Jump to content

Can't remove searchnu from Mozilla Firefox

jemcubed
 Share

Recommended Posts

jemcubed

jemcubed

Posted
Posted

I am copying in my OTL and Extra log outputs below. Please review and hopefully send me a fix.

Thank you,

OTL LOG:

OTL logfile created on: 4/23/2012 4:08:52 PM - Run 1

OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\John\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.99 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 41.68% Memory free

11.98 Gb Paging File | 6.85 Gb Available in Paging File | 57.16% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 457.06 Gb Total Space | 271.19 Gb Free Space | 59.33% Space Free | Partition Type: NTFS

Drive E: | 298.31 Gb Total Space | 271.99 Gb Free Space | 91.18% Space Free | Partition Type: NTFS

Drive F: | 297.86 Gb Total Space | 243.43 Gb Free Space | 81.73% Space Free | Partition Type: NTFS

Computer Name: JOLEE | User Name: John | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --

PRC - [2012/04/23 16:07:16 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe

PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2012/03/21 14:56:18 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2012/03/13 05:37:52 | 003,331,872 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\LeighAnne\AppData\Local\Akamai\netsession_win.exe

PRC - [2011/12/06 06:17:56 | 001,694,608 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe

PRC - [2011/10/27 23:42:30 | 000,273,528 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

PRC - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe

PRC - [2011/06/09 14:06:06 | 000,507,624 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

PRC - [2011/06/01 19:06:40 | 000,014,088 | ---- | M] (Memeo) -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe

PRC - [2011/04/23 22:17:26 | 001,994,936 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayAlert.exe

PRC - [2011/04/23 22:17:26 | 000,098,488 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe

PRC - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe

PRC - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

PRC - [2010/10/12 14:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe

PRC - [2010/02/16 12:10:46 | 000,308,640 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Common Files\Panasonic\HD Writer AutoStart\HDWriterAutoStart.exe

PRC - [2009/12/29 17:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe

PRC - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2009/08/17 21:09:54 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

PRC - [2009/07/21 17:06:26 | 000,554,224 | ---- | M] (Dell Inc.) -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe

PRC - [2009/07/21 17:06:26 | 000,189,680 | ---- | M] (SingleClick Systems) -- C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe

PRC - [2009/07/06 09:12:26 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

PRC - [2009/06/24 17:21:38 | 000,409,744 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2009/06/11 00:23:46 | 005,730,304 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe

PRC - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Program Files\Dell\DellDock\DockLogin.exe

PRC - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

PRC - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) -- C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe

PRC - [2008/08/31 12:02:04 | 001,519,168 | ---- | M] (UltraVNC) -- C:\ProgramData\UltraVNC\winvnc.exe

PRC - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe

PRC - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe

========== Modules (No Company Name) ==========

MOD - [2011/04/23 22:18:10 | 000,100,208 | ---- | M] () -- C:\Windows\SysWOW64\FAIEExtension.dll

MOD - [2011/04/23 22:17:32 | 000,062,136 | ---- | M] () -- C:\Windows\SysWOW64\FAib.dll

MOD - [2011/04/23 22:16:44 | 000,250,552 | ---- | M] () -- C:\Windows\SysWOW64\FACrashRpt.dll

MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

MOD - [2009/12/15 21:14:22 | 000,498,160 | ---- | M] () -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2009/06/06 10:24:20 | 000,450,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\apache\ioncube_loader_win_5.2.dll

MOD - [2009/06/01 12:37:50 | 002,076,672 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\apache\libmysql.dll

MOD - [2008/01/18 01:17:16 | 000,073,782 | ---- | M] () -- C:\Program Files (x86)\Common Files\Dell\apache\bin\zlib1.dll

========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/06/09 14:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)

SRV:64bit: - [2009/08/17 21:09:52 | 000,868,128 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2009/08/14 14:15:42 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009/07/17 13:06:22 | 000,033,280 | ---- | M] () [Auto | Running] -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE -- (wltrysvc)

SRV:64bit: - [2009/07/16 06:47:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_fd9b60625db011f9\stacsv64.exe -- (STacSV)

SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV:64bit: - [2009/06/09 10:11:14 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)

SRV:64bit: - [2007/02/12 20:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Windows\SysNative\drivers\o2flash.exe -- (O2FLASH)

SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012/03/27 19:04:47 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_6c825ce.dll -- (Akamai)

SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)

SRV - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)

SRV - [2011/06/01 19:06:40 | 000,014,088 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe -- (SeagateDashboardService)

SRV - [2011/04/23 22:17:08 | 002,412,728 | ---- | M] (Sensible Vision ) [Auto | Running] -- C:\Program Files (x86)\Sensible Vision\Fast Access\FAService.exe -- (FAService)

SRV - [2010/11/02 22:06:06 | 000,365,336 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe -- (AVP)

SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)

SRV - [2010/07/08 16:22:32 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackupPro\MemeoBackgroundService.exe -- (MemeoBackgroundService)

SRV - [2010/04/08 21:47:17 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)

SRV - [2010/04/08 21:46:26 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010/04/08 21:45:35 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)

SRV - [2010/04/08 21:33:20 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)

SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009/07/21 17:06:26 | 000,554,224 | ---- | M] (Dell Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Dell\Advanced Networking Service\hnm_svc.exe -- (hnmsvc)

SRV - [2009/07/21 17:06:26 | 000,189,680 | ---- | M] (SingleClick Systems) [Auto | Running] -- C:\Program Files (x86)\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe -- (dsl-fs-sync)

SRV - [2009/07/16 06:47:00 | 000,240,128 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_fd9b60625db011f9\STacSV64.exe -- (STacSV)

SRV - [2009/07/06 09:12:26 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

SRV - [2009/06/11 00:23:46 | 005,730,304 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Dell\MySQL\bin\mysqld.exe -- (dsl-db)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/05/14 18:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

SRV - [2008/12/10 01:10:14 | 000,024,636 | ---- | M] (Apache Software Foundation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Dell\apache\bin\httpd.exe -- (Apache2.2)

SRV - [2008/08/31 12:02:04 | 001,519,168 | ---- | M] (UltraVNC) [Auto | Running] -- C:\ProgramData\UltraVNC\winvnc.exe -- (uvnc_service)

SRV - [2007/06/15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)

SRV - [2006/12/19 19:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/05/22 15:44:12 | 000,020,752 | ---- | M] (Mobile Stream) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\easytthr.sys -- (easytether)

DRV:64bit: - [2011/05/07 14:24:12 | 000,556,120 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)

DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011/02/16 18:23:46 | 000,074,240 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)

DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 07:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/06/23 09:10:56 | 000,344,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2010/06/09 16:44:00 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)

DRV:64bit: - [2010/06/09 16:43:56 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (Kl1)

DRV:64bit: - [2010/04/22 18:07:36 | 000,027,736 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)

DRV:64bit: - [2010/04/19 19:32:38 | 000,828,912 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)

DRV:64bit: - [2010/04/19 13:53:24 | 000,067,072 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evserial.sys -- (evserial) Virtual Serial Ports Driver (Eltima Softwate)

DRV:64bit: - [2010/04/19 13:53:24 | 000,032,768 | ---- | M] (ELTIMA Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\evsbc.sys -- (VSBC) Virtual Serial Bus Enumerator (Eltima Software)

DRV:64bit: - [2010/04/19 00:56:56 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)

DRV:64bit: - [2010/04/14 01:01:44 | 000,054,824 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009/11/02 19:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)

DRV:64bit: - [2009/09/18 06:33:00 | 000,023,912 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Acceler.sys -- (Acceler)

DRV:64bit: - [2009/08/14 16:30:14 | 006,201,856 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2009/07/24 18:49:00 | 000,119,312 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)

DRV:64bit: - [2009/07/17 13:06:20 | 000,022,520 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)

DRV:64bit: - [2009/07/17 13:06:18 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2009/07/16 06:47:00 | 000,487,936 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)

DRV:64bit: - [2009/07/09 03:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/07/01 12:46:52 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009/07/01 12:46:48 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2009/07/01 12:46:40 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2009/06/26 16:23:30 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2009/06/15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2009/06/10 17:22:14 | 000,034,640 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\packet.sys -- (Packet)

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/22 21:18:20 | 000,069,152 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\o2mdgx64.sys -- (O2MDGRDR)

DRV:64bit: - [2009/04/07 15:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2009/01/09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)

DRV:64bit: - [2008/09/24 21:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\facap.sys -- (FACAP)

DRV:64bit: - [2008/06/27 07:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)

DRV:64bit: - [2006/08/25 14:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)

DRV - [2009/12/29 17:35:40 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/04/08 20:35:41] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD DX\000.fcl -- ({1E444BE9-B8EC-4ce6-8C2B-6536FB7F4FB7})

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/06/10 17:21:26 | 000,027,472 | ---- | M] (SingleClick Systems) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\packet.sys -- (Packet)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE:64bit: - HKLM\..\SearchScopes\{589836BA-6167-46DC-A5BF-F5FF87546F38}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKLM\..\SearchScopes\{3BBBD80B-986B-4909-8F7C-817E01A82EAB}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/

IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}

IE - HKCU\..\SearchScopes\{1D6B48CC-281B-4EE3-BA67-00854BE7A54C}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

IE - HKCU\..\SearchScopes\{212F61FB-002D-4E55-98E6-954BF891142B}: "URL" = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8

IE - HKCU\..\SearchScopes\{7B8D3830-336B-40DC-851E-8AA30D4248A6}: "URL" = http://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}

IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=102&systemid=406&sr=0&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search Results"

FF - prefs.js..browser.search.order.1: "Search Results"

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24

FF - prefs.js..extensions.enabledItems: fassoxpcom@sensiblevision.com:1.29

FF - prefs.js..extensions.enabledItems: virtualKeyboard@kaspersky.ru:11.0.2.579

FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:11.0.2.579

FF - prefs.js..extensions.enabledItems: KavAntiBanner@Kaspersky.ru:11.0.2.579

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7

FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q="

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.669: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.669: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\John\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010/05/06 13:23:40 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fassoxpcom@sensiblevision.com: C:\Program Files (x86)\Sensible Vision\Fast Access\xpcom_fasso\ [2011/05/21 23:29:27 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru [2011/05/31 21:02:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru [2011/05/31 21:02:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru [2011/05/31 21:02:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011/10/27 23:42:54 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/21 14:56:18 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/12/06 21:51:08 | 000,000,000 | ---D | M]

[2012/01/08 22:46:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Extensions

[2012/03/13 17:46:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1bgjx7yk.default\extensions

[2012/01/08 22:45:56 | 000,002,519 | ---- | M] () -- C:\Users\John\AppData\Roaming\Mozilla\Firefox\Profiles\1bgjx7yk.default\searchplugins\Search_Results.xml

[2012/01/29 12:23:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2012/01/29 12:23:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011/05/07 14:25:51 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak

[2011/05/07 14:25:48 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak

[2012/03/21 14:56:18 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2010/03/27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll

[2011/11/10 06:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012/03/21 14:56:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/01/08 22:45:56 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml

[2012/03/21 14:56:16 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Search Results (Enabled)

CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&appid=102&systemid=406&sr=0&q={searchTerms}

CHR - default_search_provider: suggest_url =

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\John\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\17.0.963.79\pdf.dll

CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.2.8_0\plugins/screen_capture.dll

CHR - plugin: Skype Toolbars (Enabled) = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U30 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Contribute CS5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npContribute.dll

CHR - plugin: RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll

CHR - plugin: RealPlayer HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

CHR - plugin: RealNetworks Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: Unity Player (Enabled) = C:\Users\John\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.2.8_0\

CHR - Extension: YouTube = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: TV for Google Chrome\u2122 = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\1.5.0_0\

CHR - Extension: Skype Click to Call = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\

CHR - Extension: Numerics Calculator & Converter = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe\4.3.4_0\

CHR - Extension: Gmail = C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)

O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)

O2:64bit: - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\x64\FAIESSO.dll (Sensible Vision )

O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)

O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Face recognition web login for FastAccess) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files (x86)\Sensible Vision\Fast Access\FAIESSO.dll (Sensible Vision )

O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)

O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()

O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()

O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [broadcom Wireless Manager UI] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)

O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)

O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)

O4:64bit: - HKLM..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [FAStartup] File not found

O4 - HKLM..\Run: [FATrayAlert] C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe (Sensible Vision )

O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [startCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [updReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)

O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)

O4 - HKCU..\Run: [Artisan 837(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHOA.EXE /FU "C:\Users\John\AppData\Local\Temp\E_SD104.tmp" /EF "HKCU" File not found

O4 - HKCU..\Run: [DAEMON Tools Pro Agent] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)

O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10w_Plugin.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()

O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found

O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)

O9 - Extra Button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://zone.msn.com/bingame/popcaploader_v10.cab (PopCapLoader Object)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.67.222.222 208.67.220.220

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3C8F45F2-DC36-48D3-8E4A-6F7632BE31EA}: DhcpNameServer = 208.67.222.222 208.67.220.220

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{47EC2486-A256-4D66-86B7-4A51B3E87C92}: DhcpNameServer = 192.168.15.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll File not found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\x64\IEBHO.dll C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\datamngr.dll (Bandoo Media, inc)

O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\sbhook64.dll (Kaspersky Lab ZAO)

O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)

O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\sbhook.dll (Kaspersky Lab ZAO)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll) - File not found

O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)

O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll) - C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll ()

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/04/23 16:07:11 | 000,594,944 | ---- | C] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe

[2012/04/14 19:12:29 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/04/09 23:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook Setup Tool

[2012/04/09 23:49:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Starfield

[2012/04/06 10:28:09 | 000,000,000 | ---D | C] -- C:\Users\John\Desktop\card dump 4_12

[2012/04/01 18:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2011

[2012/03/25 20:23:02 | 000,000,000 | ---D | C] -- C:\Users\John\AppData\Local\{D0CFCD48-B112-433F-90A5-FD7AF03F5D05}

========== Files - Modified Within 30 Days ==========

[2012/04/23 16:20:03 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012/04/23 16:07:16 | 000,594,944 | ---- | M] (OldTimer Tools) -- C:\Users\John\Desktop\OTL.exe

[2012/04/23 15:48:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/04/23 10:39:46 | 000,019,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/04/23 10:39:46 | 000,019,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/04/23 10:35:29 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012/04/17 00:06:21 | 000,001,137 | ---- | M] () -- C:\Users\John\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk

[2012/04/16 22:15:34 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2012/04/16 21:57:44 | 000,783,354 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012/04/16 21:57:44 | 000,663,472 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012/04/16 21:57:44 | 000,122,308 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012/04/16 21:50:56 | 527,835,135 | -HS- | M] () -- C:\hiberfil.sys

[2012/04/15 15:21:42 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2012/04/14 19:12:31 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/04/09 23:50:53 | 000,000,832 | ---- | M] () -- C:\MemeoSendAddin

[2012/04/09 23:50:25 | 000,796,852 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012/04/01 18:35:10 | 000,000,469 | ---- | M] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

[2012/04/01 18:31:01 | 000,002,531 | ---- | M] () -- C:\Users\Public\Desktop\TurboTax 2011.lnk

========== Files Created - No Company Name ==========

[2012/04/01 18:31:15 | 000,000,469 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

[2012/04/01 18:31:01 | 000,002,531 | ---- | C] () -- C:\Users\Public\Desktop\TurboTax 2011.lnk

[2011/11/13 23:03:42 | 000,000,087 | ---- | C] () -- C:\Windows\EART837.ini

[2011/04/23 22:18:10 | 000,100,208 | ---- | C] () -- C:\Windows\SysWow64\FAIEExtension.dll

[2011/04/23 22:17:32 | 000,062,136 | ---- | C] () -- C:\Windows\SysWow64\FAib.dll

[2011/04/23 22:16:44 | 000,250,552 | ---- | C] () -- C:\Windows\SysWow64\FACrashRpt.dll

[2011/01/23 01:40:43 | 000,796,852 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== LOP Check ==========

[2010/12/19 01:14:17 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Amazon

[2011/02/20 02:08:34 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Canon

[2010/05/06 15:39:45 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\common files

[2010/04/19 20:46:53 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\DAEMON Tools Pro

[2012/04/15 22:02:09 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Epson

[2011/04/13 22:14:18 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\HW group

[2011/11/13 23:39:15 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Leader Technologies

[2011/11/13 23:35:29 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Leadertech

[2011/11/13 22:59:22 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Memeo

[2010/05/06 13:47:37 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PACE Anti-Piracy

[2010/12/24 16:25:14 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\PCDr

[2010/04/19 03:32:06 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Publish Providers

[2010/05/04 22:00:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Quicken WillMaker

[2011/01/23 04:21:56 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Rovio

[2011/08/26 10:45:55 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Seagate

[2010/04/19 03:32:04 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Sony

[2010/05/04 21:51:08 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Vso

[2010/12/21 19:26:38 | 000,000,000 | ---D | M] -- C:\Users\John\AppData\Roaming\Windows Live Writer

[2012/01/03 09:19:59 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\John\Documents\Cleanline Builld.avi:TOC.WMV

@Alternate Data Stream - 211 bytes -> C:\ProgramData\TEMP:DDE29E40

@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:5D432CE3

@Alternate Data Stream - 1247 bytes -> C:\Users\John\AppData\Local\z9KCxHkWQC:zDlZrB5HtSjyXsb6A4blkOAZD

@Alternate Data Stream - 1134 bytes -> C:\Users\John\AppData\Local\zpMHrKrfeq3C:GeWgI3oum9jcFb9HnEdU6Yv

< End of report >

Extras Log:

OTL Extras logfile created on: 4/23/2012 4:08:52 PM - Run 1

OTL by OldTimer - Version 3.2.41.0 Folder = C:\Users\John\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.99 Gb Total Physical Memory | 2.50 Gb Available Physical Memory | 41.68% Memory free

11.98 Gb Paging File | 6.85 Gb Available in Paging File | 57.16% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 457.06 Gb Total Space | 271.19 Gb Free Space | 59.33% Space Free | Partition Type: NTFS

Drive E: | 298.31 Gb Total Space | 271.99 Gb Free Space | 91.18% Space Free | Partition Type: NTFS

Drive F: | 297.86 Gb Total Space | 243.43 Gb Free Space | 81.73% Space Free | Partition Type: NTFS

Computer Name: JOLEE | User Name: John | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- "C:\Program Files (x86)\File Type Assistant\tsassist.exe" "%1" (Trusted Software ApS)

Directory [bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{07537D43-050A-4832-9435-851F6DD3B606}" = Memeo LifeAgent Explorer Extension

"{0D25F7CC-B99C-44ee-9945-B14532B2BB7B}" = Canon MP830

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{23170F69-40C1-2702-0913-000001000000}" = 7-Zip 9.13 (x64 edition)

"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java 6 Update 14 (64-bit)

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{66C10F29-31F0-4A9B-B2CF-465F488AE086}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit

"{6F42AB02-6626-45DE-AA69-E141FDB82CDF}" = Vegas Pro 9.0 (64-bit)

"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010

"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010

"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software

"{A3FAE73B-4474-4A1D-A343-2FE248F05265}" = EasyTether

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock

"{C7663280-83B4-4E21-838C-ACEEB4C61FA2}" = FastAccess

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{F325B47E-7592-7556-52F6-3D3D3842A028}" = ccc-utility64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility

"EPSON Artisan 837 Series" = EPSON Artisan 837 Series Printer Uninstall

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)

"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension

"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW® Graphics Suite X5

"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center

"{05886DF5-4816-0808-67D3-CC7583FF2412}" = CCC Help Spanish

"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport

"{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}" = Ghostscript GPL 8.64 (Msi Setup)

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0B41DC4A-DF1E-949F-5665-31483F2C72F4}" = Catalyst Control Center Graphics Previews Vista

"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0D961826-E722-B86D-7BA7-AA70A0B110C5}" = Catalyst Control Center Graphics Previews Common

"{0EA3F981-CC0C-E079-726E-CD0F7D23F2AA}" = Catalyst Control Center Localization All

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{10CE3DC0-A77E-7661-13F4-25D30BC113B2}" = Catalyst Control Center Graphics Full New

"{10E3F95B-22C9-4E1F-960D-C0BB5E889EB0}" = ClearView

"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator

"{1204CCB8-9A7D-3375-C8E0-6A4FA16A4036}" = CCC Help Chinese Traditional

"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1BC77CEF-C52F-4092-BF87-0D4E6B86D860}" = Memeo Share

"{1C11FFE1-50D3-B755-A8A7-8363385B4CA3}" = CCC Help Danish

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{21B8371C-9EBA-2CB4-E0A2-9DF0C4A074EC}" = Catalyst Control Center Core Implementation

"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data

"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA

"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications ® Core

"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java 6 Update 30

"{27A21358-02A7-B745-ABBE-25566FE9B397}" = Catalyst Control Center Graphics Full Existing

"{288DB08D-0708-4A94-B055-55B99E39EB62}" = Adobe Creative Suite 5 Master Collection

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{32778D4F-E904-E33E-0C48-15E672604D09}" = Catalyst Control Center InstallProxy

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{3444DB77-6D7A-9553-2EE1-60D2A4D003D3}" = CCC Help German

"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters

"{347DA8D7-B858-421e-A154-5F438A36F1A4}" = Memeo Backup Premium

"{34842CCC-AE14-61AE-C8FB-87FAD755B483}" = CCC Help Russian

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset

"{3D65CEB1-0709-43EB-D6CF-DB66D3FAB2D4}" = CCC Help Japanese

"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print

"{49F1C7D8-B6D5-448C-C9D5-F6C2E3889B16}" = CCC Help Norwegian

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper

"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module

"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension

"{53104B7F-FE3A-B641-1E46-89870E1A63D8}" = CCC Help Chinese Standard

"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect

"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5796F3D8-2679-4C14-94D4-5FA852D553E1}" = AVCHD converter

"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5E2E222D-D776-A325-362C-B95017148AB1}" = CCC Help Dutch

"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect

"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module

"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator

"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011

"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69533745-1E2D-4C98-8B4A-B7643EF9E1A2}" = Catalyst Control Center - Branding

"{6A6CD707-5B29-5069-B571-2778668C952F}" = CCC Help Finnish

"{6DEEA6A7-AC84-4C08-9944-E06E08DF98B4}" = TurboTax 2010 wctiper

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{75B7F766-7998-44d8-A202-F1EC76A121BA}" = Memeo AutoSync

"{75CE8AF5-0A5E-4A42-BC67-F83591DA9A7D}" = Sound Blaster X-Fi MB

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{816E3C02-DABF-1354-0B98-5E153F7DF79B}" = Skins

"{81784157-3D4D-4bc1-B988-B24C32A26DA8}" = Memeo Send

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync

"{856DC9B3-F770-9F58-E939-EBEB66C880C1}" = CCC Help Portuguese

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{87DF5956-A327-4304-8338-8E2B0AAB843E}" = BlackBerry Desktop Software 6.0.2

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager

"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010

"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010

"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010

"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010

"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010

"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010

"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010

"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010

"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010

"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010

"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010

"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010

"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUSR_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010

"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9D56904D-6C69-DA2A-F573-9F362C55CB6C}" = CCC Help Swedish

"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn

"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC4BDEB4-E06A-4605-B5D2-2FE6750681A5}" = HD Writer AE 2.1

"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6

"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn

"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5

"{B51C759D-20FD-A4B0-83D1-C4F45E60EC8B}" = CCC Help English

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B862DF65-94C8-6119-1096-2B230D7A6C0E}" = ccc-core-static

"{B9CB74A9-8C7C-16C1-D75A-199B4331CEC2}" = CCC Help French

"{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}" = Creative MediaSource 5

"{C3A11907-930D-41AC-A135-CC3B12F92011}" = Seagate Dashboard

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common

"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport

"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool

"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D16A31F9-276D-4968-A753-FFEAC56995D0}" = Epson Print CD

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D489B636-E9AB-C08A-ED7B-EA21B2D3D633}" = CCC Help Korean

"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications ® Core - English

"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.9.322

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DDDBB2E2-D331-1DB1-7FC0-AB896FDCA8AE}" = Catalyst Control Center Graphics Light

"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player

"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN

"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine

"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module

"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture

"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F66A31D9-7831-4FBA-BA02-C411C0047CC5}" = Dell Remote Access

"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint

"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset

"{FB2BED9C-50ED-F5C9-1475-B6C15D21C02A}" = CCC Help Italian

"{FDB97C1E-ADF2-43BA-B513-6BE144D977D7}" = TurboTax 2011 wctiper

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Akamai" = Akamai NetSession Interface Service

"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.10

"ANObrowse" = ANObrowse Client

"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0.2

"CanonMyPrinter" = Canon My Printer

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"CREATIVE KARAOKE PLAYER" = Creative Karaoke Player

"Dell Dock" = Dell Dock

"Dell Webcam Central" = Dell Webcam Central

"DVDFab 7_is1" = DVDFab 7.0.3.0 (26/03/2010)

"Easy-PhotoPrint EX" = Canon Easy-PhotoPrint EX

"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver

"EPSON Scanner" = EPSON Scan

"FMS" = FMS

"Google Chrome" = Google Chrome

"GoToAssist" = GoToAssist 8.0.0.514

"HWVSP3s_is1" = HW Virtual Serial Port 3.1.2 Single

"InstallShield_{07537D43-050A-4832-9435-851F6DD3B606}" = Memeo LifeAgent Explorer Extension

"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011

"LTCM Client" = LTCM Client

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400

"Mozilla Firefox 11.0 (x86 en-US)" = Mozilla Firefox 11.0 (x86 en-US)

"MP Navigator 2.2" = Canon MP Navigator 2.2

"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

"outlookset" = Outlook Setup Tool

"Quicken WillMaker Plus 2010" = Quicken WillMaker Plus 2010

"RealPlayer 12.0" = RealPlayer

"StartNow Toolbar" = StartNow Toolbar

"Super Internet TV (Premium Edition)_is1" = Super Internet TV v8.0 (Premium Edition)

"Trusted Software Assistant_is1" = File Type Assistant

"TurboTax 2010" = TurboTax 2010

"TurboTax 2011" = TurboTax 2011

"vGrabber (With RealPlayer)" = vGrabber (With RealPlayer)

"WaveStudio 7" = Creative WaveStudio 7

"Windows Searchqu Toolbar" = Windows iLivid Toolbar

"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"f031ef6ac137efc5" = Dell Driver Download Manager

"Super Internet TV (Free Edition)_is1" = Super Internet TV v8.1 (Free Edition)

"UnityWebPlayer" = Unity Web Player

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 9/2/2011 12:00:29 PM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/2/2011 10:22:56 PM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/2/2011 11:10:03 PM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/3/2011 12:00:16 AM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/3/2011 1:09:39 AM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/3/2011 2:02:57 AM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/3/2011 9:43:31 AM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/3/2011 10:10:19 AM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/3/2011 11:03:22 AM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

Error - 9/3/2011 12:06:31 PM | Computer Name = JoLee | Source = Microsoft-Windows-CAPI2 | ID = 4107

Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>

with error: A required certificate is not within its validity period when verifying

against the current system clock or the timestamp in the signed file. .

[ Broadcom Wireless LAN Events ]

Error - 2/28/2012 7:30:35 PM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 18:30:35, Tue, Feb 28, 12 Error - Unable to decode string, error 87

Error - 3/28/2012 8:51:58 AM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 08:51:58, Wed, Mar 28, 12 Error - Unable to decode string, error 87

Error - 3/30/2012 9:05:47 AM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 09:05:47, Fri, Mar 30, 12 Error - Unable to gain access to user store

Error - 3/31/2012 10:45:44 AM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 10:45:44, Sat, Mar 31, 12 Error - Unable to decode string, error 87

Error - 4/1/2012 3:25:29 PM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 15:25:28, Sun, Apr 01, 12 Error - Unable to gain access to user store

Error - 4/6/2012 10:24:26 AM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 10:24:26, Fri, Apr 06, 12 Error - Unable to decode string, error 87

Error - 4/6/2012 10:24:27 AM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 10:24:27, Fri, Apr 06, 12 Error - Unable to decode string, error 87

Error - 4/6/2012 11:31:41 PM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 23:31:41, Fri, Apr 06, 12 Error - Unable to decode string, error 87

Error - 4/8/2012 10:30:29 PM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 22:30:28, Sun, Apr 08, 12 Error - Unable to gain access to user store

Error - 4/13/2012 1:48:01 AM | Computer Name = JoLee | Source = WLAN-Tray | ID = 0

Description = 01:48:01, Fri, Apr 13, 12 Error - Unable to decode string, error 87

[ Media Center Events ]

Error - 10/25/2010 5:36:28 PM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 5:36:26 PM - Error connecting to the internet. 5:36:26 PM - Unable

to contact server..

Error - 10/26/2010 1:04:57 PM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 1:04:51 PM - Error connecting to the internet. 1:04:51 PM - Unable

to contact server..

Error - 10/26/2010 2:05:03 PM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 2:05:01 PM - Error connecting to the internet. 2:05:01 PM - Unable

to contact server..

Error - 10/26/2010 3:05:10 PM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 3:05:09 PM - Error connecting to the internet. 3:05:09 PM - Unable

to contact server..

Error - 10/26/2010 4:05:16 PM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 4:05:14 PM - Error connecting to the internet. 4:05:14 PM - Unable

to contact server..

Error - 11/28/2011 1:09:26 AM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 12:09:25 AM - Failed to retrieve Directory (Error: The underlying

connection was closed: An unexpected error occurred on a receive.)

Error - 11/28/2011 1:09:26 AM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 12:09:26 AM - Failed to retrieve NetTV (Error: The underlying connection

was closed: An unexpected error occurred on a receive.)

Error - 11/28/2011 1:09:27 AM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 12:09:27 AM - Failed to retrieve MCEClientUX (Error: The underlying

connection was closed: An unexpected error occurred on a receive.)

Error - 11/28/2011 1:09:27 AM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 12:09:27 AM - Failed to retrieve SportsSchedule (Error: The underlying

connection was closed: An unexpected error occurred on a receive.)

Error - 11/28/2011 1:09:28 AM | Computer Name = JoLee | Source = MCUpdate | ID = 0

Description = 12:09:27 AM - Failed to retrieve SportsV2 (Error: The underlying connection

was closed: An unexpected error occurred on a receive.)

[ System Events ]

Error - 4/18/2012 10:46:54 PM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/19/2012 9:35:10 AM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/19/2012 5:49:22 PM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/20/2012 12:01:42 AM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/20/2012 8:01:28 AM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/20/2012 9:43:02 PM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/20/2012 10:56:22 PM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/21/2012 8:54:51 AM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/22/2012 5:15:06 AM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

Error - 4/23/2012 3:48:08 PM | Computer Name = JoLee | Source = BTHUSB | ID = 327697

Description = The local Bluetooth adapter has failed in an undetermined manner and

will not be used. The driver has been unloaded.

< End of report >

Link to post
Share on other sites
MrCharlie

MrCharlie

Posted
Posted

Welcome to the forum

Please go to your control panels add/remove programs and uninstall these:

StartNow Toolbar

Windows iLivid Toolbar

Please do this:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following 

    :OTL
    PRC - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe
    SRV - [2011/07/27 07:06:44 | 000,267,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe -- (Updater Service for StartNow Toolbar)
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
    IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKLM\..\SearchScopes\{3BBBD80B-986B-4909-8F7C-817E01A82EAB}: "URL" = http://www.bing.com/...rc=IE-SearchBox
    IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
    IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
    IE - HKCU\..\SearchScopes\{1D6B48CC-281B-4EE3-BA67-00854BE7A54C}: "URL" = http://www.google.co...utputEncoding?}
    IE - HKCU\..\SearchScopes\{212F61FB-002D-4E55-98E6-954BF891142B}: "URL" = http://search.yahoo....rtPage?}&fr=ie8
    IE - HKCU\..\SearchScopes\{7B8D3830-336B-40DC-851E-8AA30D4248A6}: "URL" = http://rover.ebay.co...e={searchTerms}
    IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
    FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&appid=102&systemid=406&sr=0&q="
    O2 - BHO: (StartNow Toolbar Helper) - {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
    O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll ()
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc)
    O4 - HKLM..\Run: [FAStartup] File not found
    O20 - AppInit_DLLs: (C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll) - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc)
    :Commands
    [EMPTYJAVA]
    [emptytemp]


  • Then click the Run Fix button at the top
  • Let the program run unhindered, when done it will say "Fix Complete press ok to open the log"
  • Please post that log in your next reply. Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

----------------------------------------------------

CHR - default_search_provider: search_url = http://dts.search-re...q={searchTerms}

O2:64bit: - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)

For Google Chrome, you have to rest it manually:

http://forums.malwar...ndpost&p=530290

MrC

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.

  I accept