shelley123 Posted December 11, 2013 ID:763160 Share Posted December 11, 2013 Downloaded something and now all of my homepages are http://search.yahoo.com/?type=293224&fr=spigot-yhp-ff. Thanks in advance to whomever helps me and to everyone who volunteers their time to get people like me out of trouble.... DDS.txt: DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.25.2Run by slriegel at 23:01:51 on 2013-12-10Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3933.2206 [GMT -5:00].AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}AV: Trend Micro Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}SP: Trend Micro Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Trend Micro Personal Firewall *Disabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\ibmpmsvc.exeC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\WLANExt.exeC:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\taskhost.exeC:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeC:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exeC:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exeC:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exeC:\Windows\system32\taskeng.exec:\Program Files\Microsoft Mouse and Keyboard Center\itype.exec:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exeC:\Program Files (x86)\DDNI\DIBS\DDNIService.exeC:\Program Files\Intel\WiFi\bin\EvtEng.exeC:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exeC:\Program Files\LENOVO\HOTKEY\MICMUTE.exeC:\Windows\system32\lxbkcoms.exeC:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exec:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeC:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exeC:\Program Files\Trend Micro\Internet Security\SfCtlCom.exec:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exeC:\Program Files (x86)\Whilokii\updateWhilokii.exeC:\Program Files (x86)\Whilokii\bin\utilWhilokii.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXEC:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exeC:\Windows\system32\wbem\unsecapp.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exec:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exeC:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exeC:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exeC:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exeC:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeC:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exeC:\Program Files\Lenovo\HOTKEY\tpfnf6r.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Windows\System32\TpShocks.exeC:\Windows\System32\hkcmd.exeC:\Program Files\Lenovo\HOTKEY\TPONSCR.exeC:\Windows\System32\igfxpers.exeC:\Program Files\Lenovo\Zoom\TpScrex.exeC:\Windows\system32\igfxsrvc.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exeC:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exeC:\Program Files\Synaptics\SynTP\SynTPLpr.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exeC:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exeC:\Windows\system32\rundll32.exeC:\Program Files (x86)\Common Files\Corel\Standby\Standby.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Windows\system32\igfxext.exeC:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exeC:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exec:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Windows\system32\SearchProtocolHost.exec:\Program Files (x86)\Lenovo\System Update\SUService.exeC:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exeC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\svchost.exe -k SDRSVCC:\Windows\servicing\TrustedInstaller.exeC:\Windows\System32\svchost.exe -k swprvC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.mWinlogon: Userinit = userinit.exe,BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dllBHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllBHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllBHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllBHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllBHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLLBHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLLBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dlluRun: [Google Update] "C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe" /cuRun: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silentmRun: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitormRun: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /startmRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"mRun: [ideaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exemRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"mRun: [standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -STARTmRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exemRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbyloginmRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguimRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"mRun: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\25e8bc88-1d13-4e77-87cf-b060a91ae1a0.exe /checkmPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllIE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dllIE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dllIE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}TCP: NameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0} : DHCPNameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0}\05967676977237020516C6163656 : DHCPNameServer = 192.168.2.1TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0}\8686F6E6F62737 : DHCPNameServer = 192.168.6.1 64.134.255.2 64.134.255.10TCP: Interfaces\{116CBAD9-8656-4C89-8216-330969AACED0}\C696E6B6379737 : DHCPNameServer = 209.18.47.61 209.18.47.62TCP: Interfaces\{4CC2FB81-59C1-4E84-A1A0-3E323F826926} : DHCPNameServer = 209.18.47.61 209.18.47.62Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllHandler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLLHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllHandler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllLSA: Notification Packages = scecli ACGinax64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLLx64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLLx64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllx64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dllx64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exex64-Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exex64-Run: [LENOVO.TPFNF6R] C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exex64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exex64-Run: [TpShocks] TpShocks.exex64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exex64-Run: [Persistence] C:\Windows\System32\igfxpers.exex64-Run: [AcWin7Hlpr] C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exex64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [ufSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"x64-Run: [lxbkbmgr.exe] "C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe"x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dllx64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dllx64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>Hosts: 10.254.254.253 AFS.================= FIREFOX ===================.FF - ProfilePath - C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default\FF - prefs.js: browser.search.selectedEngine - YahooFF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dllFF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dllFF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLLFF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dllFF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dllFF - plugin: C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Users\slriegel\AppData\Roaming\Facebook\npfbplugin_1_0_3.dllFF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dllFF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dllFF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npicaN.dllFF - plugin: C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npo1d.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dllFF - plugin: C:\Windows\SysWOW64\npdeployJava1.dllFF - plugin: C:\Windows\SysWOW64\npmproxy.dll.============= SERVICES / DRIVERS ===============.R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2013-10-8 65336]R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2013-10-8 204880]R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-2-2 55280]R0 TPDIGIMN;TPDIGIMN;C:\Windows\System32\drivers\ApsHM64.sys [2009-6-29 23592]R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-1-13 1030952]R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-1-13 378944]R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\System32\drivers\smiifx64.sys [2009-7-16 15400]R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver;C:\Windows\System32\drivers\tmlwf.sys [2010-3-31 200720]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-1-13 33400]R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-1-13 80816]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-8 46808]R2 DDNIMSGService;DDNIMSGService;C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe [2010-7-20 171872]R2 DDNIService;DDNIService;C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe [2010-7-23 163680]R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2009-10-5 45424]R2 lxbk_device;lxbk_device;C:\Windows\System32\lxbkcoms.exe -service --> C:\Windows\System32\lxbkcoms.exe -service [?]R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-12-10 418376]R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-12-10 701512]R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-3-22 1907896]R2 tmpreflt;tmpreflt;C:\Windows\System32\drivers\tmpreflt.sys [2010-9-30 42576]R2 tmwfp;Trend Micro WFP Callout Driver;C:\Windows\System32\drivers\tmwfp.sys [2010-3-31 339984]R2 TPHKSVC;On Screen Display;C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe [2009-10-5 62320]R2 Update Whilokii;Update Whilokii;C:\Program Files (x86)\Whilokii\updateWhilokii.exe [2013-10-4 65304]R2 Util Whilokii;Util Whilokii;C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [2013-10-16 65304]R3 5U877;USB Video Device;C:\Windows\System32\drivers\5U877.sys [2010-2-2 161024]R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\System32\drivers\IntcHdmi.sys [2009-9-10 139264]R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2009-6-7 143320]R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-12-10 25928]R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-15 6952960]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-5 362992]S2 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [2009-8-5 309744]S2 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [2009-8-5 166384]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-31 48488]S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-22 1493352]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-1 111616]S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]S3 PCDSRVC{184E4FA0-DE8C26D4-06000000}_0;PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 - PCDR Kernel Mode Service Helper Driver;C:\progra~1\pc-doc~1\pcdsrvc_x64.pkms [2009-8-18 23536]S3 Power Manager DBC Service;Power Manager DBC Service;C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe [2010-2-2 75112]S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-5 313840]S3 RoxMediaDB10;RoxMediaDB10;C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-8-5 1124848]S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]S3 TmPfw;Trend Micro Personal Firewall;C:\Program Files\Trend Micro\Internet Security\TmPfw.exe [2010-3-31 595960]S3 TmProxy;Trend Micro Proxy Service;C:\Program Files\Trend Micro\Internet Security\TmProxy.exe [2010-3-31 917768]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-5-25 59392]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-2 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184].=============== Created Last 30 ================.2013-12-11 03:26:51 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys2013-12-11 03:26:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware2013-12-11 03:26:32 -------- d-----w- C:\Users\slriegel\AppData\Local\Programs2013-12-03 03:37:02 -------- d-----w- C:\Program Files (x86)\VideoLAN2013-11-20 02:55:57 872392 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe2013-11-15 14:59:24 1930752 ----a-w- C:\Windows\System32\authui.dll2013-11-15 14:58:57 404480 ----a-w- C:\Windows\System32\gdi32.dll2013-11-15 14:58:57 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll2013-11-15 14:58:29 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-11-15 14:58:29 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-11-15 14:58:29 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-11-15 14:58:28 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-11-15 14:58:28 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL.==================== Find3M ====================.2013-12-10 23:06:17 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-10 23:06:17 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll2013-10-04 02:28:31 190464 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll2013-10-04 02:25:17 197120 ----a-w- C:\Windows\System32\credui.dll2013-10-04 01:58:50 152576 ----a-w- C:\Windows\SysWow64\SmartcardCredentialProvider.dll2013-10-04 01:56:25 168960 ----a-w- C:\Windows\SysWow64\credui.dll2013-10-04 01:56:00 1796096 ----a-w- C:\Windows\SysWow64\authui.dll2013-09-28 01:09:10 497152 ----a-w- C:\Windows\System32\drivers\afd.sys2013-09-25 02:26:40 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys2013-09-25 02:26:40 154560 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys2013-09-25 02:23:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll2013-09-25 02:23:33 135680 ----a-w- C:\Windows\System32\sspicli.dll2013-09-25 02:23:01 28160 ----a-w- C:\Windows\System32\secur32.dll2013-09-25 02:22:59 340992 ----a-w- C:\Windows\System32\schannel.dll2013-09-25 02:21:50 307200 ----a-w- C:\Windows\System32\ncrypt.dll2013-09-25 02:21:07 1447936 ----a-w- C:\Windows\System32\lsasrv.dll2013-09-25 01:58:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll2013-09-25 01:57:26 22016 ----a-w- C:\Windows\SysWow64\secur32.dll2013-09-25 01:57:24 247808 ----a-w- C:\Windows\SysWow64\schannel.dll2013-09-25 01:56:42 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll2013-09-25 01:03:24 30720 ----a-w- C:\Windows\System32\lsass.exe.============= FINISH: 23:02:09.31 =============== Attach.txt file:.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 3/14/2010 1:48:18 PMSystem Uptime: 12/10/2013 10:46:54 PM (1 hours ago).Motherboard: LENOVO | | 2842FBUProcessor: Intel® Core2 Duo CPU T6570 @ 2.10GHz | U2E1 | 1197/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 455 GiB total, 279.252 GiB free.D: is CDROM ()Q: is FIXED (NTFS) - 10 GiB total, 2.299 GiB free..==== Disabled Device Manager Items =============.==== System Restore Points ===================.RP196: 11/16/2013 3:01:20 AM - Windows UpdateRP197: 11/25/2013 7:05:35 PM - Scheduled CheckpointRP198: 12/1/2013 3:09:51 AM - Windows UpdateRP199: 12/9/2013 6:13:19 PM - Scheduled Checkpoint.==== Installed Programs ======================. Registry Patch to arrange icons in Device and Printers folder of Windows 7 Update for Microsoft Office 2007 (KB2508958)2007 Microsoft Office systemAC3Filter 1.63bAccess HelpAdobe AIRAdobe Community HelpAdobe Flash Player 11 ActiveXAdobe Flash Player 11 PluginAdobe Photoshop CS5.1Adobe Reader X (10.1.8)Audacity 1.3.12 (Unicode)avast! Free AntivirusBisonCam Twain ProBusiness Contact Manager for Outlook 2007 SP2Citrix XenApp Web PluginContentsConvertHelper 2.2Corel VideoStudio Pro X3Create Recovery MediaD3DX10DeviceIODHTML Editing ComponentDIBSDirectX 9 RuntimeDivX Web PlayerExtended UpdateFacebook Plug-InFireflies Screensaver (remove only)FLV PlayerGIMP 2.6.10Google Talk PluginICAIntegrated Camera Driver Installer Package Ver.1.0.1.2Intel PROSet WirelessIntel® Graphics Media Accelerator DriverIntel® PROSet/Wireless WiFi SoftwareIntel® Matrix Storage ManagerInterVideo WinDVD 8IPM_VS_ProJava 7 Update 25Java Auto UpdaterJava 6 Update 16 (64-bit)Java 6 Update 32JMicron Flash Media Controller DriverJunk Mail filter updateLAME v3.98.2 for AudacityLenovo CentralLenovo Idea NotesLenovo System Interface DriverLenovo ThinkVantage ToolboxLenovo WelcomeLexmark X1100 SeriesMalwarebytes Anti-Malware version 1.75.0.1300Mesh RuntimeMessage Center PlusMessenger CompanionMicrosoft .NET Framework 4 Client ProfileMicrosoft Application Error ReportingMicrosoft Mouse and Keyboard CenterMicrosoft Office 2003 Web ComponentsMicrosoft Office 2007 Primary Interop AssembliesMicrosoft Office 2007 Service Pack 3 (SP3)Microsoft Office Access MUI (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2007Microsoft Office Enterprise 2007Microsoft Office Excel MUI (English) 2007Microsoft Office File Validation Add-InMicrosoft Office Groove MUI (English) 2007Microsoft Office Groove Setup Metadata MUI (English) 2007Microsoft Office InfoPath MUI (English) 2007Microsoft Office Office 64-bit Components 2007Microsoft Office OneNote MUI (English) 2007Microsoft Office Outlook ConnectorMicrosoft Office Outlook MUI (English) 2007Microsoft Office PowerPoint MUI (English) 2007Microsoft Office Professional Hybrid 2007Microsoft Office Professional Plus 2013 - en-usMicrosoft Office Proof (English) 2007Microsoft Office Proof (French) 2007Microsoft Office Proof (Spanish) 2007Microsoft Office Proofing (English) 2007Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)Microsoft Office Publisher MUI (English) 2007Microsoft Office Shared 64-bit MUI (English) 2007Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007Microsoft Office Shared MUI (English) 2007Microsoft Office Shared Setup Metadata MUI (English) 2007Microsoft Office Small Business Connectivity ComponentsMicrosoft Office Suite Activation AssistantMicrosoft Office Word MUI (English) 2007Microsoft Research AutoCollage Touch 2009Microsoft Search Enhancement PackMicrosoft SilverlightMicrosoft SQL Server 2005Microsoft SQL Server 2005 Compact Edition [ENU]Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)Microsoft SQL Server Native ClientMicrosoft SQL Server Setup Support Files (English)Microsoft SQL Server VSS WriterMicrosoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft WSE 3.0 RuntimeMicrosoft_VC80_ATL_x86Microsoft_VC80_ATL_x86_x64Microsoft_VC80_CRT_x86Microsoft_VC80_CRT_x86_x64Microsoft_VC80_MFC_x86Microsoft_VC80_MFC_x86_x64Microsoft_VC80_MFCLOC_x86Microsoft_VC80_MFCLOC_x86_x64Microsoft_VC90_ATL_x86Microsoft_VC90_ATL_x86_x64Microsoft_VC90_CRT_x86Microsoft_VC90_CRT_x86_x64Microsoft_VC90_MFC_x86Microsoft_VC90_MFC_x86_x64Microsoft_VC90_MFCLOC_x86Microsoft_VC90_MFCLOC_x86_x64MLEMobile Broadband ConnectMozilla Firefox 25.0.1 (x86 en-US)Mozilla Maintenance ServiceMSVCRTMSVCRT_amd64MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Office 15 Click-to-Run Extensibility ComponentOffice 15 Click-to-Run Licensing ComponentOffice 15 Click-to-Run Localization ComponentOn Screen DisplayPDF Settings CS5Pdf995Photo Pos ProPureHDRealtek 8136 8168 8169 Ethernet DriverRealtek High Definition Audio DriverRegistry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7Rescue and RecoveryRoxio Activation ModuleRoxio Central AudioRoxio Central CopyRoxio Central CoreRoxio Central DataRoxio Central ToolsRoxio Creator Small Business EditionRoxio Express Labeler 3SanctionedMediaSecurity Update for Microsoft .NET Framework 4 Client Profile (KB2160841)Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596754) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596792) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596825) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2596871) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597969) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2597973) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687309) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2687439) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760411) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760415) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760585) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2760591) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827326) 32-Bit EditionSecurity Update for Microsoft Office 2007 suites (KB2827329) 32-Bit EditionSecurity Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit EditionSecurity Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit EditionSecurity Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit EditionSecurity Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit EditionSecurity Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit EditionSecurity Update for Microsoft Office Word 2007 (KB2827330) 32-Bit EditionSetupShareShare64Skype Click to CallSkype™ 5.10SmartSound Common DataSmartSound Quicktracks 5Sonic CinePlayer Decoder PackSonic Icons for LenovoSystem Requirements Lab for IntelSystem UpdateThe Rosetta StoneThe Sims™ 3ThinkPad FullScreen MagnifierThinkPad Power Management DriverThinkPad Power ManagerThinkPad UltraNav DriverThinkPad UltraNav UtilityThinkVantage Access ConnectionsThinkVantage Active Protection SystemTrend Micro Internet SecurityUpdate for 2007 Microsoft Office System (KB967642)Update for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft Office 2007 Help for Common Features (KB963673)Update for Microsoft Office 2007 suites (KB2596620) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2687493) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767849) 32-Bit EditionUpdate for Microsoft Office 2007 suites (KB2767916) 32-Bit EditionUpdate for Microsoft Office Access 2007 Help (KB963663)Update for Microsoft Office Excel 2007 Help (KB963678)Update for Microsoft Office Infopath 2007 Help (KB963662)Update for Microsoft Office OneNote 2007 Help (KB963670)Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit EditionUpdate for Microsoft Office Outlook 2007 Help (KB963677)Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825642) 32-Bit EditionUpdate for Microsoft Office Powerpoint 2007 Help (KB963669)Update for Microsoft Office Publisher 2007 Help (KB963667)Update for Microsoft Office Script Editor Help (KB963671)Update for Microsoft Office Word 2007 Help (KB963665)VC80CRTRedist - 8.0.50727.762VD64InstVIOVLC media player 2.1.1VSClassicVSProWindows Driver Package - Intel hdc (06/04/2009 7.0.0.1013)Windows Driver Package - Intel System (06/04/2009 1.0.0.0002)Windows Driver Package - Lenovo 1.55 (08/18/2009 1.55)Windows Driver Package - Realtek Semiconductor Corp. HD Audio Driver (07/10/2009 6.0.1.5892)Windows Live Communications PlatformWindows Live EssentialsWindows Live Family SafetyWindows Live ID Sign-in AssistantWindows Live InstallerWindows Live Language SelectorWindows Live MailWindows Live MeshWindows Live Mesh ActiveX Control for Remote ConnectionsWindows Live MessengerWindows Live Messenger Companion CoreWindows Live MIME IFilterWindows Live Movie MakerWindows Live Photo CommonWindows Live Photo GalleryWindows Live PIMT PlatformWindows Live Remote ClientWindows Live Remote Client ResourcesWindows Live Remote ServiceWindows Live Remote Service ResourcesWindows Live SOXEWindows Live SOXE DefinitionsWindows Live SyncWindows Live UX PlatformWindows Live UX Platform Language PackWindows Live WriterWindows Live Writer ResourcesWindows Media Encoder 9 SeriesWindows Media Player Firefox PluginXvid Video Codec.==== End Of File =========================== Link to post Share on other sites More sharing options...
kevinf80 Posted December 11, 2013 ID:763243 Share Posted December 11, 2013 Hello and P2P/Piracy Warning: If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. Next, Download AdwCleaner by Xplode from here: http://www.bleepingcomputer.com/download/adwcleaner/ and save to your Desktop. Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator Click on the Scan button. AdwCleaner will begin...be patient as the scan may take some time to complete. When it's done you'll see: Pending: Uncheck any elements you don't want removed. Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review. Look over the log especially under Files/Folders for any program you want to save. If there's a program you want to save, just uncheck it from AdwCleaner. If you're not sure, post the log for review. If you're ready to clean it all up.....click the Clean button. After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically. Copy and paste the contents of that logfile in your next reply. A copy of that logfile will also be saved in the C:\AdwCleaner folder. Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine To restore an item that has been deleted (if necessary): Go to Tools > Quarantine Manager > check what you want restored > now click on Restore. Next, Download Zoek.zip from here www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop. Double click zip file and extract to your Desktop: you will now have 3 versions of the tool on the Desktop: Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html[/url Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open: Copy and paste the following script from the code box and paste into the field. standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp; Select the "Run Script" tab. The following window will open: Please be patient and do not use the PC when the scan is in progress. When complete you maybe asked to re-boot your PC, if so please do Post the produced logs in your next reply….. Link to post Share on other sites More sharing options...
shelley123 Posted December 12, 2013 Author ID:763855 Share Posted December 12, 2013 Zoek.exe Version 4.0.0.5 Updated 05-December-2013Tool run by slriegel on Wed 12/11/2013 at 22:26:17.43.Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64Running in: Normal Mode Internet Access DetectedLaunched: C:\Users\slriegel\Downloads\zoek\zoek.com [script inserted]==== System Restore Info ======================12/11/2013 10:29:25 PM Zoek.exe System Restore Point Created Succesfully.==== Deleting CLSID Registry Keys ======================HKEY_USERS\S-1-5-21-508312398-3781596095-3125048843-1003\Software\Microsoft\Internet Explorer\SearchScopes\{A059B14D-FEDC-4B90-8536-7498DE0CBA12} deleted successfullyHKEY_USERS\S-1-5-21-508312398-3781596095-3125048843-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfullyHKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfullyHKEY_CLASSES_ROOT\CLSID\{4086155B-7245-4538-9C82-F9983ECFC4A4} deleted successfully==== Deleting CLSID Registry Values ======================HKEY_USERS\S-1-5-21-508312398-3781596095-3125048843-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfullyHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfullyHKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC} deleted successfully==== Running Processes ======================C:\Program Files\AVAST Software\Avast\AvastSvc.exeC:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeC:\PROGRA~1\Lenovo\HOTKEY\tpnumlk.exeC:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exeC:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exeC:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exeC:\Program Files (x86)\DDNI\DIBS\DDNIService.exeC:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exeC:\Program Files\Lenovo\HOTKEY\tpfnf6r.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exeC:\Program Files\Lenovo\HOTKEY\TPONSCR.exeC:\Program Files\Lenovo\Zoom\TpScrex.exeC:\Program Files (x86)\Lexmark X1100 Series\LXBKbmgr.exeC:\Program Files (x86)\Lexmark X1100 Series\lxbkbmon.exeC:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exeC:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exeC:\Program Files\AVAST Software\Avast\AvastUI.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\LENOVO\HOTKEY\MICMUTE.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exec:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exec:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exeC:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeC:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exec:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exeC:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exeC:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exeC:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exeC:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exeC:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exeC:\Windows\SysWOW64\cmd.exec:\Program Files (x86)\Lenovo\System Update\SUService.exeC:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exeC:\Windows\SysWOW64\cmd.exeC:\Program Files (x86)\Common Files\Corel\Standby\Standby.exeC:\Windows\FIREFL~1.SCR==== Deleting Services ========================== FireFox Fix ======================ProfilePath: C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.defaultuser.js not found---- Lines spigot removed from prefs.js ----user_pref("browser.startup.homepage", "http://search.yahoo.com/?type=293224&fr=spigot-yhp-ff");---- FireFox user.js and prefs.js backups ----prefs_20131211_1044_.backup==== Deleting Files \ Folders ======================C:\found.000 deletedC:\Users\slriegel\Downloads\setup_av_free_cnet.exe deletedC:\Users\slriegel\AppData\LocalLow\DataMngr deleted"C:\Users\slriegel\AppData\Local\lof0n8u5xjhh" deleted"C:\ProgramData\lof0n8u5xjhh" deleted==== Registry Search Results for "standardsearch" ======================No instances of string "standardsearch" found.==== System Specs ======================Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)Memory (RAM): 3933 MBCPU Info: Intel® Core2 Duo CPU T6570 @ 2.10GHzCPU Speed: 2115.0 MHzSound Card: Speakers (Realtek High Definiti |Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display DriverMonitors: 1x; ThinkPad Display 1366x768 |Screen Resolution: 1366 X 768 - 32 bitNetwork: Network PresentNetwork Adapters: Intel® WiFi Link 1000 BGN | Realtek PCIe GBE Family Controller | Microsoft Loopback AdapterCD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GT30NPorts: COM Ports NOT Present. LPT Port NOT Present.Mouse: 5 Button Wheel Mouse PresentHard Disks: C: 454.8GB | Q: 9.8GBHard Disks - Free: C: 283.1GB | Q: 2.3GBManufacturer *: LENOVOBIOS Info: AT/AT COMPATIBLE | 10/19/09 | LENOVO - 1230Time Zone: Eastern Standard TimeMotherboard *: LENOVO 2842FBUCountry: United StatesLanguage: ENU==== System Specs (Software) ======================Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)Anti-Virus: Trend Micro Internet Security On-access scanning disabled (Outdated)Anti-Spyware: avast! Antivirus disabled (Outdated)Anti-Spyware: Trend Micro Internet Security disabled (Outdated)Anti-Spyware: Windows Defender disabled (Outdated)Firewall: Trend Micro Personal Firewall disabledDefault Browser: Firefox 25.0.1Internet Explorer Version: 11.0.9600.16428Mozilla Firefox version: 25.0.1 (x86 en-US)Adobe Reader version: 10.1.8.24Sun Java version: 1.7.0_25 (32-bit)Sun Java version: 1.6.0_16 (64-bit)Flash Player version: 11.9.900.170==== Files Recently Created / Modified ============================ C:\Windows ========== C:\Users\slriegel\AppData\Local\Temp ========== Java Cache =========== C:\Windows\SysWOW64 =====2013-12-01 08:12:58 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\SysWOW64\elshyph.dll2013-12-01 08:12:51 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll2013-12-01 08:12:51 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\SysWOW64\mshtml.dll2013-12-01 08:12:51 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe2013-12-01 08:12:51 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\SysWOW64\ieuinit.inf2013-12-01 08:12:51 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\SysWOW64\IEAdvpack.dll2013-12-01 08:12:51 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll2013-12-01 08:12:51 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\SysWOW64\inseng.dll2013-12-01 08:12:51 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\SysWOW64\html.iec2013-12-01 08:12:51 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\SysWOW64\url.dll2013-12-01 08:12:51 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll2013-12-01 08:12:51 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe2013-12-01 08:12:51 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\SysWOW64\ieapfltr.dat2013-12-01 08:12:51 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll2013-12-01 08:12:51 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb2013-12-01 08:12:51 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\SysWOW64\iertutil.dll2013-12-01 08:12:51 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\SysWOW64\wininet.dll2013-12-01 08:12:51 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\SysWOW64\mshtmler.dll2013-12-01 08:12:51 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\SysWOW64\jscript9.dll2013-12-01 08:12:51 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\SysWOW64\mshta.exe2013-12-01 08:12:51 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\SysWOW64\licmgr10.dll2013-12-01 08:12:51 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\SysWOW64\tdc.ocx2013-12-01 08:12:51 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\SysWOW64\jsIntl.dll2013-12-01 08:12:51 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\SysWOW64\iexpress.exe2013-12-01 08:12:51 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\SysWOW64\SetIEInstalledDate.exe2013-12-01 08:12:51 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\SysWOW64\iesysprep.dll2013-12-01 08:12:51 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl2013-12-01 08:12:51 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll2013-12-01 08:12:51 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\SysWOW64\jscript.dll2013-12-01 08:12:51 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\SysWOW64\msfeeds.dll2013-12-01 08:12:51 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\SysWOW64\imgutil.dll2013-12-01 08:12:51 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\SysWOW64\wextract.exe2013-12-01 08:12:51 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\SysWOW64\vbscript.dll2013-12-01 08:12:51 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll2013-12-01 08:12:51 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll2013-12-01 08:12:51 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll2013-12-01 08:12:51 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll2013-12-01 08:12:51 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\SysWOW64\msfeedsbs.dll2013-12-01 08:12:51 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\SysWOW64\msfeedssync.exe2013-12-01 08:12:51 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\SysWOW64\icardie.dll2013-12-01 08:12:51 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll2013-12-01 08:12:51 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\SysWOW64\pngfilt.dll2013-12-01 08:12:51 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll2013-12-01 08:12:51 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll2013-12-01 08:12:51 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll2013-12-01 08:12:51 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\SysWOW64\urlmon.dll2013-12-01 08:12:51 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll2013-12-01 08:12:51 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\SysWOW64\msls31.dll2013-12-01 08:12:51 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\SysWOW64\ieframe.dll2013-12-01 08:12:51 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\SysWOW64\iepeers.dll2013-12-01 08:12:51 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\SysWOW64\occache.dll2013-12-01 08:12:51 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\SysWOW64\dxtrans.dll2013-12-01 08:12:51 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\SysWOW64\webcheck.dll====== C:\Windows\SysWOW64\drivers =========== C:\Windows\Sysnative =====2013-12-01 08:16:16 2D01F001F8E45924E57B7BB77CF96BC2 28368 ----a-w- C:\Windows\Sysnative\IEUDINIT.EXE2013-12-01 08:12:58 344DA9D196C0D98A738289BB09CE4CF6 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe2013-12-01 08:12:51 8F7FBD0177F79727CF945ABDA657A0AC 235008 ----a-w- C:\Windows\Sysnative\elshyph.dll2013-12-01 08:12:51 6F1AF8E1206E92256459E3012C20472A 942592 ----a-w- C:\Windows\Sysnative\jsIntl.dll2013-12-01 08:12:51 43D9CE875F8FC8370C6BA2F74D50D01C 1394176 ----a-w- C:\Windows\Sysnative\urlmon.dll2013-12-01 08:12:51 4399857346DD183683332921500046B1 86016 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe2013-12-01 08:12:51 2EBD0C5B090125AECF017C57344C45AB 247808 ----a-w- C:\Windows\Sysnative\msls31.dll2013-12-01 08:12:50 FD61D51199F3FC9EB0023FBF405EAAD0 147968 ----a-w- C:\Windows\Sysnative\occache.dll2013-12-01 08:12:50 FB9459892AF2AD60BDA98F820C1A28C3 708608 ----a-w- C:\Windows\Sysnative\jscript9diag.dll2013-12-01 08:12:50 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\Sysnative\ieuinit.inf2013-12-01 08:12:50 F34C20D099CF94A606A2B5B0C668B570 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll2013-12-01 08:12:50 F00AE7B953ABEF1B53FBBA187DFC8238 243200 ----a-w- C:\Windows\Sysnative\webcheck.dll2013-12-01 08:12:50 EE10AB99A480875E012CA339EC48F02B 1228800 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll2013-12-01 08:12:50 E949B344680691F255C0E662D4B5BFF1 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe2013-12-01 08:12:50 E70D4270C43CE6C46841B684315B9EFF 62464 ----a-w- C:\Windows\Sysnative\pngfilt.dll2013-12-01 08:12:50 E6CB36B85BE59095337427E853A5B65A 2332160 ----a-w- C:\Windows\Sysnative\wininet.dll2013-12-01 08:12:50 E4A6577D74B2439974C8018AB5F1BFEA 13312 ----a-w- C:\Windows\Sysnative\msfeedssync.exe2013-12-01 08:12:50 E36FDC470352C8F351F31959619CADD8 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll2013-12-01 08:12:50 D6C88A6094D1FDAC56A186BBD7F06357 40448 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll2013-12-01 08:12:50 D36A88D22B843C3812B501434E5A67A0 817664 ----a-w- C:\Windows\Sysnative\ieapfltr.dll2013-12-01 08:12:50 D31AE751B6DACAFD0D7CC99EAE9606C2 131072 ----a-w- C:\Windows\Sysnative\IEAdvpack.dll2013-12-01 08:12:50 D233E1A32CE6AF918C9DE1BC44AFEB2A 23212032 ----a-w- C:\Windows\Sysnative\mshtml.dll2013-12-01 08:12:50 CE8831D2DCB5803A4CBC8EDCCBBC2A05 77312 ----a-w- C:\Windows\Sysnative\tdc.ocx2013-12-01 08:12:50 CC84F4E36AA96810AD766C88DD657ADB 626176 ----a-w- C:\Windows\Sysnative\msfeeds.dll2013-12-01 08:12:50 C92173481A58935BE15172079CF122B8 235520 ----a-w- C:\Windows\Sysnative\url.dll2013-12-01 08:12:50 C70F72684CDCF9BB142F50F98BB1DD9C 574976 ----a-w- C:\Windows\Sysnative\ieui.dll2013-12-01 08:12:50 C6ECA2F7A1B189025171E6A29F2605AA 453120 ----a-w- C:\Windows\Sysnative\dxtmsft.dll2013-12-01 08:12:50 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\Sysnative\ieapfltr.dat2013-12-01 08:12:50 BB6DEAFAC5F0AAEC37FEAF3F3AA48347 774144 ----a-w- C:\Windows\Sysnative\jscript.dll2013-12-01 08:12:50 B99C7CC6ED6917E3035A12171F40D240 5765120 ----a-w- C:\Windows\Sysnative\jscript9.dll2013-12-01 08:12:50 ADA5C3D49A12CED9F07913DC00E547A8 48128 ----a-w- C:\Windows\Sysnative\imgutil.dll2013-12-01 08:12:50 A8C830CABD7640EE8E6F0F1019F91E83 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll2013-12-01 08:12:50 9870EC900829595D191BB03C6C48B479 83968 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll2013-12-01 08:12:50 9675B272086CF5D22B83B541FAA8D4EA 30208 ----a-w- C:\Windows\Sysnative\licmgr10.dll2013-12-01 08:12:50 95951E6A277F78FA13A85F2F408F4C0B 12995584 ----a-w- C:\Windows\Sysnative\ieframe.dll2013-12-01 08:12:50 95828D670CFD3B16EE188168E083C3C5 13824 ----a-w- C:\Windows\Sysnative\mshta.exe2013-12-01 08:12:50 77FBE2E014EFB93FD037FA33AB8C7D6E 263376 ----a-w- C:\Windows\Sysnative\iedkcs32.dll2013-12-01 08:12:50 68899208A26E4522D25DBA87FF2E98D1 84992 ----a-w- C:\Windows\Sysnative\mshtmled.dll2013-12-01 08:12:50 612DC699EBF0AA1AAA065898D33B553A 1993728 ----a-w- C:\Windows\Sysnative\inetcpl.cpl2013-12-01 08:12:50 5FAC15F872026BBC31C11D3A32B84624 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll2013-12-01 08:12:50 5BECC17076F1806F60BB259B654FAC5C 195584 ----a-w- C:\Windows\Sysnative\msrating.dll2013-12-01 08:12:50 5BBDBE5EBB49EA7C76A2EE7490A45D68 101376 ----a-w- C:\Windows\Sysnative\inseng.dll2013-12-01 08:12:50 5A54ED24D5D42102A64904809215E0DC 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb2013-12-01 08:12:50 5141B67F14E2B6CBB6ADF851ABE364A5 90112 ----a-w- C:\Windows\Sysnative\SetIEInstalledDate.exe2013-12-01 08:12:50 46FD16F9B1924A2EA8CD5C6716CC654F 167424 ----a-w- C:\Windows\Sysnative\iexpress.exe2013-12-01 08:12:50 45152BA21450811F4619C9C1790E7353 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll2013-12-01 08:12:50 3AFA03119583647136C49B80DAD38F19 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe2013-12-01 08:12:50 3A4FD19F13F8809BA08E9F76C0E38832 413696 ----a-w- C:\Windows\Sysnative\html.iec2013-12-01 08:12:50 3168FA85740503BAE77DB821CB3EE4FB 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll2013-12-01 08:12:50 2405D24AA28CCC4CC7E0CC0AE008746F 48640 ----a-w- C:\Windows\Sysnative\mshtmler.dll2013-12-01 08:12:50 1FCBE949A67939ADEAE7279E423AA684 135680 ----a-w- C:\Windows\Sysnative\iepeers.dll2013-12-01 08:12:50 1EA6500C25A80E8BDB65099C509AF993 143872 ----a-w- C:\Windows\Sysnative\wextract.exe2013-12-01 08:12:50 0FBEBD36FEFFEE5AF25FDAEE5E35EE99 105984 ----a-w- C:\Windows\Sysnative\iesysprep.dll2013-12-01 08:12:50 0A9D5716CB1F3AFA73703F39647BB8C2 81408 ----a-w- C:\Windows\Sysnative\icardie.dll2013-12-01 08:12:50 092F3E7D054FDF779054E29A0A0D4267 2764288 ----a-w- C:\Windows\Sysnative\iertutil.dll2013-12-01 08:12:50 05018A4E76F1636EFBB7DCB76900872A 218624 ----a-w- C:\Windows\Sysnative\ie4uinit.exe2013-12-01 08:12:50 038ABC9BCC86DFF9E181D44E43E2CEBA 52224 ----a-w- C:\Windows\Sysnative\msfeedsbs.dll2013-12-01 08:12:50 0134898497B6C6CD50F7FC5DE85712A6 296960 ----a-w- C:\Windows\Sysnative\dxtrans.dll====== C:\Windows\Sysnative\drivers =====2013-12-11 03:26:51 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys2013-11-15 14:59:06 79059559E89D06E8B80CE2944BE20228 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys2013-11-15 14:59:04 EBF28856F69CF094A902F884CF989706 458712 ----a-w- C:\Windows\Sysnative\drivers\cng.sys2013-11-15 14:59:04 868A2CAAB12EFC7A021682BCA0EEC54C 154560 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys2013-11-15 14:59:03 8F489706472F7E9A06BAAA198703FA64 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys====== C:\Windows\Tasks ============ C:\Windows\Temp ============= C:\Program Files ============ C:\PROGRA~2 =====2013-12-03 03:37:02 -------- d-----w- C:\PROGRA~2\VideoLAN======= C: =========== C:\Users\slriegel\AppData\Roaming ======2013-12-11 03:26:32 -------- d-----w- C:\Users\slriegel\AppData\Local\Programs====== C:\Users\slriegel ======2013-12-12 02:15:50 693E44D7B4F5FD5532DD2B47731C5F90 1226802 ----a-w- C:\Users\slriegel\Desktop\AdwCleaner.exe2013-12-11 03:53:47 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\slriegel\Downloads\dds.com2013-12-11 03:03:38 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\slriegel\Downloads\mbam-setup-1.75.0.1300.exe2013-12-03 03:23:44 48A2F64A029B108572C80335A3D988A6 370224 ----a-w- C:\Users\slriegel\Downloads\VLCv211.exe2013-12-03 02:29:05 BEAD9BFC1C4529E881ED185C7EF1E569 1142864 ----a-w- C:\Users\slriegel\Downloads\utorrent(1).exe====== C: exe-files ==2013-12-12 02:15:50 693E44D7B4F5FD5532DD2B47731C5F90 1226802 ----a-w- C:\Users\slriegel\Desktop\AdwCleaner.exe2013-12-12 02:12:23 834E0FEBF27FDA52E168410903EF90CA 548536 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE2013-12-12 02:12:20 ED6CAE33FF3954CABC6073E3896E7154 840400 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE2013-12-12 02:12:10 553E549187B079B23F23FBF904F0F6C5 6847704 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe2013-12-12 02:12:10 3B72EA21094E0AEC59754D2D19CA20E8 78576 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE2013-12-12 02:12:04 654CC5D647349097D18C2BD801039898 39584 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe2013-12-12 02:11:58 F84063663CF5CA9B40A5BAAA556B0128 5117144 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe2013-12-12 02:11:50 2253DD1504E3656C978849EF6ADF5D14 871088 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe2013-12-12 02:11:47 0EF16D5F82359B98F6A2347B60C08578 471784 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE2013-12-12 02:11:06 C403E8F6F21CAE2702766B04F43846F4 1046232 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe2013-12-12 02:10:45 8FD6E9A8A5B674785E45D857030500C1 496832 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE2013-12-12 02:10:44 925B78798AD6A678DBB3B903CF13AA67 478936 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE2013-12-12 02:10:44 803B55E46C89A8991A1926687EDEAF29 448704 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE2013-12-12 02:10:43 D1CC26D4F9DA7FBEEC45113E0CE65945 21884576 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe2013-12-12 02:10:42 862B1179018BAF6B131E8D9751047839 515312 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe2013-12-12 02:10:42 4B817B0C30E4D600DE680F8C2754CE70 4522176 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE2013-12-12 02:10:41 A3159A2E53E960F7886125E987C66CD2 569592 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE2013-12-12 02:10:41 441B860C3C33B9A845915431DE169CD6 1296080 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OcPubMgr.exe2013-12-12 02:10:39 F76A99F4580E948F5039D97CFCA61126 33440 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\AppSharingHookController.exe2013-12-12 02:10:39 356ACCD7DBFDBCFEE92F328F177F1D94 665248 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\UcMapi.exe2013-12-12 02:10:38 516244477615783F740B68F9939012B2 526024 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE2013-12-11 04:39:54 088E674E1035D7123CC279EBD54BA6C1 566480 ----a-w- C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe2013-12-11 04:36:58 748CDE4F447471A5ACD7B403A82E76D8 8285360 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE2013-12-11 04:36:58 2C86CEBE786DA9481894A03F58CF14A9 18741408 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\lync.exe2013-12-11 04:36:46 C1325C2B327812BFC943074112ACB37E 18861224 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE2013-12-11 04:36:17 AB022DD7A29EE412DFAF6DFC0C6B0998 15505576 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSACCESS.EXE2013-12-11 04:34:40 39D84A9AFFC60D2079099265437260C9 10756264 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\MSPUB.EXE2013-12-11 04:34:27 41449D0BC34557193E79AE13A43DA483 25620128 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE2013-12-11 03:03:38 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Users\slriegel\Downloads\mbam-setup-1.75.0.1300.exe2013-12-07 15:27:16 600B1A4BCC0823A96DC7B86F005ADBB8 51080 ----atw- C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateOnDemand.exe2013-12-07 15:27:15 CA0A340ABCF0C14A09691CBC90186AB4 51080 ----atw- C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateBroker.exe2013-12-07 15:27:15 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\GoogleUpdateSetup.exe2013-12-07 15:27:04 9CCBA5E2489E603BB1578D1D541252A8 273800 ----atw- C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler64.exe2013-12-07 15:27:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\GoogleUpdate.exe2013-12-07 15:27:04 465680BDE344CE4FF6646626AA3A9125 223112 ----atw- C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\GoogleCrashHandler.exe2013-12-07 15:26:56 C98E0215F7B65F0DDEE0591BD57EDFA6 847128 ----a-w- C:\Users\slriegel\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.3\GoogleUpdateSetup.exe=== C: other files ==2013-12-11 04:00:15 1D5DB3B0AB5743F0F9F86A447F1DCEB4 104 ----a-w- C:\Users\slriegel\AppData\Local\Temp\utt3F70.tmp.bat2013-12-11 03:53:47 8B968045D75783A09592C3105F2865DA 688992 ----a-w- C:\Users\slriegel\Downloads\dds.com2013-12-11 03:26:51 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys Link to post Share on other sites More sharing options...
shelley123 Posted December 12, 2013 Author ID:763856 Share Posted December 12, 2013 ==== Startup Registry Enabled ======================[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"[HKEY_USERS\S-1-5-21-508312398-3781596095-3125048843-1003\Software\Microsoft\Windows\CurrentVersion\Run]"Google Update"="C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe /c""EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]"mctadmin"="C:\Windows\System32\mctadmin.exe"[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]"mctadmin"="C:\Windows\System32\mctadmin.exe"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"Message Center Plus"="C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start""RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe""IdeaNotesUser"="C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe""GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe""Standby"="c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe -START""SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe""AdobeCS5.5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe -launchedbylogin""avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui""Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe""SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe""20131121"="C:\Program Files\AVAST Software\Avast\setup\emupdate\25e8bc88-1d13-4e77-87cf-b060a91ae1a0.exe /check"[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]"Google Update"="C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe /c""EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"==== Startup Registry Enabled x64 ======================[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe""TPHOTKEY"="C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe""LENOVO.TPFNF6R"="C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe""IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe""TpShocks"="TpShocks.exe""HotKeysCmds"="C:\Windows\system32\hkcmd.exe""Persistence"="C:\Windows\system32\igfxpers.exe""AcWin7Hlpr"="C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe""UfSeAgnt.exe"="C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe""lxbkbmgr.exe"="C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe""AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe""SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]"AppInit_DLLs"=" "==== Task Scheduler Jobs ======================C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/10/2013 06:06 PM]C:\Windows\tasks\AffiliatedUpdate.job --a------ C:\kN@?FDD s AC:\Users\slriegel\AppData\Roaming\AFFILI1\UPDATE1\UPDATE1.exe []C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-508312398-3781596095-3125048843-1003Core.job --a------ C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe [10/14/2010 09:57 AM]C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-508312398-3781596095-3125048843-1003UA.job --a------ C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe [10/14/2010 09:57 AM]C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\PC-Doctor\pcdr5cuiw32.exe [10/08/2009 04:44 PM]C:\Windows\tasks\SystemToolsDailyTest.job --a------ C:\Program Files\PC:-DoC:tor\pC:dr5C:uiw32.exe []==== Other Scheduled Tasks ======================"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-slriegel-THINK-slriegel" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]"C:\Windows\SysNative\tasks\AffiliatedUpdate" [C:\Users\slriegel\AppData\Roaming\AFFILI~1\UPDATE~1\UPDATE~1.EXE]"C:\Windows\SysNative\tasks\DiskUpdate" [C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe]"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-508312398-3781596095-3125048843-1003Core" [C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe]"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-508312398-3781596095-3125048843-1003UA" [C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe]"C:\Windows\SysNative\tasks\JavaUpdateSched" [%WINDIR%\SysWOW64\jusched.exe]"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\PC-Doctor\pcdr5cuiw32.exe]"C:\Windows\SysNative\tasks\PMTask" [C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe]"C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-508312398-3781596095-3125048843-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]"C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-508312398-3781596095-3125048843-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]"C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\PC-Doctor\pcdr5cuiw32.exe]"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{8BDB095A-FD6D-4A1A-BCDB-A3132ABA453A}" [C:\Windows\system32\msfeedssync.exe]"C:\Windows\SysNative\tasks\{3C414857-92A5-4392-8EB1-67282CB9BF65}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]"C:\Windows\SysNative\tasks\TVT\ChangePWD" [%RR%\rrcmd.exe]"C:\Windows\SysNative\tasks\TVT\LaunchRnR" [%RR%\rrcmd.exe]"C:\Windows\SysNative\tasks\TVT\UpdateRnR" [%TVTCOMMON%\Scheduler\tvtsetsched.exe]==== Firefox Extensions Registry ======================[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [10/08/2013 06:02 AM]==== Firefox Extensions ======================ProfilePath: C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default- Undetermined - %ProfilePath%\extensions\FFToolbar.txt- Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpiAppDir: C:\Program Files (x86)\Mozilla Firefox- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} Link to post Share on other sites More sharing options...
shelley123 Posted December 12, 2013 Author ID:763858 Share Posted December 12, 2013 ==== Firefox Plugins ======================Profilepath: C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.defaultF891089A6AB9E12FEDEBCC5EC0F40D66 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave FlashC36444D7301A8C881FC7296B092609C7 - C:\Users\slriegel\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google UpdateD6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 201368BCBB241EF254BC5100D9E6C06ECC71 - C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - Google Talk Plugin Video Accelerator99FE6AFE80EB7FE3EEB75DC504A326A3 - C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video RendererAF42019A3B0EDBFA6878F75B9377A792 - C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk PluginD7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.1718CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 20136A03609A79D8C5ACECB66EED53F3A0AB - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks Chrome Background Extension Plug-In (32-bit)70677064555D2EB816249ABB0150951F - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer HTML5VideoShim Plug-In (32-bit)D94C362E750F8C283BF52537D3DF28B5 - C:\Users\slriegel\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin9ED8AA7D69B73EFF77A6D18A2ACFB954 - C:\Users\slriegel\AppData\Roaming\Mozilla\plugins\npicaN.dll - Citrix ICA Client15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System==== Chrome Look ======================HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensionsjfmjfhklogoienhpfnppmbcbjfjnkonk - No path found[]lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[10/10/2011 11:09 AM]==== Set IE to Default ======================Old Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://search.yahoo.com/?type=293224&fr=spigot-yhp-ie"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]No DefaultScope Set For HKCUNew Values:[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]"Start Page"="http://www.google.com"[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"==== All HKCU SearchScopes ======================HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"{450C7657-49A1-41FB-8E38-84702246085D} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"{6B4A9491-B7AD-4595-8DC9-77AD61CE7495} Unknown Url="Not_Found"==== Deleting CLSID Registry Keys ======================HKEY_USERS\S-1-5-21-508312398-3781596095-3125048843-1003\Software\Microsoft\Internet Explorer\SearchScopes\{6B4A9491-B7AD-4595-8DC9-77AD61CE7495} deleted successfully==== Deleting CLSID Registry Values ========================== Deleting Registry Keys ======================HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk deleted successfully==== HijackThis Entries ======================F2 - REG:system.ini: UserInit=userinit.exe,O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dllO2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dllO2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllO2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllO2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLLO2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLLO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllO3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dllO4 - HKLM\..\Run: [PWMTRV] rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitorO4 - HKLM\..\Run: [Message Center Plus] C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /startO4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"O4 - HKLM\..\Run: [ideaNotesUser] C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exeO4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"O4 - HKLM\..\Run: [standby] "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -STARTO4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO4 - HKLM\..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbyloginO4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /noguiO4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [20131121] C:\Program Files\AVAST Software\Avast\setup\emupdate\25e8bc88-1d13-4e77-87cf-b060a91ae1a0.exe /checkO4 - HKCU\..\Run: [Google Update] "C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silentO4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dllO9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dllO9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dllO9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dllO9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dllO9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dllO9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dllO9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dllO9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLLO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dllO11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphicsO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dllO18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLLO18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dllO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLLO18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dllO23 - Service: AcPrfMgrSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exeO23 - Service: AcSvc - Lenovo - C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exeO23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeO23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeO23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exeO23 - Service: DDNIMSGService - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exeO23 - Service: DDNIService - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNI\DIBS\DDNIService.exeO23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exeO23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exeO23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exeO23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exeO23 - Service: lxbk_device - - C:\Windows\system32\lxbkcoms.exeO23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exeO23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exeO23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exeO23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXEO23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeO23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exeO23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exeO23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exeO23 - Service: LiveShare P2P Server 10 (RoxLiveShare10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exeO23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exeO23 - Service: Roxio Hard Drive Watcher 10 (RoxWatch10) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exeO23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exeO23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeO23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exeO23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files (x86)\Lenovo\System Update\SUService.exeO23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exeO23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exeO23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exeO23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exeO23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exeO23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exeO23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exeO23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)==== Sysinternals Autoruns Log ======================C:\Users\slriegel\AppData\Local\Microsoft\Windows Sidebar\Settings.ini Avast! antivirus monitor C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget Avast! antivirus sidebar gadget. AVAST Software C:\Program Files\Windows Sidebar\Shared Gadgets\aswSidebar.gadget\Gadget.xml 2/15/2012 10:16 AMHKLM\System\CurrentControlSet\Services AcPrfMgrSvc C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe ThinkVantage Access Connections Profile Manager Service Lenovo 5.4.2.23 c:\program files (x86)\lenovo\access connections\acprfmgrsvc.exe 9/30/2009 1:13 AM AcSvc C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe ThinkVantage Access Connections Main Service Lenovo 5.4.2.23 c:\program files (x86)\lenovo\access connections\acsvc.exe 9/30/2009 1:14 AM AdobeARMservice "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" Adobe Acrobat Updater keeps your Adobe software up to date. Adobe Systems Incorporated 1.7.4.0 c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe 4/4/2013 4:05 PM AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes. Adobe Systems Incorporated 11.9.900.170 c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe 12/1/2013 1:09 PM avast! Antivirus "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler. AVAST Software 8.0.1497.376 c:\program files\avast software\avast\avastsvc.exe 8/30/2013 2:37 AM DDNIMSGService "C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGService.exe" Caravan Service Digital Delivery Networks, Inc. 1.6.1.0 c:\program files (x86)\ddni\lenovo idea notes\ddnimsgservice.exe 7/20/2010 1:04 PM DDNIService C:\Program Files (x86)\DDNI\DIBS\DDNIService.exe DIBS Service Digital Delivery Networks, Inc. 7.6.1.0 c:\program files (x86)\ddni\dibs\ddniservice.exe 7/23/2010 11:31 AM EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe Manages the event trace messages for all the Intelr PROSet/Wireless Software components. Intel® Corporation 13.0.0.0 c:\program files\intel\wifi\bin\evteng.exe 9/21/2009 6:24 PM IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe RAID Monitor Intel Corporation 8.9.2.1002 c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe 8/7/2009 7:29 AM IBMPMSVC %SystemRoot%\system32\ibmpmsvc.exe ThinkPad Power Management Service Lenovo 1.55.0.0 c:\windows\system32\ibmpmsvc.exe 8/18/2009 6:30 AM IviRegMgr "C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe" InterVideo Register Manager InterVideo 1.0.4.0 c:\program files (x86)\common files\intervideo\regmgr\iviregmgr.exe 1/4/2007 5:21 AM LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe Microphone Mute Controll Service for ThinkPad Lenovo Group Limited 1.0.2.0 c:\program files\lenovo\hotkey\micmute.exe 7/3/2009 2:45 AM lxbk_device C:\Windows\system32\lxbkcoms.exe -service Printer Communication System 99.99.99.99 c:\windows\system32\lxbkcoms.exe 11/6/2006 5:27 PM MBAMScheduler "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe" Malwarebytes Anti-Malware scheduler Malwarebytes Corporation 1.70.0.0 c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe 2/28/2013 3:38 PM MBAMService "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe" Malwarebytes Anti-Malware service Malwarebytes Corporation 1.70.0.0 c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe 2/28/2013 3:38 PM MozillaMaintenance "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled. Mozilla Foundation 25.0.1.5064 c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe 11/12/2013 8:14 PM Power Manager DBC Service "C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE" Power Manager Dynamic Brightness Control Service Lenovo 1.0.0.1 c:\program files (x86)\thinkpad\utilities\pwmdbsvc.exe 12/11/2009 1:19 AM PSI_SVC_2 "c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe" This service provides Protexis licensing functionalty. Protexis Inc. 2.0.1.124 c:\program files (x86)\common files\protexis\license service\psiservice_2.exe 7/24/2007 1:15 PM RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe Provides registry access to all Intelr PROSet/Wireless Software components Intel® Corporation 13.0.0.0 c:\program files\common files\intel\wirelesscommon\regsrvc.exe 9/21/2009 6:00 PM Roxio UPnP Renderer 10 "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" Roxio UPnP PRenderer Service Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\digital home 10\roxioupnprenderer10.exe 8/4/2009 11:04 PM Roxio Upnp Server 10 "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe" RoxioUpnpService10 Module Sonic Solutions 10.3.0.48 c:\program files (x86)\roxio\digital home 10\roxioupnpservice10.exe 8/4/2009 10:50 PM RoxLiveShare10 "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe" Allows remote users to view through WEB browsers your authorized multimedia content managed by Roxio Media Manager9. Sonic Solutions 10.3.0.48 c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxliveshare10.exe 8/4/2009 10:53 PM RoxMediaDB10 "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" Roxio RoxMediaDB10 Service Sonic Solutions 10.3.0.48 c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxmediadb10.exe 8/4/2009 10:48 PM RoxWatch10 "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe" RoxSniffer10 Module Sonic Solutions 10.3.0.48 c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxwatch10.exe 8/4/2009 10:46 PM SfCtlCom "C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe" Manages all components of Trend Micro Internet Security. Trend Micro Inc. 17.50.0.1705 c:\program files\trend micro\internet security\sfctlcom.exe 11/8/2010 9:50 AM SkypeUpdate "C:\Program Files (x86)\Skype\Updater\Updater.exe" Enables the detection, download and installation of updates for Skype. Skype Technologies 5.10.1.44067 c:\program files (x86)\skype\updater\updater.exe 7/13/2012 7:28 AM stllssvr "C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe" SureThing Labelflash Disc Printer Service Module MicroVision Development, Inc. 1.2.615.0 c:\program files (x86)\common files\surething shared\stllssvr.exe 3/14/2009 12:19 AM SUService "c:\Program Files (x86)\Lenovo\System Update\SUService.exe" ThinkVantage System Update Lenovo Group Limited 4.0.0.0 c:\program files (x86)\lenovo\system update\suservice.exe 9/24/2009 9:55 AM SwitchBoard "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" SwitchBoard Server (32 bit) Adobe Systems Incorporated 2.0.13.7486 c:\program files (x86)\common files\adobe\switchboard\switchboard.exe 2/19/2010 3:50 PM ThinkVantage Registry Monitor Service "C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe" About ThinkVantage Technologies Lenovo Group Limited 8.30.3.0 c:\program files (x86)\common files\lenovo\tvt_reg_monitor_svc.exe 8/28/2009 1:09 AM TMBMServer "C:\Program Files\Trend Micro\BM\TMBMSRV.exe" /service Manages the Trend Micro unauthorized change prevention feature Trend Micro Inc. 2.80.0.1063 c:\program files\trend micro\bm\tmbmsrv.exe 7/6/2009 1:16 AM TmPfw "C:\Program Files\Trend Micro\Internet Security\TmPfw.exe" Manages the Trend Micro Personal Firewall. Trend Micro Inc. 5.8.0.1092 c:\program files\trend micro\internet security\tmpfw.exe 7/15/2009 4:05 AM TmProxy "C:\Program Files\Trend Micro\Internet Security\TmProxy.exe" Manages the Trend Micro Proxy. Trend Micro Inc. 5.8.0.1092 c:\program files\trend micro\internet security\tmproxy.exe 7/15/2009 4:22 AM TPHDEXLGSVC System32\TPHDEXLG64.exe ThinkVantage Active Protection System - HDD Logger Module Lenovo. 1.70.0.7 c:\windows\system32\tphdexlg64.exe 6/18/2009 2:22 AM TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe On screen display Fn+Fx handler Lenovo Group Limited 1.0.7.0 c:\program files\lenovo\hotkey\tphksvc.exe 7/14/2009 8:11 PM TVT Backup Service "C:\Program Files (x86)\Lenovo\Rescue and Recovery\rrservice.exe" Rescue and Recovery Backup Service Lenovo Group Limited 4.30.2.0 c:\program files (x86)\lenovo\rescue and recovery\rrservice.exe 9/3/2009 11:27 PMHKLM\System\CurrentControlSet\Services 5U877 system32\DRIVERS\5U877.sys Ricoh USB Camera driver Ricoh co.,Ltd. 1.0.1.2 c:\windows\system32\drivers\5u877.sys 6/17/2009 8:21 PM adp94xx \SystemRoot\system32\DRIVERS\adp94xx.sys Adaptec Windows SAS/SATA Storport Driver Adaptec, Inc. 1.6.6.4 c:\windows\system32\drivers\adp94xx.sys 12/5/2008 6:54 PM adpahci \SystemRoot\system32\DRIVERS\adpahci.sys Adaptec Windows SATA Storport Driver Adaptec, Inc. 1.6.6.1 c:\windows\system32\drivers\adpahci.sys 5/1/2007 12:30 PM adpu320 \SystemRoot\system32\DRIVERS\adpu320.sys Adaptec StorPort Ultra320 SCSI Driver (X64) Adaptec, Inc. 7.2.0.0 c:\windows\system32\drivers\adpu320.sys 2/27/2007 7:04 PM aliide \SystemRoot\system32\drivers\aliide.sys ALi mini IDE Driver Acer Laboratories Inc. 1.2.0.0 c:\windows\system32\drivers\aliide.sys 7/13/2009 6:19 PM amdsata \SystemRoot\system32\drivers\amdsata.sys AHCI 1.2 Device Driver Advanced Micro Devices 1.1.2.5 c:\windows\system32\drivers\amdsata.sys 3/18/2010 7:45 PM amdsbs \SystemRoot\system32\DRIVERS\amdsbs.sys AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform AMD Technologies Inc. 3.6.1540.127 c:\windows\system32\drivers\amdsbs.sys 3/20/2009 1:36 PM amdxata system32\drivers\amdxata.sys Storage Filter Driver Advanced Micro Devices 1.1.2.5 c:\windows\system32\drivers\amdxata.sys 3/19/2010 11:18 AM arc \SystemRoot\system32\DRIVERS\arc.sys Adaptec RAID Storport Driver Adaptec, Inc. 5.2.0.10384 c:\windows\system32\drivers\arc.sys 5/24/2007 4:27 PM arcsas \SystemRoot\system32\DRIVERS\arcsas.sys Adaptec SAS RAID WS03 Driver Adaptec, Inc. 5.2.0.16119 c:\windows\system32\drivers\arcsas.sys 1/14/2009 2:27 PM aswFsBlk aswFsBlk avast! mini-filter driver (aswFsBlk) AVAST Software 8.0.1497.376 c:\windows\system32\drivers\aswfsblk.sys 8/30/2013 2:36 AM aswMonFlt \??\C:\Windows\system32\drivers\aswMonFlt.sys avast! mini-filter driver (aswMonFlt) AVAST Software 8.0.1497.376 c:\windows\system32\drivers\aswmonflt.sys 8/30/2013 2:37 AM aswRdr \SystemRoot\System32\Drivers\aswrdr2.sys avast! WFP Redirect driver AVAST Software 8.0.1497.376 c:\windows\system32\drivers\aswrdr2.sys 8/30/2013 2:37 AM aswRvrt aswRvrt avast! Revert 8.0.1497.376 c:\windows\system32\drivers\aswrvrt.sys 8/30/2013 2:36 AM aswSnx aswSnx avast! virtualization driver (aswSnx) AVAST Software 8.0.1497.376 c:\windows\system32\drivers\aswsnx.sys 8/30/2013 2:38 AM aswSP aswSP avast! Self Protection AVAST Software 8.0.1497.376 c:\windows\system32\drivers\aswsp.sys 8/30/2013 2:38 AM aswTdi aswTdi avast! Network Shield TDI driver AVAST Software 8.0.1497.376 c:\windows\system32\drivers\aswtdi.sys 8/30/2013 2:37 AM aswVmm aswVmm avast! VM Monitor 8.0.1497.376 c:\windows\system32\drivers\aswvmm.sys 8/30/2013 2:36 AM b06bdrv \SystemRoot\system32\DRIVERS\bxvbda.sys Broadcom NetXtreme II GigE VBD Broadcom Corporation 4.8.2.0 c:\windows\system32\drivers\bxvbda.sys 2/13/2009 5:18 PM b57nd60a system32\DRIVERS\b57nd60a.sys Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver. Broadcom Corporation 10.100.4.0 c:\windows\system32\drivers\b57nd60a.sys 4/26/2009 6:14 AM BrFiltLo \SystemRoot\system32\DRIVERS\BrFiltLo.sys Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver Brother Industries, Ltd. 1.10.0.2 c:\windows\system32\drivers\brfiltlo.sys 8/6/2006 8:51 PM BrFiltUp \SystemRoot\system32\DRIVERS\BrFiltUp.sys Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver Brother Industries, Ltd. 1.4.0.1 c:\windows\system32\drivers\brfiltup.sys 8/6/2006 8:51 PM Brserid \SystemRoot\System32\Drivers\Brserid.sys Brotehr Serial I/F Driver (WDM) Brother Industries Ltd. 1.0.1.6 c:\windows\system32\drivers\brserid.sys 8/6/2006 8:51 PM BrSerWdm \SystemRoot\System32\Drivers\BrSerWdm.sys Brother Serial driver (WDM version) Brother Industries Ltd. 1.0.0.20 c:\windows\system32\drivers\brserwdm.sys 8/6/2006 8:51 PM BrUsbMdm \SystemRoot\System32\Drivers\BrUsbMdm.sys Brother USB MDM Driver Brother Industries Ltd. 1.0.0.12 c:\windows\system32\drivers\brusbmdm.sys 8/6/2006 8:51 PM BrUsbSer \SystemRoot\System32\Drivers\BrUsbSer.sys Brother USB Serial Driver Brother Industries Ltd. 1.0.1.3 c:\windows\system32\drivers\brusbser.sys 8/9/2006 7:11 AM cmdide \SystemRoot\system32\drivers\cmdide.sys CMD PCI IDE Bus Driver CMD Technology, Inc. 2.0.7.0 c:\windows\system32\drivers\cmdide.sys 7/13/2009 6:19 PM ebdrv \SystemRoot\system32\DRIVERS\evbda.sys Broadcom NetXtreme II 10 GigE VBD Broadcom Corporation 4.8.13.0 c:\windows\system32\drivers\evbda.sys 12/31/2008 11:29 AM elxstor \SystemRoot\system32\DRIVERS\elxstor.sys Storport Miniport Driver for LightPulse HBAs Emulex 7.2.10.211 c:\windows\system32\drivers\elxstor.sys 2/3/2009 5:52 PM hcw85cir \SystemRoot\system32\drivers\hcw85cir.sys Hauppauge WinTV 885 Consumer IR Driver for eHome Hauppauge Computer Works, Inc. 1.31.27127.0 c:\windows\system32\drivers\hcw85cir.sys 5/11/2009 3:26 AM HpSAMD \SystemRoot\system32\drivers\HpSAMD.sys Smart Array SAS/SATA Controller Media Driver Hewlett-Packard Company 6.12.6.64 c:\windows\system32\drivers\hpsamd.sys 4/20/2010 1:32 PM iaStor system32\DRIVERS\iaStor.sys Intel Matrix Storage Manager driver - x64 Intel Corporation 8.9.2.1002 c:\windows\system32\drivers\iastor.sys 8/7/2009 7:23 AM iaStorV \SystemRoot\system32\drivers\iaStorV.sys Intel Matrix Storage Manager driver - x64 Intel Corporation 8.6.2.1014 c:\windows\system32\drivers\iastorv.sys 6/10/2010 7:46 PM IBMPMDRV system32\DRIVERS\ibmpmdrv.sys ThinkPad Power Management Driver Lenovo. 1.55.0.0 c:\windows\system32\drivers\ibmpmdrv.sys 8/18/2009 6:30 AM igfx system32\DRIVERS\igdkmd64.sys Intel Graphics Kernel Mode Driver Intel Corporation 8.15.10.1872 c:\windows\system32\drivers\igdkmd64.sys 8/13/2009 4:53 PM iirsp \SystemRoot\system32\DRIVERS\iirsp.sys Intel/ICP Raid Storport Driver Intel Corp./ICP vortex GmbH 5.4.22.0 c:\windows\system32\drivers\iirsp.sys 12/13/2005 4:47 PM IntcAzAudAddService system32\drivers\RTKVHD64.sys Realtek® High Definition Audio Function Driver Realtek Semiconductor Corp. 6.0.1.5892 c:\windows\system32\drivers\rtkvhd64.sys 7/10/2009 5:23 AM IntcHdmiAddService system32\drivers\IntcHdmi.sys Intel® High Definition Audio HDMI Intel® Corporation 6.10.1.2077 c:\windows\system32\drivers\intchdmi.sys 7/10/2009 8:45 AM JMCR system32\DRIVERS\jmcr.sys JMicron JMB38X Flash Media Controller Driver JMicron Technology Corporation 1.0.29.2 c:\windows\system32\drivers\jmcr.sys 5/18/2009 1:19 AM lenovo.smi system32\DRIVERS\smiifx64.sys SMI Driver for Lenovo system Lenovo Group Limited 6.0.5456.5 c:\windows\system32\drivers\smiifx64.sys 5/12/2008 4:01 AM LSI_FC \SystemRoot\system32\DRIVERS\lsi_fc.sys LSI Fusion-MPT FC Driver (StorPort) LSI Corporation 1.28.3.52 c:\windows\system32\drivers\lsi_fc.sys 12/9/2008 5:46 PM LSI_SAS \SystemRoot\system32\DRIVERS\lsi_sas.sys LSI Fusion-MPT SAS Driver (StorPort) LSI Corporation 1.28.3.52 c:\windows\system32\drivers\lsi_sas.sys 5/18/2009 7:20 PM LSI_SAS2 \SystemRoot\system32\DRIVERS\lsi_sas2.sys LSI SAS Gen2 Driver (StorPort) LSI Corporation 2.0.2.71 c:\windows\system32\drivers\lsi_sas2.sys 5/18/2009 7:31 PM LSI_SCSI \SystemRoot\system32\DRIVERS\lsi_scsi.sys LSI Fusion-MPT SCSI Driver (StorPort) LSI Corporation 1.28.3.67 c:\windows\system32\drivers\lsi_scsi.sys 4/16/2009 5:13 PM MBAMProtector \??\C:\Windows\system32\drivers\mbam.sys Malwarebytes Anti-Malware Malwarebytes Corporation 1.60.2.0 c:\windows\system32\drivers\mbam.sys 2/28/2013 3:33 PM megasas \SystemRoot\system32\DRIVERS\megasas.sys MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64 LSI Corporation 4.5.1.64 c:\windows\system32\drivers\megasas.sys 5/18/2009 8:09 PM MegaSR \SystemRoot\system32\DRIVERS\MegaSR.sys LSI MegaRAID Software RAID Driver LSI Corporation, Inc. 13.5.409.2009 c:\windows\system32\drivers\megasr.sys 5/18/2009 8:25 PM NETw5s64 system32\DRIVERS\NETw5s64.sys Intelr Wireless WiFi Link Driver Intel Corporation 13.0.0.107 c:\windows\system32\drivers\netw5s64.sys 9/15/2009 2:40 PM netw5v64 system32\DRIVERS\netw5v64.sys Intelr Wireless WiFi Link Driver Intel Corporation 12.4.1.4 c:\windows\system32\drivers\netw5v64.sys 3/26/2009 11:21 AM nfrd960 \SystemRoot\system32\DRIVERS\nfrd960.sys IBM ServeRAID Controller Driver IBM Corporation 7.10.0.0 c:\windows\system32\drivers\nfrd960.sys 6/6/2006 4:11 PM nvraid \SystemRoot\system32\drivers\nvraid.sys NVIDIAr nForce RAID Driver NVIDIA Corporation 10.6.0.18 c:\windows\system32\drivers\nvraid.sys 3/19/2010 3:59 PM nvstor \SystemRoot\system32\drivers\nvstor.sys NVIDIAr nForce Sata Performance Driver NVIDIA Corporation 10.6.0.18 c:\windows\system32\drivers\nvstor.sys 3/19/2010 3:45 PM PCDSRVC{184E4FA0-DE8C26D4-06000000}_0 \??\c:\progra~1\pc-doc~1\pcdsrvc_x64.pkms Kernel Driver PC-Doctor, Inc. 6.0.0.0 c:\program files\pc-doctor\pcdsrvc_x64.pkms 9/17/2008 7:05 PM psadd system32\DRIVERS\psadd.sys SMBIOS Driver Lenovo (United States) Inc. 6.1.1015.0 c:\windows\system32\drivers\psadd.sys 7/1/2009 9:17 PM PxHlpa64 System32\Drivers\PxHlpa64.sys Px Engine Device Driver for 64-bit Windows Sonic Solutions 3.0.90.2 c:\windows\system32\drivers\pxhlpa64.sys 6/23/2009 6:16 PM ql2300 \SystemRoot\system32\DRIVERS\ql2300.sys QLogic Fibre Channel Stor Miniport Driver QLogic Corporation 9.1.8.6 c:\windows\system32\drivers\ql2300.sys 1/22/2009 6:05 PM ql40xx \SystemRoot\system32\DRIVERS\ql40xx.sys QLogic iSCSI Storport Miniport Driver QLogic Corporation 2.1.3.20 c:\windows\system32\drivers\ql40xx.sys 5/18/2009 8:18 PM RTL8167 system32\DRIVERS\Rt64win7.sys Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver Realtek 7.46.610.2011 c:\windows\system32\drivers\rt64win7.sys 6/10/2011 1:33 AM secdrv secdrv Macrovision SECURITY Driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. 4.3.86.0 c:\windows\system32\drivers\secdrv.sys 9/13/2006 8:18 AM Shockprf System32\DRIVERS\Apsx64.sys Shockproof Disk Driver Lenovo. 1.70.0.7 c:\windows\system32\drivers\apsx64.sys 6/18/2009 2:22 AM SiSRaid2 \SystemRoot\system32\DRIVERS\SiSRaid2.sys SiS RAID Stor Miniport Driver Silicon Integrated Systems Corp. 5.1.1039.2600 c:\windows\system32\drivers\sisraid2.sys 9/24/2008 1:28 PM SiSRaid4 \SystemRoot\system32\DRIVERS\sisraid4.sys SiS AHCI Stor-Miniport Driver Silicon Integrated Systems 5.1.1039.3600 c:\windows\system32\drivers\sisraid4.sys 10/1/2008 4:56 PM SrvHsfHDA system32\DRIVERS\VSTAZL6.SYS HSF_HWAZL WDM driver Conexant Systems, Inc. 7.80.2.0 c:\windows\system32\drivers\vstazl6.sys 10/15/2008 7:53 PM SrvHsfV92 system32\DRIVERS\VSTDPV6.SYS HSF_DP driver Conexant Systems, Inc. 7.80.2.0 c:\windows\system32\drivers\vstdpv6.sys 10/15/2008 7:57 PM SrvHsfWinac system32\DRIVERS\VSTCNXT6.SYS HSF_CNXT driver Conexant Systems, Inc. 7.80.2.0 c:\windows\system32\drivers\vstcnxt6.sys 10/15/2008 7:52 PM stexstor \SystemRoot\system32\DRIVERS\stexstor.sys Promise SuperTrak EX Series Driver for Windows Promise Technology 5.0.1.1 c:\windows\system32\drivers\stexstor.sys 2/17/2009 6:03 PM SynTP system32\DRIVERS\SynTP.sys Synaptics Touchpad Driver Synaptics Incorporated 15.0.18.0 c:\windows\system32\drivers\syntp.sys 4/22/2010 6:11 PM tmlwf system32\DRIVERS\tmlwf.sys Trend Micro NDIS 6.0 Filter Driver Trend Micro Inc. 5.8.0.1092 c:\windows\system32\drivers\tmlwf.sys 7/15/2009 4:35 AM tmpreflt system32\DRIVERS\tmpreflt.sys Trend Filter Driver Trend Micro Inc. 9.200.0.1008 c:\windows\system32\drivers\tmpreflt.sys 7/30/2010 4:30 AM tmtdi system32\DRIVERS\tmtdi.sys Trend Micro TDI Driver (amd64-fre) Trend Micro Inc. 5.8.0.1092 c:\windows\system32\drivers\tmtdi.sys 7/15/2009 4:35 AM tmwfp system32\DRIVERS\tmwfp.sys Trend Micro WFP Callout Driver Trend Micro Inc. 5.8.0.1092 c:\windows\system32\drivers\tmwfp.sys 7/15/2009 4:34 AM tmxpflt system32\DRIVERS\tmxpflt.sys Trend Functionality Driver Trend Micro Inc. 9.200.0.1008 c:\windows\system32\drivers\tmxpflt.sys 7/30/2010 4:30 AM TPDIGIMN System32\DRIVERS\ApsHM64.sys APS Digitizer Activity Monitor Lenovo. 1.70.0.7 c:\windows\system32\drivers\apshm64.sys 6/18/2009 2:18 AM TPPWRIF System32\drivers\Tppwr64v.sys c:\windows\system32\drivers\tppwr64v.sys 10/18/2006 3:40 AM viaide \SystemRoot\system32\drivers\viaide.sys VIA Generic PCI IDE Bus Driver VIA Technologies, Inc. 6.0.6000.170 c:\windows\system32\drivers\viaide.sys 7/13/2009 6:19 PM vsapint system32\DRIVERS\vsapint.sys Trend Virus ScanEngine Trend Micro Inc. 9.200.0.1008 c:\windows\system32\drivers\vsapint.sys 7/30/2010 4:23 AM vsmraid \SystemRoot\system32\DRIVERS\vsmraid.sys VIA RAID DRIVER FOR AMD-X86-64 VIA Technologies Inc.,Ltd 6.0.6000.6210 c:\windows\system32\drivers\vsmraid.sys 1/30/2009 8:18 PMHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify igfxcui igfxdev.dll igfxdev Module Intel Corporation 7.14.10.1872 c:\windows\system32\igfxdev.dll 8/13/2009 4:20 PMHKCU\Control Panel\Desktop\Scrnsave.exe C:\Windows\FIREFL~1.SCR C:\Windows\FIREFL~1.SCR c:\windows\fireflies.scr 6/24/2003 12:42 AMHKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors PDF995 Monitor pdf995mon64.dll c:\windows\system32\pdf995mon64.dll 4/26/2012 5:51 PM X1100 Series Port lxbklmpm.dll Printer Communication System 99.99.99.99 c:\windows\system32\lxbklmpm.dll 11/6/2006 5:34 PMHKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages ACGina ACGina File not found: ACGina HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run RtHDVCpl C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe HD Audio Control Panel Realtek Semiconductor 1.0.0.380 c:\program files\realtek\audio\hda\ravcpl64.exe 7/10/2009 6:16 AM TPHOTKEY C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe On screen display message generator for ThinkPad Lenovo Group Limited 1.1.5.0 c:\program files\lenovo\hotkey\tposdsvc.exe 3/13/2009 3:26 AM LENOVO.TPFNF6R C:\Program Files\Lenovo\HOTKEY\TPFNF6R.exe ThinkPad FnF6 Resident Module Lenovo Group Limited 1.1.0.0 c:\program files\lenovo\hotkey\tpfnf6r.exe 8/19/2009 9:50 AM IAAnotif C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe Event Monitor User Notification Tool Intel Corporation 8.9.2.1002 c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe 8/7/2009 7:29 AM TpShocks TpShocks.exe ThinkVantage Active Protection System Lenovo. 1.70.0.16 c:\windows\system32\tpshocks.exe 7/8/2009 5:53 AM HotKeysCmds C:\Windows\system32\hkcmd.exe hkcmd Module Intel Corporation 7.14.10.1872 c:\windows\system32\hkcmd.exe 8/13/2009 4:21 PM Persistence C:\Windows\system32\igfxpers.exe persistence Module Intel Corporation 7.14.10.1872 c:\windows\system32\igfxpers.exe 8/13/2009 4:20 PM AcWin7Hlpr C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe c:\program files (x86)\lenovo\access connections\actbenabler.exe 10/13/2009 3:33 AM SynTPEnh %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe Synaptics TouchPad Enhancements Synaptics Incorporated 15.0.18.0 c:\program files\synaptics\syntp\syntpenh.exe 4/22/2010 6:54 PM UfSeAgnt.exe "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe" Trend Micro Server Agent Trend Micro Inc. 17.50.0.1647 c:\program files\trend micro\internet security\ufseagnt.exe 1/26/2010 2:28 AM lxbkbmgr.exe "C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe" Lexmark X1100 Series Button Manager Lexmark International, Inc. 0.1.1.1 c:\program files (x86)\lexmark x1100 series\lxbkbmgr.exe 2/28/2007 11:56 AM AdobeAAMUpdater-1.0 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" Adobe Updater Startup Utility Adobe Systems Incorporated 6.2.0.4 c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe 6/29/2012 10:55 AMHKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run PWMTRV rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor ThinkPad Power Manager Background Monitor and Tray Battery Gauge Lenovo Group Limited 1.0.0.0 c:\program files (x86)\thinkpad\utilities\pwmtr64v.dll 12/11/2009 1:22 AM Message Center Plus C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe /start Message Center Plus Launcher 2.0.6.0 c:\program files (x86)\lenovo\message center plus\mcplaunch.exe 5/27/2009 9:09 PM RoxWatchTray "C:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" RoxMMTrayApp Module Sonic Solutions 10.3.0.48 c:\program files (x86)\common files\roxio shared\10.0\sharedcom\roxwatchtray10.exe 8/4/2009 11:02 PM IdeaNotesUser C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe User Account Digital Delivery Networks, Inc. 1.5.0.0 c:\program files (x86)\ddni\lenovo idea notes\ddnimsguser.exe 8/24/2009 11:15 AM Standby "c:\Program Files (x86)\Common Files\Corel\Standby\Standby.exe" -START Standby service Corel 1.0.7.1 c:\program files (x86)\common files\corel\standby\standby.exe 8/3/2009 6:24 AM SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SwitchBoard Server (32 bit) Adobe Systems Incorporated 2.0.13.7486 c:\program files (x86)\common files\adobe\switchboard\switchboard.exe 2/19/2010 3:50 PM AdobeCS5.5ServiceManager "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin Adobe CS5.5 Service Manager Adobe Systems Incorporated 2.5.0.236 c:\program files (x86)\common files\adobe\cs5.5servicemanager\cs5.5servicemanager.exe 1/12/2011 10:07 AM avast "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui avast! Antivirus AVAST Software 8.0.1497.376 c:\program files\avast software\avast\avastui.exe 8/30/2013 2:41 AM Adobe ARM "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" Adobe Reader and Acrobat Manager Adobe Systems Incorporated 1.7.4.0 c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe 4/4/2013 4:05 PM SunJavaUpdateSched "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" Java Update Scheduler Oracle Corporation 2.1.9.4 c:\program files (x86)\common files\java\java update\jusched.exe 3/12/2013 10:32 AM 20131121 C:\Program Files\AVAST Software\Avast\setup\emupdate\25e8bc88-1d13-4e77-87cf-b060a91ae1a0.exe /check avast! Emergency Update AVAST Software 8.0.0.0 c:\program files\avast software\avast\setup\emupdate\25e8bc88-1d13-4e77-87cf-b060a91ae1a0.exe 11/22/2013 9:58 AMHKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components Internet Explorer C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache File not found: C:\Windows\system32\ie4uinit.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run Google Update "C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe" /c Google Installer Google Inc. 1.2.183.21 c:\users\slriegel\appdata\local\google\update\googleupdate.exe 3/9/2010 1:10 AM EA Core "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found: C:\Program Files (x86)\Electronic Arts\EADM\Core.exe Link to post Share on other sites More sharing options...
shelley123 Posted December 12, 2013 Author ID:763860 Share Posted December 12, 2013 Task Scheduler \Adobe Flash Player Updater "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe" Adober Flashr Player Update Service 11.9 r900 Adobe Systems Incorporated 11.9.900.170 c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe 12/1/2013 1:09 PM \AdobeAAMUpdater-1.0-slriegel-THINK-slriegel "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" -mode=scheduled Adobe Updater Startup Utility Adobe Systems Incorporated 6.2.0.4 c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe 6/29/2012 10:55 AM \AffiliatedUpdate "C:\Users\slriegel\AppData\Roaming\AFFILI~1\UPDATE~1\UPDATE~1.EXE" /Check c:\users\slriegel\appdata\roaming\affiliatedupdate\updateproc\updatetask.exe 6/19/1992 5:22 PM \avast! Emergency Update "C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe" avast! Emergency Update AVAST Software 8.0.1497.376 c:\program files\avast software\avast\avastemupdate.exe 8/30/2013 2:36 AM \DiskUpdate "C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe" c:\swtools\osfixes\diskupdt\diskupdate.exe 2/9/2009 7:40 PM \GoogleUpdateTaskUserS-1-5-21-508312398-3781596095-3125048843-1003Core "C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe" /c Google Installer Google Inc. 1.2.183.21 c:\users\slriegel\appdata\local\google\update\googleupdate.exe 3/9/2010 1:10 AM \GoogleUpdateTaskUserS-1-5-21-508312398-3781596095-3125048843-1003UA "C:\Users\slriegel\AppData\Local\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler Google Installer Google Inc. 1.2.183.21 c:\users\slriegel\appdata\local\google\update\googleupdate.exe 3/9/2010 1:10 AM \JavaUpdateSched "%WINDIR%\SysWOW64\jusched.exe" File not found: C:\Windows\SysWOW64\jusched.exe \PCDoctorBackgroundMonitorTask "C:\Program Files\PC-Doctor\pcdr5cuiw32.exe" -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask Lenovo ThinkVantage Toolbox PC-Doctor, Inc. 6.0.0.0 c:\program files\pc-doctor\pcdr5cuiw32.exe 10/8/2009 4:42 PM \PMTask "C:\PROGRA~2\ThinkPad\UTILIT~1\PwmIdTsv.exe" ThinkPad Power Manager Idle Task Lenovo Group Limited 1.0.0.0 c:\program files (x86)\thinkpad\utilities\pwmidtsv.exe 12/11/2009 1:19 AM \RealUpgradeLogonTaskS-1-5-21-508312398-3781596095-3125048843-1003 "C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe" /logoncheck File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe \RealUpgradeScheduledTaskS-1-5-21-508312398-3781596095-3125048843-1003 "C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe" /scheduledcheck File not found: C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe \SystemToolsDailyTest "C:\Program Files\PC-Doctor\pcdr5cuiw32.exe" -silentenumeration Lenovo ThinkVantage Toolbox PC-Doctor, Inc. 6.0.0.0 c:\program files\pc-doctor\pcdr5cuiw32.exe 10/8/2009 4:42 PM \{3C414857-92A5-4392-8EB1-67282CB9BF65} "C:\Program Files (x86)\Skype\Phone\Skype.exe" Skype Skype Technologies S.A. 5.10.0.116 c:\program files (x86)\skype\phone\skype.exe 7/13/2012 7:29 AM \Microsoft\Windows\NetTrace\GatherNetworkInfo "%windir%\system32\gatherNetworkInfo.vbs" c:\windows\system32\gathernetworkinfo.vbs 6/10/2009 3:36 PM \TVT\ChangePWD "%RR%\rrcmd.exe" test rrcmd Application Lenovo Limited Group Corporation 4.30.2.0 c:\program files (x86)\lenovo\rescue and recovery\rrcmd.exe 8/28/2009 1:24 AM \TVT\LaunchRnR "%RR%\rrcmd.exe" BACKUP location=L name="Scheduled" scheduled rrcmd Application Lenovo Limited Group Corporation 4.30.2.0 c:\program files (x86)\lenovo\rescue and recovery\rrcmd.exe 8/28/2009 1:24 AM \TVT\UpdateRnR "%TVTCOMMON%\Scheduler\tvtsetsched.exe" rnrupdate c:\program files (x86)\common files\lenovo\scheduler\tvtsetsched.exe 8/28/2009 1:31 AMHKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Java Plug-In SSV Helper HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Java Platform SE binary Oracle Corporation 10.25.2.17 c:\program files (x86)\java\jre7\bin\ssv.dll 6/21/2013 3:50 PM avast! WebRep HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} IE Webrep plugin AVAST Software 8.0.1497.376 c:\program files\avast software\avast\aswwebrepie.dll 8/30/2013 2:44 AM Java Plug-In 2 SSV Helper HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Java Platform SE binary Oracle Corporation 10.25.2.17 c:\program files (x86)\java\jre7\bin\jp2ssv.dll 6/21/2013 3:51 PMHKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Java Plug-In SSV Helper HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Java Platform SE binary Oracle Corporation 10.25.2.17 c:\program files (x86)\java\jre7\bin\ssv.dll 6/21/2013 3:50 PM avast! WebRep HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} IE Webrep plugin AVAST Software 8.0.1497.376 c:\program files\avast software\avast\aswwebrepie.dll 8/30/2013 2:44 AM Java Plug-In 2 SSV Helper HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Java Platform SE binary Oracle Corporation 10.25.2.17 c:\program files (x86)\java\jre7\bin\jp2ssv.dll 6/21/2013 3:51 PMHKLM\Software\Classes\*\ShellEx\ContextMenuHandlers avast HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} avast! Shell Extension AVAST Software 8.0.1497.376 c:\program files\avast software\avast\ashsha64.dll 8/30/2013 2:42 AM RXDCExtSvr HKCR\CLSID\{0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} Roxio Disc Copier Shell Extension (AMD64) Sonic Solutions 10.3.0.80 c:\program files\roxio\virtual drive 10\dc_shellext64.dll 6/11/2009 1:24 PM TMD Shell Extension HKCR\CLSID\{48F45200-91E6-11CE-8A4F-0080C81A28D4} Tmdshell Dynamic Link Library Trend Micro Inc. 17.50.0.1366 c:\program files\trend micro\internet security\tmdshell.dll 7/29/2009 7:47 AMHKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers avast HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} avast! Shell Extension AVAST Software 8.0.1497.376 c:\program files\avast software\avast\ashshell.dll 8/30/2013 2:37 AMHKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers RXDCExtSvr HKCR\CLSID\{0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} Roxio Disc Copier Shell Extension (AMD64) Sonic Solutions 10.3.0.80 c:\program files\roxio\virtual drive 10\dc_shellext64.dll 6/11/2009 1:24 PMHKLM\Software\Wow6432Node\Classes\Drive\ShellEx\ContextMenuHandlers Ulead UDF Driver HKCR\CLSID\{DBD8E168-244D-448C-9922-25508950D1DC} USIShex Module Ulead Systems, Inc. 1.2.1.28 c:\program files (x86)\common files\ulead systems\dvd\usishex.dll 6/25/2010 9:01 PMHKLM\Software\Classes\*\ShellEx\PropertySheetHandlers VBPropSheet HKCR\CLSID\{771A9DA0-731A-11CE-993C-00AA004ADB6C} VBProp Dynamic Link Library Trend Micro Inc. 17.50.0.1366 c:\program files\trend micro\internet security\vbprop.dll 7/29/2009 7:47 AMHKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers 00avast HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} avast! Shell Extension AVAST Software 8.0.1497.376 c:\program files\avast software\avast\ashsha64.dll 8/30/2013 2:42 AM MBAMShlExt HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} Malwarebytes Anti-Malware Malwarebytes Corporation 1.70.0.0 c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll 2/28/2013 3:39 PMHKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers 00avast HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} avast! Shell Extension AVAST Software 8.0.1497.376 c:\program files\avast software\avast\ashshell.dll 8/30/2013 2:37 AMHKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers igfxcui HKCR\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} igfxpph Module Intel Corporation 7.14.10.1872 c:\windows\system32\igfxpph.dll 8/13/2009 4:21 PMHKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers PDF Shell Extension HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627} PDF Shell Extension Adobe Systems, Inc. 10.1.8.24 c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll 9/3/2013 7:24 AMHKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers avast HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} avast! Shell Extension AVAST Software 8.0.1497.376 c:\program files\avast software\avast\ashsha64.dll 8/30/2013 2:42 AM MBAMShlExt HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} Malwarebytes Anti-Malware Malwarebytes Corporation 1.70.0.0 c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll 2/28/2013 3:39 PM RXDCExtSvr HKCR\CLSID\{0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} Roxio Disc Copier Shell Extension (AMD64) Sonic Solutions 10.3.0.80 c:\program files\roxio\virtual drive 10\dc_shellext64.dll 6/11/2009 1:24 PM TMD Shell Extension HKCR\CLSID\{48F45200-91E6-11CE-8A4F-0080C81A28D4} Tmdshell Dynamic Link Library Trend Micro Inc. 17.50.0.1366 c:\program files\trend micro\internet security\tmdshell.dll 7/29/2009 7:47 AMHKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers avast HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} avast! Shell Extension AVAST Software 8.0.1497.376 c:\program files\avast software\avast\ashshell.dll 8/30/2013 2:37 AMHKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers 00avast HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} avast! Shell Extension AVAST Software 8.0.1497.376 c:\program files\avast software\avast\ashsha64.dll 8/30/2013 2:42 AMHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar avast! WebRep HKCR\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} IE Webrep plugin AVAST Software 8.0.1497.376 c:\program files\avast software\avast\aswwebrepie.dll 8/30/2013 2:44 AMHKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions Skype Click to Call C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Skype Click to Call for Internet Explorer Skype Technologies S.A. 5.6.0.8442 c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll 10/10/2011 4:52 AMHKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32 msacm.l3acm C:\Windows\System32\l3codeca.acm MPEG Layer-3 Audio Codec for MSACM Fraunhofer Institut Integrierte Schaltungen IIS 1.9.0.401 c:\windows\system32\l3codeca.acm 7/13/2009 8:28 PM msacm.ac3filter ac3filter64.acm c:\windows\system32\ac3filter64.acm 8/11/2009 12:22 PM vidc.XVID xvidvfw.dll c:\windows\system32\xvidvfw.dll 3/19/2011 10:06 AMHKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32 vidc.cvid iccvid.dll Cinepakr Codec Radius Inc. 1.10.0.13 c:\windows\syswow64\iccvid.dll 11/20/2010 6:59 AM msacm.dvacm c:\PROGRA~2\COMMON~1\ULEADS~1\Vio\Dvacm.acm Ulead DV Audio ACM Driver Corel TW Corp. 8.0.0.0 c:\program files (x86)\common files\ulead systems\vio\dvacm.acm 6/25/2010 9:01 PM msacm.ac3filter ac3filter.acm c:\windows\syswow64\ac3filter.acm 8/11/2009 12:18 PM vidc.XVID xvidvfw.dll c:\windows\syswow64\xvidvfw.dll 3/19/2011 10:06 AM vidc.VP60 C:\Windows\system32\vp6vfw.dll VP6 VIDEO FOR WINDOWS CODEC On2.com 6.0.6.4 c:\windows\syswow64\vp6vfw.dll 10/2/2003 3:38 PM vidc.VP61 C:\Windows\system32\vp6vfw.dll VP6 VIDEO FOR WINDOWS CODEC On2.com 6.0.6.4 c:\windows\syswow64\vp6vfw.dll 10/2/2003 3:38 PMHKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance DivX Decoder Filter HKCR\CLSID\{78766964-0000-0010-8000-00AA00389B71} DivX Decoder Filter DivX, Inc. 7.1.1.14 c:\program files\divx\divx codec\divxdec.ax 4/2/2010 3:21 PM AC3Filter HKCR\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44} ac3filter 1.3.1.0 c:\program files (x86)\ac3filter\x64\ac3filter64.ax 8/11/2009 12:22 PMHKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance Roxio MPEG2 Video Decoder HKCR\CLSID\{0158C5CB-BFE2-4D2F-9109-0685C2248FF9} ROXIO MPEG2 Codec Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll 6/10/2009 4:35 AM roxio DCFilters Audio Sync Filter 2 10 HKCR\CLSID\{01C983F3-1C0F-4174-921F-F4DEFE7CED19} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM Ulead DV Writer HKCR\CLSID\{020019F0-1313-4628-A978-ACDD105F5396} ulDVWriter Corel 1.0.0.10 c:\program files (x86)\common files\ulead systems\capture\uldvrite.ax 6/25/2010 9:01 PM InterVideo Video Decoder HKCR\CLSID\{0246CA20-776D-11D2-8010-00104B9B8592} IVIVIDEO LOGID.89522 InterVideo Inc. 8.0.20.129 c:\program files (x86)\intervideo\common\bin\ivivideo.ax 9/16/2009 12:26 AM ROXIO VCFDVSceneDetect 1.0 HKCR\CLSID\{02728E33-088B-414C-AB67-066E4E5D7C9F} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM LVMWriter HKCR\CLSID\{04C0B066-8AF9-4020-B22B-B79F720B72A7} LVMWriter Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\lvmwriter.ax 6/10/2009 9:17 AM Roxio Vob Loader HKCR\CLSID\{0715636E-9CE8-430F-BD45-4886750DF081} VOBLoader Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\vobloader.ax 6/10/2009 9:10 AM Roxio MPEG2 Muxer HKCR\CLSID\{08024FA4-E823-4901-9D48-FF6377EB4CF1} ROXIO MPEG MUXER Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2muxer.dll 6/10/2009 4:34 AM Ulead Ogg Parser HKCR\CLSID\{08405FD6-CB7C-4EBA-8225-E38A3FF1CA13} ulOggParserFilter Ulead Systems, Inc. 1.0.0.2 c:\program files (x86)\common files\ulead systems\mpeg\uloggparserfilter.ax 6/25/2010 9:01 PM roxio DCFilters DVD Muxer 10 HKCR\CLSID\{0B3A24AB-57B5-43F9-A1FB-8C228E56B924} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM Roxio MPEG2 Encoder HKCR\CLSID\{0DC7420A-FFAE-4A29-B2EF-7764CA765AC1} ROXIO MPEG2 Codec Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll 6/10/2009 4:35 AM MainConcept (Sonic) DV Video Decoder HKCR\CLSID\{0F070130-EE38-4847-9807-0D4234130F65} DirectShow DV Video Encoder and Decoder MainConcept AG (Sonic) 2.1.0.4 c:\program files (x86)\roxio\videocore 10\sonicmcdsdv.ax 3/24/2003 2:48 AM MainConcept (Sonic) DV Video Encoder HKCR\CLSID\{0F070131-EE38-4847-9807-0D4234130F65} DirectShow DV Video Encoder and Decoder MainConcept AG (Sonic) 2.1.0.4 c:\program files (x86)\roxio\videocore 10\sonicmcdsdv.ax 3/24/2003 2:48 AM Roxio Repack Filter HKCR\CLSID\{0FD8A99F-D0B1-4A90-B4BD-CFE1F79452C8} Repack Filter Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\repackfilter.dll 6/10/2009 4:34 AM ROXIO Deinterlace 3.0 HKCR\CLSID\{10EBC7D9-9F09-4896-B8C5-79DADFAAE221} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM AVSMediaGrabber HKCR\CLSID\{11596B22-4A32-422D-9195-3947F4FEC334} AVSMediaGrabber4 DirectShow Filter Online Media Technologies Ltd. 1.0.0.43 c:\program files (x86)\common files\avsmedia\activex\avsmediagrabber4.ax 7/10/2008 11:27 AM ROXIO Pan Zoom 3.0 HKCR\CLSID\{13BBFA91-B3A0-43DE-8D95-9E21309CDB37} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Ulead IEEE Push Source Filter HKCR\CLSID\{185C9210-4CF8-4554-B06A-87014703D182} Ulead IEEE Push Source Filter Ulead Systems, Inc. 1.0.0.10 c:\program files (x86)\common files\ulead systems\mpeg\ulieeepushsource.ax 6/25/2010 9:01 PM Menu Source Bitmap Filter HKCR\CLSID\{19572634-7AB9-44F6-BE1D-7E0345F07DE0} c:\program files (x86)\roxio\video convert 10\menudshowsource10.ax 6/11/2009 1:03 PM ROXIO VCFStationLogo 1.0 HKCR\CLSID\{1BD21668-861B-4D63-9503-31C001FAFE0D} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM DV V/A Source Filter HKCR\CLSID\{1E951F23-9C37-11D3-BA52-0000E8497C01} Corel TW Corp. 7.0.0.0 c:\program files (x86)\common files\ulead systems\filters\dvsf.ax 6/25/2010 9:01 PM ROXIO Field Combiner 3.0 HKCR\CLSID\{20F557AE-92E8-4209-9633-59059E577FAC} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Roxio MPEG Stream Analyzer HKCR\CLSID\{23C8F48F-6D3E-49DC-B465-7D0E574A2936} Roxio MPEG Stream Splitter Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpegstreamanalyzer.dll 6/10/2009 4:34 AM Roxio LVM File Source (Async.) HKCR\CLSID\{24391402-6370-4066-A5BA-940F5F97722F} LVMAsync Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\lvmasync.ax 6/10/2009 9:19 AM ROXIO SpyPos 3.0 HKCR\CLSID\{24B53E16-CF92-41B9-B7BD-5700C32956BD} Null-In-Place (Sample) Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\mginullip.ax 6/10/2009 9:08 AM Sonic HD Demuxer HKCR\CLSID\{250D7B7D-4344-41FD-A284-7299B7765F18} Sonic HD Demuxer 4.3.0.129 c:\program files (x86)\roxio\sonichddemuxer.dll 6/10/2009 4:03 AM ROXIO CPU Regulator HKCR\CLSID\{27FBFEA7-B490-44FF-9996-293AC3F8924F} CPURegulator.ax Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\cpuregulator.ax 6/10/2009 9:09 AM ROXIO VCFDvrSupport 3.0 HKCR\CLSID\{28C8E38D-F068-4C52-88DA-D9E8C0BE21B2} DVR support filter Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\dvrsupportfilt.ax 6/10/2009 9:08 AM ROXIO VCFVideoCutList 3.0 HKCR\CLSID\{2B8A8511-F207-4E79-BF11-E66A1F0BEDA9} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Roxio Smart Encoder HKCR\CLSID\{2CC0D049-9D7C-4189-9BCD-6F5FDA6291EF} ROXIO MPEG2 Codec Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll 6/10/2009 4:35 AM Ulead DVD Navigator HKCR\CLSID\{2E558380-63DF-FFD4-AF96-00105A6FE9A1} DVD Navigator filter Ulead Systems, Inc. 1.0.2.1 c:\program files (x86)\common files\ulead systems\dvd\uleaddvdnavigator.ax 6/25/2010 9:01 PM ROXIO DVDCrossGraphEx Source 3.0 HKCR\CLSID\{31C8435B-1B19-4FFF-AD3D-3D705F46387A} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO SceneRecorder 1.0 HKCR\CLSID\{32F240B3-4CF0-4259-B5FF-AF9263A63757} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Media Analyser HKCR\CLSID\{33B4AE31-C713-499A-93ED-40A3E890BB42} analyse Filter (Sample) Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\mediaanalyser.ax 6/10/2009 9:01 AM ROXIO AudioConvert 3.0 HKCR\CLSID\{33BB73BD-4A0A-43F9-BA09-F295ECB490DC} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM Roxio MPEG1 Encoder HKCR\CLSID\{358F731C-AC11-4EC5-AACE-BC54FE0E7979} ROXIO MPEG1 Codec Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1vidcodec.dll 6/10/2009 4:34 AM DV ACM V/A Source Filter HKCR\CLSID\{39AEA79A-BF43-475F-B4F9-15347CFBF2B3} Corel TW Corp. 7.0.0.0 c:\program files (x86)\common files\ulead systems\filters\dvsf.ax 6/25/2010 9:01 PM Roxio Transport Stream Source HKCR\CLSID\{3BAD4823-AFCB-454A-BEDD-4100976E724A} ListFrameSource Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\tsmpegsource.dll 6/10/2009 4:34 AM VW Video Transition HKCR\CLSID\{3CAD9372-C281-4A1D-BADD-213966B0830B} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM VCGImageSource HKCR\CLSID\{40F0C6BF-837D-4222-9FF1-A012B00ED2FC} VideoCompositing Module Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\videocompositing.ax 6/10/2009 9:25 AM ROXIO Audio Source 3.0 HKCR\CLSID\{45F4FC1F-14D8-42D8-A2F5-04841F342E53} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM Roxio MPEG2 Demuxer HKCR\CLSID\{46921DE4-7A03-4A8A-BBEB-8C9F7CE48CF2} ROXIO MPEG Demuxer Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegdemuxer.dll 6/10/2009 4:34 AM DV Video Source Filter HKCR\CLSID\{46A06300-914A-11D3-BA52-0000E8497C01} Corel TW Corp. 7.0.0.0 c:\program files (x86)\common files\ulead systems\filters\dvsf.ax 6/25/2010 9:01 PM AVS Video Out HKCR\CLSID\{483017C8-0FC1-4227-A074-0DA969A7E100} AVSVideoOutFilter DirectShow Filter Online Media Technologies Ltd 1.0.0.233 c:\program files (x86)\common files\avsmedia\activex\avsvideooutfilter3.ax 8/16/2010 7:46 AM ROXIO VCFAudioMixer 3.0 HKCR\CLSID\{4D90E39A-7F4B-4FAA-8C36-4C0E9E0D6D4E} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM VCG Null Renderer 3.0 HKCR\CLSID\{500C2B50-51A6-4B06-B55E-9F4B8DE1C9F0} VideoCompositing Module Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\videocompositing.ax 6/10/2009 9:25 AM Sonic Cinemasterr Audio Decoder 4.3 (No Dolby) HKCR\CLSID\{529E125E-5604-4472-B5B5-923B8841429A} SonicHDAudio Sonic Solutions 4.3.0.240 c:\program files (x86)\common files\sonic shared\cinemasteraudiond.dll 8/3/2009 2:42 AM ROXIO Video Effect 3.0 HKCR\CLSID\{52B60F44-3C1D-488D-9FB2-9ED1D2D0F622} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM roxio DCFilters Subpicture Mixer 10 HKCR\CLSID\{5451C9DA-89F0-4268-BB1B-CF0EE25B42A7} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM ROXIO Video VCFLooper 3.0 HKCR\CLSID\{54EF883B-A01F-4271-ADD0-FA0514BC08D7} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO Field Splitter 3.0 HKCR\CLSID\{5510911A-EF26-4BFA-BD1F-F403004F0516} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM VW Video Transition HKCR\CLSID\{5B579BF5-966E-44A6-BFEE-599A00187D48} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO VCFpeakmeter 3.0 HKCR\CLSID\{5D02C280-FF69-47E5-9320-2AD8C2B9F6C6} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM ROXIO ListImage Source 3.0 HKCR\CLSID\{5F7D54AE-9629-4DA6-96F9-4CF2FD9629E3} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Roxio Plasma CrossGraph Source HKCR\CLSID\{65232BB1-38F6-4742-B572-50474CD6A028} MGICGFilter.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax 6/10/2009 9:22 AM ROXIO Pin Tee HKCR\CLSID\{65D9CFA0-E555-4E8B-9875-6C585A78ADF6} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Roxio Audio Stream Reader Filter HKCR\CLSID\{665DDC09-AD03-41C5-930F-4B8D2F91A598} Roxio Audio Stream Reader Filter Sonic Solutions 10.3.0.11 c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamreader.ax 6/10/2009 5:17 AM Ulead DV Scene Detect HKCR\CLSID\{67928E40-2811-11D4-867A-0000E84979ED} ulDvScDt Ulead system Inc. 1.0.0.26 c:\program files (x86)\common files\ulead systems\capture\uldvscdt.ax 6/25/2010 9:01 PM ROXIO QT Source HKCR\CLSID\{6A320C0F-A6F6-47F0-A09E-4035B0E65FAF} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM roxio DCFilters DVDStream Reader 10 HKCR\CLSID\{6B52D484-00FC-4D97-8B5E-A1821323DBC6} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM roxio DCFilters Smart Resizer 10 HKCR\CLSID\{6CA5E705-464A-4996-A5DB-CEE6BF4A5FB0} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM Sewer HKCR\CLSID\{6FBD2AD8-6274-4EBF-8C8D-4C76FA0594E2} MVWcDSutil Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\mvwcdsutil.dll 6/10/2009 9:00 AM Roxio MPEG1 Muxer HKCR\CLSID\{716D2604-BE76-4DC9-95A2-581DFBB29060} ROXIO MPEG MUXER Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg1muxer.dll 6/10/2009 4:34 AM Roxio Smart Decoder HKCR\CLSID\{73F59196-57D5-42E3-8DB1-1FCA3D163719} ROXIO MPEG2 Codec Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mpeg2vidcodec.dll 6/10/2009 4:35 AM ROXIO DVDCrossGraphEx Renderer 3.0 HKCR\CLSID\{7673B87C-740D-4CD8-9070-44018CBDA3F7} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Ulead DVD Video decoder 2 HKCR\CLSID\{7AB72E17-9774-4FEB-AC0F-0025E7209C47} DVD Video Decoder with DxVA Support Ulead Systems, Inc. 2.0.0.41 c:\program files (x86)\common files\ulead systems\mpeg\uldvdvideo.ax 6/25/2010 9:01 PM InterVideo Audio Decoder HKCR\CLSID\{7E2E0DC1-31FD-11D2-9C21-00104B3801F6} IVIAUDIO LOGID.89522 InterVideo Inc. 8.0.20.129 c:\program files (x86)\intervideo\common\bin\iviaudio.ax 9/16/2009 12:15 AM Dib Output HKCR\CLSID\{80DB7AC0-5EB4-11D6-A62F-0010B5549630} Corel TW Corp. 8.0.0.0 c:\program files (x86)\common files\ulead systems\filters\diboutput.ax 6/25/2010 9:01 PM Dib Receive HKCR\CLSID\{8188FE20-61FC-11D6-A62F-0010B5549630} Corel TW Corp. 8.0.0.0 c:\program files (x86)\common files\ulead systems\filters\dibreceive.ax 6/25/2010 9:01 PM ROXIO Video Resampler 3.0 HKCR\CLSID\{82105FB4-5009-4325-A7F1-0AB718F55AEB} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Roxio MPEG Analyzer Filter HKCR\CLSID\{86241556-2361-4EDF-A9E4-D9F093DE6F57} MPEG File Analyzer Dynamic Link Library Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxiompegprop.dll 6/10/2009 4:33 AM ROXIO ColorSpace Converter 3.0 HKCR\CLSID\{8A880153-A033-44B2-8EC9-4F477A8CBA91} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Roxio MPEG1 Audio Encoder HKCR\CLSID\{8EBC78A9-D402-47C7-BA0D-25E5CB22C472} ROXIO MPEG Audio Encoder Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\roxioaudioenc.dll 6/10/2009 4:34 AM ROXIO VideoCombine 3.0 HKCR\CLSID\{9304C1FC-525D-48DA-BC70-B57B65B6AA8F} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO VCFAlphaSplitter 3.0 HKCR\CLSID\{93332B1B-6ED5-4916-9C48-3B0559C41D58} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM VMR9 Wrapper 3.0 HKCR\CLSID\{93370D1A-2780-42BB-9E3D-9C13F25B9F5F} VideoCompositing Module Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\videocompositing.ax 6/10/2009 9:25 AM Sonic MPEG-2 Video Decoder HKCR\CLSID\{9349021A-69E0-48ED-8C7F-E57A3A17ADB9} MPEG-2 Video Decoder Sonic Solutions Inc. 7.2.0.16660 c:\program files (x86)\common files\sonic shared\sonicmc02\sonic7m2vd.ax 7/18/2007 4:38 AM VCG Video Mixer 3.0 HKCR\CLSID\{93C9A330-90B9-4293-9EB2-CC898902E66B} VideoCompositing Module Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\videocompositing.ax 6/10/2009 9:25 AM ROXIO VCFLatency 3.0 HKCR\CLSID\{9C2A196A-8009-43B5-B22D-DA43A920BF00} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM Roxio VOB Formatter HKCR\CLSID\{9C52F921-A640-474D-A528-FFAB72762235} VOBFormatter Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\vobformatter.ax 6/10/2009 9:10 AM ULead Infinite Pin Tee HKCR\CLSID\{9D35EDAD-0E77-41E6-9F75-E66FFDF5C3A2} Ulead Infinite Tee Filter Ulead Systems, Inc. 1.0.0.11 c:\program files (x86)\common files\ulead systems\mpeg\uinftee.ax 6/25/2010 9:01 PM roxio DCFilters Mpeg I/II Decoder 10 HKCR\CLSID\{9FCF8955-9D82-4C65-A00B-1D8DB18525B6} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM Ulead MPEG-4 Encoder HKCR\CLSID\{A136222E-CB5C-42C4-B1D1-DBB8ADC7559D} MP4 Encoder Filter Ulead Systems, Inc. 1.0.2.1 c:\program files (x86)\common files\ulead systems\mpeg\ulmp4enc.ax 6/25/2010 9:02 PM Ulead MPEG-4 Splitter HKCR\CLSID\{A136224E-CB5C-42C4-B1D1-DBB8ADC7559D} MP4 Splitter Filter Ulead Systems, Inc. 1.0.6.8 c:\program files (x86)\common files\ulead systems\mpeg\ulspmp4.ax 6/25/2010 9:02 PM Ulead MPEG-4 Audio Decoder HKCR\CLSID\{A136226E-CB5C-42C4-B1D1-DBB8ADC7559D} MP4 AAC Audio Decoder Filter Ulead Systems, Inc. 2.0.1.6 c:\program files (x86)\common files\ulead systems\mpeg\uladmp4.ax 6/25/2010 9:02 PM Ulead MPEG-4 Video Decoder HKCR\CLSID\{A136228E-CB5C-42C4-B1D1-DBB8ADC7559D} MP4 Video Decoder Filter Ulead Systems, Inc. 2.0.1.6 c:\program files (x86)\common files\ulead systems\mpeg\ulvdmp4.ax 6/25/2010 9:02 PM Ulead AMR Audio Decoder HKCR\CLSID\{A136229E-CB5C-42C4-B1D1-DBB8ADC7559D} MP4 AMR Audio Decoder Filter Ulead Systems, Inc. 2.0.0.9 c:\program files (x86)\common files\ulead systems\mpeg\uladamr.ax 6/25/2010 9:02 PM Ulead MPEG-4 ASP Video Decoder HKCR\CLSID\{A13622CE-CB5C-42C4-B1D1-DBB8ADC7559D} MP4 ASP Video Decoder Filter Ulead Systems, Inc. 1.0.1.2 c:\program files (x86)\common files\ulead systems\mpeg\ulaspvdmp4.ax 6/25/2010 9:02 PM ROXIO QuickGrabber 3.0 HKCR\CLSID\{A3B48611-BC3F-4031-8314-B7CF5FE8331C} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO Scene Detector 3.0 HKCR\CLSID\{A3C510E6-F860-4439-8021-FF63FA6E632E} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO Raw Writer HKCR\CLSID\{A42ABCEE-BA40-4167-99BA-BC3E93C9F8B8} ROXIO Raw Writer Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\mgirawwriter.dll 6/10/2009 4:34 AM AC3Filter HKCR\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44} ac3filter 1.3.1.0 c:\program files (x86)\ac3filter\ac3filter.ax 8/11/2009 12:19 PM ROXIO Audio VCFLooper 3.0 HKCR\CLSID\{A8562ADE-82FC-473B-B7AF-1998E6411C99} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM Ulead DVD Audio Decoder 2 HKCR\CLSID\{AAB9D072-4326-48E3-A11A-BE93442E5F86} Audio Decoder Ulead Systems, Inc. 2.0.0.64 c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax 6/25/2010 9:01 PM Roxio Audio Source Filter HKCR\CLSID\{B28B12A5-13F0-4998-B113-7AB20CE34D55} Roxio Audio Source Filter Sonic Solutions 10.3.0.11 c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiosource.ax 6/10/2009 5:17 AM ROXIO DV Scene Detector Tee 3.0 HKCR\CLSID\{B34DB921-D121-49F6-8C67-548AD15B47E7} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO CrossGraphEx Renderer 3.0 HKCR\CLSID\{BFDFC0AE-FFC5-46E3-BDB8-86EECA2E039D} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO Image/Colour Source 3.0 HKCR\CLSID\{C2E763F6-3A58-4747-AEC8-49EA59C4D1A5} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Roxio Audio Stream Writer Filter HKCR\CLSID\{C38B33A2-78E4-4F52-89B3-96A64CE719A5} Roxio Audio Stream Writer Filter Sonic Solutions 10.3.0.11 c:\program files (x86)\common files\roxio shared\10.0\sharedcom\rxdsaudiostreamwriter.ax 6/10/2009 5:17 AM ROXIO LPCMSyncFilter HKCR\CLSID\{C5FCCF25-51D4-42EB-806D-8D0EC7DD124D} LPCMSync Filter Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\lpcmsyncfilter.dll 6/10/2009 4:34 AM Sonic HD Nav HKCR\CLSID\{C8D25B81-0065-4FE5-BBD6-F4A04F149761} SonicHDNav 4.3.0.41 c:\program files (x86)\common files\sonic shared\sonichdnav.dll 6/10/2009 4:04 AM roxio DCFilters DVDStream Splitter 10 HKCR\CLSID\{C9E7C9B7-4793-43DD-BFA2-A8744CA643A3} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM PSI Parser HKCR\CLSID\{CC863E67-64AF-4618-8C37-6F772E7E6DB3} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM Ulead MPEG Splitter HKCR\CLSID\{CF957F20-77FE-4192-A59F-95CA43BD04BA} ULead Mpeg I/II Splitter ULead Systems 1.0.0.155 c:\program files (x86)\common files\ulead systems\mpeg\ulspmpeg.ax 6/25/2010 9:02 PM Ulead MPEG Audio Decoder HKCR\CLSID\{CF957F30-77FE-4192-A59F-95CA43BD04BA} Audio Decoder Ulead Systems, Inc. 2.0.0.64 c:\program files (x86)\common files\ulead systems\mpeg\uldvdaudio.ax 6/25/2010 9:01 PM Ulead MPEG Video Decoder HKCR\CLSID\{CF957F40-77FE-4192-A59F-95CA43BD04BA} MPEG Video and Audio Decoder ULead Systems 1.0.0.89 c:\program files (x86)\common files\ulead systems\mpeg\uldsmpeg.ax 6/25/2010 9:01 PM Ulead MPEG Encoder HKCR\CLSID\{CF957F50-77FE-4192-A59F-95CA43BD04BA} MPEG Encoder and Muxer ULead Systems 1.0.2.66 c:\program files (x86)\common files\ulead systems\mpeg\ulesmpeg.ax 6/25/2010 9:01 PM Ulead MPEG Audio Encoder HKCR\CLSID\{CF957F70-77FE-4192-A59F-95CA43BD04BA} DS MPEG Audio Encoder Ulead Systems 1.0.0.22 c:\program files (x86)\common files\ulead systems\mpeg\uleampeg.ax 6/25/2010 9:01 PM Ulead MPEG Muxer HKCR\CLSID\{CF957F80-77FE-4192-A59F-95CA43BD04BA} MPEG Muxer ULead Systems 1.0.1.184 c:\program files (x86)\common files\ulead systems\mpeg\ulmxmpeg.ax 6/25/2010 9:01 PM Ulead LPCM Audio Encoder HKCR\CLSID\{CF957F90-77FE-4192-A59F-95CA43BD04BA} LPCM Audio Encoder ULead Systems 1.0.0.7 c:\program files (x86)\common files\ulead systems\mpeg\ulpcmpeg.ax 6/25/2010 9:02 PM ULead File Source (Async.) HKCR\CLSID\{CF957FA1-77FE-4192-A59F-95CA43BD04BA} Ulead Async Filter Ulead Systems 1.0.0.18 c:\program files (x86)\common files\ulead systems\mpeg\ulasync.ax 6/25/2010 9:01 PM Ulead H264 Decoder HKCR\CLSID\{CF957FD0-77FE-4192-A59F-95CA43BD04BA} uldsh264 uleadivi 1.0.0.41 c:\program files (x86)\common files\ulead systems\mpeg\uldsh264.ax 6/25/2010 9:01 PM ROXIO CrossGraphEx Source 3.0 HKCR\CLSID\{D1318849-7E21-4B3C-A141-901B684184FD} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO VCFWaveform 1.0 HKCR\CLSID\{D33D8883-23BC-4F44-AB0E-A7D8C2884A77} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM SubPicture Encoder HKCR\CLSID\{D6E6EE2D-6C63-42C8-B6EA-24B6CA4D2415} ROXIO SubPicture Encoder Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\mpeg\subpictenc.dll 6/10/2009 4:34 AM Sonic Cinemasterr VideoDecoder 4.3 HKCR\CLSID\{D7D50E8D-DD72-43C2-8587-A0C197D837D2} CinemasterVideo Sonic Solutions 4.3.1.271 c:\program files (x86)\common files\sonic shared\cinemastervideo.dll 6/10/2009 3:38 AM roxio DCFilters Dragons Lair 10 HKCR\CLSID\{D8DE46BE-51C5-42B8-B12B-54A27B16F087} roxio DiscCopier DirectShow Filter Collection Sonic Solutions 10.3.0.5 c:\program files (x86)\common files\roxio shared\10.0\dllshared\dcfilters10.dll 6/10/2009 4:53 AM ROXIO Audio VCFChunker 3.0 HKCR\CLSID\{DB6317B0-1789-424B-9D02-E200BD33C71F} Roxio Audio Filters Sonic Solutions 10.0.0.0 c:\program files (x86)\roxio\videocore 10\roxaudio.ax 6/10/2009 9:01 AM Ulead Mp3 Decoder HKCR\CLSID\{E7FEA5C0-651C-4A94-A31F-DAEA9877BB3A} MP3 Decoder Ulead Systems, Inc. 1.0.0.2 c:\program files (x86)\common files\ulead systems\mpeg\uldamp3.ax 6/25/2010 9:01 PM Roxio Plasma CrossGraph Renderer HKCR\CLSID\{F03BD07E-1BA2-4324-A635-8BEB4171AD09} MGICGFilter.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\plasmacgfilter.ax 6/10/2009 9:22 AM Ulead Audio Dual Channel Filter HKCR\CLSID\{F16EB735-3E60-4696-88E3-32610C10D669} Ulead Audio Dual Channel Filter Ulead Systems, Inc. 1.0.0.2 c:\program files (x86)\common files\ulead systems\mpeg\uaudiodcfilter.ax 6/25/2010 9:01 PM Ulead OggVorbis Decoder HKCR\CLSID\{F4453C84-C133-43F2-9E12-A9AB4B1422FE} ulOggVorbisDecoderFilter Ulead Systems, Inc. 1.0.0.1 c:\program files (x86)\common files\ulead systems\mpeg\uloggvorbisdecoderfilter.ax 6/25/2010 9:01 PM VW Input Selector HKCR\CLSID\{F882335A-315E-47D8-9C53-39C53909D45A} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO AudioGrabber 3.0 HKCR\CLSID\{F91D3599-1155-4D5E-AA16-BD52A3361F07} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM ROXIO ThumbnailGrabber 3.0 HKCR\CLSID\{FEDB0714-507B-4168-A733-DB138AF685BC} CrossGraphEx.ax Sonic Solutions 8.0.0.47 c:\program files (x86)\roxio\videocore 10\roxvideo.ax 6/10/2009 9:07 AM==== Empty IE Cache ======================C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\slriegel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\slriegel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfullyC:\Users\slriegel\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\slriegel\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfullyC:\Users\slriegel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfullyC:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully==== Empty FireFox Cache ======================C:\Users\slriegel\AppData\Local\Mozilla\Firefox\Profiles\oa6tqnp9.default\Cache emptied successfullyC:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default\personas\cache emptied successfully==== Empty Chrome Cache ======================No Chrome User Data found==== Empty All Flash Cache ======================Flash Cache is not empty, a reboot is needed==== Empty All Java Cache ======================Java Cache cleared successfully==== Empty Temp Folders ======================C:\Users\Default\AppData\Local\Temp emptied successfullyC:\Users\Default User\AppData\Local\Temp emptied successfullyC:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfullyC:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfullyC:\Users\slriegel\AppData\Local\Temp will be emptied at rebootC:\Windows\Temp will be emptied at reboot==== After Reboot ========================== Empty Temp Folders ======================C:\Windows\Temp successfully emptiedC:\Users\slriegel\AppData\Local\Temp successfully emptied==== Empty Recycle Bin ======================C:\$RECYCLE.BIN successfully emptied==== Deleting Files / Folders ======================"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\admin.brightcove.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\dingo.care2.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\ds.serving-sys.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\images.mefeedia.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\oas.imageg.net" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\offlinetoolbox.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\partners.dogtime.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\pfiles.5min.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\player.viewster.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\sadmin.brightcove.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\secure.logomaker.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\stat.easydate.biz" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\w.soundcloud.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\www.channel4.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\www.cookinglight.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\www.iheart.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\www.lenovo.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\www.nickjr.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\www.shutterfly.com" not found"C:\Users\slriegel\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Y8HHAZZ4\www.timewarnercable.com" not found==== EOF on Thu 12/12/2013 at 18:34:27.72 ====================== Link to post Share on other sites More sharing options...
kevinf80 Posted December 13, 2013 ID:763864 Share Posted December 13, 2013 What is current status, is browser homepages reset correctly. Did you run AdwCleaner, can I see the log/ There are two Security System installed, Trendmicro and Avast, that is not good, one must be removed/uninstalled.... Let me know if browser homepage is corrected, post AdwCleaner log, is security system amended correctly Link to post Share on other sites More sharing options...
shelley123 Posted December 13, 2013 Author ID:763870 Share Posted December 13, 2013 Here is the first adwcleaner I did # AdwCleaner v3.015 - Report created 11/12/2013 at 21:20:04# Updated 10/12/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : slriegel - SLRIEGEL-THINK# Running from : C:\Users\slriegel\Downloads\AdwCleaner.exe# Option : Scan***** [ Services ] *****Service Found : update whilokiiService Found : Util Whilokii***** [ Files / Folders ] *****File Found : C:\Users\slriegel\AppData\Local\Temp\Searchqu.iniFile Found : C:\Users\slriegel\AppData\Local\Temp\searchqutoolbar-manifest.xmlFolder Found C:\Program Files (x86)\WhilokiiFolder Found C:\ProgramData\boost_interprocessFolder Found C:\Users\slriegel\AppData\Local\SanctionedMediaFolder Found C:\Users\slriegel\AppData\Local\Temp\jZipFolder Found C:\Users\slriegel\AppData\LocalLow\searchqubandFolder Found C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default\StumbleUponFolder Found C:\Users\slriegel\AppData\Roaming\NCH Software***** [ Shortcuts ] ********** [ Registry ] *****Key Found : HKCU\Software\AppDataLow\Software\searchqutoolbarKey Found : HKCU\Software\ConduitKey Found : HKCU\Software\DataMngrKey Found : HKCU\Software\InstallCoreKey Found : HKCU\Software\jZipKey Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmadKey Found : HKCU\Software\NCH SoftwareKey Found : HKCU\Software\SanctionedMediaKey Found : HKCU\Software\WhilokiiKey Found : HKCU\Software\YahooPartnerToolbarKey Found : [x64] HKCU\Software\ConduitKey Found : [x64] HKCU\Software\DataMngrKey Found : [x64] HKCU\Software\InstallCoreKey Found : [x64] HKCU\Software\jZipKey Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}Key Found : [x64] HKCU\Software\NCH SoftwareKey Found : [x64] HKCU\Software\SanctionedMediaKey Found : [x64] HKCU\Software\WhilokiiKey Found : [x64] HKCU\Software\YahooPartnerToolbarKey Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}Key Found : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}Key Found : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\Software\ConduitKey Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCSKey Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Found : HKLM\SOFTWARE\NSIS_Example2Key Found : HKLM\Software\WhilokiiKey Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}Key Found : [x64] HKLM\SOFTWARE\DataMngrKey Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]***** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.16428-\\ Mozilla Firefox v25.0.1 (en-US)[ File : C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default\prefs.js ]Line Found : user_pref("browser.search.order.1", "Search Results");*************************AdwCleaner[R0].txt - [4932 octets] - [11/12/2013 21:20:04]########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4992 octets] ########## Here is the second log # AdwCleaner v3.015 - Report created 11/12/2013 at 21:51:09# Updated 10/12/2013 by Xplode# Operating System : Windows 7 Professional Service Pack 1 (64 bits)# Username : slriegel - SLRIEGEL-THINK# Running from : C:\Users\slriegel\Downloads\AdwCleaner.exe# Option : Clean***** [ Services ] *****[#] Service Deleted : update whilokii[#] Service Deleted : Util Whilokii***** [ Files / Folders ] *****Folder Deleted : C:\ProgramData\boost_interprocessFolder Deleted : C:\Program Files (x86)\WhilokiiFolder Deleted : C:\Users\slriegel\AppData\Local\SanctionedMediaFolder Deleted : C:\Users\slriegel\AppData\Local\Temp\jZipFolder Deleted : C:\Users\slriegel\AppData\LocalLow\searchqubandFolder Deleted : C:\Users\slriegel\AppData\Roaming\NCH SoftwareFolder Deleted : C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default\StumbleUponFile Deleted : C:\Users\slriegel\AppData\Local\Temp\Searchqu.iniFile Deleted : C:\Users\slriegel\AppData\Local\Temp\searchqutoolbar-manifest.xml***** [ Shortcuts ] ********** [ Registry ] *****Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCSKey Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCSKey Deleted : HKLM\SOFTWARE\NSIS_Example2Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AB4DA692-F26B-403C-AF8F-FD87D121F8F1}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}Key Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\DataMngrKey Deleted : HKCU\Software\InstallCoreKey Deleted : HKCU\Software\jZipKey Deleted : HKCU\Software\NCH SoftwareKey Deleted : HKCU\Software\SanctionedMediaKey Deleted : HKCU\Software\WhilokiiKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbarKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\WhilokiiKey Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SmadKey Deleted : [x64] HKLM\SOFTWARE\DataMngr***** [ Browsers ] *****-\\ Internet Explorer v11.0.9600.16428-\\ Mozilla Firefox v25.0.1 (en-US)[ File : C:\Users\slriegel\AppData\Roaming\Mozilla\Firefox\Profiles\oa6tqnp9.default\prefs.js ]Line Deleted : user_pref("browser.search.order.1", "Search Results");*************************AdwCleaner[R0].txt - [5132 octets] - [11/12/2013 21:20:04]AdwCleaner[s0].txt - [4692 octets] - [11/12/2013 21:51:09]########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4752 octets] ########## My homepages are no longer yahoo. :)I'll delete one of my antivirus programs Link to post Share on other sites More sharing options...
kevinf80 Posted December 13, 2013 ID:763945 Share Posted December 13, 2013 Excellent, also run the following: Run Malwarebytes, Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.Please Update and run a Full scanMake sure that everything is checked, and click Remove Selected on any found items. Post the produced log Next, Download Security Check by screen317 from either of the following: http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exeSave it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.A Notepad document should open automatically called checkup.txt; please post the contents of that document. Post both logs, also let me know if there are any remaining issues or concerns.... Thanks, Kevin Link to post Share on other sites More sharing options...
LDTate Posted December 16, 2013 ID:765195 Share Posted December 16, 2013 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts