seisler20148

I have restored my computer to factory settings. Thanks for your help for the time being.

It has gotten to the point where my browser actually shuts down if I try to search anything.

------------------------------EXTRAS--------------------------- OTL Extras logfile created on: 1/14/2013 9:01:53 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\computer\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.75 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 69.93% Memory free 5.50 Gb Paging File | 4.33 Gb Available in Paging File | 78.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 584.01 Gb Total Space | 479.26 Gb Free Space | 82.06% Space Free | Partition Type: NTFS Drive D: | 12.06 Gb Total Space | 1.44 Gb Free Space | 11.96% Space Free | Partition Type: NTFS Computer Name: COMPUTER-HP | User Name: computer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 0 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{05640C11-5CFC-49E0-A2E6-6EA7CDE212C5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{0A6A6855-C979-4BBD-9FB2-60A7BE8E6C1D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{0E3095D4-4500-400C-B9CD-842CF7230489}" = rport=139 | protocol=6 | dir=out | app=system | "{12EEEC25-FA4A-4885-AE1C-8183DE56836A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1BAF8F1E-6B61-466B-B09F-04A461C17E19}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1BCED6CD-8C08-4BAD-823D-93EC0A81D494}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1EA27A9B-65AC-4719-A13E-AEA97BD13D03}" = rport=10243 | protocol=6 | dir=out | app=system | "{227186FF-14CD-4E51-AE09-ED794431C05B}" = lport=445 | protocol=6 | dir=in | app=system | "{22906797-C334-444C-955E-4E1EA2339D16}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{23648FB7-265A-4DD3-9314-0F974EBB92B8}" = lport=138 | protocol=17 | dir=in | app=system | "{2580387B-35D1-403C-B1C2-E8196C369B27}" = lport=2869 | protocol=6 | dir=in | app=system | "{3BDF6677-746A-4888-B025-7B51CE587B93}" = lport=139 | protocol=6 | dir=in | app=system | "{3D581930-E795-4F4B-B986-F64249B04B92}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4B4E16BB-8A79-440C-B42C-536C1B1B2351}" = lport=1900 | protocol=17 | dir=in | name=udp 1900 | "{56947310-755D-41A8-92F5-1D14ADA64AAE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{8AB04FF9-BFEB-4CA1-BB20-19D992C1BE40}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8F61F727-BAD8-4BDA-B962-0CA5174E7691}" = lport=137 | protocol=17 | dir=in | app=system | "{9419C468-56F5-4E6B-9BA6-CA2D2CF93010}" = rport=137 | protocol=17 | dir=out | app=system | "{9BDF7767-91BB-4B4D-B5CE-F78406F3490E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A832BA1E-F864-41EF-AF43-0D481CF082EB}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | "{A838CFAC-0D6D-451F-844D-9D260FB02304}" = lport=2869 | protocol=6 | dir=in | name=tcp 2869 | "{B22527D8-AF88-4ED4-93B3-5EF4341F2A41}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{B22C822F-D8EF-4614-91E0-2282244CBB9D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | "{B6E8320F-2A5F-4DAA-978B-74AA3B935EE0}" = rport=445 | protocol=6 | dir=out | app=system | "{BF9F501B-FFA1-49E5-A44C-BBE88763115B}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | "{CB8974CD-BA4B-4C1F-ACEF-F4F68637BD88}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{CBC8F6C2-000B-433C-8CF7-9EBF0B872961}" = rport=138 | protocol=17 | dir=out | app=system | "{D26C7B00-AD4E-4F39-A053-1237E0C36E05}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{D7BDBA67-5E41-4B64-9DB5-E3E4AFF9A168}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E17C61E9-1CA5-4965-B093-6EAE1A872308}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{EA1E386A-07E4-46EA-8DD4-BAE4CA975A5F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{EBB02CCB-E332-43FA-8B49-DE69206E5D6F}" = lport=10243 | protocol=6 | dir=in | app=system | "{EDC8FAAD-F4D7-49FB-8C48-D46A978B76A2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{F3DA5D5C-B3AD-4633-BF04-CFE17667E700}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{006B27A4-BFB3-4BED-B19A-0C64FF950CCC}" = protocol=6 | dir=out | app=system | "{228B1244-139B-46B6-ACC4-2E026D73562E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{2796B7FD-CA3F-41C6-82B8-DA987B11AB51}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{34C72D56-5BF1-40ED-A67F-A20BE5A0E67C}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{43C9E9F1-A65D-4FD6-AA7C-BD0E4EF661C2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{45385DD1-E049-4C78-9A44-ED3C433A1F35}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5430E487-0BEE-4188-8502-C2A9951CC2D6}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{5725EA94-713B-4939-928D-E82CBF83EFC1}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{5E590828-B994-40F2-B818-F2701C137450}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5F937F30-0024-4C00-994B-D94722E6B9CA}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{5FD7CA65-A114-413C-89E4-F20D0C225CBE}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe | "{6BD4C9F0-0D02-4979-9616-0F03580D78B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6DC3DCED-572A-4FE7-A56A-0F6014DB5657}" = dir=in | app=c:\users\computer\appdata\local\facebook\video\skype\facebookvideocalling.exe | "{71AD1EFA-B9C9-46BB-992D-DFC722539DDC}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{72341DE6-474B-49BA-B583-3DF2185EB3D5}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{7D1B9F8B-DD22-4948-9F9C-B762C52FC2A5}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{80F5597B-E38D-4094-9CD1-CF305146BA48}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{8A7CF287-D5A1-479F-8687-11969896CDF3}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{982F51BA-35BC-4CD9-B6A4-7501C4B213D0}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1050 j410 series\bin\usbsetup.exe | "{9F682A92-92B5-421D-85DA-06E5588C3C0F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{A45362F0-8523-4BEE-9EA7-66ACE51DFA66}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A5F8E3FE-A059-4B82-94A4-D6138B2B5E74}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{A8AC567C-D58E-4311-A958-F131224A532F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A95F4AAF-2A63-43B2-9694-B9B2086BE765}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{B0E79CFD-78FB-4BB7-9145-793D1A866163}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | "{B505D93E-479B-4FB5-9F2D-B49F1BB3E4C3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{B9F3F73E-47EF-4C16-BD37-4C195BBF2A2F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{C46B865E-4524-482B-A93B-9E357D9229FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{DA866DF7-7973-4533-834D-C6B2C7ECE2E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{DADFBE9D-0D73-4672-9852-BD22C32BB82D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{E5EA4CA1-47B8-4924-9AC5-DF3AF1FBDF7D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{F4CA2A53-97E2-460A-A975-A293AF777C6F}" = protocol=58 | dir=in | app=system | "TCP Query User{1D2FD50D-8219-4675-9691-6D812EA4C96A}C:\users\computer\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\computer\appdata\local\akamai\netsession_win.exe | "TCP Query User{2D7CCF88-ABCB-45B9-AF1F-A6E370A535C1}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "TCP Query User{49116AF1-EEFE-417C-BFEC-F510EE6D81BE}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "TCP Query User{4E67B4E3-3F1C-4B0B-987A-FCE075C1F61E}C:\program files (x86)\stepmania 5\program\stepmania.exe" = protocol=6 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania.exe | "TCP Query User{5B29C78B-109D-4172-A01B-7D62C10B4131}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "TCP Query User{8416C8C9-A515-4851-AA6D-C84E3DD09106}C:\windows\syswow64\javaw.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\javaw.exe | "TCP Query User{8E8A2B48-B9FC-477A-BC50-250471EE40E2}C:\program files (x86)\stepmania 5\program\stepmania-sse2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania-sse2.exe | "TCP Query User{C1623535-73BC-4BF8-8240-A5575FEFEB9B}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "TCP Query User{FA1C9FDB-EB15-451F-AB32-7D0514FF9C93}C:\users\computer\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\computer\appdata\local\akamai\netsession_win.exe | "UDP Query User{0BD766D7-C1F8-4FDF-81F4-CE95C41E0034}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "UDP Query User{1051C14E-92CA-49A4-941D-4756C16C78D4}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | "UDP Query User{492E0023-12C0-49D9-97F5-6547AC4E434B}C:\program files (x86)\stepmania 5\program\stepmania.exe" = protocol=17 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania.exe | "UDP Query User{7DFEF774-22AB-4A7E-A0A4-1C600DA13DE9}C:\windows\syswow64\javaw.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\javaw.exe | "UDP Query User{85F84918-4A8B-42F6-B297-215D1AF30021}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | "UDP Query User{979D3308-9DD9-408D-8992-8600550B9B28}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | "UDP Query User{D24120D9-4EF4-45B1-A399-89E36E5E3E06}C:\users\computer\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\computer\appdata\local\akamai\netsession_win.exe | "UDP Query User{E8E606FD-7F8A-4F17-9DD8-AAFE0A5D633B}C:\users\computer\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\computer\appdata\local\akamai\netsession_win.exe | "UDP Query User{EA704631-EF94-4EBC-AB20-0DE7D11F4C44}C:\program files (x86)\stepmania 5\program\stepmania-sse2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\stepmania 5\program\stepmania-sse2.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518) "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB) "{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes "{1AB4DB8C-4123-45DC-B896-C67990F76DA4}" = HP Deskjet 1050 J410 series Product Improvement Study "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit) "{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}" = SmartSound Premiere Elements 10 x64 Plugin "{4268BF51-DFDF-4178-8B8D-5D5752FCAA58}" = HP Deskjet 1050 J410 series Basic Device Software "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}" = GEAR driver installer for AMD64 and Intel EM64T "{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu "{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD) "{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP) "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7006ED29-58F2-40C3-AE87-039287AD20B6}" = Zune "{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}" = ATI Catalyst Install Manager "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010 "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU) "{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA) "{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA) "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support "{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics "{EB773820-0871-46A8-9B96-F2B04F8B34F0}" = HP Deskjet All-In-One Driver Software 13.0 Rel. 1 "{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{FD9560A8-CB02-1F28-CB9C-487244A28A8B}" = ccc-utility64 "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer "3D970B9F930E7AAE23C06D39A1AC98548C90B442" = Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) "CCleaner" = CCleaner "HP Imaging Device Functions" = HP Imaging Device Functions 13.0 "HP Photosmart Essential" = HP Photosmart Essential 3.5 "HP Smart Web Printing" = HP Smart Web Printing 4.51 "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0 "HPExtendedCapabilities" = HP Customer Participation Program 13.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Zune" = Zune [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3 "{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{0655C185-FD48-5EBA-484A-CD530291F44D}" = CCC Help Hungarian "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{0BF71387-5AFD-F71B-7353-3AEBD3E8F5F3}" = Catalyst Control Center Graphics Full Existing "{0E1C256F-6B90-E5A5-F62E-5DAE1AEAE294}" = ccc-core-static "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status "{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch "{178832DE-9DE0-4C87-9F82-9315A9B03985}" = Windows Live Writer "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.4 "{1B01541D-B1B8-8B7E-E82B-70551A1AF961}" = CCC Help Chinese Standard "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding "{26070CDA-A7C5-2114-0533-38DE06C65E7F}" = CCC Help Polish "{2640314A-2D9A-4F58-B501-DB109CD9DBA2}" = DJ_AIO_ProductContext "{26A24AE4-039D-4CA4-87B4-2F83216024F0}" = Java 6 Update 24 "{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31 "{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7 "{2726B6FF-D8F9-8F29-2A7D-8192AAE79D3F}" = Catalyst Control Center Localization All "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1 "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery "{3088B508-7EE1-EC64-4FFD-C4901378CE7D}" = CCC Help Russian "{32DACAC3-6538-405D-915E-8F2D026F199C}" = DJ_AIO_Software_min "{334713BA-B8E7-4A60-988C-4110753A191E}" = ArcSoft Magic-i Visual Effects 2 "{3778B802-8E2C-04B0-2C1B-7C2A8F981824}" = CCC Help Finnish "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{48CA048A-3C5B-391E-7FF0-F36F434CB1B6}" = CCC Help Thai "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter "{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{52CD3425-C5E8-C49D-B776-AC85F018C0F6}" = Catalyst Control Center Graphics Previews Vista "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{597CE475-4F62-89EE-A81E-DB509DA0CBB2}" = CCC Help English "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}" = HP Deskjet 1050 J410 series Help "{5E7A925A-CCE1-4ED5-A0DD-4A821A3F9BC2}" = Catalyst Control Center Core Implementation "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{674DAE26-3C3C-2D20-1BB4-82B380142E78}" = CCC Help Greek "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A9EF47E-D49A-2EFC-20A1-A92DE7F826DF}" = CCC Help Czech "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox "{6D8EACA3-664E-4F83-8A84-BE3AE952DAB6}" = ArcSoft WebCam Companion 3 "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7A9C67EF-05A8-499F-56A2-C467A4FE6DEE}" = CCC Help Italian "{7DA0C5CE-9817-CDB2-F061-F72D0CB6EEB3}" = CCC Help German "{7DB63154-92A4-12AE-364F-DE9C7B459720}" = CCC Help Spanish "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync "{8D2A81D8-AABF-673B-08BE-EF7A80295F14}" = CCC Help French "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{95140000-00AF-0409-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer "{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{981F6BCD-252E-6A64-9C6D-4E3B10B1B126}" = Catalyst Control Center InstallProxy "{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection "{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}" = F4100_Help "{A7CEA571-43AC-95FE-4F08-22C401FC2824}" = CCC Help Japanese "{A826CCC4-C0BA-97B4-F1DB-E68CD45D1133}" = CCC Help Danish "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4) "{AC9A3F48-8936-40CD-A0B2-7CFA76906143}" = Catalyst Control Center Graphics Full New "{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}" = DJ_AIO_Software "{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR "{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B68D391C-32C6-798E-C78F-83C1797B162A}" = CCC Help Swedish "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287 "{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations "{BDDA1E1E-204E-4368-B0C2-737F16B76307}" = HP MediaSmart/TouchSmart Netflix "{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2 "{C3F0CF4C-0A8C-42F1-A585-2EF7886D6039}" = KODAK Share Button App "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant "{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support "{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars "{d05a1414-a955-4c5c-9716-b7777ef86e85}" = F4100 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D31612BB-C6D7-4142-96AE-16DB062354CF}" = HP Webcam User's Guide "{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}" = Windows Live Photo Gallery "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential "{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings "{DC47D46D-8874-D83A-6612-9DA3175861B2}" = CCC Help Korean "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{DF09BCD9-3556-77A6-8984-1CA95F8E1078}" = CCC Help Portuguese "{E0DE2996-A443-5FEA-30B7-9395E0F3A7CC}" = CCC Help Chinese Traditional "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0 "{EDFA892D-594D-C921-35FF-B6E5CFD2487C}" = CCC Help Dutch "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F56BBEB1-E982-0A07-0004-1CBC8E5B534E}" = CCC Help Turkish "{F600ED39-BA0C-A127-EAB7-057DF0A327E0}" = CCC Help Norwegian "{F84B7A2F-2328-A610-89F6-2CC78CF00FFE}" = Catalyst Control Center Graphics Light "{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder "7-Zip" = 7-Zip 9.20 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3 "Akamai" = Akamai NetSession Interface Service "Axife Mouse Recorder DEMO_is1" = Axife Mouse Recorder DEMO 5.01 "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "DAEMON Tools Lite" = DAEMON Tools Lite "Defraggler" = Defraggler (remove only) "ESET Online Scanner" = ESET Online Scanner v3 "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1 "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "MixMeister BPM Analyzer_is1" = MixMeister BPM Analyzer 1.0 "mmssetup_is1" = MixMeister Studio Demo 7.4.4 "Mozilla Firefox 7.0.1 (x86 en-US)" = Mozilla Firefox 7.0.1 (x86 en-US) "Office14.Click2Run" = Microsoft Office Click-to-Run 2010 "PDF Complete" = PDF Complete Special Edition "RealPlayer 15.0" = RealPlayer "Speakonia_is1" = Speakonia "tv_enua" = Lernout & Hauspie TruVoice American English TTS Engine "VLC media player" = VLC media player 1.0.1 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "winscp3_is1" = WinSCP 4.3.7 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-1140067203-3630092783-3749488201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Akamai" = Akamai NetSession Interface "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 9/12/2012 4:20:16 AM | Computer Name = computer-HP | Source = Windows Search Service | ID = 3029 Description = Error - 9/12/2012 4:20:16 AM | Computer Name = computer-HP | Source = Windows Search Service | ID = 3029 Description = Error - 9/12/2012 4:20:16 AM | Computer Name = computer-HP | Source = Windows Search Service | ID = 3028 Description = Error - 9/12/2012 4:20:16 AM | Computer Name = computer-HP | Source = Windows Search Service | ID = 3058 Description = Error - 9/12/2012 4:20:16 AM | Computer Name = computer-HP | Source = Windows Search Service | ID = 7010 Description = Error - 9/13/2012 1:33:33 AM | Computer Name = computer-HP | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error - 9/14/2012 1:33:17 AM | Computer Name = computer-HP | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error - 9/15/2012 1:33:36 AM | Computer Name = computer-HP | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error - 9/18/2012 1:33:23 AM | Computer Name = computer-HP | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error - 9/18/2012 7:16:58 PM | Computer Name = computer-HP | Source = Application Hang | ID = 1002 Description = The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 910 Start Time: 01cd9593966e18e6 Termination Time: 47 Application Path: C:\Windows\Explorer.EXE Report Id: eed02510-01e6-11e2-94fa-d4856417550f Error - 9/19/2012 1:33:11 AM | Computer Name = computer-HP | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error - 9/20/2012 1:33:11 AM | Computer Name = computer-HP | Source = SideBySide | ID = 16842815 Description = Activation context generation failed for "c:\program files (x86)\spybot - search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. [ Hewlett-Packard Events ] Error - 12/24/2011 9:24:12 AM | Computer Name = computer-HP | Source = HPSFMsgr.exe | ID = 4000 Description = HP Error ID: -2147221164 at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() StackTrace: at System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor, Boolean& bNeedSecurityCheck) at System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean fillCache) at System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean skipVisibilityChecks, Boolean fillCache) at System.Activator.CreateInstance(Type type, Boolean nonPublic) at HPSA_Messenger.MessengerCom.TrayDeskBand.isTaskbarDisplayed() Source: mscorlib Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format: en-US RAM: 2815 Ram Utilization: TargetSite: System.Object CreateInstance(System.RuntimeType, Boolean, Boolean, Boolean ByRef, System.RuntimeMethodHandle ByRef, Boolean ByRef) Error - 1/12/2012 9:30:18 AM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = Error - 1/12/2012 9:30:37 AM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = Error - 2/2/2012 12:43:26 PM | Computer Name = computer-HP | Source = hpsa_service.exe | ID = 2000 Description = HP Error ID: -2146233088 at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect() at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan, Boolean localScan) Message: One HP Active Check Local Mode job already running. StackTrace: at HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetect() at HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan, Boolean localScan) Source: HP.ActiveCheckLocalMode.SessionManager Name: hpsa_service.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe Format: en-US RAM: 2815 Ram Utilization: 40 TargetSite: Void UpdateAndDetect() Error - 4/5/2012 6:31:58 PM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0] Message: The server did not provide a meaningful reply; this might be caused by a contract mismatch, a premature session shutdown or an internal server error. StackTrace: Server stack trace: at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicator.UpdateTimer() at HP.SupportAssistant.UI.MessengerCommunication.sendTimerUpdate() Source: mscorlib Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 2815 Ram Utilization: 40 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage) Error - 4/10/2012 4:14:36 AM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = Error - 4/10/2012 4:15:49 AM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = Error - 4/10/2012 5:09:24 AM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = Error - 8/23/2012 6:09:33 PM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = Error - 8/23/2012 6:09:33 PM | Computer Name = computer-HP | Source = HPSF.exe | ID = 4000 Description = [ System Events ] Error - 1/13/2013 10:55:45 PM | Computer Name = computer-HP | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 1/13/2013 10:55:55 PM | Computer Name = computer-HP | Source = Service Control Manager | ID = 7000 Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: %%2 Error - 1/13/2013 10:56:00 PM | Computer Name = computer-HP | Source = Service Control Manager | ID = 7001 Description = The AVG E-mail Scanner service depends on the AVG WatchDog service which failed to start because of the following error: %%1066 Error - 1/13/2013 10:56:00 PM | Computer Name = computer-HP | Source = Service Control Manager | ID = 7024 Description = The AVG WatchDog service terminated with service-specific error %%-536805315. Error - 1/14/2013 9:22:01 AM | Computer Name = computer-HP | Source = EventLog | ID = 6008 Description = The previous system shutdown at 8:21:02 AM on ?1/?14/?2013 was unexpected. Error - 1/14/2013 9:21:57 AM | Computer Name = computer-HP | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 1/14/2013 9:21:57 AM | Computer Name = computer-HP | Source = Application Popup | ID = 1060 Description = \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error - 1/14/2013 9:22:04 AM | Computer Name = computer-HP | Source = Service Control Manager | ID = 7000 Description = The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: %%2 Error - 1/14/2013 9:22:08 AM | Computer Name = computer-HP | Source = Service Control Manager | ID = 7024 Description = The AVG WatchDog service terminated with service-specific error %%-536805315. Error - 1/14/2013 9:22:09 AM | Computer Name = computer-HP | Source = Service Control Manager | ID = 7001 Description = The AVG E-mail Scanner service depends on the AVG WatchDog service which failed to start because of the following error: %%1066 < End of report >

------------------------------OTL------------------------------ OTL logfile created on: 1/14/2013 9:01:53 AM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\computer\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 2.75 Gb Total Physical Memory | 1.92 Gb Available Physical Memory | 69.93% Memory free 5.50 Gb Paging File | 4.33 Gb Available in Paging File | 78.77% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 584.01 Gb Total Space | 479.26 Gb Free Space | 82.06% Space Free | Partition Type: NTFS Drive D: | 12.06 Gb Total Space | 1.44 Gb Free Space | 11.96% Space Free | Partition Type: NTFS Computer Name: COMPUTER-HP | User Name: computer | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013/01/14 09:01:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\computer\Downloads\OTL.exe PRC - [2012/10/09 10:53:36 | 004,441,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\computer\AppData\Local\Akamai\netsession_win.exe PRC - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012/06/26 11:17:26 | 000,108,032 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\KODAK Share Button App\Listener.exe PRC - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2011/12/24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2010/03/18 14:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe PRC - [2009/10/14 18:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe PRC - [2008/09/18 13:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV:64bit: - [2010/11/11 16:00:32 | 000,467,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc) SRV:64bit: - [2010/11/11 16:00:32 | 000,306,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm) SRV:64bit: - [2010/11/11 15:59:36 | 008,251,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc) SRV:64bit: - [2010/05/11 10:16:12 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2013/01/09 15:17:11 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012/11/09 12:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012/07/27 15:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012/06/21 08:26:59 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/12/24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/02/04 05:04:31 | 000,308,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe -- (avg9wd) SRV - [2011/02/04 05:04:28 | 000,921,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG9\avgemc.exe -- (avg9emc) SRV - [2010/08/15 11:19:00 | 003,700,176 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc) SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 14:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2009/10/14 18:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher) SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2008/09/18 13:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor) SRV - [2005/03/09 20:50:18 | 000,018,944 | ---- | M] (http://libusb-win32.sourceforge.net) [Auto | Stopped] -- C:\Windows\SysWOW64\libusbd-nt.exe -- (libusbd) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012/03/01 01:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011/12/18 10:18:39 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01) DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2011/11/10 18:32:02 | 000,115,272 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter) DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2010/11/20 08:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 06:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/08/19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21) DRV:64bit: - [2010/05/11 10:46:18 | 006,790,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2010/05/11 09:24:20 | 000,221,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010/03/10 10:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) DRV:64bit: - [2010/03/04 09:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/02/05 23:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010/02/05 23:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009/12/22 04:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009/07/13 20:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 20:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 20:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 15:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/26 17:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter) DRV - [2009/07/13 20:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0) DRV - [2005/01/01 22:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {5337E755-6784-4365-B036-FA01C6B1CE87} IE:64bit: - HKLM\..\SearchScopes\{04109324-9744-4415-92B7-0A1C4B0AC77C}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE:64bit: - HKLM\..\SearchScopes\{5337E755-6784-4365-B036-FA01C6B1CE87}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{7F5D595D-A7C1-419F-B547-D5F577110BDE}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE:64bit: - HKLM\..\SearchScopes\{A95D0554-FDB3-4542-9D38-62CBA1B5D5B0}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 IE - HKLM\..\SearchScopes,DefaultScope = {5337E755-6784-4365-B036-FA01C6B1CE87} IE - HKLM\..\SearchScopes\{04109324-9744-4415-92B7-0A1C4B0AC77C}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE - HKLM\..\SearchScopes\{5337E755-6784-4365-B036-FA01C6B1CE87}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{7F5D595D-A7C1-419F-B547-D5F577110BDE}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE - HKLM\..\SearchScopes\{A95D0554-FDB3-4542-9D38-62CBA1B5D5B0}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1 IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK/1 IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\..\SearchScopes,DefaultScope = {01C4661F-FDBE-4851-A222-428472FFF721} IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\..\SearchScopes\{01C4661F-FDBE-4851-A222-428472FFF721}: "URL" = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\..\SearchScopes\{04109324-9744-4415-92B7-0A1C4B0AC77C}: "URL" = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\..\SearchScopes\{5337E755-6784-4365-B036-FA01C6B1CE87}: "URL" = http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\..\SearchScopes\{7F5D595D-A7C1-419F-B547-D5F577110BDE}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\..\SearchScopes\{A95D0554-FDB3-4542-9D38-62CBA1B5D5B0}: "URL" = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;*.local;<local> ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=937811" FF - prefs.js..browser.search.selectedEngine: "Yahoo" FF - prefs.js..browser.startup.homepage: "http://search.yahoo.com?type=937811&fr=spigot-yhp-ff" FF - prefs.js..extensions.enabledAddons: restart@restart.org:0.5 FF - prefs.js..extensions.enabledAddons: adblockpopups@jessehakanen.net:0.3 FF - prefs.js..extensions.enabledAddons: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:2.0.3 FF - prefs.js..extensions.enabledAddons: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.18 FF - prefs.js..extensions.enabledAddons: abb@amazon.com:3.0.20120130 FF - prefs.js..extensions.enabledAddons: {97E22097-9A2F-45b1-8DAF-36AD648C7EF4}:15.0.4 FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll File not found FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll () FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\computer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\computer\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\computer\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/07/05 11:57:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/01/12 21:55:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/10/25 08:20:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/07/05 11:57:25 | 000,000,000 | ---D | M] [2011/10/25 08:04:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\Mozilla\Extensions [2012/11/15 18:08:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\fy6h84lk.default\extensions [2012/04/10 20:30:53 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\fy6h84lk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012/06/13 09:39:55 | 000,000,000 | ---D | M] ("Amazon Browser Bar") -- C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\fy6h84lk.default\extensions\abb@amazon.com [2012/04/10 20:30:52 | 000,118,971 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\fy6h84lk.default\extensions\adblockpopups@jessehakanen.net.xpi [2011/10/25 08:27:07 | 000,032,637 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\fy6h84lk.default\extensions\restart@restart.org.xpi [2012/04/10 20:30:52 | 000,634,964 | ---- | M] () (No name found) -- C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\fy6h84lk.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012/09/18 18:10:29 | 000,002,203 | ---- | M] () -- C:\Users\computer\AppData\Roaming\Mozilla\Firefox\Profiles\fy6h84lk.default\searchplugins\MyStart Search.xml [2012/03/14 20:41:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012/03/14 20:41:12 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2013/01/12 21:55:08 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT [2011/09/29 01:53:40 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011/09/28 19:26:50 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml ========== Chrome ========== CHR - homepage: http://google.com/ CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: http://google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\computer\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\computer\AppData\Local\Google\Chrome\Application\24.0.1312.52\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\computer\AppData\Local\Google\Chrome\Application\24.0.1312.52\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\computer\AppData\Local\Google\Chrome\Application\24.0.1312.52\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\computer\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\computer\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\computer\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll CHR - plugin: Java Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\computer\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll CHR - plugin: Hulu Desktop (Enabled) = C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll CHR - Extension: FlashBlock = C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdngiadmnkhgemkimkhiilgffbjijcie\1.2.11.10_0\ CHR - Extension: AdBlock = C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.54_0\ CHR - Extension: Tab Saver = C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmabnicpoccpllcbcioincnllkilhiah\0.8.2_0\ CHR - Extension: Bitdefender QuickScan = C:\Users\computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.118_0\ O1 HOSTS File: ([2013/01/13 15:01:36 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume File not found O4 - HKLM..\Run: [unlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found O4 - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000..\Run: [Akamai NetSession Interface] C:\Users\computer\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1140067203-3630092783-3749488201-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found O9 - Extra 'Tools' menuitem : &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - Reg Error: Key error. File not found O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16:64bit: - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.7.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A0237BB-C646-40F1-BE80-BF7770A283DE}: DhcpNameServer = 75.75.75.75 75.75.76.76 O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\linkscanner - No CLSID value found O18 - Protocol\Handler\livecall - No CLSID value found O18 - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/01/13 21:59:45 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\ElevatedDiagnostics [2013/01/13 21:57:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013/01/13 21:57:03 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013/01/13 21:57:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013/01/13 19:08:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\mine [2013/01/13 18:57:11 | 000,000,000 | ---D | C] -- C:\Users\computer\Desktop\JavaRa [2013/01/13 15:15:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/01/13 15:12:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET [2013/01/13 15:03:33 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013/01/12 18:58:58 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\BitTorrent [2013/01/12 18:18:54 | 000,000,000 | ---D | C] -- C:\Users\computer\Desktop\mbar [2013/01/12 17:57:11 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\NPE [2013/01/12 17:21:27 | 000,000,000 | ---D | C] -- C:\Users\computer\Desktop\logs [2013/01/10 11:10:38 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013/01/10 11:10:38 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013/01/10 11:10:38 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013/01/10 11:10:28 | 000,000,000 | ---D | C] -- C:\Qoobox [2013/01/10 11:10:09 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013/01/09 17:24:19 | 000,000,000 | ---D | C] -- C:\Users\computer\Desktop\mixmeister [2013/01/05 10:56:28 | 000,000,000 | ---D | C] -- C:\Users\computer\Desktop\pictures [2012/12/31 13:24:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Arcade Lab [2012/12/31 13:24:34 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\Zylom [2012/12/31 13:24:18 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Local\Zylom Games [2012/12/27 12:43:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2012/12/27 12:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2012/12/27 12:43:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2012/12/27 12:43:18 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2012/12/27 12:43:18 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2012/12/18 12:50:55 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2012/12/18 11:58:48 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\Hoyle FaceCreator [2012/12/18 11:58:36 | 000,000,000 | ---D | C] -- C:\Users\computer\AppData\Roaming\Hoyle [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/01/14 08:29:22 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/01/14 08:29:22 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/01/14 08:29:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1140067203-3630092783-3749488201-1000UA.job [2013/01/14 08:26:42 | 000,727,310 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/01/14 08:26:42 | 000,624,606 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/01/14 08:26:42 | 000,106,724 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/01/14 08:22:17 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_computer.job [2013/01/14 08:22:15 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/01/14 08:22:04 | 000,000,320 | ---- | M] () -- C:\Windows\tasks\vymosa.job [2013/01/14 08:22:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/01/14 08:21:55 | 2214,027,264 | -HS- | M] () -- C:\hiberfil.sys [2013/01/14 08:17:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/01/14 08:09:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/01/14 06:52:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1140067203-3630092783-3749488201-1000UA.job [2013/01/13 23:29:00 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1140067203-3630092783-3749488201-1000Core.job [2013/01/13 21:57:04 | 000,001,112 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/01/13 21:55:55 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_computer.job [2013/01/13 21:55:55 | 000,000,378 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_computer.job [2013/01/13 15:52:22 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1140067203-3630092783-3749488201-1000Core.job [2013/01/13 15:01:36 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013/01/09 19:13:48 | 000,000,344 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForcomputer.job [2013/01/09 13:40:35 | 000,118,784 | RHS- | M] () -- C:\Windows\SysWow64\atimpc32C.dll [2013/01/09 05:27:41 | 005,110,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/01/04 11:13:01 | 000,065,718 | ---- | M] () -- C:\Users\computer\Documents\Scan.jpg [2012/12/27 12:43:58 | 000,001,782 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/01/13 21:57:04 | 000,001,112 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2013/01/13 17:47:24 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_computer.job [2013/01/13 17:47:19 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_computer.job [2013/01/13 17:47:08 | 000,000,378 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_computer.job [2013/01/10 11:10:38 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013/01/10 11:10:38 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013/01/10 11:10:38 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013/01/10 11:10:38 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013/01/10 11:10:38 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013/01/09 13:40:35 | 000,118,784 | RHS- | C] () -- C:\Windows\SysWow64\atimpc32C.dll [2013/01/09 13:40:35 | 000,000,320 | ---- | C] () -- C:\Windows\tasks\vymosa.job [2013/01/04 11:13:01 | 000,065,718 | ---- | C] () -- C:\Users\computer\Documents\Scan.jpg [2012/12/27 12:43:58 | 000,001,782 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2012/08/21 17:28:35 | 000,000,023 | ---- | C] () -- C:\Users\computer\jagexappletviewer.preferences [2012/04/21 18:52:41 | 000,000,047 | ---- | C] () -- C:\Users\computer\jagex_cl_runescape_LIVE.dat [2012/04/21 18:52:41 | 000,000,024 | ---- | C] () -- C:\Users\computer\random.dat [2012/04/09 08:23:44 | 000,007,597 | ---- | C] () -- C:\Users\computer\AppData\Local\Resmon.ResmonCfg [2012/04/08 10:29:16 | 000,000,600 | ---- | C] () -- C:\Users\computer\AppData\Roaming\winscp.rnd [2011/12/24 07:37:34 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011/12/20 13:20:58 | 000,000,174 | ---- | C] () -- C:\Windows\game.ini [2011/12/18 11:17:59 | 000,000,000 | -HS- | C] () -- C:\Users\computer\.pr_stat_data [2011/11/12 15:11:17 | 000,000,132 | ---- | C] () -- C:\Users\computer\AppData\Roaming\Adobe PNG Format CS5 Prefs [2011/08/30 12:15:46 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys [2011/07/05 11:52:38 | 000,170,081 | ---- | C] () -- C:\Windows\hpoins14.dat [2011/07/05 11:52:38 | 000,001,498 | ---- | C] () -- C:\Windows\hpomdl14.dat [2011/04/15 16:19:34 | 000,743,066 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011/03/11 20:51:06 | 000,230,752 | ---- | C] () -- C:\Windows\patchw32.dll [2011/03/11 20:51:06 | 000,118,176 | ---- | C] () -- C:\Windows\patchw.dll [2011/02/10 10:41:49 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/02/04 04:29:32 | 000,001,280 | ---- | C] () -- C:\Users\computer\Command Prompt.lnk ========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 00:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 23:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 20:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 20:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012/12/21 10:02:13 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\.minecraft [2011/10/09 00:17:07 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\Ableton [2011/12/12 15:13:02 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\Atari [2012/09/11 07:59:14 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\Audacity [2013/01/12 18:59:04 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\BitTorrent [2011/09/17 12:33:19 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\CheckPoint [2012/12/18 15:56:20 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\DAEMON Tools Lite [2011/12/18 10:53:29 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\Dev-Cpp [2012/10/30 22:58:18 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\fltk.org [2011/07/28 13:56:14 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\GetRightToGo [2012/12/18 12:24:26 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\Hoyle [2012/12/18 12:03:02 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\Hoyle FaceCreator [2012/10/18 09:38:00 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\LockHunter [2011/06/12 16:32:11 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\LolClient [2011/09/17 12:33:22 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\MailFrontier [2011/12/18 11:17:08 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\NewspaperDirect [2011/12/18 11:42:41 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\No Company Name [2013/01/12 17:39:52 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\QuickScan [2011/12/31 17:24:13 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\redsn0w [2011/10/24 14:33:02 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\SharePod [2013/01/08 05:04:24 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\SoftGrid Client [2012/10/06 15:49:55 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\StepMania 5 [2012/06/06 13:02:27 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\SystemRequirementsLab [2011/04/15 16:20:39 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\TP [2012/05/09 22:07:21 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\TypingMaster7 [2011/02/05 05:44:19 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\WinBatch [2012/05/13 21:01:28 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\WindSolutions [2012/12/31 13:24:36 | 000,000,000 | ---D | M] -- C:\Users\computer\AppData\Roaming\Zylom ========== Purity Check ========== < End of report >

Nope.

I did reset it. And restarted the computer.

pages load if I go directly to the address. But most search terms fail to load when I click a link.

pages haven't even loaded this morning. The only reason I made it to this blog is because it is bookmarked.

yes.

All Of them.

that is done.

-------------------------------Rkill---------------------------------- Rkill 2.4.5 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/13/2013 06:40:58 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Disabled * Security Center (wscsvc) is not Running. Startup Type set to: Disabled Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost Program finished at: 01/13/2013 06:41:06 PM Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s) ---------------------------------Minitoolbox--------------------------- MiniToolBox by Farbar Version:10-01-2013 Ran by computer (administrator) on 13-01-2013 at 18:42:44 Running from "C:\Users\computer\Downloads\steps 3" Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= 127.0.0.1 localhost ========================= IP Configuration: ================================ Realtek PCIe FE Family Controller = Local Area Connection (Connected) # ---------------------------------- # IPv4 Configuration # ---------------------------------- pushd interface ipv4 reset set global popd # End of IPv4 configuration Windows IP Configuration Host Name . . . . . . . . . . . . : computer-HP Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : hsd1.vt.comcast.net. Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : hsd1.vt.comcast.net. Description . . . . . . . . . . . : Realtek PCIe FE Family Controller Physical Address. . . . . . . . . : D4-85-64-17-55-0F DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::504:a156:b13:442a%11(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.1.101(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Sunday, January 13, 2013 5:46:05 PM Lease Expires . . . . . . . . . . : Monday, January 14, 2013 5:46:05 PM Default Gateway . . . . . . . . . : 192.168.1.1 DHCP Server . . . . . . . . . . . : 192.168.1.1 DHCPv6 IAID . . . . . . . . . . . : 265586020 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-99-41-AC-D4-85-64-17-55-0F DNS Servers . . . . . . . . . . . : 75.75.75.75 75.75.76.76 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter isatap.hsd1.vt.comcast.net.: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : hsd1.vt.comcast.net. Description . . . . . . . . . . . : Microsoft ISATAP Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1067:14ce:3f57:fe9a(Preferred) Link-local IPv6 Address . . . . . : fe80::1067:14ce:3f57:fe9a%10(Preferred) Default Gateway . . . . . . . . . : :: NetBIOS over Tcpip. . . . . . . . : Disabled Tunnel adapter 6TO4 Adapter: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Microsoft 6to4 Adapter Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Server: cdns01.comcast.net Address: 75.75.75.75 Name: google.com Addresses: 2607:f8b0:4006:800::1003 173.194.43.3 173.194.43.4 173.194.43.0 173.194.43.2 173.194.43.14 173.194.43.7 173.194.43.5 173.194.43.9 173.194.43.8 173.194.43.6 173.194.43.1 Pinging google.com [173.194.43.6] with 32 bytes of data: Reply from 173.194.43.6: bytes=32 time=28ms TTL=55 Reply from 173.194.43.6: bytes=32 time=26ms TTL=55 Ping statistics for 173.194.43.6: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 26ms, Maximum = 28ms, Average = 27ms Server: cdns01.comcast.net Address: 75.75.75.75 Name: yahoo.com Addresses: 72.30.38.140 98.139.183.24 98.138.253.109 Pinging yahoo.com [98.138.253.109] with 32 bytes of data: Reply from 98.138.253.109: bytes=32 time=147ms TTL=51 Reply from 98.138.253.109: bytes=32 time=60ms TTL=51 Ping statistics for 98.138.253.109: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 60ms, Maximum = 147ms, Average = 103ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms =========================================================================== Interface List 11...d4 85 64 17 55 0f ......Realtek PCIe FE Family Controller 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 10...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.101 276 192.168.1.101 255.255.255.255 On-link 192.168.1.101 276 192.168.1.255 255.255.255.255 On-link 192.168.1.101 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.101 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.101 276 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 10 58 ::/0 On-link 1 306 ::1/128 On-link 10 58 2001::/32 On-link 10 306 2001:0:4137:9e76:1067:14ce:3f57:fe9a/128 On-link 11 276 fe80::/64 On-link 10 306 fe80::/64 On-link 11 276 fe80::504:a156:b13:442a/128 On-link 10 306 fe80::1067:14ce:3f57:fe9a/128 On-link 1 306 ff00::/8 On-link 10 306 ff00::/8 On-link 11 276 ff00::/8 On-link =========================================================================== Persistent Routes: None ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (01/13/2013 04:33:28 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Error: (01/13/2013 00:32:17 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (01/12/2013 06:34:29 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/12/2013 11:03:53 AM) (Source: System Restore) (User: ) Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x8007043c). Error: (01/12/2013 11:03:53 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007043c, This service cannot be started in Safe Mode . Operation: Instantiating VSS server Error: (01/12/2013 11:03:53 AM) (Source: VSS) (User: ) Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode. The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode ] Operation: Instantiating VSS server Error: (01/12/2013 11:02:30 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (01/12/2013 09:48:35 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (01/11/2013 01:29:08 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3. The value "*" of attribute "language" in element "assemblyIdentity" is invalid. Error: (01/11/2013 00:02:21 PM) (Source: CVHSVC) (User: ) Description: Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved System errors: ============= Error: (01/13/2013 06:06:44 PM) (Source: Disk) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR4. Error: (01/13/2013 05:46:13 PM) (Source: Service Control Manager) (User: ) Description: The AVG WatchDog service terminated with service-specific error %%-536805315. Error: (01/13/2013 05:46:13 PM) (Source: Service Control Manager) (User: ) Description: The AVG E-mail Scanner service depends on the AVG WatchDog service which failed to start because of the following error: %%1066 Error: (01/13/2013 05:46:08 PM) (Source: Service Control Manager) (User: ) Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: %%2 Error: (01/13/2013 05:46:00 PM) (Source: Application Popup) (User: ) Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/13/2013 05:46:00 PM) (Source: Application Popup) (User: ) Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (01/13/2013 05:40:47 PM) (Source: Service Control Manager) (User: ) Description: The AVG E-mail Scanner service depends on the AVG WatchDog service which failed to start because of the following error: %%1066 Error: (01/13/2013 05:40:45 PM) (Source: Service Control Manager) (User: ) Description: The AVG WatchDog service terminated with service-specific error %%-536805315. Error: (01/13/2013 05:40:38 PM) (Source: Service Control Manager) (User: ) Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: %%2 Error: (01/13/2013 05:40:30 PM) (Source: Application Popup) (User: ) Description: \SystemRoot\SysWow64\drivers\libusb0.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Microsoft Office Sessions: ========================= Error: (01/13/2013 04:33:28 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe Error: (01/13/2013 00:32:17 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (01/12/2013 06:34:29 PM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\computer\Downloads\esetsmartinstaller_enu.exe Error: (01/12/2013 11:03:53 AM) (Source: System Restore)(User: ) Description: C:\Windows\system32\wbem\wmiprvse.exeComboFix created restore point0x8007043c Error: (01/12/2013 11:03:53 AM) (Source: VSS)(User: ) Description: CoCreateInstance0x8007043c, This service cannot be started in Safe Mode Operation: Instantiating VSS server Error: (01/12/2013 11:03:53 AM) (Source: VSS)(User: ) Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, This service cannot be started in Safe Mode Operation: Instantiating VSS server Error: (01/12/2013 11:02:30 AM) (Source: SideBySide)(User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\computer\Downloads\esetsmartinstaller_enu.exe Error: (01/12/2013 09:48:35 AM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (01/11/2013 01:29:08 PM) (Source: SideBySide)(User: ) Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8 Error: (01/11/2013 00:02:21 PM) (Source: CVHSVC)(User: ) Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved CodeIntegrity Errors: =================================== Date: 2013-01-13 15:01:10.939 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-01-13 15:01:10.798 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-01-11 12:06:51.786 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-01-11 12:06:51.647 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-01-10 11:18:10.095 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-01-10 11:18:09.955 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2011-12-18 11:54:33.149 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2011-12-18 11:54:33.102 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2011-12-18 11:54:33.039 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2011-12-18 11:54:32.993 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. =========================== Installed Programs ============================ 64 Bit HP CIO Components Installer (Version: 7.2.8) 7-Zip 9.20 Adobe AIR (Version: 2.6.0.19140) Adobe Anchor Service CS3 (Version: 1.0) Adobe Asset Services CS3 (Version: 3) Adobe Bridge CS3 (Version: 2) Adobe Bridge Start Meeting (Version: 1.0) Adobe Camera Raw 4.0 (Version: 4.0) Adobe CMaps (Version: 1.0) Adobe Color - Photoshop Specific (Version: 1.0) Adobe Color Common Settings (Version: 1.0) Adobe Color EU Extra Settings (Version: 1.0) Adobe Color JA Extra Settings (Version: 1.0) Adobe Color NA Recommended Settings (Version: 1.0) Adobe Community Help (Version: 3.5.23) Adobe Default Language CS3 (Version: 1.0) Adobe Device Central CS3 (Version: 1.0) Adobe ExtendScript Toolkit 2 (Version: 2.0) Adobe Flash Player 11 ActiveX (Version: 11.5.502.146) Adobe Flash Player 11 Plugin (Version: 11.5.502.146) Adobe Fonts All (Version: 1.0) Adobe Help Viewer CS3 (Version: 1) Adobe Linguistics CS3 (Version: 3.0.0) Adobe Media Player (Version: 1.8) Adobe PDF Library Files (Version: 8.0) Adobe Photoshop CS3 (Version: 10) Adobe Photoshop CS3 (Version: 10.0) Adobe Reader X (10.1.4) (Version: 10.1.4) Adobe Setup (Version: 1.0) Adobe Shockwave Player 11.6 (Version: 11.6.3.633) Adobe Stock Photos CS3 (Version: 1.5) Adobe Type Support (Version: 1.0) Adobe Update Manager CS3 (Version: 5.1.0) Adobe Version Cue CS3 Client (Version: 3) Adobe WinSoft Linguistics Plugin (Version: 1.0) Adobe XMP Panels CS3 (Version: 1.0) AIO_Scan (Version: 130.0.365.000) Akamai NetSession Interface Akamai NetSession Interface Service Apple Application Support (Version: 2.3.2) Apple Mobile Device Support (Version: 6.0.1.3) Apple Software Update (Version: 2.1.3.127) ArcSoft Magic-i Visual Effects 2 (Version: 2.0.11.80) ArcSoft WebCam Companion 3 (Version: 3.0.8.186) ATI Catalyst Install Manager (Version: 3.0.774.0) Axife Mouse Recorder DEMO 5.01 Bonjour (Version: 3.0.0.10) BufferChm (Version: 130.0.331.000) CamStudio OSS Desktop Recorder (Version: 2.6 Beta r294) Catalyst Control Center - Branding (Version: 1.00.0000) Catalyst Control Center Core Implementation (Version: 2010.0511.2153.37435) Catalyst Control Center Graphics Full Existing (Version: 2010.0511.2153.37435) Catalyst Control Center Graphics Full New (Version: 2010.0511.2153.37435) Catalyst Control Center Graphics Light (Version: 2010.0511.2153.37435) Catalyst Control Center Graphics Previews Vista (Version: 2010.0511.2153.37435) Catalyst Control Center InstallProxy (Version: 2010.0511.2153.37435) Catalyst Control Center Localization All (Version: 2010.0511.2153.37435) ccc-core-static (Version: 2010.0511.2153.37435) ccc-utility64 (Version: 2010.0511.2153.37435) CCC Help Chinese Standard (Version: 2010.0511.2152.37435) CCC Help Chinese Traditional (Version: 2010.0511.2152.37435) CCC Help Czech (Version: 2010.0511.2152.37435) CCC Help Danish (Version: 2010.0511.2152.37435) CCC Help Dutch (Version: 2010.0511.2152.37435) CCC Help English (Version: 2010.0511.2152.37435) CCC Help Finnish (Version: 2010.0511.2152.37435) CCC Help French (Version: 2010.0511.2152.37435) CCC Help German (Version: 2010.0511.2152.37435) CCC Help Greek (Version: 2010.0511.2152.37435) CCC Help Hungarian (Version: 2010.0511.2152.37435) CCC Help Italian (Version: 2010.0511.2152.37435) CCC Help Japanese (Version: 2010.0511.2152.37435) CCC Help Korean (Version: 2010.0511.2152.37435) CCC Help Norwegian (Version: 2010.0511.2152.37435) CCC Help Polish (Version: 2010.0511.2152.37435) CCC Help Portuguese (Version: 2010.0511.2152.37435) CCC Help Russian (Version: 2010.0511.2152.37435) CCC Help Spanish (Version: 2010.0511.2152.37435) CCC Help Swedish (Version: 2010.0511.2152.37435) CCC Help Thai (Version: 2010.0511.2152.37435) CCC Help Turkish (Version: 2010.0511.2152.37435) CCleaner (Version: 3.25) Copy (Version: 130.0.428.000) DAEMON Tools Lite (Version: 4.45.1.0236) Defraggler (remove only) Destinations (Version: 130.0.0.0) DeviceDiscovery (Version: 130.0.465.000) DJ_AIO_ProductContext (Version: 130.0.365.000) DJ_AIO_Software (Version: 130.0.365.000) DJ_AIO_Software_min (Version: 130.0.365.000) ESET Online Scanner v3 F4100 (Version: 130.0.365.000) F4100_Help (Version: 90.0.222.000) Facebook Video Calling 1.2.0.287 (Version: 1.2.287) GEAR driver installer for AMD64 and Intel EM64T (Version: 2.003.1) Google Chrome (Version: 23.0.1271.97) Google Earth (Version: 6.1.0.5001) Google Update Helper (Version: 1.3.21.123) GPBaseService2 (Version: 130.0.371.000) HP Customer Experience Enhancements (Version: 6.0.1.7) HP Customer Participation Program 13.0 (Version: 13.0) HP Deskjet 1050 J410 series Basic Device Software (Version: 22.50.231.0) HP Deskjet 1050 J410 series Help (Version: 140.0.66.66) HP Deskjet 1050 J410 series Product Improvement Study (Version: 22.50.231.0) HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (Version: 13.0) HP Imaging Device Functions 13.0 (Version: 13.0) HP MediaSmart SmartMenu (Version: 3.1.1.12) HP MediaSmart/TouchSmart Netflix (Version: 1.0.3.0) HP Odometer (Version: 2.10.0000) HP Photosmart Essential 3.5 (Version: 3.5) HP Product Detection (Version: 11.14.0001) HP Setup (Version: 8.1.4186.3400) HP Smart Web Printing 4.51 (Version: 4.51) HP Solution Center 13.0 (Version: 13.0) HP Support Information (Version: 10.1.0002) HP Update (Version: 5.002.006.003) HP Vision Hardware Diagnostics (Version: 2.1.2.27173) HP Webcam User's Guide HPPhotoGadget (Version: 130.0.282.000) HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000) HPPhotosmartEssential (Version: 2.04.0000) HPProductAssistant (Version: 130.0.371.000) iTunes (Version: 11.0.1.12) Java 7 Update 10 (64-bit) (Version: 7.0.100) Java 7 Update 7 (Version: 7.0.70) Java Auto Updater (Version: 2.1.9.0) Java 6 Update 24 (Version: 6.0.240) Java 6 Update 31 (Version: 6.0.310) Junk Mail filter update (Version: 14.0.8089.726) KODAK Share Button App (Version: 4.03.0000.0000) Lernout & Hauspie TruVoice American English TTS Engine LibUSB-Win32-0.1.10.1 (Version: 0.1.10.1) MarketResearch (Version: 130.0.374.000) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Choice Guard (Version: 2.0.48.0) Microsoft Office 2010 (Version: 14.0.4763.1000) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000) Microsoft Office Starter 2010 - English (Version: 14.0.4763.1000) Microsoft PowerPoint Viewer (Version: 14.0.6029.1000) Microsoft Silverlight (Version: 5.1.10411.0) Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0) Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053) Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053) Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053) Microsoft_VC90_ATL_x86 (Version: 1.00.0000) Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000) Microsoft_VC90_CRT_x86 (Version: 1.00.0000) Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000) Microsoft_VC90_MFC_x86 (Version: 1.00.0000) Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000) MixMeister BPM Analyzer 1.0 MixMeister Studio Demo 7.4.4 Mozilla Firefox 7.0.1 (x86 en-US) (Version: 7.0.1) MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0) MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0) MSXML4 Parser (Version: 1.0.0) NVIDIA PhysX (Version: 9.11.1107) PDF Complete Special Edition (Version: 3.5.111) PDF Settings (Version: 1.0) PeerBlock 1.1 (r518) (Version: 1.1.0.518) PlayReady PC Runtime amd64 (Version: 1.3.0) PressReader (Version: 5.10.621.0) QuickTime (Version: 7.69.80.9) RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0) RealPlayer (Version: 15.0.4) Realtek High Definition Audio Driver (Version: 6.0.1.6196) RealUpgrade 1.1 (Version: 1.1.0) Recovery Manager (Version: 5.5.2926) Scan (Version: 13.0.0.0) Skype Toolbars (Version: 5.0.4137) Skype™ 6.0 (Version: 6.0.126) SmartSound Common Data (Version: 1.1.0) SmartSound Premiere Elements 10 x64 Plugin (Version: 5.70.0001) SmartWebPrinting (Version: 130.0.457.000) SolutionCenter (Version: 130.0.373.000) Speakonia (Version: 1.0.3.5) Spybot - Search & Destroy (Version: 1.6.2) Status (Version: 130.0.469.000) swMSM (Version: 12.0.0.1) System Requirements Lab CYRI (Version: 4.5.1.0) Toolbox (Version: 130.0.648.000) TrayApp (Version: 130.0.422.000) TypingMaster Pro (Version: 7.00) UnloadSupport (Version: 11.0.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1) VLC media player 1.0.1 (Version: 1.0.1) WebReg (Version: 130.0.132.017) Windows Driver Package - Eastman Kodak KODAK Digital Camera (01/29/2010 1.4.1.0) (Version: 01/29/2010 1.4.1.0) Windows Live Communications Platform (Version: 14.0.8064.206) Windows Live Essentials (Version: 14.0.8089.0726) Windows Live Essentials (Version: 14.0.8089.726) Windows Live Mail (Version: 14.0.8089.0726) Windows Live Messenger (Version: 14.0.8089.0726) Windows Live Photo Gallery (Version: 14.0.8081.709) Windows Live Sync (Version: 14.0.8089.726) Windows Live Upload Tool (Version: 14.0.8014.1029) Windows Live Writer (Version: 14.0.8089.0726) Windows Media Player Firefox Plugin (Version: 1.0.0.8) Windows Mobile Device Updater Component (Version: 04.07.1407.00) Windows Movie Maker 2.6 (Version: 2.6.4037.0) WinRAR archiver WinSCP 4.3.7 (Version: 4.3.7) YTD Video Downloader 3.9.4 Zune (Version: 04.07.1404.01) Zune Language Pack (DEU) (Version: 04.07.1404.01) Zune Language Pack (ESP) (Version: 04.07.1404.01) Zune Language Pack (FRA) (Version: 04.07.1404.01) Zune Language Pack (ITA) (Version: 04.07.1404.01) Zune Language Pack (NLD) (Version: 04.07.1404.01) Zune Language Pack (PTB) (Version: 04.07.1404.01) Zune Language Pack (PTG) (Version: 04.07.1404.01) ========================= Devices: ================================ Name: Microsoft ISATAP Adapter Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Name: USB Mass Storage Device Description: USB Mass Storage Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Compatible USB storage device Service: USBSTOR Name: Link-Layer Topology Discovery Mapper I/O Driver Description: Link-Layer Topology Discovery Mapper I/O Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: lltdio Name: System board Description: System board Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: TCP/IP Registry Compatibility Description: TCP/IP Registry Compatibility Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: tcpipreg Name: WAN Miniport (IPv6) Description: WAN Miniport (IPv6) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbhub Name: PEAUTH Description: PEAUTH Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: PEAUTH Name: Microsoft Teredo Tunneling Adapter Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Name: Generic volume shadow copy Description: Generic volume shadow copy Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf} Manufacturer: Microsoft Service: Name: Motherboard resources Description: Motherboard resources Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: ACPI x64-based PC Description: ACPI x64-based PC Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard computers) Service: \Driver\ACPI_HAL Name: Standard OpenHCD USB Host Controller Description: Standard OpenHCD USB Host Controller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbohci Name: Common Log (CLFS) Description: Common Log (CLFS) Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: CLFS Name: PCI standard host CPU bridge Description: PCI standard host CPU bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: NetIO Legacy TDI Support Driver Description: NetIO Legacy TDI Support Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: tdx Name: Motherboard resources Description: Motherboard resources Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: WAN Miniport (PPPOE) Description: WAN Miniport (PPPOE) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasPppoe Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbhub Name: HP Deskjet 1050 J410 series Description: HP Deskjet 1050 J410 series Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318} Manufacturer: Hewlett-Packard Service: Name: File as Volume Driver Description: File as Volume Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: blbdrive Name: Motherboard resources Description: Motherboard resources Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: CNG Description: CNG Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: CNG Name: Generic volume Description: Generic volume Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Name: Generic volume shadow copy Description: Generic volume shadow copy Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf} Manufacturer: Microsoft Service: Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbhub Name: WAN Miniport (PPTP) Description: WAN Miniport (PPTP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: PptpMiniport Name: QoS Packet Scheduler Description: QoS Packet Scheduler Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Psched Name: Motherboard resources Description: Motherboard resources Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: Composite Bus Enumerator Description: Composite Bus Enumerator Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: CompositeBus Name: Mount Point Manager Description: Mount Point Manager Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: mountmgr Name: Motherboard resources Description: Motherboard resources Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbhub Name: WAN Miniport (SSTP) Description: WAN Miniport (SSTP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasSstp Name: Standard OpenHCD USB Host Controller Description: Standard OpenHCD USB Host Controller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbohci Name: PCI standard host CPU bridge Description: PCI standard host CPU bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: System Attribute Cache Description: System Attribute Cache Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: discache Name: Generic volume Description: Generic volume Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Name: Windows Firewall Authorization Driver Description: Windows Firewall Authorization Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: mpsdrv Name: Numeric data processor Description: Numeric data processor Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: VgaSave Description: VgaSave Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: VgaSave Name: Generic volume shadow copy Description: Generic volume shadow copy Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf} Manufacturer: Microsoft Service: Name: Generic- Multi-Card USB Device Description: Disk drive Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard disk drives) Service: disk Name: RDPCDD Description: RDPCDD Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: RDPCDD Name: AMD Athlon II X2 250 Processor Description: AMD Processor Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65} Manufacturer: Advanced Micro Devices Service: AmdPPM Name: HID Keyboard Device Description: HID Keyboard Device Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard keyboards) Service: kbdhid Name: Terminal Server Keyboard Driver Description: Terminal Server Keyboard Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: TermDD Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbhub Name: LDDM Graphics Subsystem Description: LDDM Graphics Subsystem Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: DXGKrnl Name: ACPI Power Button Description: ACPI Power Button Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: G:\ Description: Multi-Card Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: Generic- Service: WUDFRd Name: Dynamic Volume Manager Description: Dynamic Volume Manager Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: volmgrx Name: Terminal Server Mouse Driver Description: Terminal Server Mouse Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: TermDD Name: RDP Encoder Mirror Driver Description: RDP Encoder Mirror Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: RDPENCDD Name: USB Input Device Description: USB Input Device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: (Standard system devices) Service: HidUsb Name: Microsoft Windows Management Interface for ACPI Description: Microsoft Windows Management Interface for ACPI Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: WmiAcpi Name: High Definition Audio Controller Description: High Definition Audio Controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HDAudBus Name: Standard OpenHCD USB Host Controller Description: Standard OpenHCD USB Host Controller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbohci Name: PCI standard host CPU bridge Description: PCI standard host CPU bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: Plug and Play Software Device Enumerator Description: Plug and Play Software Device Enumerator Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: swenum Name: Storage volumes Description: Storage volumes Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: volsnap Name: HID-compliant device Description: HID-compliant device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: (Standard system devices) Service: Name: Microsoft ACPI-Compliant System Description: Microsoft ACPI-Compliant System Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: ACPI Name: Reflector Display Driver used to gain access to graphics data Description: Reflector Display Driver used to gain access to graphics data Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: RDPREFMP Name: DAEMON Tools Virtual Bus Description: DAEMON Tools Virtual Bus Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: DT Soft Ltd Service: dtsoftbus01 Name: Ancillary Function Driver for Winsock Description: Ancillary Function Driver for Winsock Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: AFD Name: Remote Access IPv6 ARP Driver Description: Remote Access IPv6 ARP Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Wanarpv6 Name: Generic PnP Monitor Description: Generic PnP Monitor Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard monitor types) Service: monitor Name: USB Composite Device Description: USB Composite Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbccgp Name: Link-Layer Topology Discovery Responder Description: Link-Layer Topology Discovery Responder Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: rspndr Name: UMBus Root Bus Enumerator Description: UMBus Root Bus Enumerator Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: umbus Name: AMD Athlon II X2 250 Processor Description: AMD Processor Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65} Manufacturer: Advanced Micro Devices Service: AmdPPM Name: Generic volume Description: Generic volume Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Name: amdkmdag Description: amdkmdag Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: amdkmdag Name: Microsoft Virtual Drive Enumerator Driver Description: Microsoft Virtual Drive Enumerator Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: vdrvroot Name: Kernel Mode Driver Frameworks service Description: Kernel Mode Driver Frameworks service Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Wdf01000 Name: ATI I/O Communications Processor PCI Bus Controller Description: ATI I/O Communications Processor PCI Bus Controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: ATI Service: pci Name: HID-compliant consumer control device Description: HID-compliant consumer control device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: Microsoft Service: Name: Standard OpenHCD USB Host Controller Description: Standard OpenHCD USB Host Controller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbohci Name: PCI standard host CPU bridge Description: PCI standard host CPU bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: Sftfs Description: Sftfs Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Sftfs Name: HP Deskjet 1050 J410 series (USB) Description: HP Deskjet 1050 J410 series (USB) Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Hewlett-Packard Service: usbscan Name: amdsata Description: amdsata Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: amdsata Name: msisadrv Description: msisadrv Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: msisadrv Name: Volume Manager Description: Volume Manager Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: volmgr Name: WFP Lightweight Filter Description: WFP Lightweight Filter Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: WfpLwf Name: Sftplay Description: Sftplay Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Sftplay Name: hp DVD A DH16ABLH SATA CdRom Device Description: CD-ROM Drive Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard CD-ROM drives) Service: cdrom Name: SanDisk Gigaware USB Device Description: Disk drive Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard disk drives) Service: disk Name: AMD PCI Express (3GIO) Filter Description: AMD PCI Express (3GIO) Filter Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: AtiPcie Name: Winsock IFS Driver Description: Winsock IFS Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ws2ifsl Name: USB Printing Support Description: USB Printing Support Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Microsoft Service: usbprint Name: Generic volume shadow copy Description: Generic volume shadow copy Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf} Manufacturer: Microsoft Service: Name: ATI I/O Communications Processor SMBus Controller Description: ATI I/O Communications Processor SMBus Controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: ATI Service: Name: PCI standard ISA bridge Description: PCI standard ISA bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: msisadrv Name: PCI standard PCI-to-PCI bridge Description: PCI standard PCI-to-PCI bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: pci Name: NDIS System Driver Description: NDIS System Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: NDIS Name: ACPI Fixed Feature Button Description: ACPI Fixed Feature Button Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: User Mode Driver Frameworks Platform Driver Description: User Mode Driver Frameworks Platform Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: WudfPf Name: Sftvol Description: Sftvol Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Sftvol Name: NDProxy Description: NDProxy Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: NDProxy Name: USB Mass Storage Device Description: USB Mass Storage Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: Compatible USB storage device Service: USBSTOR Name: Generic volume shadow copy Description: Generic volume shadow copy Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf} Manufacturer: Microsoft Service: Name: Programmable interrupt controller Description: Programmable interrupt controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: Hitachi HDS721064CLA332 SATA Disk Device Description: Disk drive Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard disk drives) Service: disk Name: X6va003 Description: X6va003 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: X6va003 Name: Security Processor Loader Driver Description: Security Processor Loader Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: spldr Name: AMD SATA Controller Description: AMD SATA Controller Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318} Manufacturer: AMD Service: amdsata Name: ATI Radeon 3000 Graphics Description: ATI Radeon 3000 Graphics Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318} Manufacturer: ATI Technologies Inc. Service: amdkmdap Name: System timer Description: System timer Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: PCI standard PCI-to-PCI bridge Description: PCI standard PCI-to-PCI bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: pci Name: X6va008 Description: X6va008 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: X6va008 Name: USB Composite Device Description: USB Composite Device Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbccgp Name: Generic volume Description: Generic volume Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Name: NETBT Description: NETBT Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: NetBT Name: Bitlocker Drive Encryption Filter Driver Description: Bitlocker Drive Encryption Filter Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: fvevol Name: High precision event timer Description: High precision event timer Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: F:\ Description: Gigaware Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a} Manufacturer: SanDisk Service: WUDFRd Name: Microsoft System Management BIOS Driver Description: Microsoft System Management BIOS Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: mssmbios Name: HTTP Description: HTTP Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: HTTP Name: USB Input Device Description: USB Input Device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: (Standard system devices) Service: HidUsb Name: WAN Miniport (IKEv2) Description: WAN Miniport (IKEv2) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasAgileVpn Name: Direct memory access controller Description: Direct memory access controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: UMBus Enumerator Description: UMBus Enumerator Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: umbus Name: Standard Enhanced PCI to USB Host Controller Description: Standard Enhanced PCI to USB Host Controller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbehci Name: PCI standard host CPU bridge Description: PCI standard host CPU bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: Realtek PCIe FE Family Controller Description: Realtek PCIe FE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8167 Name: NSI proxy service driver. Description: NSI proxy service driver. Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: nsiproxy Name: Hardware Policy Driver Description: Hardware Policy Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: hwpolicy Name: HID-compliant mouse Description: HID-compliant mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: mouhid Name: System speaker Description: System speaker Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: WAN Miniport (L2TP) Description: WAN Miniport (L2TP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: Rasl2tp Name: DTSOFT Virtual CdRom Device Description: CD-ROM Drive Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard CD-ROM drives) Service: cdrom Name: KSecDD Description: KSecDD Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: KSecDD Name: USB Input Device Description: USB Input Device Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da} Manufacturer: (Standard system devices) Service: HidUsb Name: UMBus Enumerator Description: UMBus Enumerator Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: umbus Name: AMD PCI Express (3GIO) Filter Driver Description: AMD PCI Express (3GIO) Filter Driver Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Advanced Micro Devices Inc Service: pci Name: WAN Miniport (Network Monitor) Description: WAN Miniport (Network Monitor) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Name: Beep Description: Beep Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Beep Name: Null Description: Null Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Null Name: KSecPkg Description: KSecPkg Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: KSecPkg Name: Standard Enhanced PCI to USB Host Controller Description: Standard Enhanced PCI to USB Host Controller Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbehci Name: PCI standard host CPU bridge Description: PCI standard host CPU bridge Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: Microsoft 6to4 Adapter Description: Microsoft 6to4 Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Name: System CMOS/real time clock Description: System CMOS/real time clock Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard system devices) Service: Name: TCP/IP Protocol Driver Description: TCP/IP Protocol Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Tcpip Name: Realtek High Definition Audio Description: Realtek High Definition Audio Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: IntcAzAudAddService Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: usbhub Name: WAN Miniport (IP) Description: WAN Miniport (IP) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: NdisWan Name: Generic volume Description: Generic volume Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f} Manufacturer: Microsoft Service: volsnap Name: Performance Counters for Windows Driver Description: Performance Counters for Windows Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: pcw ========================= Memory info: =================================== Percentage of memory in use: 41% Total physical RAM: 2815.29 MB Available physical RAM: 1659.9 MB Total Pagefile: 5628.76 MB Available Pagefile: 3901.43 MB Total Virtual: 4095.88 MB Available Virtual: 3957.73 MB ========================= Partitions: ===================================== 1 Drive c: (OS) (Fixed) (Total:584.01 GB) (Free:478.73 GB) NTFS 2 Drive d: (HP_RECOVERY) (Fixed) (Total:12.06 GB) (Free:1.44 GB) NTFS 4 Drive f: () (Removable) (Total:7.47 GB) (Free:1.02 GB) FAT32 ========================= Users: ======================================== User accounts for \\COMPUTER-HP Administrator computer Guest ========================= Minidump Files ================================== No minidump file found **** End of log **** ---------------------------------Farbar Service Scanner------------------------------- Farbar Service Scanner Version: 05-01-2013 Ran by computer (administrator) on 13-01-2013 at 18:44:06 Running from "C:\Users\computer\Downloads\steps 3" Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Attempt to access Google IP returned error. Google IP is offline Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ wscsvc Service is not running. Checking service configuration: The start type of wscsvc service is set to Disabled. The default start type is Auto. The ImagePath of wscsvc service is OK. The ServiceDll of wscsvc service is OK. Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ Other Services: ============== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****

MY windows security service center can not also be started. Registry updates such as disablecmd , disabletskmanager , no drives , load, run and changes to my homepages popped up on spybot. I had denied the changes though because they did not sound like healthy changes to my registry. And last time I accepted the changes none of my USB ports were working and I had to system restore to a few days earlier.

Restarted my computer. Did a Google search. Still infected.

I have not had any re directions since this afternoon. I'd like to keep this thread open for another day or so though because in the past the infection seemed to be good at returning.