Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Simultaneously Infected By CouponDropDown, Kontera and SafeSearch Tool Bar


  • Please log in to reply
43 replies to this topic

#31 mtouss

mtouss
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 22 February 2013 - 10:01 PM

Everything was good on IE, no direct.

 

BUT when I opened Chrome it went to safesearch.



BC AdBot (Login to Remove)

 


#32 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 22 February 2013 - 10:06 PM

Export bookmarks from google chrome using this guide

http://support.google.com/chrome/bin/answer.py?hl=en&answer=96816

Uninstall google chrome,make sure to checkmark Also delete browsing data option

Reinstall chrome and check your web pages.

Let me know how it goes.



#33 mtouss

mtouss
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 22 February 2013 - 10:26 PM

After reinstalling Chrome and opening, Safe Search is still the default URL search engine.  When I go to change the search engines, there is an icon next to safe search that says "This setting is enforced by your administrator".

 

When I sign in to Chrome, safe search is no longer default but it is still there.



#34 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 22 February 2013 - 10:37 PM

Did you checkmark the bolded option before uninstalling chrome?

 

Uninstall google chrome,make sure to checkmark Also delete browsing data option

 

Please run Autoruns and post the new log.

 

Click on Manage search engine and try to make  google or yahoo as default and then remove the safesearch

 

What is the exact address you are being redirected to?



#35 mtouss

mtouss
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 22 February 2013 - 10:42 PM

Yes, I did make sure to check that option.

 

At this time, I am not going to be at this machine for the next week or so.  I will pick up with this step as soon as I can.

 

Thank you for all your help!  Will be in touch soon with the results of Autoruns.



#36 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 22 February 2013 - 10:44 PM

thumbup2.gif



#37 mtouss

mtouss
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 06 March 2013 - 02:09 AM

I am back.

 

This is what is still going on.  When I open Chrome when not signed in and synced with my Google account, Safesearch is automatically the default search engine, and I cannot change it.  For example, if I type into the main URL bar "anything", it sends me here:

 

http://www.safesearch.net/search?q=anything&utm_medium=ch&utm_campaign=31&utm_source=sm&utm_content=1&utm_term=A9B8068214154256

 

BUT when I sign into Google chrome and sync my account, the default browser returns to my settings, but Safesearch is listed as one of the possible browser options, even after I delete it, close Chrome, and open it back up -- Safesearch is listed again.

 

Otherwise, IE is no longer being directed to Safesearch, and also the in-text ads in both Chrome and IE seem to be gone.

 

 

 

Here is the Autoruns:

 

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"    ""    ""    ""
+ "rdpclip"    ""    ""    "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "HotKeysCmds"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"
+ "IgfxTray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"
+ "IntelPAN"    "Intel® PROSet/Wireless Framework"    "Intel® Corporation"    "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe"
+ "Logitech Download Assistant"    "Logitech Download Assistant"    "Logitech, Inc."    "c:\windows\system32\logilda.dll"
+ "MSC"    "Microsoft Security Client User Interface"    "Microsoft Corporation"    "c:\program files\microsoft security client\msseces.exe"
+ "Persistence"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"
+ "SetDefault"    "SetDefault"    "Hewlett-Packard Development Company, L.P."    "c:\program files\hewlett-packard\hp launchbox\setdefault.exe"
+ "SynTPEnh"    "Synaptics TouchPad Enhancements"    "Synaptics Incorporated"    "c:\program files\synaptics\syntp\syntpenh.exe"
+ "SysTrayApp"    "IDT PC Audio"    "IDT, Inc."    "c:\program files\idt\wdm\sttray64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe"
+ "GrooveMonitor"    "GrooveMonitor Utility"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\groovemonitor.exe"
+ "HP CoolSense"    "HP CoolSense"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp coolsense\coolsense.exe"
+ "HP Quick Launch"    "HP Message Service"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp quick launch\hpmsgsvc.exe"
+ "HPOSD"    "HP On Screen Display"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp on screen display\hposd.exe"
+ "HPQuickWebProxy"    "HP QuickWeb Utilities"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp quickweb\hpqwutils.exe"
+ "NUSB3MON"    "USB 3.0 Monitor"    "Renesas Electronics Corporation"    "c:\program files (x86)\renesas electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files (x86)\quicktime\qttask.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "Bluetooth.lnk"    "Bluetooth Tray Application"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\bttray.exe"
+ "Logitech SetPoint.lnk"    "Logitech SetPoint Event Manager (UNICODE)"    "Logitech, Inc."    "c:\program files\logitech\setpoint\setpoint.exe"
"C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"    ""    ""    ""
+ "Dropbox.lnk"    "Dropbox"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"    ""    ""    ""
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files (x86)\google\chrome\application\25.0.1364.152\installer\chrmstp.exe"
+ "Microsoft Windows"    "Windows Mail"    "Microsoft Corporation"    "c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "EPSON NX410 Series"    "EPSON Status Monitor 3"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\spool\drivers\x64\3\e_iatifca.exe"
+ "Google Update"    "Google Installer"    "Google Inc."    "c:\users\owner\appdata\local\google\update\googleupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "Groove GFS Stub Execution Hook"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "EPP"    "Microsoft Security Client Shell Extension"    "Microsoft Corporation"    "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""
+ "Monitor"    "BTNCopy Module"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btncopy.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "DropboxExt"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files\windows sidebar\sbdrop.dll"
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "Gadgets"    "Sidebar droptarget"    "Microsoft Corporation"    "c:\program files (x86)\windows sidebar\sbdrop.dll"
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "XXX Groove GFS Context Menu Handler XXX"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "DropboxExt1"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt2"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt3"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
+ "DropboxExt4"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext64.17.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""
+ "DropboxExt1"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3"    "Dropbox Shell Extension"    "Dropbox, Inc."    "c:\users\owner\appdata\roaming\dropbox\bin\dropboxext.17.dll"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"
+ "SafeSearch"    ""    ""    "File not found: C:\Program Files\SafeSearch\ie\adxloader64.dll"
+ "TrueSuite Website Log On"    "Website Log On"    "HP"    "c:\program files (x86)\hp simplepass 2012\x64\iebho.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Groove GFS Browser Helper"    "GrooveShellExtensions Module"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveshellextensions.dll"
+ "SafeSearch"    ""    ""    "File not found: C:\Program Files\SafeSearch\ie\adxloader.dll"
+ "TrueSuite Website Log On"    "Website Log On"    "HP"    "c:\program files (x86)\hp simplepass 2012\iebho.dll"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "SafeSearch.IEModule"    ""    ""    "File not found: C:\Program Files\SafeSearch\ie\adxloader64.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""
+ "SafeSearch.IEModule"    ""    ""    "File not found: C:\Program Files\SafeSearch\ie\adxloader.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "Send to &Bluetooth Device..."    ""    ""    "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"    ""    ""    ""
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Add to Evernote 4"    ""    ""    "File not found: C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204"
+ "S&end to OneNote"    "Microsoft Office OneNote Internet Explorer Add-in"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\onbttnie.dll"
+ "Send to &Bluetooth Device..."    ""    ""    "c:\program files\widcomm\bluetooth software\btsendto_ie.htm"
"Task Scheduler"    ""    ""    ""
+ "\Adobe Flash Player Updater"    "Adobe® Flash® Player Update Service 11.6 r602"    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "\CCleanerSkipUAC"    "CCleaner"    "Piriform Ltd"    "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskMachineCore"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA"    "Google Installer"    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2187807513-3638854778-389624601-1000Core"    "Google Installer"    "Google Inc."    "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskUserS-1-5-21-2187807513-3638854778-389624601-1000UA"    "Google Installer"    "Google Inc."    "c:\users\owner\appdata\local\google\update\googleupdate.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpsfmessenger\hpsfmsgr.exe"
+ "\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up"    "HPTuneUp"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hptuneup.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup"    "HP Support Assistant"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe"
+ "\Hewlett-Packard\HP Support Assistant\Update Check"    "HP Support Assistant Updater"    "Hewlett-Packard"    "c:\programdata\hewlett-packard\hp support framework\resources\updater\hpsfupdater.exe"
+ "\HPCeeScheduleForOwner"    "HP Ceement"    "Hewlett-Packard"    "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan"    "Microsoft Malware Protection Command Line Utility"    "Microsoft Corporation"    "c:\program files\microsoft security client\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"    "Windows Live Social Object Extractor Engine"    "Microsoft Corporation"    "c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"    ""    ""    "c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"    "Windows Media Player Network Sharing Service Configuration Application"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnscfg.exe"
+ "\MirageAgent"    "YouCam Mirage"    "CyberLink"    "c:\program files (x86)\cyberlink\youcam\ycmmirage.exe"
+ "\Registration"    "ESAdvRemIntegrator"    ""    "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe"
+ "\SSVerify"    ""    ""    "File not found: C:\Program Files\SafeSearch\se.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AdobeARMservice"    "Adobe Acrobat Updater keeps your Adobe software up to date."    "Adobe Systems Incorporated"    "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "bckwfs"    "Provides Internet filtering services for your PC"    "Blue Coat Systems, Inc."    "c:\program files\blue coat k9 web protection\k9filter.exe"
+ "btwdins"    "Handles installation and removal of Bluetooth devices."    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwdins.exe"
+ "DMAgent"    "Red Bend Device Management Service for Intel® PROSet/Wireless WiMAX Software."    "Red Bend Ltd."    "c:\program files\intel\wimax\bin\dmagent.exe"
+ "EPSON_EB_RPCV4_01"    "EPSON Status Monitor 3"    "SEIKO EPSON CORPORATION"    "c:\programdata\epson\epw!3 ssrp\e_s40stb.exe"
+ "EPSON_PM_RPCV4_01"    "EPSON Status Monitor 3"    "SEIKO EPSON CORPORATION"    "c:\programdata\epson\epw!3 ssrp\e_s40rpb.exe"
+ "EvtEng"    "Manages the event trace messages for all the Intel® PROSet/Wireless Software components."    "Intel® Corporation"    "c:\program files\intel\wifi\bin\evteng.exe"
+ "FPLService"    "Provides convenient and secure fingerprint authentication and identity management."    "HP"    "c:\program files (x86)\hp simplepass 2012\truesuiteservice.exe"
+ "GamesAppService"    "WT Games App Services"    "WildTangent, Inc."    "c:\program files (x86)\wildtangent games\app\gamesappservice.exe"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files (x86)\google\update\googleupdate.exe"
+ "HideMyIpSRV"    ""    ""    "c:\program files (x86)\hide my ip 2009\hidemyipsrv.exe"
+ "HP Support Assistant Service"    "HP Support Assistant Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe"
+ "HPClientSvc"    "HP Client Services"    "Hewlett-Packard Company"    "c:\program files\hewlett-packard\hp client services\hpclientservices.exe"
+ "HPDrvMntSvc.exe"    "HP Quick Synchronization Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\shared\hpdrvmntsvc.exe"
+ "hpqwmiex"    "HP Software Framework WMI Service"    "Hewlett-Packard Company"    "c:\program files (x86)\hewlett-packard\shared\hpqwmiex.exe"
+ "hpsrv"    "HpService"    "Hewlett-Packard Company"    "c:\windows\system32\hpservice.exe"
+ "HPWMISVC"    "HP Quick Launch WMI Service"    "Hewlett-Packard Development Company, L.P."    "c:\program files (x86)\hewlett-packard\hp quick launch\hpwmisvc.exe"
+ "hshld"    ""    "AnchorFree Inc."    "c:\program files (x86)\hotspot shield\bin\openvpnas.exe"
+ "HssSrv"    ""    "AnchorFree Inc."    "c:\program files (x86)\hotspot shield\hsswpr\hsssrv.exe"
+ "HssTrayService"    ""    ""    "c:\program files (x86)\hotspot shield\bin\hsstrayservice.exe"
+ "HssWd"    ""    ""    "c:\program files (x86)\hotspot shield\bin\hsswd.exe"
+ "IAStorDataMgrSvc"    "Provides storage event notification and manages communication between the storage driver and user space applications."    "Intel Corporation"    "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe"
+ "IconMan_R"    "Realtek Card Reader Icon Tool."    "Realsil Microelectronics Inc."    "c:\program files (x86)\realtek\realtek pcie card reader\riconman.exe"
+ "ISCTAgent"    "ISCT Agent Application"    ""    "c:\program files (x86)\intel\intel® smart connect technology agent\isctagent.exe"
+ "jhi_service"    "Intel® Identity Protection Technology Host Interface Service - Allows applications to access the local Intel Identity Protection Technology"    "Intel Corporation"    "c:\program files (x86)\intel\services\ipt\jhi_service.exe"
+ "LBTServ"    "Logitech Bluetooth Service"    "Logitech, Inc."    "c:\program files\common files\logishrd\bluetooth\lbtserv.exe"
+ "LMS"    "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces."    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe"
+ "MBAMScheduler"    "Malwarebytes Anti-Malware scheduler"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"    "Malwarebytes Anti-Malware service"    "Malwarebytes Corporation"    "c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "Microsoft Office Groove Audit Service"    "Groove Audit Service"    "Microsoft Corporation"    "c:\program files (x86)\microsoft office\office12\grooveauditservice.exe"
+ "MsMpSvc"    "Helps protect users from malware and other potentially unwanted software"    "Microsoft Corporation"    "c:\program files\microsoft security client\msmpeng.exe"
+ "MyWiFiDHCPDNS"    "Wireless PAN DHCP and DNS Server"    ""    "c:\program files\intel\wifi\bin\pandhcpdns.exe"
+ "NisSrv"    "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols"    "Microsoft Corporation"    "c:\program files\microsoft security client\nissrv.exe"
+ "odserv"    "Run portions of Microsoft Office Diagnostics."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "RegSrvc"    "Provides registry access to all Intel® PROSet/Wireless Software components"    "Intel® Corporation"    "c:\program files\common files\intel\wirelesscommon\regsrvc.exe"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files (x86)\skype\updater\updater.exe"
+ "UNS"    "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device."    "Intel Corporation"    "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe"
+ "WiMAXAppSrv"    "WiMAX SDK Service for Intel® PROSet/Wireless WiMAX Software"    "Intel® Corporation"    "c:\program files\intel\wimax\bin\appsrv.exe"
+ "WinDefend"    "Protection against spyware and potentially unwanted software"    "Microsoft Corporation"    "c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "Accelerometer"    "HP Accelerometer"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\accelerometer.sys"
+ "adp94xx"    "Adaptec Windows SAS/SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"    "Adaptec Windows SATA Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"    "Adaptec StorPort Ultra320 SCSI Driver (X64)"    "Adaptec, Inc."    "c:\windows\system32\drivers\adpu320.sys"
+ "aliide"    "ALi mini IDE Driver"    "Acer Laboratories Inc."    "c:\windows\system32\drivers\aliide.sys"
+ "ALSysIO"    ""    ""    "File not found: C:\Users\Owner\AppData\Local\Temp\ALSysIO64.sys"
+ "amdsata"    "AHCI 1.2 Device Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"    "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"    "AMD Technologies Inc."    "c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"    "Storage Filter Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdxata.sys"
+ "arc"    "Adaptec RAID Storport Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arc.sys"
+ "arcsas"    "Adaptec SAS RAID WS03 Driver"    "Adaptec, Inc."    "c:\windows\system32\drivers\arcsas.sys"
+ "ATSwpWDF"    " AuthenTec Fingerprint Sensor WBF Driver"    "AuthenTec, Inc."    "c:\windows\system32\drivers\atswpwdf.sys"
+ "b06bdrv"    "Broadcom NetXtreme II GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"    "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57nd60a.sys"
+ "bcbtums"    "Broadcom Bluetooth Firmware Download Filter"    "Broadcom Corporation."    "c:\windows\system32\drivers\bcbtums.sys"
+ "bckd"    "K9 Web Protection Driver"    "Blue Coat Systems, Inc."    "c:\windows\system32\drivers\bckd.sys"
+ "BCM43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwl664.sys"
+ "bpenum"    "Intel® WiMax Link 5050 Series Enumerator"    "Intel Corporation"    "c:\windows\system32\drivers\bpenum.sys"
+ "bpmp"    "Intel® WiMax Link 5050 Series Driver"    "Intel Corporation"    "c:\windows\system32\drivers\bpmp.sys"
+ "bpusb"    "Intel® WiMax Link 5050 Series Function Driver"    "Intel Corporation"    "c:\windows\system32\drivers\bpusb.sys"
+ "BrFiltLo"    "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"    "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"    "Brother Industries, Ltd."    "c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"    "Brother Serial driver (WDM version)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"    "Brother USB MDM Driver "    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"    "Brother USB Serial Driver"    "Brother Industries Ltd."    "c:\windows\system32\drivers\brusbser.sys"
+ "btwampfl"    "Broadcom Bluetooth USB AMP Filter for Windows Vista"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwampfl.sys"
+ "btwaudio"    "Bluetooth Audio Device"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwaudio.sys"
+ "btwavdt"    "Broadcom Bluetooth AVDT Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwavdt.sys"
+ "BTWDPAN"    "Bluetooth Personal Area Network"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwdpan.sys"
+ "btwl2cap"    "Broadcom Bluetooth L2CAP Service"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwl2cap.sys"
+ "btwrchid"    "Bluetooth Remote Control HID Minidriver"    "Broadcom Corporation."    "c:\windows\system32\drivers\btwrchid.sys"
+ "clwvd"    "CyberLink WebCam Virtual Driver"    "CyberLink Corporation"    "c:\windows\system32\drivers\clwvd.sys"
+ "cmdide"    "CMD PCI IDE Bus Driver"    "CMD Technology, Inc."    "c:\windows\system32\drivers\cmdide.sys"
+ "ebdrv"    "Broadcom NetXtreme II 10 GigE VBD"    "Broadcom Corporation"    "c:\windows\system32\drivers\evbda.sys"
+ "elxstor"    "Storport Miniport Driver for LightPulse HBAs"    "Emulex"    "c:\windows\system32\drivers\elxstor.sys"
+ "hcw85cir"    "Hauppauge WinTV 885 Consumer IR Driver for eHome"    "Hauppauge Computer Works, Inc."    "c:\windows\system32\drivers\hcw85cir.sys"
+ "hpdskflt"    "HP Disk Filter - SATA/RAID"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpdskflt.sys"
+ "HpSAMD"    "Smart Array SAS/SATA Controller Media Driver"    "Hewlett-Packard Company"    "c:\windows\system32\drivers\hpsamd.sys"
+ "HssDRV6"    "Hotspot Shield Routing Driver 6"    "AnchorFree Inc."    "c:\windows\system32\drivers\hssdrv6.sys"
+ "iaStor"    "Intel Rapid Storage Technology driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"    "Intel Matrix Storage Manager driver - x64"    "Intel Corporation"    "c:\windows\system32\drivers\iastorv.sys"
+ "igfx"    "Intel Graphics Kernel Mode Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igdkmd64.sys"
+ "iirsp"    "Intel/ICP Raid Storport Driver"    "Intel Corp./ICP vortex GmbH"    "c:\windows\system32\drivers\iirsp.sys"
+ "intaud_WaveExtensible"    "Intel® WiDi Solution"    "Intel Corporation"    "c:\windows\system32\drivers\intelaud.sys"
+ "IntcDAud"    "Intel® Display Audio Driver"    "Intel® Corporation"    "c:\windows\system32\drivers\intcdaud.sys"
+ "ISCT"    "ISCT and IFFS Driver"    ""    "c:\windows\system32\drivers\isctd64.sys"
+ "iwdbus"    "Intel® WiDi Solution"    "Intel Corporation"    "c:\windows\system32\drivers\iwdbus.sys"
+ "LEqdUsb"    "Logitech Equad USB Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\leqdusb.sys"
+ "LHidEqd"    "Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhideqd.sys"
+ "LHidFilt"    "Logitech HID Filter Driver."    "Logitech, Inc."    "c:\windows\system32\drivers\lhidfilt.sys"
+ "LSI_FC"    "LSI Fusion-MPT FC Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"    "LSI Fusion-MPT SAS Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"    "LSI SAS Gen2 Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"    "LSI Fusion-MPT SCSI Driver (StorPort)"    "LSI Corporation"    "c:\windows\system32\drivers\lsi_scsi.sys"
+ "MBAMProtector"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbam.sys"
+ "megasas"    "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"    "LSI Corporation"    "c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"    "LSI MegaRAID Software RAID Driver"    "LSI Corporation, Inc."    "c:\windows\system32\drivers\megasr.sys"
+ "MEIx64"    "Intel® Management Engine Interface"    "Intel Corporation"    "c:\windows\system32\drivers\hecix64.sys"
+ "NETwNs64"    "Intel® Wireless WiFi Link Driver"    "Intel Corporation"    "c:\windows\system32\drivers\netwns64.sys"
+ "nfrd960"    "IBM ServeRAID Controller Driver"    "IBM Corporation"    "c:\windows\system32\drivers\nfrd960.sys"
+ "nusb3hub"    "USB 3.0 Hub Driver"    "Renesas Electronics Corporation"    "c:\windows\system32\drivers\nusb3hub.sys"
+ "nusb3xhc"    "USB 3.0 Host Controller Driver"    "Renesas Electronics Corporation"    "c:\windows\system32\drivers\nusb3xhc.sys"
+ "NVENETFD"    "NVIDIA MCP Networking Function Driver."    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvm62x64.sys"
+ "nvraid"    "NVIDIA® nForce™ RAID Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"    "NVIDIA® nForce™ Sata Performance Driver"    "NVIDIA Corporation"    "c:\windows\system32\drivers\nvstor.sys"
+ "ql2300"    "QLogic Fibre Channel Stor Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"    "QLogic iSCSI Storport Miniport Driver"    "QLogic Corporation"    "c:\windows\system32\drivers\ql40xx.sys"
+ "RSPCIESTOR"    "Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7"    "Realtek Semiconductor Corp."    "c:\windows\system32\drivers\rtspstor.sys"
+ "RTL8167"    "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                "    "Realtek                                            "    "c:\windows\system32\drivers\rt64win7.sys"
+ "secdrv"    "Macrovision SECURITY Driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "Serial"    "Brotehr Serial I/F Driver (WDM)"    "Brother Industries Ltd."    "c:\windows\system32\drivers\serial.sys"
+ "SiSRaid2"    "SiS RAID Stor Miniport Driver"    "Silicon Integrated Systems Corp."    "c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"    "SiS AHCI Stor-Miniport Driver"    "Silicon Integrated Systems"    "c:\windows\system32\drivers\sisraid4.sys"
+ "sptd"    ""    ""    "c:\windows\system32\drivers\sptd.sys"
+ "SrvHsfHDA"    "HSF_HWAZL WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstazl6.sys"
+ "SrvHsfV92"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstdpv6.sys"
+ "SrvHsfWinac"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\vstcnxt6.sys"
+ "stexstor"    "Promise  SuperTrak EX Series Driver for Windows "    "Promise Technology"    "c:\windows\system32\drivers\stexstor.sys"
+ "STHDA"    "IDT PC Audio"    "IDT, Inc."    "c:\windows\system32\drivers\stwrt64.sys"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics Incorporated"    "c:\windows\system32\drivers\syntp.sys"
+ "taphss6"    "Anchorfree HSS VPN Adapter"    "Anchorfree Inc."    "c:\windows\system32\drivers\taphss6.sys"
+ "VClone"    "VirtualCloneCD Driver"    "Elaborate Bytes AG"    "c:\windows\system32\drivers\vclone.sys"
+ "viaide"    "VIA Generic PCI IDE Bus Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"    "VIA RAID DRIVER FOR AMD-X86-64"    "VIA Technologies Inc.,Ltd"    "c:\windows\system32\drivers\vsmraid.sys"
+ "WDC_SAM"    "Manages WD external storage products."    "Western Digital Technologies"    "c:\windows\system32\drivers\wdcsam64.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\syswow64\iccvid.dll"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "Capture File Writer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "DS Video Buffer Filter"    "WiDiAgent.dll COM object."    "Intel Corporation"    "c:\program files (x86)\common files\intel corporation\widiagent\dsbuffer_video.ax"
+ "Intel® Mux Renderer"    "Intel® TS Mux / Network Renderer"    "Intel Corporation"    "c:\program files (x86)\common files\intel corporation\widiagent\intelmux.dll"
+ "Intel®WiDi H264 encoder"    ""    ""    "c:\program files (x86)\common files\intel corporation\widiagent\h264_enc_filter.dll"
+ "MainConcept AAC Encoder"    "AAC audio encoder filter"    "MainConcept GmbH"    "c:\program files (x86)\common files\intel corporation\mainconcept filters\mc_enc_aac_ds.ax"
+ "MS PR Source Filter"    "PlayReady DirectShow Source Filter DLL"    "Microsoft Corporation"    "c:\program files (x86)\playready\prsource.dll"
+ "PlayReady DMO Wrapper"    "PlayReady DirectShow DMO Wrapper Filter DLL"    "Microsoft Corporation"    "c:\program files (x86)\playready\prdmowrapper.dll"
+ "Record Queue"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WD Audio Filter"    "WiDi Audio Source Filter."    "Intel Corporation"    "c:\program files (x86)\common files\intel corporation\widiagent\wdaudiofilter.dll"
+ "WD Secure Source Filter"    "Intel® WiDi Secure Video Source Filter."    "Intel Corporation"    "c:\program files (x86)\common files\intel corporation\widiagent\wdsecuresourcefilter.dll"
+ "WDSource Filter"    "WiDi Video Source Filter."    "Intel Corporation"    "c:\program files (x86)\common files\intel corporation\widiagent\wdsourcefilter.dll"
+ "WM VIH2 Fix"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"    "Windows Live Video Acquisition Filters"    "Microsoft Corporation"    "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"    ""    ""    ""
+ "BtwCredentialProvider"    "BtwCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwcp.dll"
+ "BtwProximityCredentialProvider"    "BtwProximityCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwproximitycp.dll"
+ "WLIDCredentialProvider"    "Microsoft® Windows Live ID Credential Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"
+ "LBTWlgn"    "Logitech Bluetooth Service"    "Logitech, Inc."    "c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries"    ""    ""    ""
+ "My Privacy Tools - LSP"    ""    ""    "File not found: C:\Windows\system32\HMIPCore.dll"
+ "My Privacy Tools - LSP over [MSAFD Tcpip [TCP/IP]]"    ""    ""    "File not found: C:\Windows\system32\HMIPCore.dll"
+ "My Privacy Tools - LSP over [MSAFD Tcpip [TCP/IPv6]]"    ""    ""    "File not found: C:\Windows\system32\HMIPCore.dll"
+ "My Privacy Tools - LSP over [MSAFD Tcpip [UDP/IP]]"    ""    ""    "File not found: C:\Windows\system32\HMIPCore.dll"
+ "My Privacy Tools - LSP over [MSAFD Tcpip [UDP/IPv6]]"    ""    ""    "File not found: C:\Windows\system32\HMIPCore.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"    ""    ""    ""
+ "WindowsLive Local NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"    "Microsoft® Windows Live ID Namespace Provider"    "Microsoft Corp."    "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""
+ "EPSON NX410 Series 64MonitorBA"    "EPSON Bi-directional Monitor AMD64"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\e_ilmfca.dll"
+ "PCL hpz3lwn7"    "LanguageMonitor"    "Hewlett-Packard Company"    "c:\windows\system32\hpz3lwn7.dll"
+ "SSP4M Langmon"    "Language Monitor for Status Monitor"    ""    "c:\windows\system32\ssp4ml6.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages"    ""    ""    ""
+ "c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll"    "BtwProximityCP DLL"    "Broadcom Corporation."    "c:\program files\widcomm\bluetooth software\btwproximitycp.dll"


#38 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 06 March 2013 - 03:38 AM

Download

 

Shortcutcleaner

 

Run it,it will create a log in the directory where it is stored

 

Restart the PC and launch chrome now.



#39 mtouss

mtouss
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 06 March 2013 - 03:48 AM

Nothing found.  Safesearch still behaving as previously described, after restart and relaunch.  Here is the log:

 

 

Shortcut Cleaner 1.2.1 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 
Program started at: 03/06/2013 12:43:20 AM.
 
Searching C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\
 
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
 
Searching C:\Users\Owner\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
 
Searching C:\Users\Public\Desktop\
 
Searching C:\Users\Owner\Desktop\
 
 
0 bad shortcuts found.
 
Program finished at: 03/06/2013 12:43:24 AM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)


#40 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 06 March 2013 - 03:54 AM

Login into

 

https://www.google.com/settings/chrome/sync

 

Click on Stop and Clear and click ok

 

Export bookmarks from google chrome using this guide

http://support.google.com/chrome/bin/answer.py?hl=en&answer=96816

Uninstall google chrome,make sure to checkmark Also delete browsing data option

 

IMPORTANT:Do not forget to checkmark Also delete browsing data option


Reinstall chrome and check your web pages.



#41 mtouss

mtouss
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 06 March 2013 - 10:26 AM

Okay, did all of this.  Still not working.  Now Safesearch is the default search engine when I am signed in/synced to Chrome AND without being signed in.

 

Also, Safesearch addon and toolbar are showing up in IE.  They are disabled, but I cannot delete them.



#42 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 06 March 2013 - 10:40 AM

We need to take a deeper look

 

Read the guide here

http://www.bleepingcomputer.com/forums/topic34773.html

and create a topic here

http://www.bleepingcomputer.com/forums/forum22.html

Good luck



#43 mtouss

mtouss
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:08:24 AM

Posted 06 March 2013 - 10:44 AM

Okay, will do.   Thanks for the help  :thumbup2:



#44 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:24 AM

Posted 06 March 2013 - 10:55 AM

:welcome:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users