD5: a90dc9abd65db1a8902f361103029952 C:\windows\system32\Iphlpapi.dll MD5: f2394835bb47efa3f8c0ee705af87cd8 C:\windows\system32\l3codecp.acm MD5: 8ea53101ff2b15bdff934b62a8fb326d C:\windows\system32\LOGONCLI.DLL MD5: 8bc9db92c4b2f3be89185beab2afc1f6 C:\windows\system32\mapi32.dll MD5: dc6612a9ee015a36ba2a27bc9cc12537 C:\windows\system32\MFC42.DLL MD5: 243974ec02f7ae49e4179c54624143ab C:\windows\System32\MMDevApi.dll MD5: 7f8678c59f188528d60104e697c2361e C:\windows\system32\mscms.dll MD5: d83947a58613e9091b4c9cc0f1546a8d C:\windows\system32\mscoree.dll MD5: e290e3fdf645df29d00d6368b9127e30 C:\windows\system32\msfeeds.dll MD5: 07f649cd36f266bbe33b814fa678aa43 C:\windows\system32\MSHTML.dll MD5: a6c29db53eca94fa8591c5388d604b82 C:\windows\system32\msi.dll MD5: eee470f2a771fc0b543bdeef74fceca0 C:\windows\system32\msiexec.exe MD5: 35aae2e841aa1a949775168e119482c9 C:\windows\system32\msls31.dll MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\windows\system32\mswsock.dll MD5: 1cdea9188899e76d4ffd54c9d512ccdb C:\windows\System32\msxml3.dll MD5: d9a9702e43a5859896f34898d5fd3fec C:\windows\System32\msxml6.dll MD5: 591fe0a6ceb19bf886ceb1331f591940 C:\windows\system32\ncrypt.dll MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\windows\system32\NetApi32.dll MD5: 20b3934db73eaba2b49b7177873cb81f C:\windows\system32\netutils.dll MD5: 3d57ffbad3ed16b63de3879bab0fb56f C:\windows\system32\NetworkExplorer.dll MD5: 0ba65122ffa7e37564ee86422dbf7ae8 C:\windows\system32\NLAapi.dll MD5: d7b7159bc8374e87d8c45a30377a3440 C:\windows\System32\ntlanman.dll MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\windows\system32\ntshrui.dll MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\windows\system32\ODBC32.dll MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\windows\system32\oleacc.dll MD5: 703ffd301ab900b047337c5d40fd6f96 C:\windows\system32\olepro32.dll MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\windows\system32\pla.dll MD5: e98278865e8daba21cfe5fe4be34210a C:\windows\system32\PortableDeviceApi.dll MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\windows\system32\propsys.dll MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\windows\system32\provsvc.dll MD5: 102cf6879887bbe846a00c459e6d4abc C:\windows\system32\RICHED20.dll MD5: b5506b451bfe7148eca7056bda2970bd C:\windows\system32\RICHED32.DLL MD5: 5997d769cdb108390dcfaebf442bf816 C:\windows\system32\RpcRtRemote.dll MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\windows\system32\rtutils.dll MD5: 68ecca523ed760aafc03c5d587569859 C:\windows\system32\samcli.dll MD5: 6581b52e133cc6d00661c58968c7e212 C:\windows\system32\SearchFolder.dll MD5: 236f286e103fd44bd85fdd93097fd5dd C:\windows\system32\SearchIndexer.exe MD5: f93674263f6b07c77956e966953242d9 C:\windows\system32\Secur32.dll MD5: 4ae380f39a0032eab7dd953030b26d28 C:\windows\system32\sessenv.dll MD5: be247ae996a9fde007a27b51413a6c79 C:\windows\System32\shdocvw.dll MD5: 414da952a35bf5d50192e28263b40577 C:\windows\System32\shsvcs.dll MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\windows\system32\srvcli.dll MD5: 6a1e8deb746912df47cf651e138401d7 C:\windows\System32\StructuredQuery.dll MD5: ecdb182f885292145826c58252b53000 C:\windows\System32\svchost.exe MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\windows\system32\SXS.DLL MD5: 6b140b1382f1fe04ba57b196aeb19725 C:\windows\system32\T2EMBED.DLL MD5: 613bf4820361543956909043a265c6ac C:\windows\System32\tapisrv.dll MD5: 954ea9b34f155c844b11f4047a8f6f89 C:\windows\system32\upnp.dll MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\windows\system32\USERENV.dll MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 C:\windows\system32\userinit.exe MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\windows\system32\wbem\fastprox.dll MD5: 704314fd398c81d5f342caa5df7b7f21 C:\windows\system32\wbemcomn.dll MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\windows\System32\wcncsvc.dll MD5: d205c24a9d069049fe2df2a1b38726a7 C:\windows\system32\wdmaud.drv MD5: a9d880f97530d5b8fee278923349929d C:\windows\System32\webclnt.dll MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\windows\system32\webio.dll MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\windows\system32\WindowsCodecs.dll MD5: ca9f7888b524d8100b977c81f44c3234 C:\windows\system32\WINHTTP.dll MD5: d5aefad57c08349a4393d987df7c715d C:\windows\system32\winmm.dll MD5: 9419abf3163b6f0e3ad3dd2b381c879f C:\windows\system32\WinSCard.dll MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\windows\system32\winspool.drv MD5: 418e881201583a3039d81f43e39e6c78 C:\windows\system32\WINSTA.dll MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\windows\system32\wkscli.dll MD5: a8cdf3768604ff95b54669e20053d569 C:\windows\system32\WSCAPI.dll MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\windows\system32\WsmSvc.dll MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\windows\system32\wtsapi32.dll MD5: edf2a5e96bec469da3f64e9bdd386111 C:\windows\system32\XmlLite.dll MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\SysWOW64\actxprxy.dll MD5: 95e2376b3323f062eb562b8586d0f14a C:\windows\syswow64\ADVAPI32.dll MD5: f436e847fa799ecd75ad8c313673f450 C:\windows\syswow64\CFGMGR32.dll MD5: d1de1eafde97be41cf6585027ff3e732 C:\windows\syswow64\comdlg32.dll MD5: 60d21799a4af4edce65fb98830e4b0c8 C:\windows\syswow64\CRYPT32.dll MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\windows\syswow64\DEVOBJ.dll MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll MD5: 19bc13711ac403feb830522e4831701b C:\Windows\SysWOW64\gameux.dll MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\windows\syswow64\GDI32.dll MD5: 5466dcaef5a648e04d1b6580f2c901b5 C:\Windows\SysWOW64\ieframe.dll MD5: 780e80e5502015edaec91dc0a0c96a79 C:\windows\syswow64\iertutil.dll MD5: 6f1e7ea743f00c0d3a534183ef5a7466 C:\windows\SysWOW64\igfxexps32.DLL MD5: b2db6aba2e292235749b80a9c3dfa867 C:\windows\syswow64\imagehlp.dll MD5: a6f09e5669d9a19035f6d942caa15882 C:\windows\syswow64\IMM32.dll MD5: 0a866897039e42df8080be5dd83bc8e0 C:\Windows\SysWOW64\jscript.dll MD5: a3fa99a16f10d44edb7a8c340fa2ee1b C:\Windows\SysWOW64\jscript9.dll MD5: d4f3176082566cefa633b4945802d4c4 C:\windows\syswow64\KERNEL32.dll MD5: 0978c2b33bdd0a7e6c563aa337dc8ba0 C:\windows\syswow64\KERNELBASE.dll MD5: 7e57b6d3d74cb9ef3055ba4e89f038d4 C:\windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_146.ocx MD5: 424877cb9d5517f980ff7baca2eb379d C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe MD5: 9ac863fd5976316c29d4cb5e4c9efd9c C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll MD5: 938f39b50bafe13d6f58c7790682c010 C:\windows\syswow64\MSASN1.dll MD5: 07f649cd36f266bbe33b814fa678aa43 C:\Windows\SysWOW64\mshtml.dll MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\windows\syswow64\msvcrt.dll MD5: 2c82d753ef779945977c82a3908da20a C:\windows\SysWOW64\npDeployJava1.dll MD5: e73b0f1819602cb6ef176fb78d76a47b C:\windows\SysWOW64\ntdll.dll MD5: 928cf7268086631f54c3d8e17238c6dd C:\windows\syswow64\ole32.dll MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\windows\syswow64\OLEAUT32.dll MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\windows\syswow64\RPCRT4.dll MD5: 3d3cbd1847f980fb03343a63671e7886 C:\windows\SysWOW64\schannel.dll MD5: 10fb16b50affda6d44588f3c445dc273 C:\windows\syswow64\SETUPAPI.dll MD5: 29e9794708df51db5dc89fb2e903a0f6 C:\windows\syswow64\SHELL32.dll MD5: 8cc3c111d653e96f3ea1590891491d71 C:\windows\syswow64\SHLWAPI.dll MD5: eda7ad21df8945528f01f0a86d69e524 C:\windows\syswow64\SspiCli.dll MD5: 672d7c5080acb003343006405da2e621 C:\Windows\SysWOW64\thumbcache.dll MD5: 4266a3230981dd4434c55957f6dd497d C:\windows\syswow64\urlmon.dll MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\windows\syswow64\USER32.dll MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\windows\syswow64\USP10.dll MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\SysWOW64\wer.dll MD5: 7fa3a810f383588d46220967de8b64ff C:\windows\syswow64\WININET.dll MD5: 17448af0bba9e7ab5ec955af93f271bd C:\windows\syswow64\wintrust.dll MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\windows\syswow64\WLDAP32.dll MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\windows\syswow64\WS2_32.dll MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\SysWOW64\XmlLite.dll MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll MD5: c9564cf4976e7e96b4052737aa2492b4 C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll MD5: cdbe9690cf2b8409facad94fac9479c9 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll MD5: ca6ade4f7761bb15b3325356dc3b82bb C:\windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll MD5: 352b3dc62a0d259a82a052238425c872 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll MD5: 7717f84f483002815490033bf069dabd C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll No file uploaded. Scan finished - communication took 3 sec Total traffic - 0.02 MB sent, 1.20 KB recvd Scanned 501 files and modules - 116 seconds ==============================================================================

RSIT info.txt info.txt logfile of random's system information tool 1.09 2013-01-09 17:58:02 ======Uninstall list====== Leawo Video Converter version 5.1.0.0-->"C:\Program Files (x86)\Leawo\Video Converter\unins000.exe" Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} -->"C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F}\Best Buy pc app Setup.exe" REMOVE=TRUE MODIFY=FALSE -->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE Acquia Dev Desktop-->C:\Program Files (x86)\acquia-drupal\uninstall.exe Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E} Adobe Flash Player 11 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin Adobe Reader X (10.1.4) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001} Angry Birds Rio-->MsiExec.exe /I{E0B3F290-186B-46C8-BA95-F3D6542C2407} Angry Birds Space-->MsiExec.exe /I{45FFEC16-0615-47E2-8B70-CBAFD31D820C} Angry Birds-->MsiExec.exe /I{73AD5A08-FCFE-44EA-9436-3F7BEAF60049} Apple Application Support-->MsiExec.exe /I{EB879750-CCBD-4013-BFD5-0294D4DA5BD0} Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} Audacity 2.0-->"C:\Program Files (x86)\Audacity\unins000.exe" avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup Bandicam-->"C:\Program Files (x86)\Bandicam\uninstall.exe" Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe" Bejeweled 3-->"C:\windows\Bejeweled 3\uninstall.exe" "/U:C:\Program Files (x86)\Bejeweled 3\Uninstall\uninstall.xml" Best Buy Connect-->MsiExec.exe /X{B435FD87-CA14-45E3-9D0B-A30F1F9F3866} Best Buy pc app-->C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F}\Best Buy pc app Setup.exe BitTorrent-->"C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /UNINSTALL Camtasia Studio 8-->MsiExec.exe /I{DB93E2C2-851F-44B2-B09C-351D2C624AE1} Corel WinDVD-->MsiExec.exe /X{5C1F18D2-F6B7-4242-B803-B5A78648185D} D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{99F50845-55E3-4E06-9A5A-17D37F4D4FB9}" "1033" "0" Drush-->MsiExec.exe /I{AB5B1162-D4DE-4C59-BAB3-020B2323AF98} erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564} FFmpeg v0.6.2 for Audacity-->"C:\Program Files (x86)\Ffmpeg For Audacity\unins000.exe" FileZilla Client 3.5.3-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe Freemake Video Converter version 3.1.2-->"C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe" FreeStar Free AMR MP3 Converter 1.0.5-->C:\Program Files (x86)\freestar\amr2mp3\uninst.exe GamesBar 2.0.1.55-->C:\Program Files (x86)\GamesBar\uninst.exe Git version 1.7.7.1-preview20111027-->"C:\Program Files (x86)\Git\unins000.exe" GnuWin32: Gzip-1.3.12-1-->"C:\Program Files (x86)\GnuWin32\uninstall\unins000.exe" GnuWin32: LibArchive-2.4.12-1-->"C:\Program Files (x86)\GnuWin32\uninstall\unins001.exe" GnuWin32: Wget-1.11.4-1-->"C:\Program Files (x86)\GnuWin32\uninstall\unins003.exe" Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Earth-->MsiExec.exe /X{28E82311-8616-11E1-BEB0-B8AC6F97B88E} Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe" /uninstall Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe" Intel PROSet Wireless-->Intel PROSet Wireless Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall Intel® WiDi-->MsiExec.exe /X{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32} Internet TV for Windows Media Center-->MsiExec.exe /X{9D318C86-AF4C-409F-A6AC-7183FF4CF424} IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217009FF} Java™ 6 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF} JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} K-Lite Codec Pack 7.9.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe" Label@Once 1.0-->MsiExec.exe /I{0D795777-9D60-4692-8386-F2B3F2B5E5BF} LAME v3.99.3 (for Windows)-->"C:\Program Files (x86)\Lame For Audacity\unins000.exe" Lock On: Modern Air Combat-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}\setup.exe" -l0x9 Logitech SetPoint-->"C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l1033 -removeonly lotusgarden_3333241 Screen Saver-->C:\windows\system32\lotusgarden_3333241.scr /u LUXOR 5th Passage-->C:\Program Files (x86)\MumboJumbo\LUXOR 5th Passage\uninstall.exe LUXOR 5th Passage LUXOR Adventures-->C:\Program Files (x86)\MumboJumbo\LUXOR Adventures\uninstall.exe LUXOR Adventures LUXOR Mahjong-->C:\Program Files (x86)\MumboJumbo\LUXOR Mahjong\uninstall.exe LUXOR Mahjong MahJong Suite 2010 Delux v7.1-->"C:\Program Files (x86)\MahJong Suite\unins000.exe" Malwarebytes Anti-Malware version 1.70.0.1100-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Meka MP3 Album Artwork Tool-->MsiExec.exe /I{566D66BF-BF53-4FA7-91C5-F419A37F7248} Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Microsoft Conferencing Add-in for Microsoft Office Outlook-->MsiExec.exe /I{13BEAC7C-69C1-4A9E-89A3-D5F311DE2B69} Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-0000-0000000FF1CE}" "{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0116-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0" Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0117-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0" Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE} Microsoft Office Home and Business 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL Microsoft Office Live Meeting 2007-->MsiExec.exe /I{E30E7561-A466-4393-B8BF-FD93E733EF3C} Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE} Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {4B4DF6E2-5E40-422B-82DD-205FD7E79226} Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0017-0409-0000-0000000FF1CE} /uninstall {C00A9857-850C-4C68-A583-2EF4F24706F5} Microsoft Office SharePoint Designer 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall SHAREPOINTDESIGNER /dll OSETUP.DLL Microsoft Office SharePoint Designer 2007-->MsiExec.exe /X{90120000-0017-0000-0000-0000000FF1CE} Microsoft Office SharePoint Designer MUI (English) 2007-->MsiExec.exe /X{90120000-0017-0409-0000-0000000FF1CE} Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Midnight Club II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F3856E7C-AD71-48E1-9A95-6D7E7FCB164A}\Setup.exe" -l0x9 mIRC-->C:\Program Files (x86)\mIRC\uninstall.exe _?=C:\Program Files (x86)\mIRC Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" Mp3tag v2.53-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} MySQL Workbench 5.2 CE-->MsiExec.exe /I{1D803D4F-CE1E-4282-B4F2-0FCF28E68BCD} NASCAR® Racing 2003 Season-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ACC2E059-40E9-4464-B18D-C9BDD9A02CED}\SETUP.exe" -l0x9 -uninst Need for Speed Underground 2-->"C:\Users\Bob Ingham\AppData\Roaming\Need for Speed Underground 2\Uninstall\unins000.exe" NetBeans IDE 7.1-->"C:\Program Files (x86)\NetBeans 7.1\uninstall.exe" Netflix in Windows Media Center-->MsiExec.exe /X{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6} nGlide 1.00-->"C:\windows\SysWOW64\nglide_uninst.exe" Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U Pinnacle Game Profiler-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}\Setup.exe" -l0x9 PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61} Prison Tycoon Alcatraz-->"C:\Program Files (x86)\Valusoft\Prison Tycoon Alcatraz\Uninstall.exe" Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0409 -removeonly Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996} Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly Safari-->MsiExec.exe /I{C779648B-410E-4BBA-B75B-5815BCEFE71D} Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{73CC972E-6ABF-456B-9E1E-BADC0E65B57A}" "1033" "0" Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{D267D0F7-9770-467D-ACF3-FB2F7E0AC532}" "1033" "0" Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9} Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46} Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75} Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391} Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C} Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36} Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7} Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5} Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1033" "0" Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1033" "0" Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1033" "0" Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{CC39BA1F-7A25-440C-86A7-77E35D8CC88C}" "1033" "0" Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1033" "0" Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{54A1B66B-F5B2-45AD-8B19-5F51A027A1B9}" "1033" "0" Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B5489515-6DD4-47A5-AE4E-64751D15F10E}" "1033" "0" Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{9FF4E0C9-11BB-4B32-AC5E-EAB896CB4216}" "1033" "0" Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A5E549EB-FDD3-4CD1-8163-50D429A36516}" "1033" "0" Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{61461470-8168-4F4B-97B7-617AF354F028}" "1033" "0" Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{0A682BA4-3C78-42C3-8DDF-EB9A6ABE5535}" "1033" "0" Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F8243081-3FB0-4EE8-9B2A-6F7D70AF5269}" "1033" "0" Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053} System Requirements Lab CYRI-->MsiExec.exe /I{E5F05232-96B6-4552-A480-785A60A94B21} System Requirements Lab Detection-->MsiExec.exe /X{A407FC22-36BF-4C82-A516-59D94BC505A9} Tar-1.13 Binaries (GnuWin32)-->"C:\Program Files (x86)\GnuWin32\uninstall\unins002.exe" TOSHIBA Application Installer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}\setup.exe" -l0x9 -removeonly TOSHIBA Assist-->C:\Program Files (x86)\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -removeonly Toshiba Book Place-->MsiExec.exe /X{A14962A7-2B7D-456E-BFCD-F54E3A88D41F} TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Flash Cards Support Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409 TOSHIBA Flash Cards Support Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Hardware Setup-->"C:\Program Files (x86)\InstallShield Installation Information\{5279374D-87FE-4879-9385-F17278EBB9D3}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Hardware Setup-->MsiExec.exe /I{5279374D-87FE-4879-9385-F17278EBB9D3} TOSHIBA Media Controller Plug-in-->MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0} TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -removeonly TOSHIBA Quality Application-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E69992ED-A7F6-406C-9280-1C156417BC49}\setup.exe" -l0x9 -removeonly TOSHIBA Recovery Media Creator-->C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Resolution+ Plug-in for Windows Media Player-->"C:\Program Files (x86)\InstallShield Installation Information\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Service Station-->C:\Program Files (x86)\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly TOSHIBA Sleep Utility-->C:\Program Files (x86)\InstallShield Installation Information\{654F7484-88C5-46DC-AB32-C66BCB0E2102}\Setup.exe -runfromtemp -removeonly TOSHIBA Supervisor Password-->"C:\Program Files (x86)\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409 TOSHIBA Supervisor Password-->"C:\Program Files (x86)\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe TOSHIBA VIDEO PLAYER-->C:\Program Files (x86)\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly TOSHIBA Web Camera Application-->"C:\Program Files (x86)\InstallShield Installation Information\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\setup.exe" -runfromtemp -l0x0409 -removeonly TOSHIBA Web Camera Application-->MsiExec.exe /I{6F3C8901-EBD3-470D-87F8-AC210F6E5E02} TOSHIBA Wireless Display Monitor-->MsiExec.exe /X{617773AE-ADBA-4479-BB04-65FE7758B35C} TOSHIBA Wireless LAN Indicator-->MsiExec.exe /X{5B01BCB7-A5D3-476F-AF11-E515BA206591} TOSHIBARegistration-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5AF550B4-BB67-4E7E-82F1-2C4300279050}\setup.exe" -l0x9 -removeonly Total Validator Tool-->C:\Program Files (x86)\TotalValidatorTool\uninstall.exe UGS NX 7.5-->MsiExec.exe /I{66BE05E7-4FA4-49C7-9BF4-44A522DEE57B} UGSLicensing-->MsiExec.exe /X{B40EED7A-63D4-4ED2-910D-9A64FF94DF22} Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42} Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C} Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C} Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1033" "0" Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1033" "0" Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1033" "0" Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1033" "0" Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{73E67A3A-8D61-44EF-90C2-1697C3DBE668}" "1033" "0" Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1033" "0" Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1033" "0" Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{C4F26A9B-B121-4135-8084-A0D9C780C7C8}" "1033" "0" Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{460FF681-BC66-4C38-99DF-7012E03F1EBA}" "1033" "0" Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{C633216E-FF30-45B6-B2AB-21922A9353EF}" "1033" "0" Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1033" "0" Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1033" "0" Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C} Update for Microsoft Office Sharepoint Designer 2007 Help (KB963675)-->msiexec /package {90120000-0017-0409-0000-0000000FF1CE} /uninstall {9A9DF47B-DB4B-485D-8211-7430ABEC5259} Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{9865DC3A-2898-48D9-B96A-46397571C934}" "1033" "0" Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}" "1033" "0" Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}" "1033" "0" Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{47894754-0FEC-4920-9A65-6C1E732587AC}" "1033" "0" Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{326F9E80-FE16-4D2A-827A-4EE1A87B1CE8}" "1033" "0" Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}" "1033" "0" Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1033" "0" Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{5DA2D071-A54C-47C0-83E5-43C63DBFD936}" "1033" "0" Utility Common Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}\setup.exe" -runfromtemp -l0x0409 -removeonly Utility Common Driver-->MsiExec.exe /I{12688FD7-CB92-4A5B-BEE4-5C8E0574434F} VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe WampServer 2.2-->"c:\wamp\unins000.exe" WebEx-->C:\PROGRA~3\WebEx\atcliun.exe Window Washer-->C:\windows\Unwash6.exe Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923} Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441} Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24} Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E} Windows Media Center Add-in for Flash-->MsiExec.exe /X{E2D09AC2-4153-4817-AAEB-24F92A8BCE88} Wise Registry Cleaner 7.62-->"C:\Program Files (x86)\Wise\Wise Registry Cleaner\unins000.exe" Xenu's Link Sleuth-->C:\Program Files (x86)\Xenu\uninst.exe Xvid Video Codec-->C:\Program Files (x86)\Xvid\uninstall.exe Yahoo! Install Manager-->C:\windows\system32\regsvr32 /u C:\PROGRA~2\Yahoo!\Common\YINSTH~1.DLL Yahoo! Internet Mail-->C:\windows\system32\regsvr32 /u /s C:\PROGRA~2\Yahoo!\Common\YMMAPI.dll Yahoo! Mail Advisor-->C:\PROGRA~2\Yahoo!\Common\UNINST~1.EXE Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG Yahoo! Software Update-->C:\PROGRA~2\Yahoo!\SOFTWA~1\UNINST~1.EXE Yahoo! Toolbar-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE Yammer-->msiexec /qb /x {A81EB5BC-F764-308A-B979-0F8F078DAB29} Yammer-->MsiExec.exe /I{A81EB5BC-F764-308A-B979-0F8F078DAB29} ======Hosts File====== 127.0.0.1 new.localhost 127.0.0.1 week_3.localhost 127.0.0.1 views.localhost 127.0.0.1 week_6.localhost 127.0.0.1 week_7_theming.localhost 127.0.0.1 week8_panels.localhost 127.0.0.1 week_8_context_module.localhost 127.0.0.1 philly_station_test.localhost 127.0.0.1 week_9_extras.localhost 127.0.0.1 drupaltest.localhost ======Environment variables====== "asl.log"=Destination=file "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "NUMBER_OF_PROCESSORS"=8 "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\ProgramData\Propeople\Drush;C:\Program Files (x86)\GnuWin32\bin;C:\wamp\bin\php\php5.3.8;C:\wamp\bin\mysql\mysql5.5.16\bin;C:\Program Files\SlikSvn\bin;C:\bin "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_LEVEL"=6 "PROCESSOR_REVISION"=2a07 "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "UGII_BASE_DIR"=C:\Program Files (x86)\UGS\NX 7.5 "UGII_CAST_HTML_DIR"=C:\Program Files (x86)\UGS\NX 7.5\nxcast\html "UGII_CAST_HTML_URL"=C:\Program Files (x86)\UGS\NX 7.5\nxcast\html\index.html "UGII_LANG"=english "UGII_ROOT_DIR"=C:\Program Files (x86)\UGS\NX 7.5\UGII\ "UGS_LICENSE_SERVER"=28000@bobingham-pc "USERNAME"=SYSTEM "VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\ "windir"=%SystemRoot% "windows_tracing_flags"=3 "windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log "RGSCLauncher"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club "RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0 -----------------EOF----------------- Security Check checkup.txt (had pop-up error msg while running) Results of screen317's Security Check version 0.99.56 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware version 1.70.0.1100 Wise Registry Cleaner 7.62 Java™ 6 Update 25 Java 7 Update 9 Adobe Flash Player 11.5.502.146 Adobe Reader 10.1.4 Adobe Reader out of Date! Mozilla Firefox (17.0.1) Google Chrome 19.0.1084.46 Google Chrome 19.0.1084.52 Google Chrome 22.0.1229.94 Google Chrome 23.0.1271.64 Google Chrome 23.0.1271.91 Google Chrome 23.0.1271.95 Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: 1% ````````````````````End of Log``````````````````````

Hello Maurice! I'm glad you have selected my issue. Okay, the CBS.log has over 111 pages of information, so unless you instruct me to copy and paste it here, I'll skip that one, as you probably don't need it. With that said, here are the rest of the reports: RSIT log.txt Logfile of random's system information tool 1.09 (written by random/random) Run by Bob Ingham at 2013-01-09 17:57:47 WIN_7 Service Pack 1 System drive C: has 221 GB (32%) free of 698 GB Total RAM: 6052 MB (22% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 5:57:57 PM, on 1/9/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\Webroot\Washer\wwDisp.exe C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Yammer\Yammer.exe C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Program Files (x86)\Xpadder.v2012.01.19\Xpadder.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Bob Ingham\Downloads\RSIT.exe C:\Program Files (x86)\trend micro\Bob Ingham.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo....intl=us&.src=ym R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60 O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Window Washer] C:\Program Files (x86)\Webroot\Washer\wwDisp.exe O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?') O4 - HKUS\S-1-5-21-63780027-3872983175-906021891-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?') O4 - HKUS\S-1-5-21-63780027-3872983175-906021891-1000\..\Run: [Window Washer] C:\Program Files (x86)\Webroot\Washer\wwDisp.exe (User '?') O4 - HKUS\S-1-5-21-63780027-3872983175-906021891-1000\..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex (User '?') O4 - S-1-5-21-63780027-3872983175-906021891-1000 Startup: Dropbox.lnk = Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?') O4 - S-1-5-21-63780027-3872983175-906021891-1000 Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (User '?') O4 - S-1-5-21-63780027-3872983175-906021891-1000 Startup: Yammer.lnk = C:\Program Files (x86)\Yammer\Yammer.exe (User '?') O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user') O4 - Startup: Dropbox.lnk = Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE O4 - Startup: Yammer.lnk = C:\Program Files (x86)\Yammer\Yammer.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - Trusted Zone: http://*.rideau.ubuntu O15 - Trusted Zone: http://*.ubuntu O15 - Trusted IP range: http://192.168.1.105 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://akamaicdn.we...nt/ieatgpc1.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE}: NameServer = 0.0.0.0 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Flexlm Service 1 - Acresso Software Inc. - C:\Program Files (x86)\UGS\NX 7.5\UGFLEXLM\lmgrd.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - PowerUp Software, LLC - C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing) O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing) O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel® Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe O23 - Service: XMail Server (XMail) - Unknown owner - C:\Program Files (x86)\acquia-drupal\xmail\XMail.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 21292 bytes ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job =========Mozilla firefox========= ProfilePath - C:\Users\Bob Ingham\AppData\Roaming\Mozilla\Firefox\Profiles\5jxx2mm3.default prefs.js - "browser.startup.homepage" - "https://www.google.com/" "wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF "fmconverter@gmail.com"=C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.146 Plugin "Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0] "Description"= "Path"=C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2] "Description"=Java™ Deployment Toolkit "Path"=C:\windows\SysWOW64\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] "Description"=Yahoo Messenger State Plugin "Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=C:\windows\system32\Wat\npWatWeb.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] "Description"=WLPG Install MIME type "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files (x86)\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\searchplugins\ amazondotcom.xml bing.xml eBay.xml google.xml twitter.xml WebSearchober515661.xml wikipedia.xml yahoo.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}] &Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-17 2018104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-06 449512] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-09 192144] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-06 155384] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}] TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12 534400] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}] SingleInstance Class - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-17 166712] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-17 2018104] {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736] {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-09 192144] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2010-11-09 532480] "HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2011-03-10 423936] "KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2010-08-16 34160] "TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-04 252792] "ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-11 1298816] "avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008] "YMailAdvisor"=C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe [2009-05-08 174424] "APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-09-02 39408] "Messenger (Yahoo!)"=C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2011-08-22 6276408] "Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192] "Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168] "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408] "Window Washer"=C:\Program Files (x86)\Webroot\Washer\wwDisp.exe [2011-04-20 1633680] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "FlashPlayerUpdate"=C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe [2012-12-12 697272] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Logitech SetPoint.lnk - C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe C:\Users\Bob Ingham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup Dropbox.lnk - C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE Yammer.lnk - C:\Program Files (x86)\Yammer\Yammer.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=221 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=l3codecp.acm "vidc.cvid"=iccvid.dll "msacm.siren"=sirenacm.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "vidc.XVID"=xvidvfw.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "vidc.tscc"=C:\windows\SysWOW64\tsccvid.dll "vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec32.dll "vidc.mjpg"=bdmjpeg.dll "vidc.mpeg"=bdmpegv.dll "msacm.bdmpeg"=bdmpega.acm ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-01-09 17:57:47 ----D---- C:\rsit 2013-01-08 16:39:55 ----D---- C:\Program Files (x86)\Trend Micro 2013-01-08 14:44:03 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Wise Registry Cleaner 2013-01-08 14:42:44 ----D---- C:\Program Files (x86)\Wise 2013-01-08 10:17:39 ----D---- C:\perflogs 2013-01-07 17:15:02 ----D---- C:\Program Files (x86)\Bandicam 2013-01-07 17:14:56 ----D---- C:\Program Files (x86)\BandiMPEG1 2013-01-05 18:04:32 ----D---- C:\Program Files (x86)\QuickTime 2013-01-05 18:04:16 ----D---- C:\Program Files (x86)\Common Files\TechSmith Shared 2013-01-05 18:04:02 ----D---- C:\Program Files (x86)\TechSmith 2013-01-05 17:44:26 ----D---- C:\Users\Bob Ingham\AppData\Roaming\TechSmith 2013-01-05 17:39:43 ----D---- C:\ProgramData\TechSmith 2013-01-04 15:20:15 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Malwarebytes 2013-01-04 15:19:43 ----D---- C:\ProgramData\Malwarebytes 2013-01-04 15:19:41 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-12-30 14:47:55 ----N---- C:\windows\SysWOW64\lotusgarden_3333241.scr 2012-12-30 14:47:55 ----D---- C:\ProgramData\Screentime 2012-12-27 03:03:53 ----D---- C:\Program Files (x86)\Papyrus 2012-12-26 14:57:31 ----D---- C:\Program Files (x86)\Mozilla Firefox 2012-12-23 13:47:18 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Valusoft 2012-12-23 13:46:16 ----D---- C:\Program Files (x86)\Valusoft 2012-12-21 03:01:30 ----A---- C:\windows\SysWOW64\atmlib.dll 2012-12-21 03:01:19 ----A---- C:\windows\SysWOW64\atmfd.dll 2012-12-18 13:59:09 ----RA---- C:\windows\SysWOW64\MSXML.DLL 2012-12-18 13:55:53 ----D---- C:\Program Files (x86)\Ubisoft 2012-12-16 16:31:14 ----D---- C:\Users\Bob Ingham\AppData\Roaming\fltk.org 2012-12-16 16:31:14 ----D---- C:\ProgramData\fltk.org 2012-12-16 16:29:31 ----D---- C:\Users\Bob Ingham\AppData\Roaming\flightgear.org 2012-12-16 16:29:30 ----D---- C:\ProgramData\flightgear.org 2012-12-16 16:29:25 ----D---- C:\Program Files (x86)\OpenAL 2012-12-16 16:29:24 ----A---- C:\windows\SysWOW64\wrap_oal.dll 2012-12-16 16:29:24 ----A---- C:\windows\SysWOW64\OpenAL32.dll 2012-12-15 14:24:34 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Need for Speed Underground 2 2012-12-15 14:20:37 ----D---- C:\Program Files (x86)\R.G. Mechanics 2012-12-13 14:44:21 ----A---- C:\windows\SysWOW64\drivers\papyjoy.sys 2012-12-13 14:44:20 ----A---- C:\windows\SysWOW64\drivers\papycpu2.sys 2012-12-13 14:37:39 ----A---- C:\windows\Sierra.ini 2012-12-12 14:33:21 ----D---- C:\Program Files (x86)\UEFI WinFlash 2012-12-12 03:03:11 ----A---- C:\windows\SysWOW64\vbscript.dll 2012-12-12 03:03:11 ----A---- C:\windows\SysWOW64\mshtmled.dll 2012-12-12 03:03:11 ----A---- C:\windows\SysWOW64\ieui.dll 2012-12-12 03:03:10 ----A---- C:\windows\SysWOW64\url.dll 2012-12-12 03:03:10 ----A---- C:\windows\SysWOW64\ieUnatt.exe 2012-12-12 03:03:09 ----A---- C:\windows\SysWOW64\urlmon.dll 2012-12-12 03:03:07 ----A---- C:\windows\SysWOW64\wininet.dll 2012-12-12 03:03:07 ----A---- C:\windows\SysWOW64\msfeeds.dll 2012-12-12 03:03:05 ----A---- C:\windows\SysWOW64\jscript9.dll 2012-12-12 03:03:05 ----A---- C:\windows\SysWOW64\jscript.dll 2012-12-12 03:03:04 ----A---- C:\windows\SysWOW64\iertutil.dll 2012-12-12 03:03:03 ----A---- C:\windows\SysWOW64\jsproxy.dll 2012-12-12 03:03:01 ----A---- C:\windows\SysWOW64\mshtml.dll 2012-12-12 03:02:57 ----A---- C:\windows\SysWOW64\ieframe.dll 2012-12-11 14:16:01 ----A---- C:\windows\SysWOW64\tzres.dll 2012-12-11 14:15:22 ----A---- C:\windows\SysWOW64\kernel32.dll 2012-12-11 14:15:21 ----A---- C:\windows\SysWOW64\KernelBase.dll 2012-12-11 14:15:20 ----A---- C:\windows\SysWOW64\setup16.exe 2012-12-11 14:15:19 ----AH---- C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2012-12-11 14:15:19 ----A---- C:\windows\SysWOW64\wow32.dll 2012-12-11 14:15:19 ----A---- C:\windows\SysWOW64\ntvdm64.dll 2012-12-11 14:15:19 ----A---- C:\windows\SysWOW64\instnm.exe 2012-12-11 14:15:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2012-12-11 14:15:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2012-12-11 14:15:16 ----AH---- C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2012-12-11 14:15:15 ----AH---- C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2012-12-11 14:15:15 ----AH---- C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2012-12-11 14:15:14 ----AH---- C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2012-12-11 14:15:14 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2012-12-11 14:15:13 ----AH---- C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2012-12-11 14:15:12 ----AH---- C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2012-12-11 14:15:11 ----AH---- C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2012-12-11 14:15:11 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2012-12-11 14:15:10 ----AH---- C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2012-12-11 14:15:10 ----AH---- C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2012-12-11 14:15:09 ----AH---- C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2012-12-11 14:15:08 ----AH---- C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2012-12-11 14:15:08 ----AH---- C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2012-12-11 14:15:07 ----AH---- C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2012-12-11 14:15:06 ----AH---- C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2012-12-11 14:15:05 ----AH---- C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2012-12-11 14:15:04 ----AH---- C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2012-12-11 14:15:03 ----AH---- C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2012-12-11 14:15:03 ----AH---- C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2012-12-11 14:15:03 ----AH---- C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2012-12-11 14:15:02 ----AH---- C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2012-12-11 14:15:02 ----AH---- C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2012-12-11 14:15:01 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2012-12-11 14:14:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2012-12-11 14:14:57 ----A---- C:\windows\SysWOW64\user.exe 2012-12-11 14:14:11 ----A---- C:\windows\SysWOW64\dpnet.dll 2012-12-11 14:01:42 ----D---- C:\Program Files (x86)\Xpadder.v2012.01.19 2012-12-10 16:52:20 ----D---- C:\ProgramData\BDJ ======List of files/folders modified in the last 1 month====== 2013-01-09 17:57:53 ----D---- C:\windows\Temp 2013-01-09 17:57:04 ----D---- C:\Users\Bob Ingham\AppData\Roaming\BitTorrent 2013-01-09 17:40:47 ----D---- C:\windows\SysWOW64 2013-01-09 17:40:33 ----A---- C:\windows\SysWOW64\FlashPlayerApp.exe 2013-01-09 14:50:01 ----D---- C:\windows\winsxs 2013-01-09 10:43:04 ----SHD---- C:\windows\Installer 2013-01-09 10:39:31 ----SHD---- C:\System Volume Information 2013-01-09 10:37:21 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Skype 2013-01-08 17:35:38 ----D---- C:\windows\Prefetch 2013-01-08 16:39:55 ----SHD---- C:\Config.Msi 2013-01-08 16:39:55 ----RD---- C:\Program Files (x86) 2013-01-08 15:02:13 ----A---- C:\windows\SysWOW64\log.txt 2013-01-08 15:00:47 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Dropbox 2013-01-08 04:48:40 ----A---- C:\windows\SysWOW64\zlib.dll 2013-01-07 17:15:00 ----D---- C:\windows\System32 2013-01-05 18:04:16 ----D---- C:\Program Files (x86)\Common Files 2013-01-05 17:39:43 ----HD---- C:\ProgramData 2013-01-04 14:02:29 ----D---- C:\Program Files (x86)\Common Files\microsoft shared 2013-01-03 16:49:16 ----D---- C:\Program Files (x86)\BitTorrent 2013-01-02 13:21:31 ----D---- C:\Users\Bob Ingham\AppData\Roaming\dvdcss 2012-12-29 13:46:48 ----D---- C:\windows\inf 2012-12-29 13:39:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service 2012-12-27 03:04:26 ----HD---- C:\Program Files (x86)\InstallShield Installation Information 2012-12-27 03:03:05 ----D---- C:\Program Files (x86)\Common Files\InstallShield 2012-12-26 12:31:07 ----D---- C:\Program Files (x86)\Rockstar Games 2012-12-25 02:18:55 ----AD---- C:\Windows 2012-12-25 02:18:15 ----D---- C:\windows\Tasks 2012-12-25 02:18:13 ----D---- C:\Users\Bob Ingham\AppData\Roaming\vlc 2012-12-25 02:17:57 ----D---- C:\windows\registration 2012-12-24 12:09:27 ----RD---- C:\Program Files (x86)\Skype 2012-12-21 10:08:15 ----D---- C:\windows\rescache 2012-12-18 16:32:25 ----D---- C:\windows\Resources 2012-12-16 16:18:21 ----RD---- C:\Program Files 2012-12-13 14:44:22 ----D---- C:\windows\SysWOW64\drivers 2012-12-13 11:45:19 ----D---- C:\Program Files (x86)\SystemRequirementsLab 2012-12-12 03:13:41 ----D---- C:\windows\SysWOW64\en-US 2012-12-12 03:13:33 ----D---- C:\windows\AppPatch 2012-12-12 03:13:31 ----D---- C:\windows\SysWOW64\migration 2012-12-12 03:13:31 ----D---- C:\Program Files (x86)\Internet Explorer 2012-12-12 03:08:40 ----D---- C:\ProgramData\Microsoft Help 2012-12-11 17:01:07 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Mp3tag ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [] R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [] R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys [] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [] R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys [] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS [] R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys [] R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS [] R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys [] R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys [] R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys [] R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys [] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [] R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys [] R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\windows\system32\DRIVERS\VBoxUSBMon.sys [] R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [] R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [] R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys [] R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [] R2 regi;regi; \??\C:\windows\system32\drivers\regi.sys [] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys [] R3 bpenum;Intel® Centrino® WiMAX Enumerator; C:\windows\system32\DRIVERS\bpenum.sys [] R3 bpmp;Intel® Centrino® WiMAX 6050 Series; C:\windows\system32\DRIVERS\bpmp.sys [] R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver; C:\windows\System32\Drivers\bpusb.sys [] R3 CeKbFilter;CeKbFilter; C:\windows\system32\DRIVERS\CeKbFilter.sys [] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [] R3 IntcDAud;Intel® Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [] R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys [] R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [] R3 MEIx64;Intel® Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [] R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [] R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys [] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [] R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys [] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys [] R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys [] R3 vpcbus;Virtual PC Host Bus Service; C:\windows\system32\DRIVERS\vpchbus.sys [] R3 vpcusb;USB Virtualization Connector Service; C:\windows\system32\DRIVERS\vpcusb.sys [] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [] S0x01000000 papycpu2;papycpu2; C:\windows\System32\DRIVERS\papycpu2.sys [2003-01-17 1984] S0x01000000 papyjoy;papyjoy; C:\windows\System32\DRIVERS\papyjoy.sys [2003-01-17 1856] S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [] S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [] S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys [] S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys [] S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [] S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [] S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [] S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys [] S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808] R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-06-14 498688] R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-06-01 1517328] R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2010-05-20 110736] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824] R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-06-01 844560] R2 Thpsrv;TOSHIBA HDD Protection; C:\windows\system32\ThpSrv.exe [] R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe [] R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2011-05-17 574896] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-06-14 986112] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096] R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-09 138152] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 136176] S2 PinnacleUpdateSvc;PinnacleUpdate Service; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [2011-05-09 430080] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400] S3 Flexlm Service 1;Flexlm Service 1; C:\Program Files (x86)\UGS\NX 7.5\UGFLEXLM\lmgrd.exe [2009-07-07 1510152] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 136176] S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-11 194032] S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-26 115168] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-06-01 340240] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856] S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe [2011-09-26 21504] S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe [2011-09-26 9665536] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] -----------------EOF----------------- Maurice, it wouldn't allow me to post any longer than this, so will post each report in separate posts.

Maurice, Sorry for any miscommunication; however, you'll see in your response that you instruct me to "Checkmark the box (line) Auto follow topics I reply to and select immediate notification (IIRC)", along with "make sure you are subscribed", and if you'll notice my screen image for Notification Options, there isn't an "Immediate (IIRC)" option to select, just "Immediate"; therefore, I had assumed (and you and I know what "assume" means!) that there must be such an option such as "Immediate (IIRC)", but that it won't show unless I'm "subscribed" as you instructed. Anyway, just to let you know, I still am not getting any notifications to my email at all.

I removed the two outdated Java updates (6 & 7), then downloaded and ran the FSS.exe file, and here's the report: Farbar Service Scanner Version: 05-01-2013 Ran by HP_Administrator (administrator) on 12-01-2013 at 15:54:23 Running from "C:\Documents and Settings\HP_Administrator\Desktop" Microsoft Windows XP Service Pack 3 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Google IP is offline Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ File Check: ======== C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit C:\WINDOWS\system32\netman.dll => MD5 is legit C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit C:\WINDOWS\system32\srsvc.dll => MD5 is legit C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit C:\WINDOWS\system32\wscsvc.dll => MD5 is legit C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit C:\WINDOWS\system32\wuauserv.dll => MD5 is legit C:\WINDOWS\system32\qmgr.dll => MD5 is legit C:\WINDOWS\system32\es.dll => MD5 is legit C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit Extra List: ======= Gpc(6) IPSec(4) kltdi(10) NetBT(5) PSched(7) Tcpip(3) 0x0900000008000000040000000100000002000000030000000A000000050000000600000007000000 **** End of log ****

Sorry, I just realized you wanted me to subscribe to IIRC. Surely, I should have been getting notifications with all of my other checked settings (see images), so I'm not even going to bother with joining the IIRC. Something is definitely wrong with the notifications options, but its not that important. Will get you the report tomorrow. Take care

An hour before your post, I had already let you know I was a subscriber and that I had already done what you suggested, and I still did not get any notification of your last post. Let's not worry about that, as its not as important as this issue.

Well, I just checked the box "Auto follow topics I reply to: Notification frequency: None" and made that "Immediate". Maybe that will start notifications, but I should have been receiving them all along.

Maurice, Not only am I following the topic, I am the logged-in member who created the topic, and here's my Notifications Options, which clearly shows I should be getting email notifications; however, when I checked my "Saved Notifications", it is empty I don't know why I'm not receiving any email notifications at all.

Maurice, Is there an option for me to check so that I get an email notification whenever a reply to this post is made? Sure would help!

Maurice, In my initial post you may recall my saying I did some other things but couldn't recall at that time. Well, this is one of those things I did, and it didn't work. I'll start her defrag after doing those other tasks and generating the report for you. Thanks again!

Maurice, Yes, I most definitely want your assistance for this issue. I'll post all future logs "in line". Now, as you'll see from your quotes above, I assume you highlighted in red two issues you want corrected from the log reports (Java & Adobe Reader out of date, and C-drive needs defraging), is that correct? Your next reply instructs to remove the obsolete versions of Java 6 & 7, and finally your last reply instructs to download >> Farbar's Service Scanner utility << and run it and paste contents into my next post. So, my question is, do I need to have the defrag completed before running Farbar's, or can I do that as the very last thing? I want to make sure. If so, I'll call her and ensure she gets it done correctly before I come over. I'll try to swing by tomorrow morning and get this done. Again, thanks for all your assistance!

I checked with my relative and they do not have Bittorrent, or any type of torrent program, on their computer. You said that a report "shows Bittorrent", but I don't see any such thing on any of the report files I attached to this post from her computer this afternoon. However, as I write this reply from my laptop, I do have Bittorent; however, I'm not sending any attachments, just making a simple reply. Anything files I send you, such as reports or logs, will always be from their computer, which does NOT have any torrent software. Again, I'll have to schedule a trip to their house to do the next steps you suggest. BTW, if this forum doesn't want attachments, then it should permanently remove that ability in this forum, don't you think? Thanks for you support.

This is my second issue post, and it deals with a very similar issue as my first post (System Restore page is blank), but this issue is with my personal laptop. A little background info: For three straight weeks, during my weekly scheduled scans (from 12-15-2012 to 12-29-2012), Avast! detected and “moved to chest” a file called iefav2601.txt that it found in C:\Windows\Temp and it identified it as a “Win32 MalwareGen”. On 1-4-2013, I created a System Restore point, as I normally do before any new application downloads/installs, then I downloaded and installed MalwareBytes Pro. Interesting is that MalwareBytes Pro's scan did not detect that virus after I ran it, nor has Avast! detected the iefav2601.txt file on any subsequent scans after 12-29-2012, and both say my computer is clean of any viruses or malware. I also could find nothing about this file using Google, nor anything on AVAST!'s website. On 1-7-2013, prior to my downloading Bandicam, I created a System Restore point. The next day, I was posting something on a forum, and went to access my computer’s System Information for specific info to post in the forum, and that’s when I got “Can't collect information. Failed connection to this computer. Check to see that the Winmgmt service is running” error message, and wasn’t able to obtain my laptop’s system info. After several failed attempts to access System Information, the first thing that came to mind was to do a System Restore back to before my last download/install, which was Bandicam on 1-7-2013. When I went to do it, that’s when I also noticed ALL of my restore points were gone! I then, once more, ran full scans with both Avast and MalWarebytes Pro, which both found nothing, then I did a “boot-time scan” with Avast, and it still came up clean. After all scans, I still could not access System Information. I also rebooted into Safe Mode and tried Safe Mode with Command Prompt option, and was not successful. I then googled “Can't collect information. Failed connection to this computer. Check to see that the Winmgmt service is running” and found this suggestion at http://answers.micro...fb-6a79a821665d: After the system scan was finished, the Command Prompt left a message, “Windows Resource Protection found corrupt files and successfully repaired them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log” After following the instructions above, I still couldn’t access System Information. I had to save a copy of the CBS.log file as a text file and upload it to this post, as this forum doesn’t allow any .log files to be uploaded, instead of pasting its contents, which were over 100 pages long. After reading some of the other forum postings, I went ahead and downloaded Bill Bastner’s FixPolicies.exe program and ran the Fix_Policies.cmd file, but it didn’t solve my problem. Of course, prior to doing so, I made a backup of my registry, as I already have Wise Registry Cleaner, and even though some of your Techies suggest downloading and using ERUNT to back up the registry, I am very confident in the backup created by my Wise Registry Cleaner, which has reviews just as good, or even better, in some cases, as ERUNT. Prior to doing any of the next following steps, I set all files and folders for my Windows Explorer to show hidden files, file extensions, and protected operating system files. I then downloaded the Random's System Information Tool. I did find it interesting the fact that Random's System Information Tool or RSIT is recommended in lieu of HijackThis, but I read here at http://en.kioskea.ne...n-and-first-use where RSIT actually checks to see if a current version of HijackThis is installed on the computer, and if not, it will install HijackThis as part of its installation process. It also stated that, although HijackThis is utilized by RSIT, HijackThis has remained too outdated for use by itself. Anyway, I already have the latest version of HijackThis installed, so I downloaded RSIT and ran it, and attached the log.txt and info.txt files. I then downloaded SecurityCheck. Okay, when running SecurityCheck.exe, I noticed it opened my GIT+ Command Prompt Window (I am a Drupal Web Designer), and once I pressed any key to start the program as prompted, it displayed “Collecting Information”, then “Preparing”, then I got the following error message window pop up: I clicked “OK”, and “Preparing Done!” flashed, then two quick lines of “No instances available” flashed on the screen, then “file not found: HKLMRUN” flashed quickly before the screen went to show “Antivirus/Firewall check done!” and “Anti-Malware/Other Utilities check done!”, which seemed to show the program was running and working properly. However, when it started the “Performing System Health Check”, it seemed to stall. After waiting for 6 long minutes, I ended the program, and restarted it, with the same opening of my GIT+ Command Prompt Window, and the same error message window, and once again, after I clicked “OK”, the same messages described before flashed, so it seemed to be working fine, until it got to the “Performing System Health Check”, where, this time, I let it run for 10 minutes (really, it took 10 minutes!) when, finally, it announced it had finished the check and the “checkup.txt” file opened in my notepad++. I then saved the file. Next, I temporarily disabled both, AVAST! and MalWarebytes Pro programs, then closed all open browsers, then opened IE browser as Administrator and went to the Bitdefender’s website and performed the free quickscan and saved the report file. Next, I downloaded RogueKiller.exe file and right-clicked on it and ran it as Administrator, then after the pre-scan, I ran the scan and saved the report. When I exited, it prompted me to deleted the red items, which I did not, as I will await any advice from this forum. I then started up AVAST! and MalWarebytes Pro, and re-hid my protected files. I’ve attached all scans files, which are the following: CBS.log.txt file from Windows Resource Protection scan log.txt file from RSIT info.txt file from RSIT checkup.txt file from Security Check Report 2013-01-10 17.07.44.txt file from BitDefender RKreport[1]_S_01102013_02d1714.txt from RogueKiller Finally, here’s my laptop’s system information: Toshiba Satellite P775-S7320 Windows 7 Home Premium Intel core i7-2670QM @ 2.20 Ghz (4 cores) Intel HD3000 Integrated GPU 6GB RAM 720 GB Hard Drive I hope what I’ve submitted will give you enough information to start assisting me in solving why I cannot access my laptop's System Information, even though Winmgmt service is running, and what caused the deletion of all my previous System Restore points. I had dedicated 35 GB for the restore points, so hard drive memory isn't a factor (I have over 200 GB free), and I've not lost any restore points since 1-8-2013. Having been made aware of this forum's policy about having any torrent software on a computer, I have disabled it and will ensure it will not be functioning from this point on until this issue is fully resolved. CBS.log.txt log.txt info.txt checkup.txt Report 2013-01-10 17.07.44.txt RKreport1_S_01102013_02d1714.txt

Maurice, My elderly relative would not even think of joining such a forum, so that’s out of the question. I am her “go to” person for any computer issues. Okay, I downloaded Desktop FixPolicies.exe, by Bill Castner, and ran the file as instructed, but it did not fix the problem. As previously stated, her registry is backed up, so followed all of your additional steps and have attached (better than pasting) all created text files and logs for your review. Bitdefender found no evidence of any infection, and it's scan report, not log, is attached and called "Report 2013-01-10 13.24.22.txt". The final attached file is the text file from RogueKiller's scan, called "QuarantineReport.txt". Again, thanks for all your efforts and assistance. I’ll check this forum daily and will await your response. P.S. - I hope to post my laptop's issue later today. Logfile of random's system information tool 1.08 (written by random/random) Run by HP_Administrator at 2013-01-10 13:11:55 Microsoft Windows XP Professional Service Pack 3 System drive C: has 202 GB (88%) free of 230 GB Total RAM: 1015 MB (15% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:12:07 PM, on 1/10/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe c:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\klwtblfs.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\HP_Administrator\Local Settings\Temporary Internet Files\Content.IE5\V4B8TU9M\RSIT-1.06[1].exe C:\Program Files\trend micro\HP_Administrator.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...lion&pf=desktop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/...022&form=ZGAPHP R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.h...lion&pf=desktop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...lion&pf=desktop O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Virtual Keyboard - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: URLs check - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU) O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1357676268921 O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files\Tunngle\TnglCtrl.exe -- End of file - 10532 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-537243847-3273092196-2220315231-1008Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-537243847-3273092196-2220315231-1008UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}] Content Blocker Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2012-08-17 537528] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}] Virtual Keyboard Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2012-08-17 811960] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java™ Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-04-04 453504] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}] Safe Money Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll [2012-08-17 424888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-12-13 4527888] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java™ Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-04-04 157576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}] URL Advisor Plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll [2012-08-17 484280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - HP view - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll [2003-11-21 98304] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2005-05-26 98304] "SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296] "LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2012-12-10 2254768] "AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-12-15 356376] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "Messenger (Yahoo!)"=C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2010-06-01 5252408] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] "Google Update"=C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-04-20 116648] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-11-09 17877168] "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent] C:\Program Files\DAEMON Tools Pro\DTAgent.exe [2011-03-17 842048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray] C:\WINDOWS\ehome\ehtray.exe [2004-08-10 59392] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\High Definition Audio Property Page Shortcut] C:\WINDOWS\system32\HDAudPropShortcut.exe [2004-03-18 61952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe [2004-12-01 126976] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2005-02-26 245760] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe [2004-10-14 253952] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2010-04-16 3872080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\qttask.exe [2005-05-26 98304] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-05-26 180269] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] C:\PROGRA~1\Adobe\ACROBA~2.0\Reader\READER~1.EXE [2004-12-14 29696] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2004-11-05 258048] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates from HP.lnk] C:\PROGRA~1\UPDATE~1\309731\Program\UPDATE~1.EXE [2005-05-26 45056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk] C:\PROGRA~1\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-05-20 1195008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^qlock.lnk] C:\PROGRA~1\Qlock\qlock.exe [2009-02-14 4142080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxsrvc.dll [2004-12-01 348160] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] C:\WINDOWS\system32\klogon.dll [2012-08-17 200632] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe"="C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe:*:Enabled:BackWeb for Pavilion" "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\BitTorrent\BitTorrent.exe"="C:\Program Files\BitTorrent\BitTorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\Tunngle\TnglCtrl.exe"="C:\Program Files\Tunngle\TnglCtrl.exe:*:Enabled:Tunngle Service" "C:\Program Files\Tunngle\Tunngle.exe"="C:\Program Files\Tunngle\Tunngle.exe:*:Enabled:Tunngle Client" "C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe"="C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe:LocalSubNet:Enabled:HP Device Setup" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" ======List of files/folders created in the last 1 months====== 2013-01-10 13:11:55 ----D---- C:\rsit 2013-01-09 00:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB2742607$ 2013-01-09 00:41:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2757638$ 2013-01-08 18:22:51 ----D---- C:\Program Files\Trend Micro 2013-01-08 14:52:48 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Wise Registry Cleaner 2013-01-08 14:51:23 ----D---- C:\Program Files\Wise 2013-01-08 14:40:04 ----ASH---- C:\hiberfil.sys 2013-01-08 13:09:30 ----A---- C:\WINDOWS\ntbtlog.txt 2012-12-24 03:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$ 2012-12-13 23:23:39 ----A---- C:\WINDOWS\system32\drivers\klflt.sys 2012-12-12 23:35:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$ 2012-12-12 23:35:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$ 2012-12-12 23:34:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$ 2012-12-12 23:31:44 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842$ 2012-12-12 23:31:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$ 2012-12-11 09:53:12 ----D---- C:\Program Files\LogMeIn Hamachi ======List of files/folders modified in the last 1 months====== 2013-01-10 13:08:03 ----D---- C:\WINDOWS\network diagnostic 2013-01-10 13:01:46 ----D---- C:\WINDOWS\Temp 2013-01-10 12:48:51 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2013-01-10 12:29:31 ----D---- C:\Documents and Settings\HP_Administrator\Application Data\Skype 2013-01-10 09:22:51 ----D---- C:\WINDOWS\system32 2013-01-10 09:02:00 ----A---- C:\WINDOWS\SchedLgU.Txt 2013-01-10 08:13:25 ----D---- C:\WINDOWS\system32\CatRoot2 2013-01-10 07:49:37 ----D---- C:\WINDOWS\Registration 2013-01-10 07:49:31 ----D---- C:\WINDOWS 2013-01-09 00:44:34 ----SHD---- C:\WINDOWS\Installer 2013-01-09 00:44:34 ----HD---- C:\Config.Msi 2013-01-09 00:42:47 ----D---- C:\WINDOWS\system32\CatRoot 2013-01-09 00:41:42 ----HD---- C:\WINDOWS\inf 2013-01-09 00:41:40 ----A---- C:\WINDOWS\imsins.BAK 2013-01-09 00:41:35 ----RSHD---- C:\WINDOWS\system32\dllcache 2013-01-09 00:36:37 ----A---- C:\WINDOWS\system32\MRT.exe 2013-01-08 23:26:11 ----HD---- C:\WINDOWS\$hf_mig$ 2013-01-08 21:06:42 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2013-01-08 18:22:51 ----D---- C:\Program Files 2013-01-08 15:17:58 ----SD---- C:\WINDOWS\Downloaded Program Files 2013-01-08 14:52:58 ----D---- C:\WINDOWS\Prefetch 2013-01-08 14:24:25 ----D---- C:\WINDOWS\system32\FxsTmp 2012-12-17 08:03:17 ----D---- C:\Documents and Settings\All Users\Application Data\Skype 2012-12-16 07:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll 2012-12-15 08:13:32 ----D---- C:\WINDOWS\system32\drivers 2012-12-15 07:18:55 ----SHD---- C:\System Volume Information 2012-12-13 23:32:37 ----D---- C:\Program Files\Kaspersky Lab 2012-12-12 23:30:33 ----D---- C:\Program Files\Internet Explorer ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-12-02 142336] R0 KL1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2012-06-19 136024] R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696] R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-01-26 20576] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2011-09-12 233024] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592] R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2012-12-15 586584] R1 kltdi;kltdi; C:\WINDOWS\system32\DRIVERS\kltdi.sys [2012-12-15 43608] R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2012-08-13 144344] R2 cpuz134;cpuz134; \??\C:\WINDOWS\system32\drivers\cpuz134_x32.sys [] R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2004-06-29 1268204] R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-03-18 26176] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-10-27 49664] R3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-10-27 16496] R3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-10-27 21568] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-12-01 776637] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-04-15 2564032] R3 klim5;Kaspersky Anti-Virus NDIS Filter; C:\WINDOWS\system32\DRIVERS\klim5.sys [2012-06-27 35672] R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2012-10-25 24408] R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2012-10-25 24920] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160] R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-10-15 71168] R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032] R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] R3 usbvideo;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2008-04-13 121984] S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024] S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\HdAudio.sys [2004-03-18 113664] S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504] S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248] S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880] S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys [2005-01-19 12416] S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136] S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle); C:\WINDOWS\system32\DRIVERS\tap0901t.sys [2009-09-16 27136] S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AVP;Kaspersky Anti-Virus Service; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [2012-12-15 356376] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2004-09-28 195584] R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2004-08-10 102912] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 1435568] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-04-04 161664] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2005-05-08 53248] R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120] R2 Skype C2C Service;Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896] S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon [] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-12 136176] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-11-09 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-13 267776] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-12 136176] S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-07-12 182768] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-01-31 2975352] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136] S3 TunngleService;TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [2012-04-19 736104] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912] -----------------EOF----------------- info.txt logfile of random's system information tool 1.08 2013-01-10 13:12:12 ======Uninstall list====== -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000} Agere Systems PCI Soft Modem-->agrsmdel BitTorrent-->"C:\Program Files\BitTorrent\BitTorrent.exe" /UNINSTALL Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE} Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml" CPUID CPU-Z 1.56-->"C:\Program Files\CPUID\CPU-Z\unins000.exe" DAEMON Tools Pro-->C:\Program Files\DAEMON Tools Pro\uninst.exe GemMaster Mystic-->"C:\Program Files\GemMaster\uninstallgemmaster.exe" Google Earth-->MsiExec.exe /X{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} Help and Support Additions-->WScript.exe C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\eHelpSetup.jse eHelpUninstall High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7} Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2756822)-->"C:\WINDOWS\$NtUninstallKB2756822$\spuninst\spuninst.exe" Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" HP Boot Optimizer-->MsiExec.exe /I{3BA95526-6AE0-4B87-A62D-17187EF565FC} HP Deskjet 1050 J410 series Basic Device Software-->MsiExec.exe /I{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD} HP Deskjet 1050 J410 series Help-->MsiExec.exe /I{5C90D8CF-F12A-41C6-9007-3B651A1F0D78} HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0} HP Image Zone 4.8.6-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP Image Zone for Media Center PC-->MsiExec.exe /X{8D0C57BC-4942-4960-BB6D-142456D6F233} HP Image Zone Plus 4.8.6-->C:\Program Files\HP\Digital Imaging\{32498B7B-E1F3-4ad5-A23B-F26414E94BE0}\setup\hpzscr01.exe -datfile hpdscr01.dat HP Photosmart Cameras 4.5-->C:\Program Files\HP\Digital Imaging\{ABA2B37F-AB88-486e-870A-52454A23FEE0}\setup\hpzscr01.exe -datfile hpiscr01.dat HP PSC & OfficeJet 4.7-->"C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe" -datfile hposcr05.dat HP Software Update-->MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1} HP Tunes-->MsiExec.exe /X{6512B303-F989-4C13-B9F6-A99989E4ED54} HPIZplus450-->MsiExec.exe /X{0E484A60-A429-49A8-982C-D6475F1E80A9} Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582 IntelliMover Data Transfer Demo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{14589F05-C658-4594-9429-D437BA688686}\Setup.exe" -l0x9 InterVideo WinDVD Player-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL J2SE Runtime Environment 5.0-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000} Java™ 6 Update 26-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Java™ 7 Update 4-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217004FF} JavaFX 2.1.0-->MsiExec.exe /X{1111706F-666A-4037-7777-210328764D10} Kaspersky Internet Security 2013-->MsiExec.exe /I{560985FB-4B76-4121-9189-7A2CDC7886D6} Kaspersky Internet Security 2013-->MsiExec.exe /I{560985FB-4B76-4121-9189-7A2CDC7886D6} REMOVE=ALL KBD-->C:\HP\KBD\KBD.EXE uninstalled LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U LogMeIn Hamachi-->C:\WINDOWS\system32\\msiexec.exe /i {106B4413-ACBB-4CDE-8707-587DB9BD77EC} REMOVE=ALL LogMeIn Hamachi-->MsiExec.exe /I{106B4413-ACBB-4CDE-8707-587DB9BD77EC} Microsoft .NET Framework 1.0 Hotfix (KB2572066)-->"C:\WINDOWS\$NtUninstallKB2572066$\spuninst\spuninst.exe" Microsoft .NET Framework 1.0 Hotfix (KB2604042)-->"C:\WINDOWS\$NtUninstallKB2604042$\spuninst\spuninst.exe" Microsoft .NET Framework 1.0 Hotfix (KB2656378)-->"C:\WINDOWS\$NtUninstallKB2656378$\spuninst\spuninst.exe" Microsoft .NET Framework 1.0 Security Update (KB2698035)-->"C:\WINDOWS\$NtUninstallKB2698035$\spuninst\spuninst.exe" Microsoft .NET Framework 1.0 Security Update (KB2742607)-->"C:\WINDOWS\$NtUninstallKB2742607$\spuninst\spuninst.exe" Microsoft .NET Framework 1.1 Security Update (KB2698023)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2698023\M2698023Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB2742597)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2742597\M2742597Uninstall.msp" Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Standard Edition 2003-->MsiExec.exe /I{91120409-6000-11D3-8CFE-0150048383C9} Microsoft Plus! Dancer LE-->MsiExec.exe /X{1A103D70-5C9B-4E1A-B306-5106C68F9914} Microsoft Plus! Digital Media Edition Installer-->MsiExec.exe /X{6E45BA47-383C-4C1E-8ED0-0D4845C293D7} Microsoft Plus! Photo Story 2 LE-->MsiExec.exe /X{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44} MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} muvee autoProducer 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC10C922-52E9-4739-ACD0-EB0FF035EE7E}\setup.exe" -l0x9 muvee autoProducer unPlugged - HPD-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D8E4A88B-E35A-4F3B-AB60-42E7DB0EC765}\setup.exe" -l0x9 Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8} OpenOffice.org 3.2-->MsiExec.exe /I{5A13987D-55F4-4271-A40E-76AC9B1B38FD} Otto-->"C:\Program Files\EnglishOtto\uninstallotto.exe" PC-Doctor for Windows-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{19C989C4-50AE-43A4-B06E-8C70FFFF852F} /l1033 Photosmart 320,370,7400,8100,8400 Series-->C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe" Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log" Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG Qlock Lite-->"C:\Program Files\Qlock\uninstall.exe" QuickTime-->C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Remove Microsoft Money 2005 installer-->c:\\hp\\bin\\cloaker.exe commands /ww /lw:c:\\hp\\bin\\ifc\\Money\\lg.ini /c c:\\hp\\bin\\cloaker.exe c:\\hp\\bin\\ifc\\uninst.cmd ar Remove Quicken New User Edition installer-->c:\\hp\\bin\\cloaker.exe commands /ww /lw:c:\\hp\\bin\\ifc\\Quicken_NUE\\lg.ini /c c:\\hp\\bin\\cloaker.exe c:\\hp\\bin\\ifc\\uninst.cmd ar Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe" Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2360131)-->"C:\WINDOWS\ie8updates\KB2360131-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2416400)-->"C:\WINDOWS\ie8updates\KB2416400-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2482017)-->"C:\WINDOWS\ie8updates\KB2482017-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2497640)-->"C:\WINDOWS\ie8updates\KB2497640-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2530548)-->"C:\WINDOWS\ie8updates\KB2530548-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2559049)-->"C:\WINDOWS\ie8updates\KB2559049-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2586448)-->"C:\WINDOWS\ie8updates\KB2586448-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2675157)-->"C:\WINDOWS\ie8updates\KB2675157-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2699988)-->"C:\WINDOWS\ie8updates\KB2699988-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2722913)-->"C:\WINDOWS\ie8updates\KB2722913-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2744842)-->"C:\WINDOWS\ie8updates\KB2744842-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe" Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe" Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe" Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe" Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe" Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe" Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Security Update for Windows XP (KB2491683)-->"C:\WINDOWS\$NtUninstallKB2491683$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe" Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506223)-->"C:\WINDOWS\$NtUninstallKB2506223$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe" Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe" Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe" Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567053)-->"C:\WINDOWS\$NtUninstallKB2567053$\spuninst\spuninst.exe" Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe" Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe" Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe" Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe" Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe" Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe" Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe" Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe" Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe" Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe" Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe" Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe" Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe" Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe" Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe" Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe" Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe" Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe" Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe" Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe" Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe" Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe" Security Update for Windows XP (KB2685939)-->"C:\WINDOWS\$NtUninstallKB2685939$\spuninst\spuninst.exe" Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe" Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe" Security Update for Windows XP (KB2695962)-->"C:\WINDOWS\$NtUninstallKB2695962$\spuninst\spuninst.exe" Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe" Security Update for Windows XP (KB2705219)-->"C:\WINDOWS\$NtUninstallKB2705219$\spuninst\spuninst.exe" Security Update for Windows XP (KB2707511)-->"C:\WINDOWS\$NtUninstallKB2707511$\spuninst\spuninst.exe" Security Update for Windows XP (KB2709162)-->"C:\WINDOWS\$NtUninstallKB2709162$\spuninst\spuninst.exe" Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe" Security Update for Windows XP (KB2718523)-->"C:\WINDOWS\$NtUninstallKB2718523$\spuninst\spuninst.exe" Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe" Security Update for Windows XP (KB2723135)-->"C:\WINDOWS\$NtUninstallKB2723135$\spuninst\spuninst.exe" Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe" Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe" Security Update for Windows XP (KB2731847)-->"C:\WINDOWS\$NtUninstallKB2731847$\spuninst\spuninst.exe" Security Update for Windows XP (KB2753842)-->"C:\WINDOWS\$NtUninstallKB2753842$\spuninst\spuninst.exe" Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2757638)-->"C:\WINDOWS\$NtUninstallKB2757638$\spuninst\spuninst.exe" Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe" Security Update for Windows XP (KB2761226)-->"C:\WINDOWS\$NtUninstallKB2761226$\spuninst\spuninst.exe" Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe" Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe" Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe" Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe" Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe" Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe" Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Skype Click to Call-->MsiExec.exe /I{B6CF2967-C81E-40C0-9815-C05774FEF120} Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053} Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011} Sonic Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Sonic MyDVD Plus-->MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic RecordNow Audio-->MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic RecordNow Copy-->MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic RecordNow Data-->MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205} Sonic Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E} TUGZip 3.5-->"C:\Program Files\TUGZip\unins000.exe" Tunngle beta-->"C:\Program Files\Tunngle\unins000.exe" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows Internet Explorer 8 (KB982632)-->"C:\WINDOWS\ie8updates\KB982632-IE8\spuninst\spuninst.exe" Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe" Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe" Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe" Update for Windows XP (KB2607712)-->"C:\WINDOWS\$NtUninstallKB2607712$\spuninst\spuninst.exe" Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe" Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe" Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe" Update for Windows XP (KB2718704)-->"C:\WINDOWS\$NtUninstallKB2718704$\spuninst\spuninst.exe" Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe" Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Update Rollup 1 for Windows XP Media Center Edition 2005 with HDTV Support (KB873369)-->C:\WINDOWS\$NtUninstallMC05Upd1$\spuninst\spuninst.exe Updates from HP-->C:\WINDOWS\BWUnin-6.3.2.62.exe -AppId 309731 Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray-->"C:\WINDOWS\$NtUninstallKB952011$\spuninst\spuninst.exe" Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{E6158D07-2637-4ECF-B576-37C489669174} Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F} Windows Live Messenger-->MsiExec.exe /X{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC} Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5} Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Media Player 10 Hotfix [see KB889858 for more information]-->C:\WINDOWS\$NtUninstallKB889858$\spuninst\spuninst.exe Windows XP Media Center Edition 2005 KB888316-->C:\WINDOWS\$NtUninstallKB888316$\spuninst\spuninst.exe Windows XP Media Center Edition 2005 KB895678-->C:\WINDOWS\$NtUninstallKB895678$\spuninst\spuninst.exe Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" Wise Registry Cleaner 7.62-->"C:\Program Files\Wise\Wise Registry Cleaner\unins000.exe" Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG ======Security center information====== AV: Kaspersky Internet Security FW: Kaspersky Internet Security ======System event log====== Computer Name: YOUR-55E5F9E3D2 Event Code: 7001 Message: The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning. Record Number: 392 Source Name: Service Control Manager Time Written: 20130108131106.000000-300 Event Type: error User: Computer Name: YOUR-55E5F9E3D2 Event Code: 7001 Message: The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning. Record Number: 391 Source Name: Service Control Manager Time Written: 20130108131106.000000-300 Event Type: error User: Computer Name: YOUR-55E5F9E3D2 Event Code: 7001 Message: The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning. Record Number: 390 Source Name: Service Control Manager Time Written: 20130108131106.000000-300 Event Type: error User: Computer Name: YOUR-55E5F9E3D2 Event Code: 10005 Message: DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} Record Number: 389 Source Name: DCOM Time Written: 20130108131106.000000-300 Event Type: error User: NT AUTHORITY\SYSTEM Computer Name: YOUR-55E5F9E3D2 Event Code: 10005 Message: DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E} Record Number: 388 Source Name: DCOM Time Written: 20130108131102.000000-300 Event Type: error User: YOUR-55E5F9E3D2\HP_Administrator =====Application event log===== Computer Name: YOUR-55E5F9E3D2 Event Code: 1524 Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use. Record Number: 11766 Source Name: Userenv Time Written: 20120826192252.000000-240 Event Type: warning User: YOUR-55E5F9E3D2\HP_Administrator Computer Name: YOUR-55E5F9E3D2 Event Code: 8 Message: Failed auto update retrieval of third-party root list sequence number from: <http: www.download.windowsupdate.com="" msdownload="" update="" v3="" static="" trustedr="" en="" authrootseq.txt=""> with error: This operation returned because the timeout period expired. Record Number: 11763 Source Name: crypt32 Time Written: 20120826151045.000000-240 Event Type: error User: Computer Name: YOUR-55E5F9E3D2 Event Code: 1517 Message: Windows saved user YOUR-55E5F9E3D2\HP_Administrator registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 11688 Source Name: Userenv Time Written: 20120821223205.000000-240 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: YOUR-55E5F9E3D2 Event Code: 1517 Message: Windows saved user YOUR-55E5F9E3D2\HP_Administrator registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account. Record Number: 11661 Source Name: Userenv Time Written: 20120820230344.000000-240 Event Type: warning User: NT AUTHORITY\SYSTEM Computer Name: YOUR-55E5F9E3D2 Event Code: 1524 Message: Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use. Record Number: 11660 Source Name: Userenv Time Written: 20120820230342.000000-240 Event Type: warning User: YOUR-55E5F9E3D2\HP_Administrator ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22;C:\Program Files\PC-Doctor for Windows\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 3, GenuineIntel "PROCESSOR_REVISION"=0403 "NUMBER_OF_PROCESSORS"=2 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "SonicCentral"=c:\Program Files\Common Files\Sonic Shared\Sonic Central\ -----------------EOF-----------------</http:> Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Disabled! Kaspersky Internet Security Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Wise Registry Cleaner 7.62 JavaFX 2.1.0 Java™ 6 Update 26 Java™ 7 Update 4 Java version out of Date! Adobe Reader 7 Adobe Reader out of Date! ````````Process Check: objlist.exe by Laurent```````` Kaspersky Lab Kaspersky Internet Security 2013 avp.exe Kaspersky Lab Kaspersky Internet Security 2013 klwtblfs.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log`````````````````````` Report 2013-01-10 13.24.22.txt QuarantineReport.txt

Maurice, Thanks for your prompt response. My relative lives in another city, so I'll have to coodinate a time/date to go back and follow your steps. The only thing I won't have to do is download ERUNT and do a registry backup, as we downloaded the Wise Registry Cleaner and did a backup as this freeware has as good as, or in some cases, better reviews than ERUNT. So, the registry has been backed up. Now, what I found interesting is the fact you recommended Random's System Information Tool or RSIT is in lieu of HijackThis, but I read here at http://en.kioskea.net/faq/4409-rsit-installation-and-first-use where RSIT actually checks to see if a current version of HijackThis is installed on the computer, and if not, it will install HijackThis as part of its installation process. I assume that RSIT utilizes HijackThis to create better logs? Just to let you know, I have a similar, but not exact problem I discovered on my laptop computer on 1-8-2013, and I was in the process of researching how to resolve the issue when I visited my relative and discovered this issue. I'll be opening up a new post about it (can't access System Information & previous system restore points have been deleted), and right now it looks like I'll be following your steps outlined here to submit logs for my issue. Again, thanks for your prompt response, and I promise to try to get to my relative's computer as soon as possible and submit the logs.

Okay, I'm a new forum member, but I have pretty much exhausted every other means of trying to resolve this issue for my relative's home desktop computer. Here's her system's basic info: HP Pavilion 061 Windows XP SP3 Build 2600 version 58.1.2600 x86 Family 15 Model 4 Stepping 3 GenuineIntel CPU ~3201 Mhz 2.00 GB RAM The current issue became apparent to me today just as I was about to download a registry program called Wise Registry Cleaner to her computer, as she told me that her computer was running very slow, but she had done a recent disk cleanup and defrag. So, prior to my downloading the program, I went to create a system restore point. That's when I noticed that the System Retore screen would come up as a blank white screen. I googled the problem and I've done the following things to try to resolve the issue: Attempted to start system restore in Safe Mode Attempted to start system restore in Safe Mode with Command Prompt Option by typing %systemroot%\system32\restore\rstrui.exe in command window Went to http://bertk.mvps.or...ml/tips.html#21 and followed all their suggestion, which were to install/activate by typing the following in the Start>Run window: regsvr32 jscript regsvr32 vbscript regsvr32 /i mshtml Created a new registry file called KB909889.reg per Microsoft Support and ran it (I tried to upload a copy, but encountered "You aren't permitted to upload this kind of file" message) Here's the registry file that I created and ran: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}] @="ClassMoniker" [HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}\InprocServer32] @="ole32.dll" [HKEY_CLASSES_ROOT\CLSID\{0000031A-0000-0000-C000-000000000046}\ProgID] @="clsid" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\CLSID] @="{0000031A-0000-0000-C000-000000000046}" I know I've done a couple of more things that I found by googling the issue, but can't remember them right this moment (I've worked for over 4 hours on this!) The final thing was to download HijackThis and create a log (see attached log file). She uses a current up-to-date paid subscription of Kaspersky Internet Security 2013 for her anti-virus, which ran a full scan just 24 hours ago. The scan logs shows no detection of any malware or virus; however, the Protection Center logs shows where Kaspersky blocks the avp.exe file on a reoccuring basis for the same two applications -- Windows NT Logon Application and Generic Host Process for Win32 Services. I temporarily suspended Kaspersky as the very first step in resolving this issue. I have run out of ideas, and from what I've read, this very likely could be some kind of infection. hijackthis.log